Data Sheet—Meltdown and Spectre Security Attacks Haunt Chip Industry

January 4, 2018, 3:08 PM UTC

(Adam Lashinsky is on vacation. Today’s essay is by Fortune writer Robert Hackett.)

Robert Hackett

A bomb cyclone hit the IT world on Wednesday as tech giants and computer security researchers released details pertaining to two major security holes that affect the processors in almost all computers. Researchers—including ones employed by the likes of Google, various tech firms, and academic —independently discovered the attacks last year.

The vulnerabilities could allow attackers to swipe sensitive secrets from the memory of almost all devices, including phones, tablets, PCs, and computer servers. Experts have warned that hackers could develop exploits to purloin personal data, passwords, cryptographic keys, and other supposedly inaccessible information from targets.

Several programmers have already demonstrated proofs of concept for these so-called side channel attacks.

The attacks plague hardware produced by top chip makers like Intel and Advanced Micro Devices, and SoftBank-owned chip designer ARM Holdings. Big tech companies, including Microsoft and Apple, have been scrambling in recent weeks to address these threats by developing fixes for their software while cloud computing giants, like Amazon and Google, have been rushing to apply patches to their data center infrastructure.

The first attack, dubbed “Meltdown,” is specific to Intel chips and allows hackers to circumvent the isolation barrier between user applications and operating systems, thereby opening up access to otherwise restricted machine memory. The second problem, “Spectre,” which is harder to exploit but has no available patches, lets hackers pry secrets out of the memory of devices running Intel, AMD, and ARM chips.

For more coverage of the flaws and the industry’s response so far, see our in-depth story.


Speed Racer. The next generation of faster wireless networks is drawing closer. AT&T says it will begin offering 5G service for mobile phones in a dozen cities by year end. Just how many 5G-capable phones will be on the market and in the hands of consumers by then is an open question, however.

Underdog. Google may sell Zagat, the restaurant review guide started by Tim and Nina Zagat back in the 1970s that the search giant bought for $151 million seven years ago, Reuters reported on Wednesday. Google had "informal" talks with multiple potential buyers, but no deal has been struck yet.

Schoolhouse Rock. The world's largest streaming music service, Spotify, filed to go public with the Securities and Exchange Commission last month, Axios reported. The confidential filing contemplates a so-called direct listing rather than an offering of shares underwritten and sold by Wall Street banks.

The Jetsons. It's almost time for the big CES show in Las Vegas and that means lots of new product announcements. Dell and Lenovo updated some of their best-selling laptops with the newest Intel processors and USB-C ports. Tired of black? The new Dell XPS 13 comes in rose gold.

Inspector Gadget. Mesh Wi-Fi gear maker Eero said it decided not to pursue an undisclosed "related project," resulting in layoffs. (TechCrunch put the number at 30 people or 20% of the company's workforce.)

Beavis and Butthead. Russia and Venezuela are looking at developing state-sponsored digital currencies as a way to avoid international sanctions, according to the New York Times. "This instrument suits us very well,” Sergei Glazyev, an advisor to Russian President Vladimir Putin, said. “We can settle payments with our business partners all over the world regardless of sanctions.”


I wonder how many people made a New Year's resolution to spend less time in meetings in 2018. It's probably a smart strategy in most organizations. Marketing strategist Dorie Clark has a clever piece in the Harvard Business Review to help make that happen. Titled "How to Get Out of a Meeting You Know Will Waste Your Time," the article offers a handful of excuses and arguments to duck the next time-wasting get together. Here's one:

If you want to get out of the meeting but still feel it’s difficult to say no, suggest a minimally invasive compromise. A meeting will almost certainly take an hour or more of your time. See if the meeting organizer would be willing to update you over email, or if a short phone call to get your input might suffice. Alternatively, if the topic isn’t urgent, you can try a time dodge: “I’m traveling heavily for business the next three weeks, but we could reconnect after that. Perhaps you could email me the week of the 23rd for us to find a time?” Oftentimes, the requester will get distracted and forget, or discover that whatever they felt was so urgent has diminished in importance. You’ll get points for appearing helpful, but ultimately won’t have to attend the meeting.


Apple and Reese Witherspoon Are Developing Another Original TV Series By Tom Huddleston Jr.

Nintendo Switch Sets All Time Sales Record By Chris Morris

Ripple Roars Past $3 to Become Second Most Valuable Digital Currency By Jeff John Roberts

Look at These Incredible Photos of the SpaceX Falcon Heavy Rocket By Don Reisinger

Why the $29 iPhone Battery Replacement Deal Could Hurt Apple's Stock By Aaron Pressman

Why the Next iPhone X Could Be Apple's Biggest Smartphone Ever By Don Reisinger

Trump Doesn't Have a Nuclear Button. He Has a Football and a Biscuit By Kristen Korosec


The ubiquity of smartphones has an upside for the environment, it seems. As small portable electronic devices have proliferated, people are using a lot fewer big electronic devices, like TV sets and desktop computers. Bottom line? Consumer electronics use 25% less energy than they consumed in 2010.

This edition of Data Sheet was curated by Aaron Pressman. Find past issues, and sign up for other Fortune newsletters.
Subscribe to Well Adjusted, our newsletter full of simple strategies to work smarter and live better, from the Fortune Well team. Sign up today.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward