A serious failure in technology: Specter and Meltdown

in technology •  7 years ago  (edited)

Here are the names of the most serious failures of computer security in this century and is that even if you are not informed of the subject it may be useful to know what is happening, here is a summary explaining how this error occurs and how to (repair or mitigate it since there is not a total security patch at the moment).

Meltdown-y-Spectre.jpg

You wonder, how does this affect you on a day to day basis ?, and just think for a moment how it affects the electronic media in your life since starting the day and check the computer, the phone, the tablet for a important email, check social networks, bank accounts or simply entertain electronic devices are highly used and that is why we must know what these failures affect us and prevent a possible disaster in our lives and is that as the saying goes '' War warned does not kill soldier kills him for careless '' is why I'm in charge of reporting how that error affects our lives.

And in mid-April of 2017 a young German engineer Jann Horn and expert in cybersecurity in addition to a member of the Google Zero Project community, casually reviewing if her computer could be able to process a calculation system that the design realized that his computer had a serious structural failure and that using different techniques to thoroughly analyze his computer, and began to see that a 'hacker' with some knowledge could be done with computer data through the '' Processors ''.

"I realized that the processor could filter some of the secret data we were working on," explains Horn.

DQmQjBXfTA4gyXGXvbme79ubvm64uzPmUF8Hwny2XQpVqwy.jpg

So what are these faults that cause Specter and Meltdown in computers?

The researchers found two main weaknesses in the processors that could allow attackers to read sensitive information that should never leave the central processing unit, known as the kernel. Both problems allow to read secret information that the processor temporarily makes available outside the chip. This is one of the main characteristics of the processor and is that when making a process computers use speculative execution and it is simply as the computer tries to guess in the execution of a process which will be the next mathematical sentence that will use this process saving time in the execution of the process allowing the process to be carried out in advance, the problem is that if the processor does not succeed, it is reported that it was erroneous in the judgment.

This means that someone using a code measures the time it takes a subsequent instruction to use these discarded mathematical addresses, whether or not it is in the cache memory (for the time it takes to make the machine this process) someone can determine to which address memory has been accessed and what is the value of the eighth bit of a kernel address. Then bit by bit and with time you can read all the contents of the kernel memory by applying this operation millions of times.

It is important to highlight this failure in the design of the processors affects all the processors created from 1998 to the present are 20 years of this failure and is that the greatest efforts to mitigate the failures have brought economic consequences for companies that are affected by this error both AMD, Intel and ARM the latest manufacturer of microprocessors for mobile devices, another aspect affected is the performance in computers and devices as it must prevent the computer discard the information left over from their processes reducing the processing capacity of the same from 5% to 30%, this does not directly affect the home users of computers since they do not use 100% of the computer processes frequently, affect more to companies and servers which if will going to observe the decrease in the transfer of data to a higher level.

Final notes

Since this failure was recently detected and made public we do not know the magnitude of the impact of her, since 20 years have passed with this problem and it is certain we do not know if this error was committed on purpose by the companies that know their devices and collect information from them to know the tastes of users or simply is a design flaw that was not taken seriously until now some processors that came out last year does not contain these failures simply because their architecture is different is the case of AMD Ryzen and ARM1176, Cortex-A7, Cortex-A53, Finally this is a article was made for reflection and inform the community, leave your comments and what you think of this ruling.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!