Intel denies processors are flawed amid security issues

January 05, 2018 // By Peter Clarke
Intel denies processors are flawed amid security issues
Intel has issued a statement with regard to vulnerabilities of its processors to software side-channel attacks on processors that perform speculative execution of code. While denying that its processors are flawed, Intel acknowledged the vulnerability.

During 2017 a couple of academic groupings and the so-called Google Zero Project performed research into side-channel attacks on to processors that perform speculative execution, which means most modern processor architectures.

The findings were that processor microarchitectures from Intel, AMD and ARM were all vulnerable to a lesser or greater extent. Google reported the first findings to the processor companies on June 1, 2017 and the fact that Intel, AMD and ARM are all referenced suggests that all forms of equipment from embedded applications up through smartphones to laptops and servers in data centers are vulnerable.

Google Zero Project has published a blogpost here that details three types of attack under two codenames; Meltdown and Spectre but all make use of a so-called kernel leakage and operating system companies appear to have been scrambling to prepare patches and updates to block such attacks. Much debate now seems set to ensue as to what degree which processors are affected and how much they are hobbled in performance by the resulting software burden.

With increasing discussion of "kernel leakage" and how this could be used to obtain passwords and other elements of secure systems Intel made a statement on January 3, 2018.

The company acknowledged that it had been made aware of the possibility of "gathering sensitive data from computing devices that are operating as designed."

Intel said that these exploits were not caused by a "bug" or a "flaw" and were not unique to Intel products. "Based on the analysis to date, many types of computing devices – with many different vendors' processors and operating systems – are susceptible to these exploits," the company said.

Intel added that it is working with AMD, ARM and several operating system vendors to resolve the issue. Intel added that "performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time."

AMD has a page providing

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.