Fix to chip hacking threat creates new worries

Fix to chip hacking threat creates new worries

SAN FRANCISCO - Tech companies have raced to come up with a fix to a major microchip security flaw that exposes every computer and smartphone to possible hacking, while the scale of the glitch is just becoming public.

Daniel Gruss is part of the research team that discovered the problem - actually two problems - one called Meltdown, which impacts chips made by Intel, the other: Spectre, which involves all computing chips installed in the past decade.

"If you download a file from the Internet, and it's an executable file, or you get an executable file send via e-mail, and you run it on your system, in either of the three cases, an attacker could incorporate a Meltdown or a Spectre attack in there, and with that could leak any secret stored on your system," Gruss said.

[[nid:406914]]

That threat has prompted Amazon, Apple, Google and Microsoft to push out software patches for Meltdown. But the fix is being criticised for slowing down devices...and that's not all.

The security update is clashing with anti-virus software causing desktop and laptop computers to freeze.

Some businesses worry the costly and time-intensive upgrade to computer systems may be worse the problem itself and are opting to wait - leaving the door open for hackers.

And that's just dealing with the Meltdown threat. Fixing the Spectre bug is proving to be more difficult. None of the major tech companies have a complete fix for that. Apple warned Friday that until it does, all iOS users will be at risk while browsing the web.

Graphic: The Straits Times
This website is best viewed using the latest versions of web browsers.