Popular Articles
Today Week Month Year


“Spectre” still haunting security experts: Flaw that allows hackers access to passwords and email can’t be fixed
By Edsel Cook // Jul 22, 2019

Software troubleshooting would not be enough to repair the gaping holes in cybersecurity attributed to the recently discovered Spectre security flaw. Experts warn about the need for a total redesign of the next generation of computers and computer chips to protect them from hackers.

Brighteon.TV

Spectre made it possible for malicious programs and hackers to steal data, emails, and passwords from computers. It appeared in computer chips built by AMD, ARM, and Intel.

Most of the computers in the world rely on chips from the three manufacturers – so do almost all smartphones. A lot of electronic devices are at risk of being tampered with.

Upon learning about Spectre's existence and effects, tech firms rushed to develop fixes for the problem. Responses include Google adding a new feature to its Chrome browser. The upgrade kept each web page in isolation, thereby reducing the chance that a malicious program stole valuable data from a page.

As they worked to plug the holes, tech firms discovered that Spectre also slowed the speed of an affected device by up to 30 percent of its total processing power. (Related: U.S. Emergency alert system vulnerable to hijacking, report finds.)

Hackers can use the Spectre flaw to read the memory of a computer or smartphone

No one has come up with an approach that addressed most or all of the issues associated with Spectre. Likewise, the tech firms have not yet announced a fix for the root cause of the security flaw.

β€œThe entire field of computing missed this,” warned security researcher Ben L. Titzer.

The current generation of computer chips increases processing speed through speculative execution. The feature lets the chip make predictions about the calculations it may need to perform in the future.

If the computer chip makes a wrong guess, it gets rid of the incorrect prediction. But if it guesses correctly, the chip saves some time.

Tech firms remain unsure about the full extent of the Spectre security flaw. They also have a hard time figuring out if earlier software fixes were working as intended.

It might not be possible to patch some of the Spectre-class security issues. As of the time of this writing, Google security researchers determined that there is no solution for Speculative Store Bypass, a flaw similar to Spectre.

Some experts suspected that software fixes and patches might never be able to resolve the security issue in computer chips. The only way to eliminate the threat of Spectre and other flaws was to come up with drastically different computers that use different codes and hardware.

Researchers are finding serious security flaws long after the fact

Spectre was one of the security flaws reported by Google's Project Zero in January 2019. The other one was called Meltdown.

Meltdown only affected Intel-manufactured computer chips. It served as a connection between the physical memory of the computer and software applications.

Hackers usually cannot access a computer's hardware through electronic software. But Meltdown served as a bridge over that barrier, allowing a hacker to read the device's memory.

Project Zero came across Meltdown in June 2018. Security researchers realized that they could get their hands on the encryption keys, passwords, and sensitive data in supposedly secure applications.

By the time Google researchers revealed the existence of the Meltdown security flaw, Intel was already working on a patch. The computer chip manufacturer promised that the ongoing fix would not cause any noticeable drop in the performance of most computers.

In comparison, Spectre gave hackers the ability to convince applications to surrender secret information. It also affected AMD and ARM computer chips as well as Intel units.

Sources include:

DailyMail.co.uk

NewScientist.com

ARXIV.org



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.