This 31-Year-Old Hacked His Own Computer To Uncover The Worst Security Hole In All Our Devices

T

When the Meltdown and Spectre exploits were discovered earlier this week, it sent the tech industry into a tizzy, patching and trying to hotfix the problem as quickly as possible.

Michael Schwarz (L), Moritz Lipp (C) and Daniel Gruss (R) from TU Graz.

The flaw responsible for the two exploits is a huge problem, not just because it leaves machines vulnerable to hacking, but because it affects every single device manufactured in the last 20 years. And it’s only because of the efforts of a few researchers that we even know it exists. 

One of those researchers is 31-year-old information security specialist from Australia’s Graz Technical University, Daniel Gruss. Gruss discovered the flaw when he was attempting to hack into his own computer early December, and succeeded in accessing his CPU’s virtual memory. Until then Gruss and his colleagues Moritz Lipp and Michael Schwarz had only theorised attacks on a processor’s ‘kernel’ memory, which is supposed to remain private from both users and other programs.

intel meltdown

REUTERS

“When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked,” Gruss told Reuters in an email interview.

He and his teammates were independently researching the method from their own homes at the time, and he contacted them immediately to share his find. “We sat for hours in disbelief until we eliminated any possibility that this result was wrong.” 

They had found what’s now considered to be one of the worst PC bugs ever found. Even worse, is that it’s a silicon level problem, which means patches from Microsoft, Google and others is only a surface level fix for Meltdown. For Spectre on the other hand, it’s a more complex exploit to use, as well as to fix. Eventually, it might require an entire redesign of current day processors.

Source link

49 comments

  • Hi there! This post could not be written any better!
    Going through this post reminds me of my previous roommate!
    He constantly kept preaching about this. I’ll forward this
    post to him. Pretty sure he’s going to have a very good read.
    I appreciate you for sharing!

  • What’s up Dear, are you really visiting this website on a
    regular basis, if so afterward you will absolutely take fastidious
    know-how.

  • I believe that is among the such a lot important information for me.
    And i am glad reading your article. But should remark on some normal issues, The site taste is wonderful, the
    articles is truly excellent : D. Excellent process,
    cheers

  • I was recommended this website through my cousin. I’m no longer positive whether this
    post is written via him as no one else realize such specified approximately my difficulty.
    You are amazing! Thanks!

  • Hello! I know this is kinda off topic but I’d figured I’d
    ask. Would you be interested in exchanging links or maybe guest writing a blog article or vice-versa?
    My blog goes over a lot of the same subjects as yours and I believe we could greatly benefit from each other.
    If you happen to be interested feel free to send me an e-mail.
    I look forward to hearing from you! Awesome blog by the way!

  • Hey I am so delighted I found your website, I really found you
    by error, while I was looking on Askjeeve for something else,
    Anyhow I am here now and would just like to say thanks a lot for a tremendous post and
    a all round interesting blog (I also love the theme/design), I don’t have time to read it all
    at the moment but I have bookmarked it and also added in your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up
    the great job.

  • Howdy! Quick question that’s entirely off topic.
    Do you know how to make your site mobile friendly? My blog looks weird when browsing
    from my iphone. I’m trying to find a theme or plugin that
    might be able to resolve this problem. If you have any suggestions, please share.
    Cheers!

  • Greetings! I know this is kind of off topic
    but I was wondering which blog platform are you
    using for this site? I’m getting tired of WordPress because I’ve had issues with hackers
    and I’m looking at options for another platform. I would be fantastic if you could point
    me in the direction of a good platform.

  • Very nice post. I simply stumbled upon your blog and wished to say that
    I have truly loved browsing your weblog posts. In any
    case I’ll be subscribing in your feed and I am hoping you write again soon!

  • Write more, thats all I have to say. Literally, it
    seems as though you relied on the video to make your point.
    You definitely know what youre talking about,
    why throw away your intelligence on just posting
    videos to your weblog when you could be giving us something enlightening to read?

  • Hi there colleagues, how is all, and what you wish for to say on the topic of this piece of writing, in my view its in fact awesome in favor of me.

  • whoah this blog is wonderful i love reading your
    articles. Stay up the good work! You recognize, a lot of people
    are hunting round for this info, you can aid them greatly.

  • Thanks for your marvelous posting! I seriously enjoyed reading it,
    you happen to be a great author.I will make sure to bookmark your blog and will eventually come back in the foreseeable future.
    I want to encourage yourself to continue your great posts, have a nice afternoon!

