Researchers in Austria have found a way to utilize Meltdown to hack Galaxy S7 smartphones, a bad sign for security. It was previously discovered that ARM's Cortex A75 was susceptible to the vulnerability but this is the first time we have seen this exploit successfully used on a Snapdragon 820 or Exynos 8890 chipset. Even better is that these researchers have discovered variants which can affect older chipsets, meaning that far more phones may be vulnerable than we ever imagined. You can take a peek over at The Inquirer, if you are looking to ruin your day.
"IF YOU LIVE IN THE PAST then best pick your ears up as researchers have found Samsung's Galaxy S7 is vulnerable to hacking due to a chip security flaw."
Here is some more Tech News from around the web:
- TCP Flaw Lets Remote Attackers Stall Devices With Tiny DoS Attack @ Slashdot
- Snapchat source code leaked to GitHub after botched iOS app update @ The Inquirer
- Mozilla uses AI to serve up suggested content in Firefox @ The Inquirer
- LibreOffice 6.1 Released @ Slashdot
- Hey, you know what a popular medical record system doesn't need? 23 security vulnerabilities @ The Register
Back when this all first came
Back when this all first came out I kept on saying that it was a huge mistake to let this information out into the wild as in letting the general public know about it.
I said this is just going to open up a hornets nest down the road and form the looks of it I was 100% right. I had said that if these exploits which no one even had a clue were there so they were actually not exploits being no one knew about them including the hackers so there was nothing to exploit being no one knew about them.
Now that everyone knows about them we now have every hacker and freak trying to exploit these flaws in the chips where as before we had no one trying because they had no clue about them.
The ones that got hit the hardest here are to end users because we have had to put up with patches and fixes that actually made the hardware we paid for slower because the CPU’s are not running as they were intended to run after the patches and micro code updates.