Netease Technology News January 6, according to the Wall Street Journal reported that computer chips were exposed security breaches, at first glance seems to have brought a sudden crisis to Intel, but behind it and other technology companies and experts in fact to deal with This issue has been for several months.
Today, Apple became the latest tech giant to acknowledge the vulnerability of the chip. The company said that all iPhones, iPads, and Mac computers are affected and the company has released updates to fix the flaws.
Intel, its main competitor AMD, and chip design vendor ARM all said this week that some of their processors have security holes that could be exploited by hackers. This problem affects various chips used by computers, smart phones, and other devices. , but so far it has nothing to do with any hacker attacks.
Before the chip breach was exposed this week, chip makers and their customers and partners, including Apple, Google’s Google, Amazon, and Microsoft, had already stepped up their efforts to solve the problem. A coalition of big technology companies is teaming up to protect their servers and patching their computers and smartphones.
The vulnerabilities involved may allow hackers to steal sensitive information such as passwords, and the scope of influence includes most modern chips from various companies. But Intel, which dominates the server and PC chip market, was the most directly affected. Its share price fell for two consecutive days.
On June 1st last year, a member of the Google Project Zero security team informed Intel and other chip makers of loopholes. Even if you know early on, Intel and other companies are still trying to solve the security breach. One problem is pushing security updates to billions of devices. Another problem is that some security patches may slow down the operation of the device because those vulnerabilities affect the chip functions intended to increase the speed of the processor.
As of Thursday, various companies have said they have not found evidence of hackers exploiting chip flaws. If hackers do that, they are likely to attack Intel-made chips. That's because the company is the world's largest microprocessor maker and its chip's internal flaws can be traced back at least 10 years ago.
This issue has raised doubts about the security of Intel products, and many customers need to take action to protect their systems. It also highlights the growing complexity of the chip and the software running on the chip, making it difficult to lock down, while also making it possible to hide loopholes that have not been discovered for years.
“People are reassessing the core principles of modern hardware security attributes. Many of our assumptions have been violated and we need to reassess them,†said security researcher Kenn White.
However, according to Jim McGregor of Tirias Research, a technology-strategic research firm, Intel's impact may be limited. "When you control a large part of the market and you cover your customers extensively, you can escape punishment," he said.
Intel said it expects to be able to provide software updates to more than 90% of processors launched in the past five years by the end of next week.
Other companies have released patches. Apple said that in addition to its mobile devices and computers, Apple TV set-top boxes have also been affected, Apple Watch smart watches have not been affected. It also said that patches for the Spectre vulnerability for the Apple Safari web browser are expected to be released in the coming days.
Apple pointed out that its patch will not cause equipment to slow down. Google also said on Thursday that the patch it developed “has negligible impact on the performance of the device.†Intel said that for the average user, any performance degradation will be very limited, and will gradually disappear over time. It also said that the company plans to redesign the chip within one year and it is expected that this security issue will not bring any financial impact.
Intel's share price fell to $44.43 on Thursday, which was down 5.2% from Tuesday's closing price (before the vulnerability was exposed). Shares of other chip makers, including AMD and Nvidia, have risen.
?
The problem has been there for a long time
Researchers have been exposed to those loopholes for more than a year. In August 2016, at the Black Hat Network Security Conference in Las Vegas, two researchers, Anders Fogh and Daniel Gruss, demonstrated early signs of a loophole. Fogg also published a blog post in July last year to encourage other researchers to investigate.
At the same time, Jann Horn of Google’s internal security research team, Project Zero, has already opened the issue and notified Intel. In the end, three other research teams from all over the world contacted Intel on the same issue, and Intel then exchanged and wrote thesis with them.
One of the researchers, Daniel Genkin, pointed out that they discovered that the chip's loopholes date back to 2010 and believe that those problems can even be traced back even longer. "The common architectural principles that have brought this loophole are decades old," he said. "I didn't start a computer search from 1995, but those principles existed at that time."
Fogg said that the researchers discovered the same long-term loophole at the same time because the previous research laid the foundation, including his demonstration in 2016. So why did Intel not find the vulnerabilities earlier? "Good question, I can't really answer it," he said.
Stephen Smith, vice president of data center engineering at Intel, points out that the company has been trying to improve its product safety.
Regulatory documents show that Intel CEO Brian Krzanich sold his company’s shares and options for 24 million U.S. dollars and retained 250,000 shares in November last year while Intel and partners worked together to solve the problem. The stock, from the company’s most recent proxy statement, is the company’s minimum shareholding requirement for the company.
An Intel spokesperson stated that the sale was not related to this security issue and was based on a pre-arranged plan with an automatic sale schedule.
Intel and major alliances of technology companies and researchers plan to disclose vulnerabilities on January 9. But this week, the technology news site The Register took the lead in exposing online discussions among programmers who tracked patches for the flaw.
Intel, AMD and ARM informed some large customers in advance, but The Register’s reports caught the small companies off guard. Josh Feinblum, chief security officer of cloud computing provider DigitalOcean, learned of vulnerabilities from peers over the weekend. He said he has been repairing his system as quickly as possible and is satisfied with the current results.
Linus Torvalds, the "Father of Linux", criticized Intel for not recognizing the problem. Initially, the chip was running as expected. "I think that someone inside Intel needs to take a hard look at their CPU issues and admit that they have problems, rather than writing public relations articles that claim everything is planning to develop," he wrote in an email to Linux programmers on Wednesday.
White said that although Intel has done a mess in the disclosure of the incident, considering the nature of the incident and the scope of the incident, the company "may be doing a good job." He said that the researchers said that the development of some patches "is involved in some new ones." The field of computer science." "The work is very complicated and amazingly complex."
The incident has caused people to worry that attacks based on newly discovered vulnerabilities may have occurred for several years but have not been discovered. Some technicians believe that this situation is unlikely because it requires sophisticated hacking techniques. For example, Google says it hasn't found a way to exploit vulnerabilities in Android phones, but given the risks that someone may be able to exploit, it still provides security patches for those devices.
Others said that if white hat hackers - legitimate hackers who find and fix security breaches - can find vulnerabilities, then black hat hackers who are not responsible can discover it.
White points out that as vulnerabilities are now exposed, users also need to protect themselves. "These are very complex attacks that require a variety of background knowledge and understanding." He said, "But once it appears, it will turn into a code attack." (Lebang
2000 puffs disposable vape pen are so convenient, portable, and small volume, you just need to take them
out of your pocket and take a puff, feel the cloud of smoke, and the fragrance of fruit surrounding you. It's so great.
We are China's leading manufacturer and supplier of disposable vape puff bars, 2000 puffs disposable vape,2000 puff vape pen,2000 puff e-cigarette kit
disposable vape 2000 puffs,2000 puffs vape kit, and e-cigarette kit, and we specialize in Disposable Vapes, e-cigarette vape pens, e-cigarette kits, etc.
2000 puffs disposable vape,2000 puff vape pen,2000 puff e-cigarette kit,disposable vape 2000 puffs,2000 puffs vape kit
Ningbo Autrends International Trade Co.,Ltd. , https://www.supermosvape.com