1. Welcome! Please take a few seconds to create your free account to post threads, make some friends, remove a few ads while surfing and much more. ClutchFans has been bringing fans together to talk Houston Sports since 1996. Join us!

[Meltdown and Spectre] Bugs in modern computers leak passwords and sensitive data.

Discussion in 'BBS Hangout' started by Sajan, Jan 4, 2018.

  1. Sajan

    Sajan Member

    Joined:
    Apr 18, 2009
    Messages:
    8,348
    Likes Received:
    5,794
    Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

    https://meltdownattack.com/

    Which systems are affected by Meltdown?
    Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

    Which systems are affected by Spectre?
    Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.
     
    #1 Sajan, Jan 4, 2018
    RedRedemption and KingCheetah like this.
  2. KingCheetah

    KingCheetah Contributing Member

    Joined:
    Jun 3, 2002
    Messages:
    56,394
    Likes Received:
    48,338
    This is really interesting - computer architecture back to 95 has the vulnerability along with just about all modern processors.
     
    #2 KingCheetah, Jan 4, 2018
  3. mikus

    mikus Member

    Joined:
    Jan 31, 2013
    Messages:
    624
    Likes Received:
    182
    I've read a few articles detailing the flaws. It's definitely a problem that should be fixed, but i think a reasonable analogy is: Imagine your data/applications on your computer as a giant pile of shredded documents, ie in pieces. This flaw will let somebody grab a fistful of the shredded paper.

    In order to make any use of what they grabbed, they would first have to have lucked into grabbing something useful and second, know how to put it together to read. So, while it is a problem, I don't think think it is a huge problem, but at the same time it does need to be fixed.
     
    #3 mikus, Jan 4, 2018
  4. Mr.Scarface

    Mr.Scarface Member

    Joined:
    Jul 8, 2003
    Messages:
    12,255
    Likes Received:
    7,500
    AMD has near zero chance of being exploited. Apple has already patched MacOS a few weeks ago.

    Windows was patched this week. However, there is going to be huge performance hits with Servers and cpu-intensive applications.

    This is an Intel and to a lesser extent, ARM,issue.
     
    #4 Mr.Scarface, Jan 4, 2018
(You must log in or sign up to post here.)

Share This Page

Toggle Width
Style
ClutchFans Original

  • About ClutchFans

    Since 1996, ClutchFans has been loud and proud covering the Houston Rockets, helping set an industry standard for team fan sites. The forums have been a home for Houston sports fans as well as basketball fanatics around the globe.

  • Rockets Content

  • Support ClutchFans!

    If you find that ClutchFans is a valuable resource for you, please consider becoming a Supporting Member. Supporting Members can upload photos and attachments directly to their posts, customize their user title and more. Gold Supporters see zero ads!


    Upgrade Now