AGL 40.40 Increased By ▲ 0.20 (0.5%)
AIRLINK 129.25 Increased By ▲ 0.14 (0.11%)
BOP 6.81 Increased By ▲ 0.21 (3.18%)
CNERGY 4.13 Increased By ▲ 0.10 (2.48%)
DCL 8.73 Increased By ▲ 0.28 (3.31%)
DFML 41.40 Increased By ▲ 0.15 (0.36%)
DGKC 87.75 Increased By ▲ 0.75 (0.86%)
FCCL 33.85 Increased By ▲ 0.50 (1.5%)
FFBL 66.40 Increased By ▲ 0.50 (0.76%)
FFL 10.69 Increased By ▲ 0.15 (1.42%)
HUBC 113.51 Increased By ▲ 2.81 (2.54%)
HUMNL 15.65 Increased By ▲ 0.42 (2.76%)
KEL 4.87 Increased By ▲ 0.09 (1.88%)
KOSM 7.62 Decreased By ▼ -0.21 (-2.68%)
MLCF 43.10 Increased By ▲ 1.20 (2.86%)
NBP 61.50 Increased By ▲ 1.00 (1.65%)
OGDC 192.20 Increased By ▲ 9.40 (5.14%)
PAEL 27.05 Increased By ▲ 1.69 (6.66%)
PIBTL 7.26 Increased By ▲ 1.00 (15.97%)
PPL 150.50 Increased By ▲ 2.69 (1.82%)
PRL 24.96 Increased By ▲ 0.40 (1.63%)
PTC 16.25 Increased By ▲ 0.01 (0.06%)
SEARL 71.30 Increased By ▲ 0.80 (1.13%)
TELE 7.25 Decreased By ▼ -0.05 (-0.68%)
TOMCL 36.29 Decreased By ▼ -0.01 (-0.03%)
TPLP 8.05 Increased By ▲ 0.20 (2.55%)
TREET 16.30 Increased By ▲ 1.00 (6.54%)
TRG 51.56 Decreased By ▼ -0.14 (-0.27%)
UNITY 27.35 No Change ▼ 0.00 (0%)
WTL 1.27 Increased By ▲ 0.04 (3.25%)
BR100 9,967 Increased By 125.2 (1.27%)
BR30 30,751 Increased By 714.7 (2.38%)
KSE100 93,292 Increased By 771.2 (0.83%)
KSE30 29,017 Increased By 230.5 (0.8%)

Tech groups like Amazon, Facebook and Alphabet are attracting increasing political heat for their dominance of markets like e-commerce, social media and web search. But a recently discovered security flaw in chips made by Intel, Advanced Micro Devices and ARM highlights another important concern: bugs potentially affecting hardware found in the majority of computing devices. Scale helps justify the massive investment needed to develop improved semiconductor technology and produce chips.
Intel last year said it would spend $7 billion on a US factory, and it had already started building the facility years ago. The dominance of a few players also helps ensure compatibility between machines. The downside is that hardware flaws like the newly revealed Meltdown and Spectre affect a huge number of users and could become systemic. It's an analogous problem to vulnerabilities in the once-dominant Microsoft Windows operating system - or, in the agricultural world, to a disease affecting a widely used crop variety, like the preponderant but under-threat Cavendish banana.
Security researchers on Wednesday published details of Meltdown and Spectre. The first affects Intel chips and potentially allows hackers to steal secret passwords by evading the hardware barrier between applications and a protected part of a computer's memory. The second also affects AMD and some ARM chips, and means hackers could trick applications into giving up information. Software groups like Apple and Microsoft had patches ready for Meltdown but not Spectre, which is less easily fixed but also harder to exploit. Research outfit Gartner reckons no single semiconductor vendor has more than a 15 percent share across all processor types, with Samsung last year displacing Intel for the top spot because of booming memory-chip sales. But in specific sub-sectors - like personal-computer or data-centre chips - single vendors dominate. The $200 billion Intel has more than 90 percent of the market for central processing units used in servers, for example, while it and AMD have long dominated PC microprocessors. True, vulnerabilities in chip design are rare. And the diligent patching of security holes helps mitigate the danger. But as semiconductors increasingly spread to homes, cars and factories through the Internet of Things, the risk is that a winner-takes-all chip industry effectively makes a few manufacturers' products too big to fail.
Researchers on January 3 revealed security flaws they said could let hackers steal sensitive information from nearly every modern computing device containing chips made by Intel, Advanced Micro Devices and ARM. One of the bugs is specific to Intel chips but another affects laptops, desktop computers, smartphones, tablets and internet servers. Intel and ARM said that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix.
The researchers - including Alphabet's Google Project Zero and other organisations including Cyberus Technology and Graz University of Technology - discovered two vulnerabilities. What they have called "Meltdown" breaks down the hardware barrier between a user's applications and operating system, potentially allowing hackers to access the memory and therefore secrets like passwords of other programs and the operating system. It affects Intel chips, but software patches are available.
"Spectre" breaks the isolation between different applications, allowing an attacker to trick otherwise error-free programs into leaking secret information. It affects chips from Intel, AMD and ARM and is harder to protect against. The flaws were first reported by tech publication The Register, which also reported that updates to fix the problems could causes Intel chips to operate 5 percent to 30 percent more slowly. Intel denied that the patches would bog down computers based on Intel chips.

Copyright Reuters, 2018

Comments

Comments are closed.