Some of Intel’s most popular chips have been hit by a major security flaw, researchers have claimed.
This vulnerability, named PortSmash, has been discovered by a team of academics from Tampere University of Technology in Finland and Technical University of Havana Cuba.
PortSmash is impacting some of Intel’s most well-known processors, including the Kaby Lake and Skylake units found in many laptops on the market today, and could potentially allow attackers to leak encrypted data from the CPU’s internal processes.
Specifically, PortSmash targets a flaw in Intel’s hyperthreading technology, which cuts down on the time needed for a device to carry out high-end computing tasks.
The researchers where able to exploit a leak in the hyperthreading system to access secure private keys from servers running Skylake and Kaby Lake processors by tracking specific computing processes in order to deduce the key.
The flaw affects both servers and PCs, the researchers said, although the former is more at risk, which could prove dangerous for cloud providers who offer infrastructure-as-a-service (IaaS) platforms, as servers, storage and networking hardware could be targeted in a single shot.
Intel has responded to the report, noting that it expects that the threat it “is not unique” to its platforms alone.
“Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified,” the company added.
Fresh details have surfaced regarding the February 2018 data breach that affected 150 million users of the MyFitnessPal app, a service run by health and fitness company Under Armour. The breach notification submitted by the company to the Australian Government has been made public due to the country’s Freedom of Information Act. From the document,...