05/01/2018 By Aaron Hoare 2018, Alexa, Amazon, amd, Android, Apple, APU, arm, attack, Chrome, Computer, CPU, Cyber, cyber cover, Echo, Firefox, Firmware, Google, Home, Insurances, intel, iOS, iPhone, kernel, Mac OS, Microsoft, Office, Operating system, OS, OS X, ransomware, Safari, Samsung, security flaw, update, Windows
Apple have confirmed all their devices including iPhones are subject to this vulnerability.
So why are so many different devices vulnerable – and what is being done to fix things?
When it is working, a computer shuffles around huge amounts of data as it responds to clicks, commands and key presses.
The core part of a computer’s operating system, the kernel, handles this data co-ordination job.
The kernel moves data between different sorts of memory on the chip and elsewhere in the computer.
Computers are engaged in a constant battle to make sure the data you want is in the fastest memory possible at the time you need it.
When data is in the processor’s own memory – the cache – it is managed by the processor but it is at this point that the newly revealed vulnerabilities come into effect.
Spectre essentially gets programs to perform unnecessary operations – this leaks data that should stay confidential.
Meltdown also grabs information – but it simply snoops on memory used by the kernel in a way that would not normally be possible.
Some of the affected chips are used in laptops, tablets and smartphones.
Spectre exploits something called “speculative execution”, which prepares the results of a set of instructions to a chip before they may be needed.
Those results are placed in one of the fastest bits of memory – on the computer’s processor chip.
Unfortunately, security researchers have discovered that it is possible to manipulate this forward-looking system to get the processor to perform operations on memory that it wouldn’t normally do.
Bit by bit, this technique could be used to reveal sensitive or important data.
full story here: http://www.bbc.com/news/technology-42564461
To talk about your options on cyber insurance, limiting your loss when an attack happens, speak to our specialist on Cyber Insurance:
Call us today on 049 4380020 or email: firstname.lastname@example.org
Comments are closed.