Begin typing your search above and press return to search.

Vulnerable chips

Sentinel Digital DeskBy : Sentinel Digital Desk

  |  12 Jan 2018 12:00 AM GMT

IT companies around the world, including giants like Microsoft, Apple, Google and Amazon, have been working round the clock for the past few months to plug a breach that is unlike anything seen before. This time, the bug is neither in the software, nor in the network. Rather, it is in the most fundamental part of the computer hardware — the microprocessor chip. And the weaknesses so far discovered are due to the very structure of the chip. This means that almost every computing device is susceptible. Fortutely, the two major flaws found so far, dubbed ‘Meltdown’ and ‘Spectre’, are courtesy the efforts of several teams of researchers. Had malicious hackers zeroed on to these flaws first, the damage done would have been incalculable. Recently, leading chipmaker Intel revealed that all processors can be attacked by ‘Meltdown’ and ‘Spectre’ techniques — which can seriously compromise servers, persol computers, laptops and smartphones by lifting crucial data like passwords and encryption keys stored in chip memory. Experts are particularly worried that any such data theft would leave no trace, so there will be no way to find out if the system has been breached. Broadly, ‘Meltdown’ can expose data directly by undermining the way information is kept separate in user applications by a key software (known as kernel) in the computer core. ‘Spectre’ is said to require much more specialised knowledge; with it, an attacker can fool the processor into running ‘speculative’ operations, note how long the hardware is taking to retrieve data and thereby infer details of the information stored. In practical terms, it would eble the attacker to read logins and passwords stored in a user’s browser. As it is, researchers are scrambling to devise security ‘patches’ or fixes to deter hackers from exploiting chip vulnerabilities, but it is all touch and go. There are already complaints that these fixes can significantly slow down computer and server speeds. IT experts are now blaming chipmakers for the mess, pointing out that while chipmakers concentrated on increasing the data crunching power of their processors and make them go faster, they neglected the security aspect. While researchers have found two ways to exploit chip architecture and force computers to reveal data, malicious hackers may discover other ways to do so. This means that the microprocessor chip, which is the very engine of the computer, will be the next battleground. It will require top chipmakers like Intel, AMD and ARM to cooperate and pool their resources to make their processors foolproof. After all, it is the common weaknesses in their chips which have made countless computing devices and their networks vulnerable.

Next Story