Thoughts, information and reflections about technology

Meltdown and Spectre – You might NOT have to replace all of your hardware.

The analysis and assessments of the Spectre and Meltdown threats are still coming in. This is something that both business owners and individuals should keep a close eye on.

To recap, these exploits allow an attacker to ‘see’ data  from other applications running on your systems.  This is a HUGE screwup of epic proportions on the part of the chip and software designers.

According to this report about the Meltdown and Spectre vulnerabilities, Cert researchers are saying now that we might NOT have to replace all the chips out there. Right now the vulnerability extends to all sorts of devices including desktops, laptops, phones, tablets and more.  Research is showing that patches can mitigate the issue without a huge performance penalty.

Security issues with Intel Corp microchips are only slowing computers slightly, technology companies said, as researchers played down the need for mass hardware replacements to protect millions of devices from hackers.

One thing to note, Meltdown only affects Intel chips so if you have an AMD or other CPU you should be ok. Spectre affects all CPUs

To summarize:

  • This is a SERIOUS vulnerability and you are most likely affected
  • Software updates SHOULD be able to mitigate the vulnerability
  • You should make sure that ALL of your devices get the updates as soon as they are available including:
    • Phones
    • Tablets
    • Computers – Desktops, laptops, virtual machines
    • Servers
    • Software
      • Operating systems
      • Browsers
      • Programs
    • Any embedded computers you are using such as computer controls for manufacturing devices.
  • Although there are no reported instances of a breech yet the threat is real. Monitor your credit and other data for signs of identity theft.
PS – These exploits run in a way that leaves no forensic trails such as logs.

Note – until things settle down the Meltdown tag will give all related posts (as of Jan 2018)

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me