Tech & Science: Intel 'Zombieload' Fix Prompts Processor Slowdown Fears - PressFrom - United Kingdom
  •   
  •   

Tech & ScienceIntel 'Zombieload' Fix Prompts Processor Slowdown Fears

18:40  15 may  2019
18:40  15 may  2019 Source:   silicon.co.uk

Intel abandons development of modular Compute Cards

Intel abandons development of modular Compute Cards Intel still believes in modular PCs, but is giving up on this approach

Intel has come to that conclusion after assessing the performance changes in computers using 6th, 7th and 8th Generation Intel core processors with A few days ago, Intel admitted that the fix for the flaws that leave its chips open to remote attackers will slow down PCs, but it has changed its wording

Intel is grappling with another major security flaw in its processors and this time, the cost of fixing it may be very steep. How much of a slowdown you see depends on the processor and the task in question.

Intel 'Zombieload' Fix Prompts Processor Slowdown Fears © Proporcionado por SILICON Intel 'Zombieload' Fix Prompts Processor Slowdown Fears © Tom Jowitt, silicon.co.uk

Chip giant Intel is once again in the security spotlight after researchers found a new set of vulnerabilities with its processors, which if exploited could result in the theft of data directly from the chip itself.

The new set of flaws are said to affect almost every Intel processor made since 2011, but not processors from rivals such as ARM or AMD.

The fresh security scare was discovered by researchers Michael Schwarz, Moritz Lipp, Daniel Grus at Graz University of Technology in Austria, as well as Jo Van Bulck from KU Leuven university in Belgium. They called the vulnerabilities ‘Zombieload‘.

Intel’s processor shortage is dragging down PC sales

Intel’s processor shortage is dragging down PC sales Intel’s production woes have meant lower-end CPUs are thin on the ground, so PC makers are turning to AMD.

Intel has been trying to calm nerves around patches for the Meltdown and Spectre bugs since researchers revealed not only that the chip-level flaws not only left almost every modern computer open to surveillance, but that the fix would cause a slowdown in performance on affected systems.

The fixes will also slow down computers by between 5% to 30%, according to some researchers. Intel downplayed the risks in a press release the other day, and says that most users won’t notice the slowdown . But is that really the case?

Intel 'Zombieload' Fix Prompts Processor Slowdown Fears © Getty

Chip flaw

According to these researchers, “ZombieLoad” is a side-channel attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than injecting malicious code.

Intel meanwhile announced that ZombieLoad is made up of four bugs, after it was notified by the researchers of the problem over a month ago

“After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors,” warned the university researchers. “The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them.”

“While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs,” they wrote. “These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys.”

The only real loser in the Apple-Qualcomm settlement is Intel

The only real loser in the Apple-Qualcomm settlement is Intel It's likely Apple will switch back to Qualcomm chips for its phones after settling its legal battle. Intel will be out.

Increased processor use occurred when company installed patches to fix flaws, leaving players of online battle game Fortnite unable to login.

Patches that fix the security flaws also make the processors run slower in some circumstances, according to Intel . Intel CEO Brian Krzanich at the IDF developer conference in 2016. The company said Tuesday that fixes for the Spectre and Meltdown vulnerabilities were causing slowdowns of 6

And they warned the attack did not only affect the processors found in personal computers but also the server processors found in the cloud and data centres.

Intel 'Zombieload' Fix Prompts Processor Slowdown Fears © Getty

“MDS is a sub-class of previously disclosed speculative execution side channel vulnerabilities and is comprised of four related techniques,” Intel wrote. “Under certain conditions, MDS provides a program the potential means to read data that program otherwise would not be able to see. Practical exploitation of MDS is a very complex undertaking.”

The chip giant said that all future Intel processors will include hardware mitigations addressing these vulnerabilities.

It seems that the researchers decided to call the flaws ZombieLoad from a “zombie load,” which is an amount of data that the processor can’t properly process.

