Updated January 4, 2018
Security flaws affect an even larger number of processors than initially assumed, and other brands such as AMD and ARM are affected.
Read here.
– – –
A good part of the Intel processors produced in last decade has a serious security problem. This problem can be solved – at least for now – only by intervening on the computer operating systems, which will make them significantly slower. The news was released Tuesday by the technology site Register, while Intel has not yet made public many details to give time to the manufacturers of operating systems and cybersecurity experts to solve the problem. Albeit in the absence of details, many observers wonder how the security flaw could have gone unnoticed for so long, and if anyone could have taken advantage of it to steal data without the knowledge of the people concerned.
Simplifying a lot, the processor is the component of each computer that manages its commands and coordinates the other resources. The greater its computing capacity, the greater the number of operations it is able to perform in a certain period of time: the speed of the computer we are using depends on many things, but one of the most important is this computing power. Intel is the largest processor manufacturer in the world and we now know that most Intel processors sold in the last decade or so have a design flaw that could allow malicious programs to read some of the data they are processing.
The flaw gives access to some protected areas of the memory used for the kernel, the most delicate part of the operating system that communicates directly with the computer hardware. In some circumstances, the flaw could be used to steal information such as your passwords with relative ease.
You can only use a software solution to fix the problem, because the flaw is part of the way Intel's x86-64 type processors, the most popular in recent years, are designed. The operating system must then intervene to close that access. To varying degrees, an update of Windows (Microsoft), macOS (Apple) and Linux is therefore required. Judging by the information circulating online among developers, and their haste to look for solutions, the problem seems to be quite serious and concerns not only computers that use individuals, but also more complex systems used for example in a business environment or for the maintenance of the sites online.
The good news is that a solution exists and the main operating system manufacturers are already working to adopt it, the less good one is that the updates to solve this problem, they could slow down computers significantly. This is because the solution passes through the exclusion of most of the processes that the computer manages for the single user from the memory made available to the kernel, slowing down their processing. The estimated slowdown is between 5 and 30 percent depending on the conditions and the processing that the processor manages at that moment.
Except in exceptional cases, the slowdown for most computer owners should be irrelevant, while things could get complicated for very complex systems, such as those that run cloud services through thousands of interconnected computers (servers). An entire network that is 5 percent slower in handling some information could cause disruption, in the absence of other solutions to mitigate the problem.
Intel will provide more detailed information in the next weeks, while there are news of some network systems already updated in the last months of 2017. It is not excluded that in the future a better software solution will be found, which makes slowdowns of the processors less marked.
