This week's book giveaway is in the Reactive Progamming forum.
We're giving away four copies of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams and have Adam Davis on-line!
See this thread for details.
Win a copy of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams this week in the Reactive Progamming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Ganesh Patekar

The Meltdown and Spectre security bugs

 
Java Cowboy
Posts: 16084
88
Android Scala IntelliJ IDE Spring Java
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The past week there was a lot of fuss about two security problems in Intel and other CPUs. Like with other security bugs that have happened before, these two have gotten their own catchy names and even a logo: Meltdown and Spectre.

Are you worried about these bugs, do you think they will affect you?

Here's a good video explanation of how these bugs exactly work:

 
Saloon Keeper
Posts: 5803
146
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Spectre first became known to the world in 1961, but eventually sunk back to obscurity. Since its reappearance in 2006 its been a continuous menace.
 
Rancher
Posts: 377
13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Every time I hear, or read, about new viruses out there wreaking havoc on computers I often wonder if the author(s) who wrote the first virus ever regretted it.

Fun fact: It's up for debate on who wrote the first virus, but many sources cite a couple of brothers from Pakistan who created a virus (in relation to IBM PCs) to prevent copyright violations occurring with their program. Quote from wikipedia article:

The first IBM PC virus in the "wild" was a boot sector virus dubbed (c)Brain,[36] created in 1986 by the Farooq Alvi Brothers in Lahore, Pakistan, reportedly to deter unauthorized copying of the software they had written.



And as we all know, it just proliferated from there...
 
Saloon Keeper
Posts: 21122
131
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The worst thing about these particular exploits is that they attack at the microcode level. I would imagine that it would be a LOT harder for a virus scanner to detect attacks on the hardware that depend on instruction pipelines and timing bubbles that it would be to see if something is assaulting OS data structures.

In fact, at one point, it was considered a virtual certainty that the only real cure was to scrap the processor hardware entirely.

At least my Raspberry Pi systems are immune. I've got a few AMD machines and I think that Spectre can bother them, but my only major Intel machine is powered off until the next project where having a noisy 1U box is a requirement.

Amazon and other ISPs, on the other hand, are probably not very happy today.

Hmm. I wonder if Google's custom-designed hardware is vulnerable?
 
Marshal
Posts: 7166
491
Mac OS X VI Editor BSD Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Jesper de Jong wrote:Are you worried about these bugs, do you think they will affect you?


My company seemed worried. Our cybersecurity department released email how it will affect the users due to the systems being patched. Employees have been given instructions how to act on Internet due to a window period.

That's the more noticeable fuss lately as far as I remember. Thanks for the link, I myself just now looked at it in more details.
 
Saloon Keeper
Posts: 10649
227
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Randy Maddocks wrote:Every time I hear, or read, about new viruses out there wreaking havoc on computers I often wonder if the author(s) who wrote the first virus ever regretted it.


I think that if they hadn't written that virus, someone else, later, would have written the first one. People are very good at deliberately breaking things, and if they have the chance to do it without getting caught, they will.
 
It would give a normal human mental abilities to rival mine. To think it is just a tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!