The following is an excerpt from LAURA HAUTALA | January 3, 2018 | CNET.com |
Design flaws in processors from leading chipmakers could let attackers access sensitive information. How could that happen, and what's the fix?
Processors -- they're vital to running all our computerized devices, even if we hardly ever think about them. That's why it's a big deal that they have major vulnerabilities, called Spectre and Meltdown, which leave them open to hacking attacks.
As they run all the essential processes on your computer, these silicon chips handle extremely sensitive data. That includes passwords and encryption keys, the fundamental tools for keeping your computer secure.
The vulnerabilities, revealed Wednesday, could let an attacker capture information they shouldn't be able to access, like those passwords and keys. That's why an attack on a computer chip can turn into a serious security concern.
So how did this happen, and what will chip companies like Intel, Arm and AMD (and the hardware makers that put the chips in their products) do to fix the problem? Here's everything you need to know:
What are the vulnerabilities?
Researchers found two major weaknesses in processors that could let attackers read sensitive information that should never leave the CPU, or central processing unit. In both cases, attackers could see data that the processor temporarily makes available outside of the chip.
Here's why that happens: To make computer processes run faster, a chip will essentially guess what information the computer needs to perform its next function. That's called speculative execution. As the chip guesses, that sensitive information is momentarily easier to access.
For more visit: CNET.com