Free Republic

Intel told Chinese firms about chip flaw before US gov: report Intel Corporation initially warned a handful of customers, including several Chinese technology firms, about security flaws within its processor chips, while at the same time not telling the U.S. government, The Wall Street Journal reported Sunday. Security experts told the newspaper that the decision could have allowed Chinese tech companies to flag the vulnerabilities to Beijing, giving the Chinese government opportunity to exploit them. Jake Williams, head of the security company Rendition Infosec and former National Security Agency (NSA) employee, told the Journal that it is a “near certainty”...

Out-of-band patch may assuage user anger over Intel crudware, closed-club disclosure process Microsoft has implemented Intel's advice to reverse the Spectre variant 2 microcode patches.Redmond issued a rare weekend out-of-cycle advisory on Saturday here, to make the unwind possible.Intel's first patch was so bad, it made many computers less stable, sending Linus Torvalds into a justifiable meltdown last week.Chipzilla later withdrew the patch, but it had made its way into a Microsoft fix, which the company pulled on Saturday.“Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote, adding “We understand that...

Intel finished 2017 on a high note with revenue that handily topped expectations - especially in its key data center group, according to quarterly financial results issued Thursday afternoon. The company said it expects a $1.3 billion windfall in 2018 from the federal tax overhaul approved last month and said it will give nearly half of it to shareholders through a 10 percent increase in the company's dividend. The news sent Intel's shares up 3.75 percent in after-hours trading, to $47 a share. Intel's stock remains near its highest-point since the dot-com era.

Is Intel really planning on making this shit architectural? Has anybody talked to them and told them they are f*cking insane? They do literally insane things. They do things that do not make sense. That makes all your [i.e. Woodhouse’s] arguments questionable and suspicious. The patches do things that are not sane. …So somebody isn’t telling the truth here. Somebody is pushing complete garbage for unclear reasons. Sorry for having to point that out. ...Intel, for its part, offered the following statement: “We take the feedback of industry partners seriously. We are actively engaging with the Linux community, including Linus,...

Huma Abedin, top aide to then-Secy of State Hillary Clinton, routed sensitive information,including passwords to government systems, to her personal Yahoo email account before every single Yahoo account was hacked, a Daily Caller News Foundation analysis of emails released as part of a lawsuit brought by Judicial Watch shows. Abedin, the top aide to former Secretary of State Hillary Clinton, used her insecure personal email provider to conduct sensitive work. This guarantees that an account with high-level correspondence in Clinton’s State Department was affected by one or more of a series of breaches—at least one of which was perpetrated by...

To understand the Four Page House Intelligence Memo at the heart of today’s FISA Abuse stories, it helps to understand why the memo is needed.  We wrote about the issue in a March 2017 outline called: “The Nunes Paradox”  – SEE HEREAs the year-long story has unfolded, there are two central components at the heart of the political corruption and weaponization of the DOJ and FBI:♦First, corruption within the DOJ and FBI that included their use of unlawful use of FISA-702 exploits; and ♦Second, how that intelligence information was extracted, passed along to those outside government, repackaged, and reconstituted into...

Video at link is 8:26 minutes in length. Dustin Nemos is an excellent source of calmed informed updates on Trump's war against the swamp and Q Anon.

As a performance junkie, I’m less concerned about the security risks of the Spectre and Meltdown vulnerabilities—after all, there are no known exploits in use today—than I am about a performance hit from the fixes.And from what I’m seeing, my concerns are warranted.My sole experience with a fully updated platform so far is with Microsoft’s original Surface Book. It’s based on an Intel “Skylake” Core i7-6700U and has 16GB of LPDDR3 and a 512GB Samsung 950 Pro NVMe drive. The Surface Book is running the 64-bit Windows 10 Pro Fall Creator’s Update.[ Further reading: How to remove malware from your...

F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure. Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com."The issue...

Yesterday , my wife shut down our HP before I could stop Windows Updates for the time being until MS gets the patch issue resolved . Athlon 2 prosessor / Windows 7 / 64 bit . After rebooting a few times yesterday we got the computer to work again and I left it on all night so I could use this morning . Seemed to be working OK but after I went into Windows Update to check download history - where I discovered the newest patch had been installed " successfully " - and then closed that window and again...

