close
Advertisement
Can't connect right now! retry

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!
AFP
January 5, 2018

Computer chip ‘flaw’ sparks security debate amid scramble for fix

World

AFP
January 5, 2018

WASHINGTON: A newly discovered vulnerability in computer chips raised concerns Wednesday that hackers could access sensitive data on most modern systems, as technology firms sought to play down the security risks.

Chip giant Intel issued a statement responding to a flurry of warnings surfacing after researchers discovered the security hole which could allow privately stored data in computers and networks to be leaked. Intel labeled as incorrect reports describing a “bug” or “flaw” unique to its products.

Intel chief executive Brian Krzanich told CNBC that “basically all modern processers across all applications” use this process known as “access memory,” which was discovered by researchers at Google and kept confidential as companies work on remedies.

Google, meanwhile, released findings from its security researchers who sparked the concerns, saying it made the results public days ahead of schedule because much of the information had been in the media. The security team found “serious security flaws” in devices powered by Intel, AMD and ARM chips and the operating systems running them and noted that, if exploited, “an unauthorized party may read sensitive information in the system´s memory such as passwords, encryption keys, or sensitive information open in applications.”

“As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google´s systems and our users´ data,” Google said in a security blog. “We have updated our systems and affected products to protect against this new type of attack. We also collaborated with hardware and software manufacturers across the industry to help protect their users and the broader web.”

The Google team said the vulnerabilities, labeled “Spectre” and “Meltdown,” affected a number of chips from Intel as well as some from AMD and ARM, which specializes in processors for mobile devices. Intel said it was working with AMD and ARM Holdings and with the makers of computer operating software “to develop an industry-wide approach to resolve this issue promptly and constructively.” Jack Gold, an independent technology analyst, said he was briefed in a conference call with Intel, AMD and ARM on the issue and that the three companies suggested concerns were overblown.

“All the chips are designed that way,” Gold said. The companies were working on remedies after “some researchers found a way to use existing architecture and get into protected areas of computer memory and read some of the data,” he added.