Google Reveals How it Protected Gmail from Spectre and Meltdown

Share

Intel CEO Brian Krzanich addressed an open letter to the IT sector promising to address the Spectre and Meltdown flaws.

The first approach Google's engineers took was to switch off CPU features that rendered chips vulnerable to intrusion.

Alphabet Inc's Google said on Thursday it had already deployed software patches against the Spectre and Meltdown chipset security flaws previous year, without slowing down its cloud services.

Wells Fargo & Co Stock Dips on Q4 Earnings Miss
Great West Life Assurance Communications Can stated it has 0% of its portfolio in Weibo Corporation (NASDAQ:WB). (NASDAQ:BIIB). Shares were virtually unchanged after the report, indicating that the market wasn't too surprised by the mediocre results .

On Windows 10 machines the overall office productivity performance declines around 5 to 10 percent on Intel's Core chips. For one of the variants of Spectre, which Google says proved to be a lot more problematic, its engineers came up with a technique called "Reptoline", which modifies programs to ensure that execution can not be influenced by an attacker.

The Meltdown and Spectre effect may begin to level out now that AMD has come clean about Spectre Variant 2.

Intel is facing a growing number of lawsuits, including claims from groups of consumers alleging that it misled consumers by failing to disclose the security hole and demands for compensation based on the potential slower performance of machines that have been patched.

Eagles QB Foles ready to prove doubters wrong
And it's not necessarily that Atlanta blew the Rams out of the water, but they did dominate them in all three phases of the game. Let's not count out the Pittsburgh defense, however, as it has surrendered just 312 yards per game in Heinz Field this season .

Given the difficulty of solving it, Google's Project Zero security team made a rare exception to its 90-day disclosure policy, which gives vendors and companies 90 days to solve the problem before it releases details of a vulnerability to the public. The company found the answer in Retpoline, a technique conjured up by Google Senior Staff Engineer Paul Turner, which "modifies programs to ensure that executive can not be influenced by an attacker".

As Google describes this, "With Retpoline, we could protect our infrastructure at compile-time, with no source-code modifications". Google says that it didn't receive any complaint reports of degrading performance post-deployment of the fix. When it was rolled out recently, again, no one using services like Gmail noticed any performance degradation. He added that Intel is working with other companies to minimize the impact those patches will have on user workloads.

But Nvidia still has to plug the security hole even if it could affect the performance of its GPUs, as is the case with other fixes for Spectre and Meltdown, though Nvidia hasn't detailed any ramifications the patches may carry.

Ambassador to Panama Resigns, Sowing Confusion as to His Reasoning
According to the State Department , his decision was made due to personal reasons. Feeley will be departing the State Department after almost 30 years of service.

Share