Intel faces three lawsuits after the chip security flaws known as Spectre and Meltdown were reported by the researchers at ‘Google Project Zero’ few weeks ago.This flaw is largest chip security flaw ever faced by companies which causes your sensitive data to be easily accessible. Researchers said that these flaws are affecting every processing chip manufactured in the past decade. Although ARM based chips are not affected by the meltdown
Three major types of companies are affected by these flaws including processor companies operating system companies cloud providers.The security vulnerability was reported last year in June by researchers but it was not publicly revealed. Intel claimed that:
Intel believes these exploits do not have the potential to corrupt, modify or delete data.
The flaws are forcing the redesign of Kernels of some of the most known operating systems like Windows and Linux although Microsoft has already released a patch to mitigate the flaws but that will not fix the chip bug completely.The latest patch introduced by Microsoft in latest windows update is might not be compatible with the anti-virus softwares but Microsoft said that they are working for the betterment of the devices.
What is Meltdown and Spectre?
The Meltdown and Spectre are the largest chip flaws ever.According to the research the modern CPUs use “Speculative execution” of data in order to increase the performance. Meltdown is a flaw that exploits the data to the hacker and thus makes it vulnerable. Data like your passwords your personal information and the application data which is stored in kernel’s memory is easily accessible by hackers due to this flaw. Meltdown, therefore, requires a change to the way the operating system handles memory to fix. On the other hand Spectre is not that of a big deal but its way more complicated to fix.
Intel says that they have released a new update and patch up that should fix it but according to research the companies have to redesign the chips and the patch ups can lower down the performance of the processors down to 30%, which intel denied and said:
Intel continues to believe that the performance impact of these updates is highly workload-dependent and, for the average computer user, should not be significant and will be mitigated over time.
Three class actions Law suits were reported by the plaintiffs in America over the Meltdown and Spectre chip flaw. The lawsuits cite the chip security flaws that are making sensitive data vulnerable. Further lawsuits cite the Intel’s late response to these flaws and acknowledging its customers about the flaw it was already reported by researches last year in June and the significant degrade in performance of the CPUs after the installment of patch ups. Intel responds to laws suits and said:
“confirm it is aware of the class actions but as these proceedings are ongoing, it would be an inappropriate to comment”.
Since all of the Apple products are Intel and AMD based, Apple also responded to the flaws. ‘Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown’ Apple said. Apple claimed that these updates will mitigate the exploitation of sensitive data through safari browser. although the Apple watch is unaffected by any flaw. According to apple the performance of the devices will not be affected by the new update.
Our current testing indicates that the Safari mitigations have no measurable impact on the Speedometer and ARES-6 tests and an impact of less than 2.5% on the JetStream benchmark.