Management lessons: Causes and cures of poor megaproject performance  |  Education Information: Exeter launches Master in Public Health   |  Education Information: St Andrews Prize for the Environment 2020  |  Education Information: MRC visits interdisciplinary health research team at Leeds  |  Education Information: Fika and Birmingham University offer mental skills training to students  |  International Edu News: The Prince of Wales officially opens the NAIC  |  National Edu News: University of Manchester awards an Honorary doctorate to Ratan Tata  |  Leadership Instincts: Edinburgh awarded Employer Champion status  |  International Edu News: Dr Michael Spence AC appointed new UCL President & Provost  |  International Edu News: Pioneering crop monitoring for food security wins Newton Prize  |  Leadership Instincts: UCL-led centre to investigate challenges of net zero future  |  Education Information: Oxford students given access to employers’ green credentials  |  National Edu News: Cabinet approves Elevation of BISAG as BISAG(N)   |  Leadership Instincts: Conservation measures for animal culture, the learning of non-human species  |  National Edu News: Union Minister unveils India/Bharat 2020  |  
January 05, 2018 Friday 04:39:27 PM IST

Google deploys patch for security flaws in chips

Technology Inceptions

San Francisco: To safeguard its customers from potential security bugs in chips, Google has deployed a novel chip-level patch across its entire infrastructure, resulting in only minor declines in performance in most cases.

"In response to the vulnerabilities that were discovered, we developed a novel mitigation called 'Retpoline' -- a binary modification technique that protects against 'branch target injection' attacks," Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Programme Manager at Google wrote in a joint blog post on Thursday."We shared 'Retpoline' with our industry partners and have deployed it on Google's systems, where we have observed negligible impact on performance," the engineers added.

In addition, the tech giant has deployed "Kernel Page Table Isolation" (KPTI) which is a general purpose technique for better protecting sensitive information in memory from other software running on a machine.

"KPTI" has been deployed to the entire fleet of Google Linux production servers that support all of our products, including Search, Gmail, YouTube and Google Cloud Platform, the company said in a statement. Earlier, Intel had confirmed serious security flaws in modern processors that could affect its computers released in the last two decades.


The chip-maker had said that the bug, if used for malicious purposes, has the potential to improperly gather sensitive data from computing devices and promised to fix the bug as soon as possible.

It added that the vulnerability, discovered by a British tech website, the Register, is not unique to Intel products. It argued that "many types of computing devices -- with many different vendors' processors and operating systems -- are susceptible to these exploits".

Comments