Users have complained that the updates released by Microsoft last week for the Spectre and Meltdown vulnerabilities cause Windows to break down on some computers with AMD processors. Several individuals whose computers rely on AMD processors, particularly older Athlon models, say they are unable to start Windows 10 after installing KB4056892, an update released by Microsoft in response to the disclosure of serious flaws affecting Intel, AMD and ARM processors. The security holes have been dubbed Spectre and Meltdown and they allow malicious applications to bypass memory isolation mechanisms and access passwords, photos, documents, emails, and other sensitive information. Both...

A series of flaws have been discovered in Intel, AMD, and ARM chipsets that allow speculative references to be probed for privileged data. "Meltdown" is a flaw currently believed to affect only Intel processors and "melts security boundaries which are normally enforced by the hardware". "Spectre" is a flaw that affects Intel, AMD, and ARM processors due to the way "speculative execution" is handled. Both could theoretically be used to read information from a computer's memory, including private information like passwords, photos, messages, and more. Apple has apparently already started patching Meltdown in macOS. Here's what you need to know....

What are Meltdown and Spectre? Do they only affect Intel chips? Will the fixes slow my computer … and what even is a processor? Meltdown and Spectre are the names of two serious security flaws that have been found within computer processors. They could allow hackers to steal sensitive data without users knowing, one of them affecting chips made as far back as 1995. What are Meltdown and Spectre? Meltdown is a security flaw that could allow hackers to bypass the hardware barrier between applications run by users and the computer’s core memory, which is normally highly protected. Spectre is...

Two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security concerns, researchers revealed Wednesday. And a U.S. government-backed body warned that the chips themselves need to be replaced to completely fix the problems. The flaws could allow an attacker to read sensitive data stored in the memory, like passwords, or look at what tabs someone has open on their computer, researchers found. Daniel Gruss, a researcher from Graz University of Technology who helped identify the flaw, said it may be difficult to execute an attack, but billions of devices were impacted. Related:...

Like the Meltdown bug, the Spectre bug is a hardware bug in the form of a CPU design flaw. Unlike the Meltdown bug which only affects Intel processors, the Spectre bug impacts Intel, AMD, and some ARM (used in many smart phones and other mobile devices) processors. These three are by far the most common CPUs on the planet, running literally billions of devices. In a Spectre attack, the CPU is tricked into executing instructions that it normally would not, causing leaks in the victims memory address space.

If you’re confused by the avalanche of early reports, denials, and conflicting statements about the massive security issues announced today, don’t worry — you’re far from the only one. Here’s what you need to know about Meltdown and Spectre, the two huge bugs that affect practically every computer and device out there. What are these flaws? Short answer: Bugs at a fundamental level that allow critical information stored deep inside computer systems to be exposed. Security researchers released official documentation — complete with nicknames and logos —  of two major flaws found in nearly all modern central processing units, or...

Microsoft has warned some PC users they will not be able to apply an emergency Windows patch because their security software is incompatible. The out-of-bounds update was issued by Microsoft yesterday to address the Meltdown and Spectre flaws in Intel chips. These vulnerabilities affect most PCs and servers, and can be exploited to allow an attacker to read sensitive information, such as passwords, from protected memory. The Spectre flaw also affects AMD chips, but is considerably more difficult to exploit, as well as a small number of Arm-based processors. However, not every Microsoft system will be able to apply the...

What is the Meltdown bug? Most of the bugs that make the news are software bugs, but the Meltdown bug is a hardware bug (in the form of a design flaw) that affects Intel processors going back several generations. In a nut shell, the Meltdown bug is a brand new way to (possibly) steal your information.

Only Intel machines are affected by Meltdown Details have emerged on two major processor security flaws this week, and the industry is scrambling to issue fixes and secure machines for customers. Dubbed “Meltdown” and “Spectre,” the flaws affect nearly every device made in the past 20 years. The Meltdown flaw only affects Intel processors, and researchers have already released proof of concept code that could lead to attacks using Meltdown. The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. They also allow an attacker to use JavaScript code...

Possibly in cleaning uo corruption, the Trump administration may have fired the guys who forced Intel to leave this back door in for them to use as needed.