Decade-Old Intel Bug Has Left All Computers Vulnerable, Worse Than Y2K
A couple of vulnerabilities has been discovered that affects all devices using Intel Chips – since 1995. The bug in question affects virtually everything: Windows OS, Linux, and MacOS. But don’t you worry: Intel has partnered up with its rivals and partners to solve the issue and save our computers. The catch: reduced performance of all devices by up to 30%.
A Double Edged-Sword
The story dates back to 2011 when researchers discovered two vulnerabilities that affect any machine that uses the Intel chip. The Intel chip architecture has been in use since 1995 and the bugs exist even then. The two vulnerabilities are:
Meltdown – Meltdown completely removes the “fundamental isolation between user applications and the operating system.” This means that programs that can access the computer’s memory also access the memory of other programs and the operating system. A program exploiting this vulnerability can read your computer’s physical memory, enabling him to steal any data in it.
Spectre – is another vulnerability that attacks other programs, making it spill confidential data. The difference between Meltdown and Spectre is that Spectre makes programs vulnerable, especially ones that follow what is known in the programming world as “best practices”, which should be making your programs safe.
The bad part of the whole thing is that Intel wanted this to be kept secret until they manage to find a solution to prevent hackers from using this for malicious purposes. But the situation got leaked before a fix is made available, so now Intel is trying to reassure their clients while currently having no fix for the two vulnerabilities. What’s worse is that Spectre will probably be hard to fix and the source website says that Spectre will “haunt us for quite some time”, hence the name.
Currently, patches have been made for Linux and MacOS. But the real problem now lies with Intel Microsoft OS systems and computers for several reasons:
- What Microsoft will be using is a temporary fix. This is because the problem isn’t only on the software level but also exist at the hardware level, so all existing computers today as of this writing (January 5) is definitely affected and will be using this software temporary fix until they solve the problem at a hardware level and you buy a new computer/CPU after they hardware fix is implemented in brand new chips. For laptop owners, you usually have no way to fix this except by buying a brand new computer.
- The fix will be changing a lot about how the physical memory is accessed so anyone using Intel chips can expect a maximum of 30% performance reduction. There’s no benchmark yet since the patch will be made available on January 9 (still 4 days away). But the estimates are already from 5% to 30% reduction of performance for all existing Intel Microsoft PCs. And this is usually a majority of PC users. The ones that will most likely be hit hard by this are those running Window servers with Intel chips and those running high-performance PCs for testing, development, and gaming.
- Hackers will definitely attack the patch Microsoft will be releasing and there is no telling if it will safe or for how long users will be safe. There is no telling when will Intel be able to solve the hardware level problem, and when will you, as the users, will be able to buy a new CPU or computer.
A Race Against Time
The battle between hackers and Intel and Microsoft is now on. If the hackers beat the January 9 deadline, they could roll-out the most devastating malware ever created yet and steal access from virtually every computer on the planet. If they don’t beat the deadline, there’s no telling when they could find a hole in Microsoft’s patch and roll out the same deadly malware, plus a huge performance reduction. Either way, every one of us, or at least those only using computers running Windows OS with Intel chips, is most likely screwed.