Google Researchers Knew About Chip Security Flaw Since June 2017

Google Researchers Knew About Chip Security Flaw Since June 2017

by

Laurie Sullivan , Staff Writer @lauriesullivan, (January 05, 2018)

Google Researchers Knew About Chip Security Flaw Since June 2017 | DeviceDaily.com

Imagine how much revenue ad networks, publishers, retailers and search engines would have lost if Google released the information about the chip flaw prior to the 2017 holidays. This week Intel, Google, Microsoft, Apple and others revealed that potentially every type of device with a central processing unit (CPU) — which means personal computers, Macs, laptops, smartphones, tablets and cloud servers — is impacted.

In June 2017, Google Project Zero researcher

Jann Horn led the discovery of a serious security flaw in CPUs that would enable malicious users to read a system’s memory that is supposed to be inaccessible. For example, an unauthorized person may read passwords, encryption keys, or sensitive information that is open in applications.

In January 2018 we learned about the flaw and tests that also proved an attack running on one virtual machine was able to access the physical memory of the host machine. These vulnerabilities affect CPUs from AMD, ARM, and Intel, as well as the devices and operating systems running on them.

Is the idea to fix the flaw and then disclose it to the public?

The security issues are known by two names: Meltdown and Spectre.

Microsoft, Apple and others have already developed and begun to push out patches to affected systems and software.

It almost seems like another day, another security flaw or hack. That’s until I realized that Google researchers discovered the flaw in June 2017. And then I began to think about the forfeited revenue that would have resulted if Google had revealed the problem prior to the holidays. How many people would have refrained from buying products online?

Research published late Thursday by RBC Capital Markets notes that comScore estimates total U.S. online retail grew 18% to 20% year-on-year (YoY) over the 2017 Holiday Season, compared with more than 17% in 2016 and 13% in 2015. Sales reached between $95 billion and $96 billion, consistent with comScore’s earlier forecast.

Several factors drove the YoY acceleration, such as one extra shopping day vs. 2016; positive macro trends such as low unemployment and the highest consumer sentiment in years; a strong selection of hot products, such as smartphones, smart speakers, IoT devices, and gaming systems; and the ongoing ease of online shopping and fulfillment.

“We’re struck by the fact that U.S. Online Retail Holiday Spend will have now accelerated for the third or fourth year in a row,” according to the RBC report. “We believe rising smartphone adoption has been a key factor here, but so has the real break-through into the mainstream of online retail shopping, with rising brand awareness, rising online shopping confidence, and speedier delivery times all being key factors.”

MediaPost.com: Search Marketing Daily

(1)