This forces the processor to ask for help from the processor’s microcode to prevent a crash. Apps are usually only able to see their own data, but this bug reportedly allows that data to flow across those boundary walls.

The only real loser in the Apple-Qualcomm settlement is Intel

The only real loser in the Apple-Qualcomm settlement is Intel It's likely Apple will switch back to Qualcomm chips for its phones after settling its legal battle. Intel will be out.

How to fix slow PC performance. 1. Perform System Maintenance Troubleshooter. Go to the search field box and type CMD. Select Command Prompt . The Performance Troubleshooter automatically finds and fixes problems, checking issues that cause computer slowdown , thereby affecting your

A security flaw in Intel processors has led to a redesign of Linux and Windows kernels. Programmers have been busy for the past two months patching The Register reports that the slowdowns could be between 5 and 30 percent depending on the exact Intel processor . While Linux patches have been

Firms such as Apple and Microsoft have already released patches, but unfortunately it seems that the patches will hurt processor performance, most notably in the chips found in data centres.

It is reported that processors in consumer PCs could take a performance hit of about 3 percent at worse, but data centre processors could see a performance hit of as much as 9 percent.

Intel 'Zombieload' Fix Prompts Processor Slowdown Fears © Getty

Expert view

The security industry meanwhile warned that these Zombieload flaws can be exploited equally by criminal hackers or government agencies.

“Spying tools should never be underestimated, as they are constantly being tried and tested in the wild,” said Jake Moore, Security Specialist at ESET.

“Being able to eavesdrop on a target is always a favourite in a cyber criminals’ toolkit but we also shouldn’t forget that tools such as this aren’t just used by the bad guys,” said Moore. “We all remember EternalBlue and how that was used to exploit data by actors on both sides of the law.”

“Tricking the CPU into revealing protected data could have massive implications to millions of people around the world,” he added. “Such data could easily include their passwords or even keys to decrypt their encrypted hard drives. Luckily there is now a tool you can use to test the vulnerability on your machine.”

Intel’s new laptop processors hit the 5GHz mark

Intel’s new laptop processors hit the 5GHz mark Plus, new 9th Gen chips for desktops

The Intel processor flaw is related to software "kernels" -- the core of an operating system. At the most basic level, the kernel handles the interactions between Intel -based PCs running the Linux operating system suffer from the same problem. That could have big implications for cloud computing, given that

24, Intel , which supplies about 99 percent of the processors that run servers, raised alarms when it blamed a weak revenue forecast in part on a slowdown in spending from large Builders of processors and networking components also have to deal with shifting demand from corporate

Gallery: WhatsApp hack and other notorious data breaches (StarsInsider)

Another expert pondered the issue of a performance slowdown and whether Intel would seek to bake in improved security practices in the future.

“It’s another day and another big headline impacting a technology giant in the cybersecurity industry,” said Sam Curry, chief security officer at Cybereason. “This drama will continue to play out in the days and weeks ahead.”

“However, unlike the recent Cisco router vulnerability, and most notably the ‘2nd flaw’ that was making headlines, a patch or patches are available and they will help,” said Curry. “Overall, as an industry it doesn’t help that security has a reputation as a discipline for slowing things down and being ‘Dr No.’ Security early is always better than security late, so I’m most interested in the after-action findings from Intel. Was security ignored or even an afterthought? Or is this a natural occurrence of a security bug as all life cycles can and will produce?”

Intel has been here before after it was rocked by the Spectre and Meltdown flaws uncovered in early 2018.

The Spectre and Meltdown bugs resulted in a chaotic patching effort from Intel, which was forced to withdraw some of its initial fixes after acknowledging they had rendered some systems unstable.

MSN UK are Empowering Happiness for mental health awareness month. Find out more about our campaign and the charities working to stop people falling into crisis here.

New Intel chip flaw leaves your PC exposed again.
The Meltdown and Spectre flaws were just the beginning, researchers say.

—   Share news in the SOC. Networks
usr: 0
This is interesting!