Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 7 MINUTES AGO.
You are here: Home / Data Security / Chip Flaw May Affect Smartphones
Smartphone Users Beware: Chip Flaw Affects Mobile Devices
Smartphone Users Beware: Chip Flaw Affects Mobile Devices
By Maxwell Cooter Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JANUARY
05
2018
Mobile users who thought they were unaffected by the Meltdown flaw affecting Intel chips are suddenly not quite so secure. A second flaw, dubbed Spectre, has been discovered -- and this time it affects ARM processors, as well as Intel and AMD chips. This means that all mobile devices that use ARM architecture (and that's pretty much all of them) are now in danger of attack.

The flaws were discovered by several teams, working independently. Meltdown was detected by researchers working for Google Project Zero, and was reported to Intel in June last year.

The vulnerability was then picked up by teams at Graz University of Technology and Cyberus Technology. Jann Horn's team at Google Project Zero also identified Spectre first, but researchers from a variety of institutions also confirmed the flaw.

A blog post from the team at the Graz University sets out the difference between the two flaws. "Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location."

Good and Bad News

There's good and bad news about Spectre: the, relatively, good news is that it's a harder flaw to exploit, not something that's likely to be exploited by the archetypal teenage hacker sitting in his bedroom, but it's a weakness that could well be exploited by state security services and criminal gangs. However, the bad news is that there's no known fix for the flaw. There are, however, no known attacks in the wild.

In a statement, Intel said it was working with ARM and AMD to address the flaw. ARM has put out a security briefing note, indicating which chips could have been affected by Spectre. The company also advises its users to ensure that users are careful to follow good practice to stay as safe as possible. "It is important to note that this method is dependent on malware running locally which means it's imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads," said the company in its briefing note.

© 2018 T-break Tech under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: AMD; Intel; Artist's concept.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY

NETWORK SECURITY SPOTLIGHT
Fewer than one in 10 active Gmail users have enabled two-factor authentication, a free security measure meant to protect accounts against unauthorized access, a Google software engineer says.
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.