Tag Archives: flaws
A 17-page class-action complaint [PDF] – filed earlier this month in a San Jose district court in California – accuses the Cupertino iGiant of failing to keep the Arm-compatible processors in iPhones, iPads, and Apple TVs secure as advertised.
The claim does not cover the Intel-powered Macs Apple sells, which are also affected by Meltdown and Spectre. Chipzilla is separately fending off class-action claims over those CPU blunders.
The complaint, which cites The Register’s original report on the processor industry’s design cockups, claims Apple withheld information on the flaws from customers for months, selling products it knew to be vulnerable to data-theft attacks. Starting with the A6 chip in 2012’s iPhone 5, Apple has designed and shipped its own custom Arm-compatible processor cores, meaning Cupertino had a hand in introducing insecurities into its silicon.
More misery for Intel as firm says patches to solve its chip ‘design flaws’ have errors that could cause some systems to randomly reboot
The security fixes could cause computers using its older Haswell and Broadwell processors, created in 2013 and 2014, to reboot more often than normal.
Again, the CPU exploits in play here are extremely technical, but in a nutshell, the exploit allows access to your operating system’s sacrosanct kernel memory because of how the processors handle “speculative execution,” which modern chips perform to increase performance. An attacker can exploit these CPU vulnerabilities to expose extremely sensitive data in the protected kernel memory, including passwords, cryptographic keys, personal photos, emails, or any other data on your PC.
Meltdown is the more serious exploit, and the one that operating systems are rushing to fix. It “breaks the most fundamental isolation between user applications and the operating system,” according to Google. This flaw most strongly affects Intel processors because of the aggressive way they handle speculative execution, though a few ARM cores are also susceptible.
Spectre affects AMD and ARM processors as well as Intel CPUs, which means mobile devices are also at risk.