I was listening to an interview between Paul Asadorian (of Pauldotcom fame) and Cigital CTO and software security expert Gary McGraw. They discussed how the target of attacks moved from Microsoft to Adobe and now that Adobe is showing signs of getting its act together, it’s going somewhere else.
“If I were Nvidia,” McGraw said, “I’d be thinking a lot about software security. Fortunately they are.”
Nvidia does sound like a juicy target.
Nvidia is perhaps on 30% of computers out there, but they’re valuable targets. If you have Nvidia drivers, you have an Nvidia GPU, which is good for mining bitcoins. Much better than, say, integrated Intel video, which is good for everyday use and incredibly common.
But here’s the problem. After a while, chipsets get dropped from the new drivers, so you’re stuck with old drivers. Old, potentially vulnerable drivers.
Intel and AMD will probably be happy, because it may mean more frequent upgrades.
Or maybe Nvidia can head them off at the pass. It will be interesting to watch.