Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • Rajiv Kulkarni Talks about the Malware Analysis Pipeline
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    • IBM Think 2022 – Embracing the Present, Preparing for the Future
    • A Game of Numbers: The Correlation Between Technology and Sports Betting
    • Software-based Enterprise Solutions for Navigating the “Too Much Information” Age
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 15, 2022

      A Look At The Last Generation Of Internal Combustion Engines

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

      May 14, 2022

      Ransomware is Indiscriminatory – Prepare for Everything to Fail

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

      May 18, 2022

      Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    TechSpective
    You are at:Home»Business»Customer Service»Intel Steps Up Further to Fix Spectre / Meltdown Vulnerabilities
    Intel Spectre Meltdown Cambridge Analytica
    Image from Pixabay

    Intel Steps Up Further to Fix Spectre / Meltdown Vulnerabilities

    1
    By Charles King on March 22, 2018 Customer Service, Intel, Strategy

    The qualities required for business leadership, or leadership of any sort, aren’t exactly hard to come by.

    Forthrightness, taking responsibility for your own and your organization’s actions, respect for fellow workers, partners and customers, recognizing others’ contributions and bringing out the best in them—are all values one learns early on. If not, there are virtual mountains of books, slide decks and Ted Talks extolling and offering various takes on these well-worn issues.

    But in high tech today, these qualities are all too often recognized by their absence. The industry lionizes entrepreneurs and “innovators” even when they veer off the rails into sociopathic “bro culture” behavior. Then there are industry mainstays that love the spotlight so long as they themselves manage the controls.

    Take, for example, Facebook’s ongoing run of bad news cycles concerning the company’s relationship with advertising partner, Strategic Communication Laboratories (SCL), and its political data analytics firm, Cambridge Analytica. That includes explosive reports published over the weekend by The Guardian and the New York Times profiling Christopher Wylie, a former executive at Cambridge Analytica.

    Wylie detailed how his employer harvested data from 50+ million Facebook users in the U.S., then developed sophisticated individual psychological profiles to promote the 2016 election of Donald Trump via often dodgy news stories. On Monday morning, Facebook shares shed nearly 7 percent of their value, pulling down the rest of the tech sector.

    Where has Founder/CEO Mark Zuckerberg been in all this? Mostly out of sight, though whether this qualifies as corporate damage control, “leading from behind” or a simple CYA exercise remains to be seen.

    On the far opposite end of the responsibility scale is Intel’s handling of its recent problems with Spectre and Meltdown exploits. Intel CEO Brian Krzanich recently published another update of the company’s efforts to mitigate and fix the underlying issues related to the exploits, providing something of a master class of sorts in how corporate responsibility can and should work.

    The specter of Spectre/Meltdown

    If you haven’t been following the news about all this, Spectre and Meltdown are the monikers for three exploit variants that take advantage of the speculative execution features common in modern CPUs. The potential for this opening systems to “side channel” attacks was discovered by Google’s Project Zero bug-finding team in mid-2017 and made public in January after rumors about the exploits were reported in the media.

    Since virtually all CPUs leverage speculative execution to some degree, Spectre and Meltdown vulnerabilities can potentially impact architectures, including Intel and AMD X86, IBM Power, Arm and Oracle Sparc. While NVIDIA initially claimed its GPUs were immune, the company later updated its driver software to address any potential vulnerabilities.

    Intel steps up

    By dint of its leadership position in markets ranging from individual personal computing endpoints to massive public cloud infrastructures and supercomputing installations, Intel, its technologies and its customers have the greatest exposure to the vulnerabilities. Though there have been no reports of systems being compromised, the company went all-in on publicly acknowledging the problem, clearly stating what it planned to do and delivering initial software fixes in short order, as well as plans for longer term hardware-based solutions.

    Intel further detailed the process with a new blog covering the continuing mitigation process and its intention to “advance security at the silicon level.” Krzanich stated that Intel has released microcode updates for 100 percent of company products launched during the past five years. He also noted that while Variant 1 will continue to be addressed with software mitigations, Intel has redesigned parts of its processors to support partitions that will offer new levels of protections against Variants 2 and 3.

    Those partition features will be available beginning with Intel’s next-gen Cascade Lake Xeon CPUs, along with the 8th gen Intel Core processors expected to ship in the second half of 2018. Intel’s goal, Krzanich said, “Is to offer not only the best performance, but also the best secure performance.”

    Final analysis

    It should also be noted that along with the Spectre and Meltdown vulnerabilities affecting different chip architectures to different degrees, the impact of Intel’s software updates on system performance also varies widely from system to system and application to application. As detailed by Tim Prickett Morgan in The Next Platform, Intel found that, “The manner in which the application is written, what the application does, and how often it does certain things has a great effect on the performance hit” from the patches.

    Further, the applications most affected by the mitigation patches “Have a larger number of user/kernel privilege changes; a high number of system calls, interrupt rates, or page faults; do a lot of transitioning between guest virtual machines and hypervisors; or spend a lot of time inside the hypervisor or running in privileged mode.”

    However, certain approaches like Google’s Retpoline, a binary modification technique for mitigating branch target injection attacks, has a much lower impact on system performance. In other words, your mileage will vary significantly depending on a variety of factors. With these points in mind, it’s critical for system owners to carefully study, implement and manage benchmark tests and procedures.

    These points aside, Intel deserves kudos for clearly and directly addressing the challenges of Spectre and Meltdown. The company and CEO Brian Krzanich are progressing transparently and actively engaging partners to help speed the process and benefit customers.

    While it’s clear that the situation isn’t one the company and its partners and customers would choose, it’s difficult to envision how it could be better managed or imagine a better example of technology industry leadership.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous Article5 Ways the Google Logo Has Changed Over Its 20-Year History
    Next Article IBM and Royal Bank of Canada: Critical Partnership for the Future
    Charles King
    • Website
    • Twitter

    Charles King, Pund-IT’s president and principal analyst, has deep communications expertise that makes him a valuable and trusted asset for clients. In addition, Charles regularly speaks with the mainstream and technical media on topics from emerging IT products to continuing market trends.

    Related Posts

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    Ways to Make 2022 the Best Year Ever for Your Small Business

    Comments are closed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    May 15, 2022

    A Look At The Last Generation Of Internal Combustion Engines

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    Coffee and Politics
    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    Adobe
    Adobe
    PopSpective
    Coffee and Politics
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    Coffee and Politics

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.