Subscribe to this blog's feed

Amazon

Recent Posts

Bio

  • David Rice is a globally recognized cybersecurity leader, Executive Director of The Monterey Group, a strategic consulting firm, and Consulting Director for Policy Reform at the U.S. Cyber Consequences Unit. Called upon by high-performance organizations for his ability to achieve, integrate, and drive deep corporate objectives in the face of globalized competition, rapid technological advances, and increased sophistication of cyber adversaries, David is a key figure shaping the discussion and practice of cybersecurity.

    Prior to his current roles, David served as an Global Network Vulnerability Analyst for the National Security Agency and Special Duty Cryptologic Officer for the United State Navy. The U.S. government recognized and awarded David for “significant contributions” to the Department of Defense and the National Security Agency for developing security configuration and design guidance for critical national infrastructure and global networks.

Archives

More...

Links

Blog powered by TypePad

The views and opinions expressed are those of the author and do not reflect the official policy, position, or recommendations of the author's affiliations, partners, employers, or clients.

« Geekonomics on the Troy Neff Show | Main | You Don't Have to be Stupid »

July 18, 2008

Intel-pocalypse: The Meltdown

The beat the apocalypse theme to death, Kris Kapersky will show off proof-of-concept code and demonstrate how to use JavaScript code or TCP/IP packet storms against Intel-based machines in October 2008. In other words, because Intel has 80% of the market, everyone should take pause.

To quote from Researcher set to demo attack on Intel chips:

Kapersky also charged that such CPU bugs [he discovered] actually have damaged hard drives without users' knowledge.

"Although CPU bugs are not something new in the security industry, nobody has come out with any proof-of-concept exploits," wrote Kaspersky. "It is just a matter of time before we start seeing these sort of attacks used in more devastating ways over the Internet. Intel has provided work-arounds to major BIOS vendors for some of these bugs, but who knows which vendor actually uses them? End- users are in the dark as to how to check if they are secure or not. Intel doesn't provide any test program for this, and the worst thing is [that] some bugs are still not fixed. In other words, Intel has no work-around for it."

End-users are in the dark, indeed.

Posted on July 18, 2008 |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e54f9408a3883400e553bdebcb8834

Listed below are links to weblogs that reference Intel-pocalypse: The Meltdown :

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.