Here we go again.
Researchers have found a new CPU flaw that is similar to the Spectre CPU flaw. This one is called BranchScope and was found by researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside and Binghamton University. A report on the flaw indicates that the attack uses some of the same predictive execution vulnerabilities as Spectre, exploiting the branch predictors of chips by using them to inadvertently leak sensitive information.
The folks at Ars Technica got this comment from Intel on this new CPU flaw:
We have been working with these researchers and we have determined the method they describe is similar to previously known side channel exploits. We anticipate that existing software mitigations for previously known side channel exploits, such as the use of side channel resistant cryptography, will be similarly effective against the method described in this paper. We believe close partnership with the research community is one of the best ways to protect customers and their data, and we are appreciative of the work from these researchers.
In other words, nothing to see here, move along. We’ll find out if there’s nothing to see here as now that this is public, hackers will be looking at this to see if they can utilize it to pwn computes all over hell’s half acre.
Related
This entry was posted on March 28, 2018 at 8:33 am and is filed under Commentary with tags Intel. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Oh Noes! New Intel CPU Flaw Discovered! Is It A Big Deal?
Here we go again.
Researchers have found a new CPU flaw that is similar to the Spectre CPU flaw. This one is called BranchScope and was found by researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside and Binghamton University. A report on the flaw indicates that the attack uses some of the same predictive execution vulnerabilities as Spectre, exploiting the branch predictors of chips by using them to inadvertently leak sensitive information.
The folks at Ars Technica got this comment from Intel on this new CPU flaw:
We have been working with these researchers and we have determined the method they describe is similar to previously known side channel exploits. We anticipate that existing software mitigations for previously known side channel exploits, such as the use of side channel resistant cryptography, will be similarly effective against the method described in this paper. We believe close partnership with the research community is one of the best ways to protect customers and their data, and we are appreciative of the work from these researchers.
In other words, nothing to see here, move along. We’ll find out if there’s nothing to see here as now that this is public, hackers will be looking at this to see if they can utilize it to pwn computes all over hell’s half acre.
Share this:
Like this:
Related
This entry was posted on March 28, 2018 at 8:33 am and is filed under Commentary with tags Intel. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.