A few months ago (January 2018), the media reported breaking news of alleged security failures for Intel and ARM processors. In order to understand these “weaknesses”, and before briefly describing the nature of these “security holes”, we need to list some of the common characteristics shared by modern processors.
The Meltdown and Spectre vulnerabilities were discovered last year, but only disclosed recently to the public. Both vulnerabilities are of the same family. They fundamentally affect certain CPU designs with around 20-years’ worth of processors and certain upcoming designs cannot be classified totally secure.
The first and so far the only time I was personally involved, (or to be more precise my son who at that time was eleven years old), in a cyber-attack by ransomware was in 2012. The computer of my son was apparently blocked by the Federal Criminal Police Office due to some illegal actions, such as sending spam mails and even worse. At least that’s what appeared on the screen in poor German. Strangely enough a fee of 100 Euros would unblock the computer. Well, I wondered how the 100 Euros would affect the illegal activities, my eleven year old boy had committed but you never know. Even though it was obvious that we didn’t get into trouble with the public authorities, my son was not amused by the fact that his computer was out of order. In fact, he must have felt exactly how the latest cyber attack has been dubbed: WannaCry.
In February this year, a team of researchers both from Google and CWI Institute in Amsterdam announced that they were able to generate two PDFs documents with different content that would hash into the same SHA-1 digest. This may lead to a big problem in security that I will try to explain to you but first let’s put ourselves in context.
At the end of November, the pre-Christmas season usually starts in Germany. The famous Christmas Markets, such as the Christkindle market in Nuremberg, open in every city and people celebrate the first Advent by lighting the first of four candles of the Advent wreath. Usually, the first Advent is the day when the contemplative time starts. The 27th of November, the first Advent in 2016 was for many people in Germany in a particular way very calm. Round about one million DSL routers, mainly devices from Germany’s biggest telecommunications carrier, fell victim to hacker attacks. (more…)
Since September, several cyber-attacks have targeted a series of entities present in the network (including DNS Internet service providers, numerous webs residing in Liberia and the personal page of an expert in online security). (more…)