• Write for us
  • Contact us
  • Terms and Conditions
  • Privacy Policy
  • disclaimer
Tuesday, June 28, 2022
hbzjw
  • Login
  • Register
  • Business
  • Digital Marketing
  • Education
  • Entertainment
  • Fashion
  • Health
  • Lifestyle
  • Technology
  • Travel
  • Business
  • Digital Marketing
  • Education
  • Entertainment
  • Fashion
  • Health
  • Lifestyle
  • Technology
  • Travel
No Result
View All Result
hbzjw
No Result
View All Result
Home Technology

What is the Hertzbleed computer chip hack and should you be worried?

What is the Hertzbleed computer chip hack and should you be worried?

azamwaseem by azamwaseem
June 18, 2022
in Technology
0 0
0
What is the Hertzbleed computer chip hack and should you be worried?

What is the Hertzbleed computer chip hack and should you be worried?

0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Hertzbleed, a newly identified attack that could be used to grab information from computer chips, has captured the attention of technology security researchers – and technology news websites. Here’s what you need to know about the story.

 

READ ALSO

How KSM 66 Ashwagandha Improves Your Cognitive Function in Different Amazing Ways

What is Endy Mattress?

What is Hertzbleed?

It is a new computer hack that takes advantage of a power-saving feature common to modern computer chips in order to steal sensitive data. It has been demonstrated in the lab and could be used by hackers in the wild.

Most chips use a technique called dynamic frequency scaling, or CPU throttling, to increase or reduce the speed with which they carry out instructions. Ramping the power of the CPU up and down to match demand makes them more efficient.

In the past, hackers have shown that they can read these power signatures and learn things about the data being processed. This can give them a foothold to break into a machine.

The team behind Hertzbleed found that you can actually do something similar remotely by watching carefully to see how quickly a computer completes certain operations, then using that information to determine how it is currently throttling the CPU. Demonstrating that such attacks can be performed remotely makes the issue much more dangerous because remote attacks are much easier for hackers to carry out.

What does it mean for you?

Intel declined a request for interview by New Scientist, but said in a security alert that all of its chips are vulnerable to the attack. The company said that, through such an attack, it “may be possible to infer parts of the information through sophisticated analysis”.

AMD, which shares chip architecture with Intel, also issued a security alert listing several of its mobile, desktop and server chips as vulnerable to the attack. The company didn’t respond to a request for comment.

Chipmaker ARM was also approached by New Scientist, but didn’t answer questions about whether it was working to avoid similar problems with its own chips.

One major issue is that even if your personal hardware isn’t affected, you could still fall victim to Hertzbleed. Thousands of servers around the word will store and process your information, archive your data and run the services you use daily. Any of these may be running on hardware that is vulnerable to Hertzbleed.

Intel says that the attack can take “hours to days” to steal even a tiny amount of data, so Hertzbleed is more likely to leak small snippets of data rather than large files, email conversations and the like. But if that snippet of data is something like a cryptographic key, then its impact can be significant. “Hertzbleed is a real, and practical, threat to the security of cryptographic software,” say the researchers who discovered the flaw, on their website.

How was it discovered?

Hertzbleed was created by a group of researchers from the University of Texas at Austin, the University of Illinois Urbana-Champaign and the University of Washington in Seattle. They say that they disclosed their discovery to Intel in the third quarter of last year, but that the company asked for it to be kept quiet until May this year – which is a common request designed to allow a company to fix a flaw before it becomes common knowledge.

Intel allegedly then asked for an extension to 14 June, but has apparently released no fix for the problem. AMD was informed of the problem in the first quarter of this year.

Details of the vulnerability have now been published in a paper on the researchers’ website and will be presented at the USENIX Security Symposium later this summer.

“Side channel power attacks have been long known about, but this is a troubling evolution of the art,” says Alan Woodward at the University of Surrey, UK. “The story of its discovery and how it was kept under wraps is a cautionary tale for what else might be out there.”

Can it be fixed?

Neither Intel nor AMD are releasing patches to fix the problem, claim the researchers on their website. Neither company responded to questions posed by New Scientist.

When attacks that watched for changes in a chip’s speed, or frequency, were first discovered in the late 1990s, there was a common fix: write code that only used “time invariant” instructions – that is, instructions that take the same time to carry out regardless of what data is being processed. This stopped an observer gaining knowledge that helped them read data. But Hertzbleed can get around this strategy and can be done remotely.

Because this attack relies on the normal operation of a chip feature, not a bug, it could prove tricky to fix. The researchers say that a solution would be to turn off the CPU throttling feature on all chips, globally, but warn that doing so would “significantly impact performance” and that it may not be possible to fully stop frequency changes on some chips.

Tags: technology

Related Posts

Does CBD Oil Go Bad
Health

How KSM 66 Ashwagandha Improves Your Cognitive Function in Different Amazing Ways

June 27, 2022
What is Endy Mattress?
Technology

What is Endy Mattress?

June 25, 2022
mywifiext
Technology

Getting Issues While Accessing Mywifiext?

June 24, 2022
netgear genie setup
Technology

Netgear Remote Management Option Not Visible Issue [Resolved]

June 23, 2022
Routerlogin.net
Technology

What is Routerlogin.net? Where to Use It?

June 23, 2022
cydia download ios 16
Tech

The Greatest Guide to Cydia Download iOS 16

June 7, 2022
Next Post
MORE LOVE WITH DONUTS WAYS TO STORE LEFTOVER DONUTS FOR LONG-LASTING FRESHNESS

MORE LOVE WITH DONUTS WAYS TO STORE LEFTOVER DONUTS FOR LONG-LASTING FRESHNESS

Recent Posts

  • Hoodies are versatile and can be dressed up or down
  • certain individuals lean toward doughnuts.
  • Explain the term Best Life Insurance Company in Dallas
  • WPC2027 – How to register and login on wpc2027 live
  • How to Create a Social Content Strategy for Your Brand In 2022

Recent Comments

No comments to show.
  • Write for us
  • Contact us
  • Terms and Conditions
  • Privacy Policy
  • Disclaimer

© 2022 All Right Reserved Partner websites sw418login Thefeednews fabsswing savefromnetpost

No Result
View All Result
  • Homepages
  • News
  • Politics
  • National
  • Business
  • World
  • Entertainment
  • Fashion
  • Food
  • Health
  • Lifestyle
  • Opinion
  • Science
  • Tech
  • Travel

© 2022 All Right Reserved Partner websites sw418login Thefeednews fabsswing savefromnetpost

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?