[ad_1]
Intel report still worried about effects of Spectrum and Meltdown vulnerabilities
In the past, processors were only optimized for performance. However, discovered hardware vulnerabilities also require special attention to the security of CPU architectures, which can not always be reconciled.
Intel knows how they appeared. the serious vulnerabilities Specter and Meltdown
A year after the discovery of Spectrum and Meltdown hardware vulnerabilities, Intel, one of the hardest-hit companies, is still working on their solutions and similar vulnerabilities discovered elsewhere.
Spectrum and Meltdown are: possible thanks to the optimization techniques of the processors namely speculative execution and execution in the disorder
Team Changes for a Better Approach
As hardware and non-software deficiencies, subsequent updates are only possible with the condition of "sacrificing" computing ability.
However, as can be seen, in a Wired report, Intel's internal research team, called STORM (offensive strategic research and mitigation), is primarily responsible for mitigation or the possible resolution of the problem.
Intel's research and security service includes 60 employees. About a dozen of them work for the STORM subgroup
. They are trying to detect the effects of security vulnerabilities. However, Specter and Meltdown are recognized as a special case because of the large number of systems involved.
STORM – Research and strategic offensive measures
As a solution, STORM works with the different product teams. Full implementation of the necessary protections for Specter and Meltdown is estimated at four to five years, but the initial adjustments are already in the current processors.
In response to vulnerabilities, the Intel team has been extended to several employees. security consulting firms and research organizations
New employees should help better manage problems.
Virtually no exploit of vulnerabilities
According to the report, the team works with a lot of freedom, but this is also related to the requirements: the vulnerabilities to be taken into account are still virtually unknown and therefore require new [19659002] According to Jon Masters, Red Hat Architectural Specialist, one of the particular problems of Specter and Meltdown is the fact that the differences contrast with the performance.
The remedy is only that: having measures that sacrifice performance.
However, it is expected that Intel will give priority to the issue of security in the future, but it is also clear that many new security vulnerabilities will now arise, just like the new versions of Specter. v5 or SpecterRSB
[ad_2]
Source link
