Tag Archives: Brian Krzanich

ALERT! – Specter and Meltdown Security Flaw – ALERT!

Regardless of what computer you own, Apple or Windows, Spectre and Meltdown security flaws affect you. Security researchers recently revealed the details of these two microprocessor security flaws. Chips made by Intel, Advanced Micro Devices (AMD) and others are in billions of devices making them sitting ducks for hackers.

Devices with these chips include phones, tablets, PCs, and computer servers. Exploiting the vulnerability opens the door for hackers to steal personal data, passwords, cryptographic keys, and other supposedly inaccessible information from device owners. While the average consumer should exercise caution the impact on business could be devastating. 

The Meltdown flaw only runs on Intel chips while the Spectre flaw can affect devices with virtually any modern processor.

Computer microprocessors handle data like a passwords or encryption keys. Normally these are kept from other apps. But both Intel and AMD pride themselves on the speed of their chips. To do this the chips use whats known as “speculative execution” to try to guess answers that may be needed if a chain of calculations came out a certain way. Since the delay in calculations can be predictable researchers found that a rogue app could guess where confidential data was located in a chip’s memory and steal it.

Regardless of your web browser, Google Chrome, Apple Safari, or any version of the Windows family, they all use Javascript code.  Hackers could introduce a data stealing Javascript program and post it on any chosen web site. Your browser app would automatically run the rogue code like it was an ordinary part of the site’s features resulting in your data becoming vulnerable or stolen. As you can see this is an extremely grave threat to business computing.

Although this vulnerability is now known there is no evidence anyone has used it…yet. And that is where the danger lies. The danger of these flaws is so great that tech companies  swung into action quickly to fix the problem. Perhaps too quickly.

According to various news sources the Microsoft patch to fix the flaw has been damaging some devices.  In some instances the computers are suffering performance problems while others have been bricked. A bricked computer is frozen and unusable. The problem has become so bad that Microsoft has halted issuing the patch for both Spectre and Meltdown for AMD equipped computers and devices.

Intel’s CEO Brian Krzanich addressed the Meltdown and Spectre issue as the keynote speaker at the Consumer Electronics Show in Las Vegas. “I want to thank the industry for coming together to address the recent security research findings reported as Meltdown and Spectre,”  said Krzanich. He called the response to the issues a “collaboration among so many companies.” Krzanich promised that “for our processors and products introduced in the past five years, Intel expects to issue updates for more than 90 percent within a week, and the remaining by the end of January.”

Browser makers have swung into action to combat the flaw. Users of Google Chrome should turn on a feature calledsite isolation.”  The feature prevents malicious Javascript from accessing sensitive data. Google will soon release an update to Chrome’s Javascript feature that will improve protection against Spectre attacks, however, browser performance may suffer.

Microsoft has already issued a Windows security update for its Internet Explorer and Edge browser apps labeled “KB4056890” to protect against Spectre. According to Microsoft the update will change the browser’s features to protect confidential information in a device’s CPU. But make sure you check if your device has an AMD chip before using this patch.

Firefox maker Mozilla said its newest apps changed several features to make Spectre attacks more difficult. Released on January 4th, Firefox version 57.0.4 includes the new protections. Mozilla said in a blog post that it is studying additional ways to strengthen security against the attacks. “In the longer term, we have started experimenting with techniques to remove the information leak closer to the source, instead of just hiding the leak by disabling timers. This project requires time to understand, implement and test.”

Apple is planning to release an update to Safari in “coming days” to protect against Spectre. Early tests of the Apple updates showed a minimal impact on browser performance. For additional information on Apple products click here.

 

 

 

 

 

 

 

Facebook and Intel Report Diversity Improvement

Maxine Williams, Facebook’s Executive Diversity Chief

Facebook’s surprising diversity report showed marked improvement in hiring of women and minorities. While the report shows that Facebook is still overwhelmingly white and male the improvements show that Maxine Williams, Facebook’s Executive Diversity Chief, is having an effect on the company.   Facebook’s report revealed 35 percent of its staff  are women, up from 33 percent a year ago. The number of number of women in leadership positions is up a percent to 28 percent.

Even with these improvements retention of female employees in the tech sector is a another challenge. Women are leaving the industry after hire in the face or sexism and other bias. So these numbers for Facebook can only be considered an improvement if women stay on with the company.

The report shows an increase of Hispanic employees of 4 to 5 percent and African-Americans by 2 to 3 percent. However the guys at the top are still white men making up 71 percent of the company leadership. No change there.  The rest of the company leadership is held by Asians at 21 percent with other groups holding only 2 to 3 percent.

How is Williams making change happen? Along side the diversity report Williams blogged about initiatives she believes are improving Facebook’s hiring and workplace culture. She pointed out the  “Diverse Slate Approach,” which encourages consideration of applicants who don’t look like the hiring managers.  According to Williams Facebook has discovered that “the more people you interview who don’t look or think like you, the more likely you are to hire someone from a diverse background.”  Facebook’s “Managing Inclusion,” training program teaches managers to consider what issues affect under-represented groups.  Facebook believes that this training helps to build an understanding of how these employees or applicants arrived in tech the industry and what obstacles remain.

Williams believes Facebook is moving in the right direction but said, “We aren’t where we’d like to be.”

Intel CEO Brian Krzanich

Another major tech company is also touting its diversity improvements.  Intel has reported that its diversity program is actually two years ahead of schedule.  In a recent blog post Intel CEO Brian Krzanich claims Intel is two years ahead of its original diversity plan. “We set out to achieve by 2020 an inclusive workforce that reflects the diversity we see every day in the world around us,” he wrote. “Doing this would bring the number of female, Hispanic, African-American and Native American employees in Intel’s 50,000-strong U.S. workforce to full representation.” According to Krzanich the goal is now moved up to 2018.

Krzanich, in a stand against racism, resigned from President Trump’s American Manufacturing Council after comments the president made about the events in Charlottesville that one left one woman dead. According to Krzanich he wants to “…call attention to the serious harm our divided political climate is causing to critical issues…”

Intel’s mid-year report shows the company’s five-year plan is on track to bring full representation of  women, African Americans, Hispanics and Native Americans in both technical and non-technical jobs. According to Intel full representation is defined as the “full market availability of women and underrepresented minorities.”

“In December of 2014, our gap to full representation was 2,300 employees. Today that gap has narrowed to 801 people, a 65 percent improvement, said Krzanich.

But like Facebook and other tech companies white and Asian men still represent  almost all top management positions. More than 90 percent of Intel’s mid to senior-level technical roles are white and Asian men.  Intel is also dealing with a retention problem with women and minorities. The company says it has added “diversity playbooks” and other programs to help managers hire and retain under-represented groups.

Although diversity in the tech sector is a real issue, and progress is epically slow, there is progress. According to workplace culture and company review platform Comparably  companies are doing better.

Comparably has come out with a list of the top ten companies that are doing better than most in the area of workplace diversity. The scores of these companies are on a 0-100 scale and based how female employees rate their experience at the company. The diversity score is based on how employees of color rate their experience at a company. Here is Comparably’s list for women.

For diversity