Meltdown and Spectre : the time for explanations has come !

What vulnerabilities ? 

Meltdown and Spectre are three variants of flaws which exploit the vulnerabilities from the processors allowing potential hackers to steal every data. Your passwords, photos, e-mails or sensitive documents, whether personal or professional, are likely to be affected.

Who’s affected ? 

Far from having been discovered recently, it has been revealed last month. If the Meltdown vulnerability only affects Intel processors, the Spectre flaw affects all processors that have been in circulation for several years, including in smartphones or tablets, even in the cloud, depending on the provider’s infrastructure.

Intel, AMD, Dell, IBM, Huawei, Apple or Microsoft… Manufacturers of operating systems or software editors are concerned. Likewise, all users are affected.

Have they been exploited ?

The trend is optimistic : it’s insured that these flaws have not been exploited. But, since they concern all the processors, it’s quite conceivable that their exploitation took place for several years, even before their discovery. And that, without us being able to be informed.

What’s proposed to secure these flaws ? 

From the implementation of plasters on the software and operating systems to the modifications of the microcode of the processors, patches have been deployed. It is recommended to download the latest updates on the different devices which include patches, but it would considerably slow their performances. In addition, Intel has suspended the distribution of the patches because of some untimely restart of the devices.

In legal terms ? 

Class actions follow one another. Three separate class-action lawsuits have been filed against Intel in California, Oregon and Indiana on the basis of the breach of the disclosure requirement. The late communication of Intel on the extent of the flaws known for over a year has nothing to please users. AMD isn’t left out and is also concerned because of their communication which minimized the impact of faults on their systems. Consumers will probably not be the only ones to ask for compensation. Cloud providers, like Google or Amazon, are also affected because any software or hardware fixes will have an impact on their operating capacity and therefore on their competitiveness.

A propos de Chloé NIEDERGANG

Etudiante en Master 2 Droit de l'économie numérique, 9ème promotion.

Vous aimerez aussi...

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.