Intel

Auto Added by WPeMatico

Security flaw in ‘nearly all’ modern PCs and Macs exposes encrypted data

Most modern computers, even devices with disk encryption, are vulnerable to a new attack that can steal sensitive data in a matter of minutes, new research says.

In new findings published Wednesday, F-Secure said that none of the existing firmware security measures in every laptop it tested “does a good enough job” of preventing data theft.

F-Secure principal security consultant Olle Segerdahl told TechCrunch that the vulnerabilities put “nearly all” laptops and desktops — both Windows and Mac users — at risk.

The new exploit is built on the foundations of a traditional cold boot attack, which hackers have long used to steal data from a shut-down computer. Modern computers overwrite their memory when a device is powered down to scramble the data from being read. But Segerdahl and his colleague Pasi Saarinen found a way to disable the overwriting process, making a cold boot attack possible again.

“It takes some extra steps,” said Segerdahl, but the flaw is “easy to exploit.” So much so, he said, that it would “very much surprise” him if this technique isn’t already known by some hacker groups.

“We are convinced that anybody tasked with stealing data off laptops would have already come to the same conclusions as us,” he said.

It’s no secret that if you have physical access to a computer, the chances of someone stealing your data is usually greater. That’s why so many use disk encryption — like BitLocker for Windows and FileVault for Macs — to scramble and protect data when a device is turned off.

But the researchers found that in nearly all cases they can still steal data protected by BitLocker and FileVault regardless.

After the researchers figured out how the memory overwriting process works, they said it took just a few hours to build a proof-of-concept tool that prevented the firmware from clearing secrets from memory. From there, the researchers scanned for disk encryption keys, which, when obtained, could be used to mount the protected volume.

It’s not just disk encryption keys at risk, Segerdahl said. A successful attacker can steal “anything that happens to be in memory,” like passwords and corporate network credentials, which can lead to a deeper compromise.

Their findings were shared with Microsoft, Apple, and Intel prior to release. According to the researchers, only a smattering of devices aren’t affected by the attack. Microsoft said in a recently updated article on BitLocker countermeasures that using a startup PIN can mitigate cold boot attacks, but Windows users with “Home” licenses are out of luck. And, any Apple Mac equipped with a T2 chip are not affected, but a firmware password would still improve protection.

Both Microsoft and Apple downplayed the risk.

Acknowledging that an attacker needs physical access to a device, Microsoft said it encourages customers to “practice good security habits, including preventing unauthorized physical access to their device.” Apple said it was looking into measures to protect Macs that don’t come with the T2 chip.

When reached, Intel would not to comment on the record.

In any case, the researchers say, there’s not much hope that affected computer makers can fix their fleet of existing devices.

“Unfortunately, there is nothing Microsoft can do, since we are using flaws in PC hardware vendors’ firmware,” said Segerdahl. “Intel can only do so much, their position in the ecosystem is providing a reference platform for the vendors to extend and build their new models on.”

Companies, and users, are “on their own,” said Segerdahl.

“Planning for these events is a better practice than assuming devices cannot be physically compromised by hackers because that’s obviously not the case,” he said.

Chipmaker Renesas goes deeper into autonomous vehicles with $6.7B acquisition

Japan-based semiconductor firm Renesas — one of the world’s largest supplier of chips for the automotive industry — is scooping up U.S. chip company IDT in a $6.7 billion deal that increases its focus on self-driving technology.

Renesas produces microprocessor and circuits that power devices, and automotive is its core focus. It is second only to NXP on supply, and more than half of its revenue comes from automotive. IDT, meanwhile, includes power management and memory among its products, which focus on wireless networks and the converting and storing of data. Those are two areas that are increasingly important with the growth of connected devices and particularly vehicles which demand high levels of data streaming and interaction.

The acquisition of IDT — which is being made a 29.5 percent on its share price — is set to expand Renesas’ expertise on autonomous vehicles. The firm said it would also broaden its business into the “data economy” space, such as robotics, data centers and other types of connected devices.

Renesas has already demoed self-driving car tech, which puts it into direct competition with the likes of Intel . Last year, the firm paid $3.2 billion to buy up Intersil, which develops technology for controlling battery voltage in hybrid and electric vehicles, and IDT deal pushes it further in that direction.

“There’s little overlap between their product portfolios, so it’s a strategically sound move for Renesas. But it does seem like the price is a little high,” said Bloomberg analyst Masahiro Wakasugi.

The IDT deal has been on the table for a couple of weeks after Renesas first revealed its interest in an acquisition last month. It is expected to close in the first half of 2019 following relevant approvals.

Drones set a Guinness World Record at the Winter Olympics

TwitterFacebook

More than 1,200 drones lit up the sky at the opening ceremony for the Winter Olympics. 

That’s a Guinness World Record for the most unmanned drones flown simultaneously, beating the previous record of 500 in Germany in 2016. Both records involved Intel’s Shooting Star drones. 

The 1,218-drone light show in South Korea was pre-recorded. Still, 300 of them made a live appearance at the opening ceremony, forming the shape of the Olympic rings.

Drones fly to make the Olympic rings.

Drones fly to make the Olympic rings.

Image: intel

Intel’s drones—which each weigh a little more than half a pound—have flown above crowds in Singapore, at the Super Bowl last weekend in the shape of the American flag, and at Dodger Stadium in Los Angeles last year in the shape of the Wonder Woman logo. They’ll pop up throughout the Winter Olympics during medal ceremonies. Read more…

More about Drones, Intel, Opening Ceremony, Light Show, and Pyeongchang

TAG Heuer's newest luxury smartwatch lets you customize your $1,600 wrist candy

TwitterFacebook

The TAG Heuer Connected was possibly the most luxurious, expensive smartwatch to launch on the Android Wear platform — so the iconic Swiss watchmaker decided to up the ante for its Android Wear 2.0 release. 

TAG Heuer just unveiled its latest wearable, the Connected Modular 45. The watchmaker teamed up with Intel, its partner from the previous model, to create the latest fusion of Swiss craftsmanship and Silicon Valley tech. 

The watch’s name gives its most distinctive feature away right off the bat: it’s a modular device, and TAG Heuer says it will offer hundreds of options for personalization, including the choice to swap out the smart module for a more traditional mechanical watch or the luxe Heuer 02T Tourbillon Chronograph if you’re feeling extremely fancy and don’t actually want a smartwatch at all.    Read more…

More about Modular, Smartwatch, Wearable Tech, Intel, and Tag Heuer Connected

Powered by WPeMatico

U.S. spies are withholding intelligence from Donald Trump, who has none

Capping off Donald J. Trump’s No Good Very Bad Horrible Day today, the Wall Street Journal reports that senior U.S. intelligence officials are deliberately withholding sensitive information from the President because they don’t trust him. Today’s report cites sources inside the White House, and underscores the deep mistrust between career spies and the imploding kakistocracy.

(more…)

Powered by WPeMatico

Intel inexplicably makes jobs announcement in round room with very nice curtains

Oval Office replica Intel’s latest press conference was its most well-appointed yet. The chipmaker’s CEO Brian Krzanich announced his company’s newest initiative in a tasteful if traditional space with lavish gold curtains and a stately desk. The room, with notably rounded corners, was nearly 3,000 miles away from the company’s headquarters and many of its manufacturing sites. In lieu of PR… Read More

Powered by WPeMatico