NetSpectre Attack Remotely Exploits Spectre Flaw on Vulnerable Systems

Today’s topics include a NetSpectre attack that could enable remote CPU exploitation, and Panasonic rolling out thinner Toughbook business handhelds.

Researchers from Graz University in Austria released a 14-page report on July 26 detailing how the Spectre CPU speculative execution vulnerability, which was first publicly disclosed Jan. 3, could be used over a remote network. The researchers dubbed the attack method NetSpectre.

With NetSpectre, the researchers detail a novel, albeit slow, approach to remotely exploiting Spectre on a vulnerable system by leaking information at a rate of 15 bits per hour. According to the researchers, "NetSpectre marks a paradigm shift from local attacks, to remote attacks, exposing a much wider range and larger number of devices to Spectre attacks."

The researchers reported the NetSpectre attack method to Intel, which claims that issue has already been mitigated in the firmware updates made available for the Spectre variant attack.

Panasonic last week released two new Toughbook rugged handhelds and updated a third device. The new Toughbook FZ-T1 and FZ-L1 are thinner than previous Toughbooks, having shed their previously thick rubber bumpers. The FZ-N1, which has been on the market for about 18 months, has been updated with a smaller footprint and improved performance.

The FZ-T1 and FZ-N1 devices have smartphone-size form factors, while the FZ-L1 is a small, tablet-like device. Both the FZ-T1 and FZ-L1 devices can withstand drops and shocks from 5 feet, and meet IP66 standards for dust and water resistance.

The FZ-T1 features a 5-inch touch-screen display and meets IP68 standards for sealing in up to 5 feet of water for up to 30 minutes, while the FZ-L1 includes a 7-inch touch-screen display and meets IP67 standards for surviving in up to 3.3 feet of water for up to 30 minutes.