Intel, AMD, Nvidia, ARM; no CPU is safe from Spectre. (Unsplash, CC0)
On January 3, 2018, three central processing units’ (CPU) vulnerabilities known as Spectre and Meltdown were announced to the public (two types of Spectre and one of Meltdown). Any device with a CPU is a possible target, putting most devices in danger of being hacked. Operating Systems such as Windows, OSX, and Linux have released patches to defend against Spectre and Meltdown over the past couple of months. And on May 3, 2018, eight new types of Spectre called Spectre: The Next Generation (Spectre-NG) were discovered and announced.
Of the newly announced eight Spectres, four were deemed to be high risk, with the other four being medium risk. Like its predecessors, Spectre-NG exploits a computing chip’s speculative execution, a technique that helps the chip predict what it should do next. Through this, Spectre can obtain private information such as passwords. Yes this new generation has one type that is more dangerous than the previous generation’s Spectres. Described in a report by the German tech outlet C’t, this new type “simplifies attacks across system boundaries to such an extent that we estimate the threat potential to be significantly higher than with Spectre.”
As Spectre-NG is still a somewhat new discovery, patches are still a work in progress. As patching continues, the possibility of finding even more vulnerabilities remains. As such, Spectre will truly haunt us for the months to come.