Hardware Vulnerability ‘Spectre’ a Genuine Threat, Say Experts

Generations of computers and devices will need a complete design overhaul in order to rectify the issue

Thursday 14th March 2019

Google experts have claimed that ‘Spectre’, a major security weakness inherent in most computer processing chips, is believed to be impossible to patch with software alone. In fact, the vulnerability is so significant that future generations of computers and devices will need a complete design overhaul in order to rectify the issue.

Spectre allows devices to be compromised by programmes that can potentially steal sensitive data such as passwords, emails and perhaps more. Computer chips manufactured by world-leading brands Intel, AMD and ARM, which globally supply processing components for practically all smartphones, are believed to be affected by Spectre.

Upon realising the threat Spectre poses and its worldwide presence, tech companies immediately got to work on finding a solution. It was discovered that Spectre decreases device speed by up to thirty percent, leading to Google adding a feature to isolate individual pages on Chrome to damage-control the vulnerability.

Despite the tech world’s greatest efforts, however, no comprehensive solution to the issues currently exists, with a fix for the fundamental flaw yet to be found. Speculative Store Bypass, a manifestation of the vulnerability, has now been branded as irreparable by Google experts. “The entire field of computing missed this,” Ben Titzer, co-author of the study, explained to New Scientist.

Spectre exploits a flaw in a feature called speculative execution, which optimizes processing speeds. Realising the likely futility of their efforts to safeguard against Spectre, experts now believe the only real way to overcome it may be to simply move forward, leaving the technology behind and ensuring that manufacturers iron out the flaw when designing next-gen computer chips and devices.

Due to the precise details of what can be stolen remaining unknown at this time, it is therefore difficult to gauge the effectiveness of previous software fixes. Computer chips make conjectures about future calculations which may be ultimately discarded if found to be incorrect.

Google’s Project Zero analyst team, comprised of security experts working alongside industry researchers across several countries, discovered the two flaws, known as Meltdown and Spectre, earlier in January.

Meltdown, specific to computer chips manufactured by Intel, allows hackers to bypass the hardware blockade between user-run applications and computer memory, something that could potentially enable hackers to read a computer’s memory.

Project Zero initially uncovered Meltdown in June 2018 when expert Jann Horn found that sensitive information like encryption keys, passwords, among other data, open in applications (that should have been secure) could be accessed.

The next flaw to be found, Spectre, which affects computer chips from the big-three tech brands Intel, AMD and ARM, allows hackers to potentially dupe otherwise error-free applications into disclosing confidential user information.

Award winning antivirus protection from TotalAV. Stay 100% safe from malware and online threats.

Security & Privacy

Intel Chip Bug Could Enable Mass Data Theft by Hackers
A newly uncovered flaw within Intel hardware enables cyber criminals to intercept vitally sensitive data inside a user’s computer
17 April 2019

Security & Privacy

The GUI who Tracked Me
How is your cell being tracked? And by whom?
04 April 2019

Security & Privacy

Apple iOS 12.2 Update Fixes 50+ Vital Security Flaws
With the release of Apple iOS 12.2, the tech juggernaut has released a major update which includes patches for over 50 critical security bugs
04 April 2019