Spectre, Meltdown, Zombiload – oh my!

0
SpecMelt

Well, as some of you may have heard over the last few months, Spectre and Meltdown are pretty bad news for those of you that could be in a situation where your computer could be compromised. For the rest of you that dont know what I am talking about, here is a little catch up..

“Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider’s infrastructure, it might be possible to steal data from other customers.”

Above Quote is from https://meltdownattack.com/
A good video explaining further : https://www.youtube.com/watch?v=bs0xswK0eZk

Most hardware vendors (Apple, Microsoft, EMC, ETC) have released patches for their related products – but the heart of the issue is at the processor itself. The vulnerabilities stem from the hardware itself and that’s a LOT harder to fix or mitigate. Intel and AMD have released microcode updates that help event the issue, and some 9th GEN Intel CPU’s have built in fixes that should – at very least – make exploiting the vulnerability much less likely.

So what is this Zombieload hoopla? Good question. Zombieload is a very similar exploit in that by taking advantage of technologies built into the processor and the way it predicts what info is needed next so that it can start loading it before its needed (creating the illusion of speed), an attacker can gain access to sensitive data.

Well shizzz.. How do I protect myself?

Well the biggest, and most obvious thing you can do is – Keep your system up-to-date. While there is no way to directly patch the issue via OS (without the use of microcode). Companies like apple have already released their patches to mitigate the problem, and I specifically say MITIGATE because unless the speculative execution is disabled, this is a HARDWARE problem, and not fixable with a standard software patch. Apple has also released some instructions that basically eliminate the risk but have a HUGE performance hit on the system.

See Here : https://9to5mac.com/2019/05/15/full-mitigation-intel-cpu-mac/

But unless you have government info, top secrete data, or are just super into security – there probably isnt a reason for you to follow the instructions in the article listed above. If you take anything away from this it should be :

  1. Be careful of the software you load on your system
  2. Keep your computer up-to-date
  3. Run good antivirus (even on your mac!)
  4. Dont stress too hard….

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.