A speaker (Kris Kaspersky – who I don’t think is affiliated with Kaspersky Labs) at the upcoming “Hack in the Box” Security Conference in Malaysia is garnering headlines with his presentation, “Remote Code Execution through Intel CPU Bugs.” Kaspersky is saying that bugs in Intel Core 2 and Itanium processors allow hackers to remotely control or crash any systems using the chips. In his session, he will outline methods that bad guys can use to convert systems running these procs into robots or, best case I guess, just crash the systems outright. He will also discuss his new CPU malware detection research, which was funded by Endeavor Security.

  Kaspersky’s most outlandish claim is that these bugs can be exploited locally or remotely regardless of any operating system safeguards or security software. He also states that there aren’t any existing workarounds or SW solutions to close the security holes. Hmm…this sounds pretty nasty and is, from a computing standpoint at least, end-of-world type stuff. But, before we give in to panic and start the looting and burning, let’s consider this for a moment…..

First of all, pretty much every computing product of any complexity at all has at least a few bugs. The vast majority of these bugs don’t ever show up, or, if they do, only in very rare circumstances. Furthermore, when a bug results in a security hole, it’s hard to imagine that it can’t be fixed with software or firmware updates. It may not be simple, but it’s certainly well within the limits of current technology to scan instructions to see if they are aimed at exploiting particular vulnerabilities.

So what to make of Kaspersky? In the little bit of research I’ve done, he looks like a serious guy who has the technical chops to talk authoritatively about these issues. Still, I have to question his methods. Did he approach Intel with his findings before publishing them? This would be the responsible approach. Intel isn’t saying, although they do admit that there are a number of bugs in the processors (which, again, is normal for products this complex). Intel also said that they are waiting to see Kaspersky’s paper, discuss his findings with him, and then run their own tests. While it’s way too early to know, my gut feel on this is that Kaspersky is pounding the hyperbole button with a sledge hammer. His claims are very strong, but he (so far at least) hasn’t released his evidence – it looks like that will happen at the conference in October. I’m probably not going to pay a $1,482 conference fee, plus airfare and hotel, to find out if this is truth or hype.  I’ll more likely spend my money (and the time between now and the event) gathering up my survival gear and hoarding non-perishable food in preparation for the coming collapse of civilization that will be sure to result from hackers controlling every Intel Core2 and Itanium system. Or maybe I’ll just watch this panic from the sidelines; it has the potential to be a good one.

 

 

 

Categories: General News

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>