“Spectre” may sound like something out of a recent James Bond film, but now that’s come to life with a worldwide security threat that has hit almost all computers worldwide. This threat, combined with the equally ominous-sounding Meltdown, were discovered this past Wednesday.
Intel is a worldwide distributor of processors and computer chips. Meltdown affects these devices in particular. While it’s harder for hackers to take advantage of the Spectre flaw, it’s potentially more devastating: it affects Intel processors as well as AMD microprocessors, and the majority of chips designed by ARM.
Meltdown and Spectre enable hackers to steal passwords and personal data. When hackers run software on the chips, they can use additional software already on the device to steal other data. This makes cloud computing particularly vulnerable.
Cloud computing works by allowing a variety of users to upload information to the same server. This is where the Meltdown flaw comes in: hackers can use software to target users of these servers. While PCs and phones are a bit more tricky to hack, it’s possible to fool users into downloading malware. This is often done through phony apps and websites.
Microsoft and Apple are working to address these issues. A software “patch” has been released for PCs, while Apple has issued a similar patch for its devices, including Apple TV. Because Intel processors have been a particular target, they have also begun releasing updates for their products.
The general public must now take matters into their own hands. Updating one’s software is the first and most important step, particularly for operating systems and browsers. Most browsers have made it easy to update, often with a simple click to the “settings” tab. Installing ad block software such as uBlock Origin is also highly recommended.
Microsoft has already begun patching their cloud servers. Amazon and Google have also patched to an extent but say that customers must address some aspects themselves. Cloud computing runs on “virtual machines,” and it is updating these individual machines that offers additional protection. While these are good steps, the patches for Meltdown will slow down larger servers by as much as 30%.
As for Spectre, the good thing is that it’s more difficult for hackers to use. While it’s been suggested that the only solution is a full chip replacement, Intel disagrees. A recent statement from the company asserted that software and chip patches are enough.
Dil Bole Oberoi
