Because if a guy in the private sector helped discover it and announce it publicly, my money says the government has been aware of it for a long time.
Take a gander at this CNN piece and then look at the bottom section I highlighted and ask yourself if someone in our government maybe didn’t have a hand in that bit about back pedaling on what it’s going to take to fix all this.
Two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security concerns, researchers revealed Wednesday.
And a U.S. government-backed body warned that the chips themselves need to be replaced to completely fix the problems.
The flaws could allow an attacker to read sensitive data stored in the memory, like passwords, or look at what tabs someone has open on their computer, researchers found. Daniel Gruss, a researcher from Graz University of Technology who helped identify the flaw, said it may be difficult to execute an attack, but billions of devices were impacted.
Called Meltdown and Spectre, the flaws exist in processors, a building block of computers that acts as the brain. Modern processors are designed to perform something called “speculative execution.” That means they predict what tasks they will be asked to execute and rapidly access multiple areas of memory at the same time.
That data is supposed to be protected and isolated, but researchers discovered that in some cases, the information can be exposed while the processor queues it up.
Researchers say almost every computing system — desktops, laptops, smartphones, and cloud servers — is affected by the Spectre bug. Meltdown appears to be specific to Intel () chips.
“More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors,” the researchers said.
Government agencies issued statements warning users about the vulnerabilities.
The U.S. Computer Emergency Readiness Team said that while the flaws “could allow an attacker to obtain access to sensitive information,” it’s not so far aware of anyone doing so.
The agency urged people to read a detailed statement on the vulnerabilities by the Software Engineering Institute, a U.S.-government funded body that researches cybersecurity problems.
The institute said that “fully removing the vulnerability requires replacing vulnerable [processor] hardware.”
It later changed its guidance on Thursday to suggest updating software was enough. The institute didn’t say why it had made the change and didn’t immediately respond to a request for further information.
It said the problems affect technology giants including Apple, Google and Microsoft.
No explanation, no comment and unavailable.
I smell government coercion right there people.
This is the biggest computer flaw in history and could potentially cost billions and billions of dollars if indeed hardware replacement is the only fix.
But wait they say, maybe we can just patch it instead.
I can’t wait to see what goes down here and I’m sure every computer geek on the planet is going to be watching this unfold using a microscope.
Best be very, very careful with what goes on at this point.