Intel Chip security flaw

One of the biggest names in IT industry, Intel, has verified a report stating that some microprocessors have been built containing flaws in their design, leaving them vulnerable to hacking.

According to reports, every computer that contains microprocessors of Intel from the last decade seems to be affected due to a ‘bug’ that enables software to breach access to the computer’s memory.

According to a Santa Clara based company, these bugs when manipulated or infected for malicious reasons contain the potential to improperly collect sensitive information from computers. According to them, Intel has deliberately decided not to speak about this fact as it would put the company’s goodwill at risk.

Intel, accompanied by big microprocessor manufacturers like ARM Holding, Advanced Micro Devices Inc., initiated an industry wide approach in rectifying this problem.

The researchers who discovered the vulnerabilities, dubbed "Meltdown" and "Spectre" said that "almost every system," since 1995, including computers and phones, is affected by the bug. The researchers verified their findings on Intel chips dating back to 2011, and released their own proof-of-concept code to allow users to test their machines.

The vulnerability affects operating systems and devices running on Intel processors developed in the past decade, including Windows, Macs, and Linux systems.

The two bugs break down a fundamental isolation that separates kernel memory -- core of the operating system, from user processes. Meltdown lets an attacker access whatever is in the affected device's memory, including sensitive files and data, by melting down the security boundaries typically held together by the hardware. Spectre, meanwhile, can trick apps into leaking their secrets.

One example of a worst-case scenario is a low-privileged user on a vulnerable computer could run JavaScript code on an ordinary-looking web page, which could then gain access to the contents of protected memory.

Redesigning of OS Kernels

This flaw requires changes in operating systems so that hackers can be prevented from reaching confidential data. All operating systems, from Windows to Linux to Mac are required to bring some changes to prevent hacks. In fact, Mac OS seems to have already been upgraded.

Brian Krzanich, Intel’s CEO, disclosed to CNBC that a Google researcher cautioned Intel about this upcoming circumstances almost ‘2 months ago’.

The researcher was later identified by Google as Jann Horn who recommended users to also upgrade their systems to prevent against potential hacks.

This recent discovery has made everyone worried, and Intel is working hand-in-hand with other giants to protect potential hazards.

Incoming patches are expected to prevent attackers from exploiting the chips' design flaw, but have prompted concern that chip performance will be degraded as a result.

That could result in the slowing down of home and work computers, as well as cloud services that host popular sites and services, including Apple, Google and amazon.

Currently there is a lawsuit against Intel for concealing this kind of vulnerabilities that literally affect most of the PC and macOS users. 

The following posts will tackle in details the Spectre and Meltdown vulnerabilities.