You are here:
Home / Latest Lingerie News
The world’s biggest chipmakers and software companies, including Intel Corp. and Microsoft Corp., are coming to grips with a vulnerability that leaves vast numbers of computers and smartphones susceptible to hacking and performance slowdowns.
Google researchers recently discovered that a feature, present in almost all of the billions of processors that run computers and phones around the world, could give cyberattackers unauthorized access to sensitive data — and whose remedy could drag on device performance. News of the weakness, found last year and reported Tuesday by The Register technology blog, weighed on shares of Intel, the biggest semiconductor maker, while boosting rivals including Advanced Micro Devices Inc. Intel’s silence for most of Wednesday added to investors’ unease.
Late in the day, Intel, Microsoft, Google and other tech bellwethers issued statements aimed at reassuring customers and shareholders. Intel said its chips weren’t the only ones affected and predicted no material effect on its business, while Microsoft, the largest software maker, said it released a security update to protect users of devices running Intel and other chips. Google, which said the issue affects Intel, AMD and ARM Holdings Plc chips, noted that it updated most of its systems and products with protections from attack. Amazon.com Inc., whose AWS is No. 1 in cloud computing, said most of its affected servers have already been secured.
Hackers for decades have exploited security holes in software — for example, by inducing careless, unsuspecting users to open attachments that unleash viruses or other malware onto a device or network. The weakness uncovered by Google, by contrast, underscores the potential damage wreaked by vulnerabilities in hardware. Complex components, such as microprocessors, can be harder to fix and take longer to design from scratch if flawed.
“It’s a big one and it’s a severe one. This gives an attacker capabilities that bypass the common operating system security controls that we’ve relied on for 20 years,” said Jeff Pollard, an analyst at Forrester Research. “There’s big impact on both the consumer and enterprise.”
Read more: What You Need to Know About the Big Chip Security Problem
Intel’s stock remained under pressure even after its statement.
“We struggle to believe that Intel won’t face some sort of financial liability,” analysts at Sanford C. Bernstein wrote in a note.
China’s largest cloud computing services scrambled Thursday to address the issue. Domestic industry leader Alibaba Group Holding Ltd. said it planned to update its systems from 1 a.m. on Jan. 12 to handle potential chip security issues. Rival Tencent Holdings Ltd. said it was in touch with Intel on possible fixes but wasn’t aware of any attempted attacks.
Applying the operating system upgrades designed to remedy the flaw could hamper performance, security experts said. The Register reported that slowdowns could be as much as 30 percent — something Intel said would occur only in extremely unusual circumstances. Computer slowdowns will vary based on the task being performed and for the average user “should not be significant and will be mitigated over time,” Intel said, adding that it has begun providing software to help limit potential exploits.
Intel’s efforts to play down the impact resulted in a war of words with AMD. Intel said it’s working with chipmakers including AMD and ARM Holdings, as well as operating system makers to develop an industrywide approach to resolving the issue. AMD was quick to retort, saying, “there is near-zero risk” to its processors because of differences in the way they are designed and built.
The vulnerability doesn’t just affect PCs. All modern microprocessors, including those that run smartphones, are built to essentially guess what functions they’re likely to be asked to run next. By queuing up possible executions in advance, they’re able to crunch data and run software much faster.
The problem in this case is that this predictive loading of instructions allows access to data that’s normally cordoned off securely, Intel Vice President Stephen Smith said on a conference call. That means, in theory, that malicious code could find a way to access information that would otherwise be out of reach, such as passwords.
“The techniques used to accelerate processors are common to the industry,” said Ian Batten, a computer science lecturer at the University of Birmingham in the U.K. who specializes in computer security. The fix being proposed will definitely result in slower operating times, but reports of slowdowns of 25 percent to 30 percent are “worst-case” scenarios, he said.
Intel Chief Executive Officer Brian Krzanich told CNBC that a researcher at Google made Intel aware of the issue “a couple of months ago.”
“Our process is, if we know the process is difficult to go in and exploit, and we can come up with a fix, we think we’re better off to get the fix in place,” Krzanich said, explaining how the company responded to the issue.
Google, a unit of Alphabet Inc., identified the researcher as Jann Horn. While many of its products have already been protected, some customers of Android devices, Google laptops and its cloud services still need to take steps to patch security holes, the internet giant said.
Microsoft on Wednesday released a security update for its Windows 10 operating system and older versions of the product to protect users of devices with chips from Intel, ARM and AMD, the company said in a statement. Late in the day, Microsoft said the majority of Azure cloud infrastructure has been updated with the fix and most customers won’t see a noticeable slowdown with the update.
“We have not received any information to indicate that these vulnerabilities had been used to attack our customers,” Microsoft said. The fixes were originally planned for release on Jan. 9, but were rushed out Wednesday after the weakness was made public, according to a person familiar with the situation.
