2018 isn’t off to great start when it comes to cybersecurity. At the beginning of the year, a couple of vulnerabilities for CPUs were found that can have potentially devastating effects. The Meltdown and Spectre Bugs have not only increased security risks for computers, but also for tablets and smartphones. Applying fixes can reverse the security risk, but at the cost of processing speed. For example, you can find the Meltdown and Spectre Debian patches here.
What is Meltdown
Luckily, there are system updates that can fix this, as well, since Microsoft, Apple, and Google have rolled updates to fix the bugs, as well as the developers of several Linux Distributions.
What is Spectre
Even though Spectre also deals with kernel memory, it’s slightly different than Meltdown. Instead of directly accessing the private memory zone, Spectre allows a malicious program to trick another process to run on the same system in order to leak private information. This means that it can trick programs like your browser to reveal all currently used passwords.
This vulnerability is not exclusive to Intel, but it also affects AMD and ARM devices. In other words, practically any device, including tablets and smartphones. Spectre is difficult to patch, but also difficult to exploit, and currently, there are ongoing struggles to permanently patch the bug.
Intel was probably aware of Meltdown
As per Intel’s statement, even with Meltdown, everything is working as intended. Intel executives have also been accused of insider trading, and the engineers working to develop the chips had to sign NDAs that forbid them from talking about the bugs that can have excessive security risks.
Even Linus Torvalds – the creator of Linux – has accused Intel of not willing to provide a fix. The debacle resulted in a drop in Intel’s share prices, while AMD’s have gone up.
Protection against the exploits
Since this is a high-risk situation, there isn’t much to do than waiting for the updates to roll in. If you haven’t updated your system, this is a good time as any, since that’s the best way to protect your device from the bugs. Most, if not all, Linux distros should’ve already gotten the updates, and if not, they’ll get the fix soon.
Updating the browsers is also a must, because they pose a security risk too.
This has been a horrible event for security. Even if Intel wanted to appear to have faster CPUs than AMD, users shouldn’t be left vulnerable to exploits and bugs. Patching the bugs will slow down your CPUs significantly, from 10-30% so Intel users should be more careful when purchasing an Intel CPU next time.