Meltdown & Spectre

What’s the problem?

In many processors, unauthorized memory access is possible during speculative execution of code. Under certain circumstances, this vulnerability can be exploited by malicious code. Such code can also originate from JavaScript executed in the user’s browser, or from other virtual servers in the cloud. In a blockchain, the potential threat comes from scripts executed to carry out transactions (e.g. Bitcoin (un)locking scripts, Chaincode by HyperLedger).

 

How long have we known about the issue?

Google and Graz University of Technology have known about the issue since the summer of 2016.

 

Have Spectre and Meltdown already been exploited?

It’s possible. However, to the best of our knowledge, no exploits have yet come to light.

 

Have there been similar issues in the past?

Intel had a problem with its processors in 2012 (http://www.kb.cert.org/vuls/id/649219), but not on the same scale. These issues are usually dealt with secretly until patches are available. In the case of Spectre and Meltdown, the issues came to light before the planned patch day (9.1.18).

 

What can be done?

Patch the operating system of all devices with affected processors.

 

Where can I find more information?

More information can be found here:

 

Complete Revision of the Federal Data Protection Act

Complete Revision of the Federal Data Protection Act: „As of 15th September 2017, draft and report for a completely revised Federal Data Protection Act is public. In a first step parliament and the people agreed to adaptations in order to be compliant with EU law. The second part of the revision is debated by the parliament since September 2019. Data Protection is to be increased by giving people more control over their private data as well as reinforcing transparency regarding the handling of confidential data.”

Links: datenrecht.ch

Eurospider Information Technology AG
Winterthurerstrasse 92
8006 Zürich

 

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok Decline