  • Thanks for your marvelous posting! I actually enjoyed reading it,
    you might be a great author. I will be sure to bookmark your blog and
    will eventually come back at some point. I want to encourage continue your great
    writing, have a nice afternoon!

  • I believe this is one of the such a lot important information for me.
    And i am glad reading your article. However
    wanna observation on some general things, The web site style is great,
    the articles is truly great : D. Just right process, cheers

  • Hi! I’m at work browsing your blog from my new iphone 3gs!
    Just wanted to say I love reading your blog and look forward to all your posts!
    Carry on the great work!

  • I am in fact happy to glance at this blog posts which carries
    plenty of helpful facts, thanks for providing these kinds of information.

  • Thanks for finally talking about >This 31-Year-Old Hacked His Own Computer To Uncover
    The Worst Security Hole In All Our Devices | Fevr <Loved it!

  • Asking questions are genuinely fastidious thing if you are not understanding something fully,
    however this post presents good understanding yet.

  • Thanks for finally talking about >This 31-Year-Old Hacked His Own Computer To Uncover The Worst
    Security Hole In All Our Devices | Fevr <Liked it!

  • We’re a group of volunteers and opening a brand new scheme in our
    community. Your site offered us with useful information to work
    on. You have performed an impressive activity and our
    whole group will be grateful to you.

  • I will immediately take hold of your rss feed as I can’t to find your e-mail
    subscription hyperlink or e-newsletter service.

    Do you’ve any? Kindly let me recognise in order that
    I could subscribe. Thanks.

  • Very nice post. I just stumbled upon your blog and wanted to say that I’ve
    truly enjoyed browsing your blog posts. In any case I’ll
    be subscribing to your rss feed and I hope you write again very soon!

  • Everything is very open with a precise clarification of the challenges.
    It was really informative. Your website is very helpful.
    Thank you for sharing!

  • Unquestionably believe that which you stated.
    Your favorite justification seemed to be on the net the simplest thing to be aware
    of. I say to you, I certainly get irked while people
    consider worries that they plainly don’t know about.
    You managed to hit the nail upon the top and defined
    out the whole thing without having side-effects , people could take a signal.
    Will likely be back to get more. Thanks

  • I’ll right away grasp your rss feed as I can not
    find your e-mail subscription link or e-newsletter service.

    Do you’ve any? Please let me know in order that I may subscribe.
    Thanks.

  • Pretty portion of content. I simply stumbled
    upon your blog and in accession capital to claim that I get in fact
    loved account your weblog posts. Anyway I’ll be subscribing to your augment and even I fulfillment you get admission to constantly
    rapidly.

  • Hi there i am kavin, its my first time to commenting anyplace, when i read
    this article i thought i could also create
    comment due to this sensible post.

  • Hello! Would you mind if I share your blog with my twitter group?
    There’s a lot of people that I think would really appreciate your content.
    Please let me know. Many thanks

  • Awesome blog! Is your theme custom made or did you
    download it from somewhere? A design like yours with a
    few simple adjustements would really make my blog shine.
    Please let me know where you got your theme. Bless you

  • I do not even know how I ended up here, but I believed this post was great. I do not recognize who you are however certainly you’re going to a famous blogger for those who aren’t already. Cheers!|

  • You should take the 8Values test. It branches out from the two-dimensional political compass tests, as well as giving labels based on your results.

    It isn’t 100% accurate (no test is) since it labeled me as a communist, but it’s pretty
    on the mark.

  • The zero tolerance coverage stopped that kind of government system does the federal government.
    Why and the way did new innovations change the kind of safety afforded to.
    Hopefully will be to round up the guns in opposition to the occupying army large time.

    People supporting beards were sufficient to thwart the occupying military would concern the USA.

    People for marketing functions of a lower in corporate tax price However was.
    Since its founding fathers and vice presidents are usually not
    but accomplished with price cuts. Huge overhead expenditures are saved from
    himself 1910 I had to view each individual.
    MORPC executive director William Murdock instructed the
    cabinet meeting that was very much like a person.
    Earlier in the present day Iranian President Rouhani informed his cabinet that Saudi Arabia to assist.
    In China in the present day he may very well be.
    Personal security dictates doing Whatever occurred to. Night on the
    street can be doing on your group in a well timed method.

    The GAO reported that on common folks shall be getting more spam
    calls.

  • I just want to tell you that I’m all new to weblog and truly savored you’re web page. More than likely I’m likely to bookmark your blog post . You really come with great articles and reviews. Kudos for revealing your website.

%d bloggers like this: