Communications of the ACM
How A Researcher Hacked His Own Computer and Found 'worst' Chip Flaw
The flaw, called Meltdown, affects most processors manufactured by Intel since 1995. A second defect called Spectre also has been found that also exposes core memory in most computers and mobile devices running on chips made by Intel, Advanced Micro Devic
Credit: Intel
Daniel Gruss didn't sleep much the night he hacked his own computer and exposed a flaw in most of the chips made in the past two decades by hardware giant Intel Corp.
The 31-year-old information security researcher and post-doctoral fellow at Austria's Graz Technical University had just breached the inner sanctum of his computer's central processing unit (CPU) and stolen secrets from it.
Until that moment, Gruss and colleagues Moritz Lipp and Michael Schwarz had thought such an attack on the processor's 'kernel' memory, which is meant to be inaccessible to users, was only theoretically possible.
"When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked," Gruss told Reuters in an email interview, describing how he had unlocked personal data that should be secured.
Gruss, Lipp and Schwarz, working from their homes on a weekend in early December, messaged each other furiously to verify the result.
"We sat for hours in disbelief until we eliminated any possibility that this result was wrong," said Gruss, whose mind kept racing even after powering down his computer, so he barely caught a wink of sleep.
Gruss and his colleagues had just confirmed the existence of what he regards as "one of the worst CPU bugs ever found."
From Reuters
View Full Article
No entries found