Posted on

Intel Kernel Bug

Oh, boy. Another big company in trouble. Well, technically, there are three main companies in trouble, but Intel is in the most trouble. AMD and ARM are not 100% safe, but there are and have been protocols in place with their CPUs to prevent the kind of vulnerabilities that are plaguing all modern Intel CPUs (dating back at least 20 years, allegedly). What actually goes on?

To put this in simple terms, the kernel (which sits between your operating system and your CPU and directs traffic) is supposed to separate the user’s experience from the bare metal of the processor. This means that a user who sits down at a computer cannot easily see what the CPU sees and is doing with each and every bit of information because the kernel encrypts everything. What Meltdown and Spectre do is exploit the lack of this separation and encryption to capture these individual bits of information. It is a slow process, but it can be modified to capture entire bytes at a time. This gives an attacker an easy way to surreptitiously read the information stored in memory, which can contain valuable information such as passwords, SSN, and other things which you may have had to type in.

The reason that Intel is more at risk is because an attacker can accomplish this remotely. With AMD and ARM, the risk is still there, but an attacker would need physical access to the machine due to their protocols in place that provide better separation between the user and the processor. What does this mean for Intel? Well, its stock price fell sharply in the days after the kernel bug was revealed, but that’s superficial. This means that every computer with an Intel CPU from the past decade (at least), even Macs, are vulnerable. We at Bendy Computers are taking this quite seriously, and would recommend an AMD system if you are looking for a new computer.

For your current system’s security, please accept all updates offered by your Operating System or CPU manufacturer.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.