Spectre and Meltdown shook many PC enthusiasts when they came to light. They were essentially the first speculative execution flaws to attract global attention, and because they affected processors from Intel and AMD to varying degrees, the internet was awash with concern for several months. Eventually, researchers discovered more and more speculative execution flaws. But now researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they've found a way to prevent these attacks. The researchers call their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent paper. This name stands in opposition to Intel's Cache Allocation Technology (CAT) and is said to prevent attackers from accessing ostensibly secure information through exploiting flaws in the speculative execution process. Best of all, DAWG is said to require very few resources that CAT isn't already using and can be enabled with operating system changes instead of requiring the in-silicon fixes many thoughts were needed to address the flaws. The side-channel attacks revealed earlier this year essentially work by compromising data from memory when the CPU is deciding where it should go. This would, in turn, allow them to gather passwords, encryption keys and other data they could then use to gain full access to a targeted system. The attacks varied in the vulnerabilities they leveraged and the way they could be addressed. Meltdown required the operating system and firmware updates. Spectre was thought to require changes to CPU architectures, but CSAIL said DAWG blocks Spectre attacks itself. Leram how DWAG work by visiting OUR FORUM.

After being convicted of abusing their Android monopoly to bolster their search business, Google agreed to comply with the European Union’s requirement that they make changes in their business practices to restore competition to the market. While still appealing their conviction, they agreed in the EU to unbundle the Google Play Store and other service apps from the Chrome browser and Google Search app, and offer the first part for a license fee.  This would allow other companies to create their own Android distribution without delivering handsets which were uncompetitive due to lacking access to the millions of apps in the Google Play Store. It seems, however, Google had no intention to actually comply with the spirit of the order, as they set the price of the Google Play Store and associated apps at an unreasonable $40, according to leaked documentation seen by The Verge. Android OEMs can reduce that price by adding back Google Search and the Chrome browser, meaning in effect Google is extorting companies to maintain the status quo. If they choose to take the Store only they also miss out on ongoing revenue share generated by Google Search on the handsets. While Google’s machinations would likely abide by the wording of the European Commission direction, it is unlikely that the EC will tolerate an arrangement which does not allow real competition to be restored. Microsoft has in the past learn to regret playing games with the EU, and I look forward to Google learning this lesson the hard way for themselves. In-depth reading can be found on OUR FORUM.