Avoiding technology meltdown

Cyber security with globe

Prevention is the most vital and effective means of fighting crime, and nowhere is it more critical than in the area of cyber security. In the online world, data can be stolen, exploited or sold without victims even being aware until the damage is done.

But great progress is being made. In recent years, three critical design flaws have been discovered and addressed in commonly used computer chips, or processors, before any attacks could take place. Known as Spectre, Meltdown and Foreshadow, all had the potential to allow catastrophic data theft from millions of modern PCs, mobile phones and cloud servers.

The flaws were uncovered by small groups of independent computer science researchers from just a handful of leading institutions and organisations around the world. On each occasion, the University of Adelaide was among them.

Our own Dr Yuval Yarom co-wrote all three papers announcing the vulnerabilities. The threats, he says, were significant.

“They could’ve enabled hackers to gain unauthorised access to passwords, banking and credit card details, personal photos, emails, instant messages and other sensitive documents. 

“Foreshadow even had the potential to break down the separation between ‘virtual’ machines—distinct, private computing environments created on individual computers to allow many people to use the same hardware—such as widely offered by cloud-computing companies.”

While the best advice for consumers remains installing legitimate software updates in a timely manner, Dr Yarom is confident his research, and that of his peers, will lead to fundamental industry advance—and safer digital activity all over the world.

"Ultimately, our discoveries will lead to improved processor design and help prevent cybersecurity concerns like these resurfacing.”


 

Featured researcher

Dr Yuval Yarom
Centre for Distributed and Intelligent Technologies
School of Computer Science
Faculty of Engineering, Computer and Mathematical Sciences

Tagged in Defence, cyber and space, cyber security, spectre, meltdown