I was so shopping for an 8th gen upgrade, now on hold.īitCoin exchanges will have a lot of work to stay secure. The first player to deliver silicon clear of this problem will sell a lot of parts.Īt the high end clean silicon with the previous OS faster design could get a free 30% performance advantage so archive stable kernel code from a week ago.ĬoLo services and cloud services that allow th3 user to run code inside a VM or container have a lot of exposure.Īnti virus companies will be hard put to help. The problem is so big that no current patch tests to see which device it is on so in short order all systems will be hobbled and slowed with hardware aware selective patches. Nevertheless, the timing of the events doesn’t leave Krzanich or Intel looking very – thanks for the Sophos link – most complete digestible analysis I’ve found so far.Īs of last night one informed report noted that most hardware has yet to be tested but must be assumed to have a problem for now. Proceed as planned, or (possibly) take it on the chin for appearances? I think I’d be more inclined toward the latter solution, possibly first informing the board that I expected to be suitably compensated somewhere down the road for my high-mindedness. Could that be coinky dink? Sure, I don’t know what the best ethical practice would be if Krzanich was already planning those transactions for legit reasons, then was told of the flaws. Mega litigation to follow, as sure as shite draws flies in Summer… In possibly related news, I see that Intel CEO Brian Krzanich sold off 24MM USD of his Intel shares and options in late November 2016, after Intel was aware of this issue. ![]() ![]() Tags: cloud computing, hardware, Intel, patching, side-channel attacks Nicholas Weaver on its effects on individual computers.ĮDITED TO ADD (1/10): Another good technical description. And how the exploits work through browsers. And a Slashdot thread.ĮDITED TO ADD (1/5): Another good technical description. This post is basically just a link repository.ĮDITED TO ADD: Good technical explanation. ![]() I’ll be writing something for publication over the next few days. Fixing them either requires a patch that results in a major performance hit, or is impossible and requires a re-architecture of conditional execution in future CPU chips. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud computing networks that run lots of different processes at once. These are side-channel attacks where one process can spy on other processes. After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |