Major Intel Memory Vulnerability

Matthew Crews mailinglists at mattcrews.com
Fri Jan 5 10:29:32 MST 2018


>From: techlists at phpcoderusa.com
>I think they have a moral obligation to destroy all effected chips that are in the pipeline.  Dell and others need to stop sales and not continue selling until the CPU is fixed.

Not happening. Nor is Intel issuing a recall.
https://www.cnet.com/news/meltdown-spectre-intel-ceo-no-recall-chip-processor/

>This is much bigger than we know.  Almost every computer is effected.  The intermittent fix is software.  What keeps some smart and devious person from creating an app that replaced the patch with their own and then they can drain your bank account... crash your automated or self driving car.... Yikes.
>
>The real solution is a new generation of chips that are not exploitable.  That means replacing every computer and device that is effected.  

Intel claims that they are issuing firmware and microcode updates that patch Spectre and Meltdown, though I am highly suspicious that it is possible without a complete hardware redesign.

>There will be major fireworks over this.  I can see a lot of companies getting sued.  And the only ones that win are the lawyers.  

Already happening.
https://www.theguardian.com/technology/2018/jan/05/intel-class-action-lawsuits-meltdown-spectre-bugs-computer

>This is going to be with us for years.

Not denying it, but this also illustrates the serious problem with the whole "Internet of Things" ecosystem we find ourselves in. Today it is Intel CPUs, while yesterday it was your car. Tomorrow it could be your pacemaker or your life support system if you are in a hospital.


More information about the PLUG-discuss mailing list