• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

The Meltdown and Spectre security bugs

 
Java Cowboy
Posts: 16084
88
Android Scala IntelliJ IDE Spring Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The past week there was a lot of fuss about two security problems in Intel and other CPUs. Like with other security bugs that have happened before, these two have gotten their own catchy names and even a logo: Meltdown and Spectre.

Are you worried about these bugs, do you think they will affect you?

Here's a good video explanation of how these bugs exactly work:

 
Saloon Keeper
Posts: 7355
170
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Spectre first became known to the world in 1961, but eventually sunk back to obscurity. Since its reappearance in 2006 its been a continuous menace.
 
Rancher
Posts: 383
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Every time I hear, or read, about new viruses out there wreaking havoc on computers I often wonder if the author(s) who wrote the first virus ever regretted it.

Fun fact: It's up for debate on who wrote the first virus, but many sources cite a couple of brothers from Pakistan who created a virus (in relation to IBM PCs) to prevent copyright violations occurring with their program. Quote from wikipedia article:

The first IBM PC virus in the "wild" was a boot sector virus dubbed (c)Brain,[36] created in 1986 by the Farooq Alvi Brothers in Lahore, Pakistan, reportedly to deter unauthorized copying of the software they had written.



And as we all know, it just proliferated from there...
 
Saloon Keeper
Posts: 25645
183
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The worst thing about these particular exploits is that they attack at the microcode level. I would imagine that it would be a LOT harder for a virus scanner to detect attacks on the hardware that depend on instruction pipelines and timing bubbles that it would be to see if something is assaulting OS data structures.

In fact, at one point, it was considered a virtual certainty that the only real cure was to scrap the processor hardware entirely.

At least my Raspberry Pi systems are immune. I've got a few AMD machines and I think that Spectre can bother them, but my only major Intel machine is powered off until the next project where having a noisy 1U box is a requirement.

Amazon and other ISPs, on the other hand, are probably not very happy today.

Hmm. I wonder if Google's custom-designed hardware is vulnerable?
 
Marshal
Posts: 8298
592
Mac OS X VI Editor BSD Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Jesper de Jong wrote:Are you worried about these bugs, do you think they will affect you?


My company seemed worried. Our cybersecurity department released email how it will affect the users due to the systems being patched. Employees have been given instructions how to act on Internet due to a window period.

That's the more noticeable fuss lately as far as I remember. Thanks for the link, I myself just now looked at it in more details.
 
Saloon Keeper
Posts: 14002
315
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Randy Maddocks wrote:Every time I hear, or read, about new viruses out there wreaking havoc on computers I often wonder if the author(s) who wrote the first virus ever regretted it.


I think that if they hadn't written that virus, someone else, later, would have written the first one. People are very good at deliberately breaking things, and if they have the chance to do it without getting caught, they will.
reply
    Bookmark Topic Watch Topic
  • New Topic