Computer Chip Problems Leave Millions of Computers Vulnerable
January 24, 2018
A group of security experts have discovered two major flaws affecting the microprocessor, or brain, of nearly every computer.
The flaws, labeled Meltdown and Spectre, were discovered on Wednesday, January 3rd, 2018 by a group of cyber security experts. Both Meltdown and Spectre are vulnerabilities in processing chips made by Intel and other companies that leave personal user information susceptible to hackers. These chips hold essential security information like passwords and encryption keys, according to CNET. An attack on a device’s microprocessor could give hackers access to virtually all of the information on one’s computer, mobile phone, and cloud-computer networks, according to The New York Times.
The problem occurs because of the way the computer processor is designed. In order to make the computer run faster, the chip was created to be able to predict what tasks the computer will be asked to complete, typically called speculative execution, and what information it needs to complete those commands. According to CNET, during the moment a chip guesses what information is needed, the sensitive information contained on the chip becomes vulnerable.
Nearly all processors are affected by the flaw, Spectre, as it allows hackers to trick the chip into starting the speculative execution process. This makes the sensitive information contained on the chip available to hackers at any time. Spectre also allows hackers to take information from one device and send it to another, further simplifying the process.
The other flaw, Meltdown, is a way for hackers to view sensitive information held on a computer through a computer’s operating system. Mainly affecting processors made by Intel, The New York Times reports that Meltdown can affect nearly 90% of all computer processors as well as giving hackers access to cloud networks made by Google, Amazon, and Microsoft.
Many companies, including Apple and Intel, are attempting to fix the problem. Both companies have released “patches” that can be installed into the software of their devices to fix the Meltdown flaw. However, solving the problem of Spectre is not so simple. The only way to ensure that both flaws are completely fixed is by installing a new microchip. Until a permanent solution is found, the most that users can do is look out for suspicious activity and keep their software up to date.