Ars Technica

Syndikovat obsah security – Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Aktualizace: 2 hodiny 2 min zpět

32 lawsuits filed against Intel over Spectre and Meltdown flaws

16 Únor, 2018 - 21:42

Enlarge / Justice. (credit: Brian Turner / Flickr)

In its annual SEC filing, Intel has revealed that it's facing 32 lawsuits over the Spectre and Meltdown attacks on its processors. While the Spectre problem is a near-universal issue faced by modern processors, the Meltdown attack is specific to processors from Intel and Apple, along with certain ARM designs that are coming to market shortly.

Per Intel's filing, 30 of the cases are proposed customer class-action suits from users claiming to be harmed by the flaws. While Meltdown has effective workarounds, they come with some performance cost. Workarounds for Spectre are more difficult and similarly can harm system performance.

The other two cases are securities lawsuits that claim that Intel made misleading public statements during the six-month period after the company was notified of the problems but before the attacks were made public.

Read 2 remaining paragraphs | Comments

Kategorie: Hacking & Security

Windows Defender Advanced Threat Protection coming to Windows 7 and 8.1

12 Únor, 2018 - 18:19

(credit: Jerry Raia)

Windows Defender Advanced Threat Protection (ATP), Microsoft's security software that combines end-point security and data collection with cloud analytics, has hitherto been unique to Windows 10. But no longer; Microsoft announced today that it's bringing the same features to Windows 7 and Windows 8.1.

Coming this summer, the Endpoint Detection and Response (EDR) portions of ATP will be available for these older operating systems, allowing their health and status to be managed through the cloud interface. This will be paired with either third-party antivirus for endpoint protection or Windows Defender/System Center Endpoint Protection.

This move shows the contradictory position Microsoft finds itself in. On the one hand, Microsoft wants enterprises to deploy and use ATP as it continues to build its cloud-based device management and monitoring software. On the other hand, Redmond wants those same companies to upgrade to Windows 10. This creates a tension: having ATP as a Windows 10 exclusive feature makes Windows 10 more attractive—Microsoft says that security is one of the major reasons enterprises cite for moving to the new operating system—but with many organizations still having Windows 7 and Windows 8.1 systems that they need to support, the inability to monitor those machines makes ATP less attractive.

Read 1 remaining paragraphs | Comments

Kategorie: Hacking & Security

From July on, Chrome will brand plain old HTTP as “Not secure”

9 Únor, 2018 - 20:50

Enlarge (credit: Indigo girl)

As more and more websites offer access over encrypted HTTPS, Chrome will soon brand any site served up over plain, unencrypted HTTP as "Not secure." Chrome 68, due for release in July, will start sticking the "Not secure" label in the address bar, as a counterpart to the "Secure" label and padlock icon that HTTPS sites get.

This is a continuation of a change made in January of last year where Chrome would brand HTTP sites with password forms as being "Not secure."

How the "Not secure" label will appear. (credit: Google)

Google says that 81 of the top 100 sites on the Web default to HTTPS and that 68 percent of Chrome traffic on Android and Windows uses HTTPS. As such, non-secure HTTP is becoming the exception, not the rule, justifying the explicit call-out. While HTTPS once required expensive certificates, projects such as Let's Encrypt have made it easy to add HTTPS to just about any site at zero cost.

Read on Ars Technica | Comments

Kategorie: Hacking & Security

Intel releases new Spectre microcode update for Skylake; other chips remain in beta

8 Únor, 2018 - 02:25

Enlarge / Intel Skylake Core i7-6700K. (credit: Orestis Bastounis)

After recommending customers not use its microcode fix for Broadwell and Haswell chips, Intel has issued a new microcode update for Skylake processors that gives operating systems the ability to protect against the Spectre flaw revealed earlier this year.

The Spectre attacks work by persuading a processor's branch predictor to make a specific bad prediction. This bad prediction can then be used to infer the value of data stored in memory, which, in turn, gives an attacker information that they shouldn't otherwise have. The microcode update is designed to give operating systems greater control over the branch predictor, enabling them to prevent one process from influencing the predictions made in another process.

Intel's first microcode update, developed late last year, was included in system firmware updates for machines with Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. But users subsequently discovered that the update was causing systems to crash and reboot. Initially, only Broadwell and Haswell systems were confirmed to be affected, but further examination determined that Skylake, Kaby Lake, and Coffee Lake systems were rebooting, too.

Read 2 remaining paragraphs | Comments

Kategorie: Hacking & Security

New Windows patch disables Intel’s bad Spectre microcode fix

29 Leden, 2018 - 18:08

Enlarge / A closeup shot of an Intel Haswell die, with a pin for size reference. (credit: Intel)

Microsoft has released a new Windows patch to disable Intel's hardware-based mitigation for the Spectre attack due to bugs introduced by Intel's mitigation.

In the wake of the Spectre and Meltdown attacks that use the speculative execution behavior of modern processors to leak sensitive information, Intel released a microcode update that offers operating systems additional controls over the processor's ability to predict branches. When paired with corresponding operating system changes, the extra controls can prevent the unwanted information disclosure.

Unfortunately, Intel discovered earlier this month that the microcode updates are causing machines to reboot. Initially this was confirmed to be the case for Haswell and Broadwell chips; Intel later confirmed that it also applied to Sandy Bridge, Ivy Bridge, Skylake and Kaby Lake parts. Intel's advice was to stop deploying the microcode. A week ago the company said that it had isolated the root cause of reboots, at least for Haswell and Broadwell processors, and that it would soon begin testing a new version.

Read 2 remaining paragraphs | Comments

Kategorie: Hacking & Security