By now we are all aware of the fiasco which has been the release of the Windows 10 October 2018 Update, but we probably already forgot that the April 2018 update was also delayed due to late-breaking bugs which caused blue screens on some PCs. Ars Technica has taken a closer look at the development of Windows, and they believe Microsoft’s process of developing their operating system was flawed from the get-go,  all the way back to even Windows 7. They note that Microsoft has a process of actually writing code for new features of only a few weeks, and then spending the rest of the time (of several months) integrating the software and then ironing out bugs before release. This meant poor quality, the unreliable software was introduced to the Windows 10 code base, and if issues are not found, delivered to the end user. Coupled with an ineffective testing regime, in part due to Microsoft firing their SDTs in 2014 and placing more responsibility on developers to test their own code, and a Windows 10 Insider process by amateurs which was not comprehensive and which did not deliver professional bug reports, meant more than a fair share of bugs ended up being shipped. Ars Technica also confirmed that Windows developers were allowed to integrate code without any testing at all, though hopefully, this was the exception. They called for a change in Microsoft’s development process and asked that new software be well tested before integration using modern techniques such as automated testing, meaning that even Insider builds will have high quality, well-tested code with no “known issues”. More can be found on OUR FORUM.

Spectre and Meltdown shook many PC enthusiasts when they came to light. They were essentially the first speculative execution flaws to attract global attention, and because they affected processors from Intel and AMD to varying degrees, the internet was awash with concern for several months. Eventually, researchers discovered more and more speculative execution flaws. But now researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they've found a way to prevent these attacks. The researchers call their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent paper. This name stands in opposition to Intel's Cache Allocation Technology (CAT) and is said to prevent attackers from accessing ostensibly secure information through exploiting flaws in the speculative execution process. Best of all, DAWG is said to require very few resources that CAT isn't already using and can be enabled with operating system changes instead of requiring the in-silicon fixes many thoughts were needed to address the flaws. The side-channel attacks revealed earlier this year essentially work by compromising data from memory when the CPU is deciding where it should go. This would, in turn, allow them to gather passwords, encryption keys and other data they could then use to gain full access to a targeted system. The attacks varied in the vulnerabilities they leveraged and the way they could be addressed. Meltdown required the operating system and firmware updates. Spectre was thought to require changes to CPU architectures, but CSAIL said DAWG blocks Spectre attacks itself. Leram how DWAG work by visiting OUR FORUM.