I was listening to an interview between Paul Asadorian (of Pauldotcom fame) and Cigital CTO and software security expert Gary McGraw. They discussed how the target of attacks moved from Microsoft to Adobe and now that Adobe is showing signs of getting its act together, it’s going somewhere else.
“If I were Nvidia,” McGraw said, “I’d be thinking a lot about software security. Fortunately they are.”
Nvidia does sound like a juicy target.
Nvidia is perhaps on 30% of computers out there, but they’re valuable targets. If you have Nvidia drivers, you have an Nvidia GPU, which is good for mining bitcoins. Much better than, say, integrated Intel video, which is good for everyday use and incredibly common.
But here’s the problem. After a while, chipsets get dropped from the new drivers, so you’re stuck with old drivers. Old, potentially vulnerable drivers.
Intel and AMD will probably be happy, because it may mean more frequent upgrades.
Or maybe Nvidia can head them off at the pass. It will be interesting to watch.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.