Billions of people worldwide are at risk from hackers: How your smartphone, baby monitor, TV and computer could expose your personal data to criminals after shocking scale of ‘design flaw’ in Intel, AMD and Arm chips is revealed
Security researchers at Google’s Project Zero discovered the two massive flaws
Meltdown lets hackers bypass hardware barriers on Intel chips to steal data
Spectre is far more widespread and affects chips from Intel, AMD and ARM
This lets cyber criminals trick applications into giving up secret information
Patches are forthcoming from a range of firms to plug the huge security holes
Consumers should check with their device maker and operating system provider
By TIM COLLINS
DAILYMAIL.COM
4 January 2018
Two massive security flaws could put billions of people worldwide at risk of being hacked, in a shocking lapse affecting nearly all devices.
Meltdown and Spectre could let cyber criminals steal passwords and other data from nearly every gadget containing chips from Intel, AMD and Arm, thanks to ‘design flaws’ in their manufacture.
The bugs affect desktops, laptops, servers, smartphones and tablets, as well as smart devices like baby monitors, smart cars and thermostats, powered by processors from these firms.
Patches have been created by a number of device manufacturers to try and plug the huge security holes, but fixing the underlying issue will be extremely difficult.
Security researchers at Google’s Project Zero computer security analysis team, in conjunction with academic and industry researchers from several countries, discovered the two flaws.
Meltdown, which is specific to Intel chips, lets hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory.
It was first discovered by Project Zero in June last year, when expert Jann Horn found that passwords, encryption keys, and sensitive information open in applications that should have been protected could be accessed.
A second bug, called Spectre, affects chips from Intel, AMD and Arm.
This lets hackers potentially trick otherwise error-free applications into giving up secret information.
Project Zero disclosed the Meltdown vulnerability not long after Intel said it’s working to patch it.
Intel says the average computer user won’t experience significant slowdowns as it’s fixed.
Tech companies typically withhold details about security problems until fixes are available, so that hackers don’t have a roadmap to exploit the flaws.
Both Intel and Google said they were planning to disclose the issue next week, when fixes will be available.
But Intel was forced to come clean about the problem yesterday after news of the flaw became public.
The Rest…HERE
