Easy Guide to Spectre and Meltdown: Computer Security Nightmare
Earlier this week, security researchers, including Google’s Project Zero team, released information detailing major security bugs uncovered in 2017 that leave nearly every modern processor (CPU) built in the last 20 years vulnerable to attack by hackers. Let’s be clear–this vulnerability affects everyone.
There appears to be three known avenues through which this issue can be exploited–the first two have been named Spectre and the third Meltdown. Although security patches are currently being released by many major tech companies, there appear to be long-term security concerns, specifically about Spectre, that could plague users for years to come.
Simply put, the Meltdown flaw makes it all too easy for hackers to gain access to what is supposed to be the highly protected core of a computer, using applications to get in. It “melts down” normally impenetrable security boundaries. Financial records, credit card records, passwords and the like would all be at risk.
Here is a demo of the Meltdown exploit in action!
Spectre operates a little differently. Applications are tricked into divulging sensitive information that they are used to process–including passwords. Spectre will be more challenging for hackers to exploit, but is also a harder issue to resolve.
The very nature of these bugs makes it nearly impossible to track them. When your sensitive information has been comproimised, there is no record detailing that. For more in-depth, technical information on how these variants operate, you can learn more on the Google Project Zero blog post.
How You Can Protect Your Devices
Microsoft, Google, Apple, and Linux are all in the process of releasing security patches. If you haven’t updated your computer with the latest available security patches, it’s important to do so now. Unfortunately, the patches dealing with Meltdown have shown to negatively affect the speed of some computers, particularly older computers.
It is likely we will see the impacts of this unearthed processor vulnerability in nearly all Intel, ARM, and AMD chipsets for a long time to come. Hackers will take advantage of this issue every chance they get. It is incredibly important to keep up-to-date on security patches and updates for all of your devices in order to protect your private, sensitive information.