Granted, not all ARM CPUs are affected, but if even 0.1% of them are, it still means a Billion (1,000,000,000) affected devices. According to ARM, they are already “securing” a Trillion (1,000,000,000,000) devices. CPUs made by AMD, ARM, Intel, and probably others, are affected by these vulnerabilities: specifically, ARM CPUs are used in a lot of IoT devices, and those are devices that everybody has, but they forget they have them once they are operating, and this leaves a giant gap for cybercriminals to exploit. To be secure, the only other option is either to replace the faulty hardware (in this case, there is no replacement yet) or to disconnect the device from the network, never to connect it again (nowadays not desirable or practical).Īnd that is exactly where the problems begin. Sometimes this happens at the penalty of a slowdown in device performance, but there's more to security than obscurity and sometimes you just have to suck it up and live with the performance penalty. Additional defensive layers preventing malicious code from exploiting the holes – or at least making it much harder – are an “easy” way to make your desktop, laptop, tablet and smartphone devices (more) secure. Luckily, with cooperation between the suppliers of modern operating systems and the hardware vendors responsible for the affected CPUs, the Operating Systems can be patched, and complemented if necessary with additional firmware updates for the hardware. However, that is not possible with these two vulnerabilities as they are caused by a design flaw in the hardware architecture, only fixable by replacing the actual hardware. The first are usually fixed by patching the software in most cases the latter are fixed by updating the firmware. Yes, software bugs happen, hardware bugs happen. Now, there is a much larger underlying issue. Lots has been written about these vulnerabilities already: if you are new to the subject we suggest that you read Aryeh Goretsky’s article “ Meltdown and Spectre CPU Vulnerabilities: What You Need to Know.” Two serious design vulnerabilities in CPUs were exposed that make it possible, although not always that easy, to steal sensitive, private information such as passwords, photos, perhaps even cryptography certificates. Lo and behold! 2018 started with a scenario hardly anyone could have foreseen. In the last few months of 2017, security companies made their own forecasts about incoming cyberthreats and the measures that needed to be taken to ensure a better and cybersafer 2018, often advocating the use of protective software tools made by that vendor.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |