Thursday, May 23, 2019

What if we all have a hardware incontinence vulnerability?



Charlie Warzel and Sarah Jeong do a little skit on the New York Times “The Internet Security Apocalypse You Probably Missed”.  It’s a little like Daniel Gruss’s “Microarchitecutral Incontinence” about Intel chips.  This time, it’s Cisco routers.
Suddenly, a possible vulnerability that could target anyone, and that you could fix only with hardware.
  
Three or four years ago, the fear was some sort of massive shutdown by an enemy like North Korea. Now it seems enemies want our social media up so it can manipulate our weaker souls.

ThioJoe explains this as "microarchitectural data sampling" (incontinence), with examples like "Zombie Load" and "Fallout" and "Meltdown".

CPU vendors will eventually issue "bios updates" which average users won't know how to do. 

No comments: