What is Meltdown and Spectre and What Devices Can They Affect?
Last week the world of technology and the Internet of Things were in a panic because of Meltdown and Spectre, the latest security flaws to come on the scene. These technological vulnerabilities are found on the computer chip, and any modern machine can be affected, such as:
- Desktops
- Laptops
- Servers
- Tablets
- Smartphones
- IoT, such as internet-connected lights, thermostats, and refrigerators.
Where did they come from and how do they affect your devices?
While these significant flaws have been around for the past 20 years, three researchers discovered the glaring defects within the deepest parts of our computer’s operating system last month. Programmed initially onto Intel chips in the 1990s, Meltdown and Spectre have silently been living on our devices, pulling bits of information here and there from the "kernels" of our CPU’s system. This stems from a type of attack called a “speculative execution,” where the security flaws produce a set of instructions for the chip, and rewires the processor so it can house the seized information properly.
Hackers can exacerbate the problem by running a code through your computer’s web browser, like Google or Mozilla, to take information from your computer’s memory. However, these tech giants are already placing barriers against the code.
Many question how this might impact cloud services. All cloud users operate from the same servers, only using a “hypervisor” to keep each individual’s data separate. So, if one customer is affected, could it spread to all of the customers sharing that server? According to experts, it seems unlikely that cloud services will be impacted, but companies that host these types of servers are actively working to put obstacles in place so the cloud continues to function securely.
What Can You Do to Protect Your Device?
The good news is there are no cases of any attacks being executed successfully. Companies like Google, Apple, and Microsoft have been rolling out patches, which will come in the form of updates to their systems. However, you can expect to see your device’s performance reduce by 30 percent.
There are other preventative measures you can take to ensure your device isn’t compromised, such as blocking ads, browser scripts, and page trackers. Also, if you are a Chrome user, take advantage of Chrome’s site isolation feature to protect your devices. This forces each website to load through its own process, making it harder for untrustworthy websites to siphon your data.
Understandably, you should be concerned. However, because the hacker will only be privy small amounts of your information at a time, the real way this could pose a significant threat is if the hacker was planning something more complex and long term, targeted around you and your devices.
If you feel your system may have been compromised, make a list of all of the accounts you have to date, change usernames and passwords, and sign up for alerts. Many websites also provide two-factor authentication to provide a higher level of security as well. Also, monitor your bank statements, credit card statements, and credit reports closely. The best thing you can do in situations like this is to be vigilant and proactive of any unusual activities.