Apple Inc. didn’t respond to requests for comment about how the chip issue may be affecting the company’s operating systems.
Providers of computing power and services via the internet will have to upgrade software to work around the potential vulnerability, which will require additional lines of code, computing resources and energy to perform the same functions while maintaining security, said Frank Gillett, another analyst at Forrester.
“When you’re running billions of servers, a 5 percent hit is huge,” he said.
— With assistance by Dina Bass, Alex Webb, Jeremy Kahn, Mark Bergen, Spencer Soper, and Lulu Yilun Chen
Share and Enjoy
<!– –>
Weather
A potent winter storm threatened to dump wind-driven snow and ice from Florida to Maine as a fierce cold wave’s unrelenting grip on the nation showed no signs of easing Tuesday, forecasters warned.
Schools were shuttered and records shattered as relief for more than 200 million Americans remains several days away.
If that wasn’t enough, the National Weather Service issued winter storm watches and warnings all the way from northern Florida to northern Maine, a distance of some 1,500 miles.
A winter storm warning was in effect for portions of the Florida panhandle, where a mix of snow and ice is in the forecast early Wednesday. This is the state’s first such warning in almost four years, the weather service said.
Snow and/or ice is also forecast in portions of Georgia, the Carolinas, Virginia, Maryland, Delaware, New Jersey and New York.
The Weather Channel has named the storm Winter Storm Grayson as part of its winter-storm naming system.
More from USA Today:
Alaska has been unusually warm this winter
Lightning deaths at all-time record low in 2017
Snow and cold linger across U.S.
As much as a quarter of an inch of ice and a couple of inches of snow, with locally higher amounts, are possible from portions of the Florida panhandle to eastern North Carolina on Wednesday, the weather service said.
New England will also take a pounding, where Maine could see a foot of snow and hurricane-force winds, AccuWeather forecast.
Blizzard conditions are likely from portions of Long Island, N.Y., to northeastern Maine, New Brunswick and western Nova Scotia, AccuWeather said.
The storm is forecast to explode off the New England coast and could be the most powerful non-hurricane to affect the Northeast in the past 30 years, according to Earth Networks meteorologist Anthony Sagliani.
“Our biggest concern is the potential for damaging wind gusts especially near the southeast New England coast,” the weather service in Boston said. “Power outage risk followed by arctic air Fri/Sat a big concern!”
A freeze watch was in effect Tuesday night for Lake City, Fla., 60 miles west of Jacksonville. A wintry mix was forecast for Wednesday. The snow, wind and travel disruptions will roll north Wednesday night through Thursday night.
In all, some 208 million Americans are forecast to wake up to freezing temperatures Wednesday morning, weather.us meteorologist Ryan Maue said.
And the cold isn’t going away.
“After a brief moderation from the cold at midweek, more bitter cold and downright harsh air will return,” AccuWeather meteorologist Kyle Elliott said.
The next air mass will be up to 10 degrees colder than the front that froze the Northeast the last few days, Elliott said.
Some all-time cold temperature records could be set.
“I don’t know if we are going to set any records for heating energy usage, but we are certainly going to stress-test the system, ” said former weather service meteorologist Gary Szatkowski.
The extended cold wave, which began creeping across the nation before Christmas, enveloped a swath of the country from Montana and Texas to the East Coast. The Southeast wasn’t spared — Atlanta awoke to 13 degrees on Tuesday and barely broke above freezing later in the day.
The weather already has been deadly. In Wisconsin, the Milwaukee County Medical Examiner’s Office said the bodies of two men found outdoors Sunday showed signs of hypothermia. In Bismarck, N.D., police said cold weather “may have been a factor” in the death of a 52-year-old man whose body was found lying in the snow.
In Indiana, the 30,000 students in the Indianapolis school system were kept home because of “dangerous weather conditions.” The temperature at 7 a.m. was -11 degrees with a wind chill mark below -20 degrees.
Cincinnati’s 35,000 students had their holiday break extended at least a day when authorities closed the schools because of the cold. Other districts in Ohio, including Canton, shut schools for the day.
In western New York, blinding snow Tuesday led to a massive pileup on I-90 near Buffalo, which involved at least 75 cars.
Boston schools soldiered on, but some nearby districts such as Everett, Mass., shut down for the day; others delayed opening a couple hours. On Saturday, Boston could challenge its lowest maximum temperature ever recorded for the date — 7 degrees, in 1896, AccuWeather said.
In South Dakota, Aberdeen hit -32 degrees on New Year’s Day, smashing a record that stood for 99 years. In Nebraska, Omaha’s 15-below 0 degrees on Sunday broke a record dating to 1884.
New York Mayor Bill de Blasio kicked off his second term Monday with an outdoor swearing-in ceremony and temperatures in the teens. It may not get that warm on Saturday.
— The Associated Press contributed to this report.
Playing
Share this video…
Watch Next…
Share and Enjoy