Home About Contact Advertise Our Sites: Billions of Bytes | Mobile Device Now | Apple Info Center
Billions of Bytes
Home > Real-Time News

Smartphone Users Beware: Chip Flaw Affects Mobile Devices
By Maxwell Cooter
Posted: January 5, 2018 1:27pm PST

Mobile users who thought they were unaffected by the Meltdown flaw affecting Intel chips are suddenly not quite so secure. A second flaw, dubbed Spectre, has been discovered -- and this time it affects ARM processors, as well as Intel and AMD chips. This means that all mobile devices that use ARM architecture (and that's pretty much all of them) are now in danger of attack.

The flaws were discovered by several teams, working independently. Meltdown was detected by researchers working for Google Project Zero, and was reported to Intel in June last year.

The vulnerability was then picked up by teams at Graz University of Technology and Cyberus Technology. Jann Horn's team at Google Project Zero also identified Spectre first, but researchers from a variety of institutions also confirmed the flaw.

A blog post from the team at the Graz University sets out the difference between the two flaws. "Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location."

Good and Bad News

There's good and bad news about Spectre: the, relatively, good news is that it's a harder flaw to exploit, not something that's likely to be exploited by the archetypal teenage hacker sitting in his bedroom, but it's a weakness that could well be exploited by state security services and criminal gangs. However, the bad news is that there's no known fix for the flaw. There are, however, no known attacks in the wild.

In a statement, Intel said it was working with ARM and AMD to address the flaw. ARM has put out a security briefing note, indicating which chips could have been affected by Spectre. The company also advises its users to ensure that users are careful to follow good practice to stay as safe as possible. "It is important to note that this method is dependent on malware running locally which means it's imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads," said the company in its briefing note.


© 2018 T-break Tech. Syndicated here under contract with YellowBrix, Inc. All rights reserved.
 

Tell Us What You Think
Comment:

Name:


Advertisement


Information: About Us | Contact Us | How to Advertise
Services: Services for PR Pros (In partnership with NewsFactor)
Sunshine Policy Network Sites: Billions of Bytes | Mobile Device Now | Apple Info Center | Top Tech Wire
Billions of Bytes
© Copyright 2018 Billions of Bytes and Accuserve Tech Network. All rights reserved.