Major chip flaws affect billions of devices (http://money.cnn.com/2018/01/03/technology/computer-chip-flaw-security/index.html)

Companies are warned to replace all computers now.


Two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security concerns, researchers revealed Wednesday.
And a U.S. government-backed body warned that the chips themselves need to be replaced to completely fix the problems.



The flaws could allow an attacker to read sensitive data stored in the memory, like passwords, or look at what tabs someone has open on their computer, researchers found. (https://meltdownattack.com/) Daniel Gruss, a researcher from Graz University of Technology who helped identify the flaw, said it may be difficult to execute an attack, but billions of devices were impacted.

Intel just announced flaws in their motherboard chips going back 10 yrs that can allow hackers access to any computer with them in it. They are putting out fixs for it but it will take time, newer chips first, it will be in a bios update. Problem is most people do not know how to update their bios

Intel gonna fix Chip Security Flaws...
:cool2:
Intel CEO: Fixes on Way for Serious Chip Security Flaws
January 09, 2018 — Intel has big plans to steer toward new business in self-driving cars, virtual reality and other cutting-edge technologies. But first it has to pull out of a skid caused by a serious security flaw in its processor chips, which undergird many of the world's smartphones and personal computers.


Intel CEO Brian Krzanich opened his keynote talk Monday night at the annual CES gadget show in Las Vegas by addressing the hard-to-fix flaws disclosed by security researchers last week. At an event known for its technological optimism, it was an unusually sober and high-profile reminder of the information security and privacy dangers lurking beneath many of the tech industry's gee-whiz wonders. Some researchers have argued that the flaws reflect a fundamental hardware defect that can't be fixed short of a recall. But Intel has pushed back against that idea, arguing that the problems can be "mitigated'' by software or firmware upgrades. Companies from Microsoft to Apple have announced efforts to patch the vulnerabilities.

And Krzanich promised fixes in the coming week to 90 percent of the processors Intel has made in the past five years, consistent with an earlier statement from the company . He added that updates for the remainder of those recent processors should follow by the end of January. Krzanich did not address the company's plans for older chips. To date, he said, Intel has seen no sign that anyone has stolen data by exploiting the two vulnerabilities, known as Meltdown and Spectre. The problems were disclosed last week by Google's Project Zero security team and other researchers. Krzanich commended the "remarkable" collaboration among tech companies to address what he called an "industry-wide" problem.


https://gdb.voanews.com/FDCE3EFD-8647-4934-9F30-3887D7CE81A9_w650_r0_s.jpg
A Volocopter prototype flies in front of the two hotel towers during a test flight of pilotless taxis in Dubai, United Arab Emirates

While Meltdown is believed to primarily affect processors built by Intel, Spectre also affects many of the company's rivals. Flaws affecting the processor chips also endanger the PCs, internet browsers, cloud computing services and other technology that rely on them. Both bugs could be exploited through what's known as a side-channel attack that could extract passwords and other sensitive data from the chip's memory. Krzanich himself has been in the spotlight over the security issue after it was revealed that he had sold about $39 million in his own Intel stocks and options in late November, before the vulnerability was publicly know. Intel says it was notified about the bugs in June. The company didn't respond to inquiries about the timing of Krzanich's divestments, but a spokeswoman said it was unrelated to the security flaws.

During his presentation Monday, Krzanich also launched into a flashy and wide-ranging celebration of the way Intel and its partners are harnessing data for futuristic innovations, from 3D entertainment partnerships with Paramount Pictures to virtual-reality collaborations with the 2018 Winter Olympics and a new breakthrough in so-called quantum computing. A self-driving Ford Fusion rolled onto the stage of the casino theater where Krzanich gave his talk. It's the first of a 100-vehicle test fleet run by Mobileeye, the Israel-based software company that Intel bought for $15 billion last year. Mobileeye processes the information cars "see" from cameras and sensors. A flying taxi — the German-built Volocopter — later lifted from the stage. Then came the drones, in a musical performance that Krzanich said would mark a Guinness record for the "world's first 100-drone indoor lightshow without GPS."

https://www.voanews.com/a/intel-ceo-fixes-on-way-for-serious-chip-security-flows/4199633.html

In my opinion, the greatest danger is "in the cloud".

In my opinion, the greatest danger is "in the cloud".
I agree. My office is going towards it full-balls on.