Security note – INTEL-SA-00088 (“Meltdown” / “Spectre”)

On 3-Jan-2018 Intel published security note INTEL-SA-00088

Compulab software engineers are in the process of testing and deploying the available counter-measures.

We will update this page with progress.

For more information

Please contact support@fit-iot.com

Q&A

Compulab fitlet1 | fit-PC4 | fit-PC3 are based on AMD APUs.

  • AMD APUs may be vulnerable to some variants of “Spectre” and are not vulnerable to “Meltdown”.
  • No BIOS update is required (this is confirmed directly by AMD).
  • Operating systems may incorporate security updates to address Spectre. This will be released by Microsoft, Linux vendors / kernel and respective OS vendors.

Please consult AMD statement for more details.

Not really. Meltdown & Spectre security issues are very technical.

However, we can try to explain what it is and what it isn’t:

  • It isn’t a way to intrude the computer.
  • It isn’t a way to vandalize, corrupt or change the data on the computer in any way. It cannot be used for ransomware.
  • It is a new way to obtain data used by other software running on the same computer.
  • It is a way to for program A to observe and record some operations of program B without program B being aware it is being spied on.

A simplified illustration

Please think about your PC as a private house and about cloud-based hosting service as a hotel.
Then the new vulnerabilities are like the ability to listen through the wall to conversations taking place in other rooms – not from outside, but from the same building.

For the private house, an intruder can already do plenty of damage. Listening through walls does not add much to the risk.
On the other hand, in the hotel – the ability of guests to spy on other guests poses a new risk to these other guests – they can no longer assume full privacy.

The vast majority of Compulab PCs are deployed like a “private house”. (if you were deploying a cloud service you would probably know the risks without this simplified illustration…)

Affected products

  • IPC1 | IPC2 | IPC3
  • fitlet2
  • Airtop

Products that may be partially affected

  • fitlet1
  • fit-PC3 | fit-PC4

Products not affected

  • fit-PC2