Five Things To Keep In Mind About Meltdown And Spectre

08 Jan 2018

Don't [KERNAL] Panic...

Much of the news of Meltdown and Spectre are alarming - but the truth is there's really not much reason to panic.  As long as you are practicing good general security hygiene, and you understand that essentially nothing on the internet is private, you will be fine.

Not exactly sure what Meltdown and Spectre are or how they impact you? Well let's take a brief look. Meltdown and Spectre are two huge bugs that affect almost every computer and device out on the market. It has been discovered that these "bugs" circumvent system protections which expose any data that the infected device processes. This data includes passwords, prioprietary information, or encrypted communications. Meltdown and Spectre affect your device differently to access data. You can read the differences between them on a recent article by techcrunch.com.

Here's five things to keep in mind about Meltdown and Spectre:

  1. don't-panic-cartoon-text.pngDon't panic.  The vulnerabilities are very difficult for bad guys to use, and no hacks have been developed that are using them - yet.
  2. Don't rush out and buy new devices.  With the exception of very old devices (like an iPhone 4), there's nothing to be gained by buying new devices. Even if you did buy a new device, it's too early - there aren't solutions in place for these problems.  But be sure your device is being updated by the vendor -if you're not sure, ask (see #5 below).
  3. Do install updates.  This is something you should be doing regardless - so if you haven't been, start now.  And if you are, great! Install system updates on all of your devices as soon as they become available.  Good vendors (such as Apple iOS, Mac OS, Windows, and some Android manufacturers) typically push updates to you automatically.  When they do, install the update.  Some others don't push updates automatically - in which case you should contact your provider and ask them about the best way to get updates for your devices.
  4. Do pay attention.  Watch the news to see if there are updates about the vulnerabilities, if there are any new hacks taking advantage of the vulnerabilities, and what the security experts say you should be doing.
  5. Ask. If you have a device that you aren't sure about, check if your provider has published any documentation or notices about what you can expect for updates. If you can't find anything, reach out to them and ask. Many devices (Linux, Windows) have already been updated or will be updated very soon, and we should expect for all modern devices to expect an update in the coming weeks.

If you'd like to learn more about what these vulnerabilities are, here are some excellent resources:

Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device? - By Techcrunch.com

"Meltdown" and "Spectre": Every modern processor has unfixable security flaws -By arstechnia.com

Related articles: 
Website Audit: Is this a new craze or worthy investment?


 

Cale Bergh

Director of Technology, Cale has been a software developer since long before it was cool. and started web development in 2000. He tends to focus on the things that are behind the scenes: security, performance, conversion rates, and UX.

Want To Read More?

Subscribe For Email Updates



We Design Websites On Time and On Budget!

Quality Websites on Your Budget

LET'S TALK!

Leave A Reply