16/01/2018
A few days ago, all the alarm bells were ringing. A flaw in Intel’ s processors could affect the vast majority of computers, cell phones and tablets on the market. The US company has an 80% market share, but the double security flaw could also damage its competitors. And one more fact: it affects all technological devices with a processor or chip produced since 1995.
It sounds like the plot of a sci-fi movie or futuristic disaster series set in 2018, but it’s all too real. It is the biggest security crisis in history. And yet, beyond more or less gimmicky headlines, the incident has a solution. The biggest costs, experts point out, will be that computers can slow down their performance, in the worst case by up to 30%.
But let’s go step by step. What does the ruling consist of?
To clarify first that this is a double bug: all Intel processors have a security hole called Meltdown that allows the authorization of processes in kernel memory, allowing hackers to penetrate computers, take control of them and access files. The kernel is the central part of an operating system and is responsible for all secure communication between the software and the computer hardware.
As a result of the investigations initiated after its discovery, another flaw has been detected, known as Spectre, which affects not only Intel but all AMD processors, Intel’s competitor, and ARM chips *, present in most cell phones.
Fixing the Meltdown hole is relatively straightforward and the company is already working on patches that will address this problem. Once installed, the biggest problem they will generate will be a slowdown in computers, which in some cases can be up to 30%. Intel has stated that this speed reduction will not be noticeable to the average user.
The case of Spectre is somewhat more complex, although it can also be used to access devices remotely and steal data or access files. The best news is that, so far, there have been no cyber attacks. The vulnerabilities have been detected by experts before any fraudulent access to personal computers or cell phones could have taken place.
Experts therefore call for calm, as the exact number of damaged devices is not yet known. But considering the brand’s large market share and that it also affects its competitors, chances are that any modern computer, tablet or cell phone has been damaged.
In that case, just install the various security updates that are released, both for computers and cell phones, while the industry works on a new generation of more modern and less vulnerable chips. Will we notice a loss of speed in our devices?
Probably not, at user level, because the Meltdown security patch does not affect video games, office applications or photo editing, design or video and audio rendering programs. As explained in this interesting Twitter thread by computer scientist Pablo Insua, performance losses are 0% in this type of programs and only affect «data centers and ‘the cloud’ (read Amazon, Google, Microsoft, etc), whose computers handle an infinite number of virtual machines.
*Most smartphones use ARM chips. This article reviews some websites to check if our cell phone is affected.