meltdown

Every computer device – server, laptop, desktop, every router, every wireless router, every network printer, every network fax machine, and every phone is impacted. Don’t freak out. Being impacted and being attacked are two different things. We are going to explain what is happening in layman terms and help you get through it. Right before Christmas, researchers discovered that there is a security vulnerability (like an open door) that exposes computers built after 1995 to risk. Google found it (nod in reverence to Jann Horn of Google who was a key researcher who found both vulnerabilities – Meltdown and Spectre. If you want to geek out – visit this website – https://spectreattack.com). Basically, all of your usernames and passwords go through your chipset without encryption. This means that the door is open, not that you are infected with a virus. If you want to super geek out – look at Jann Horn’s blog – https://googleprojectzero.blogspot.com Here is the layman’s understanding of the issue. Unless you live under a rock, you have heard about Intel processors. Intel is a brand, and all brands of processors are open to attack. Processors are the electronic pieces of hardware that do all of the work on all computer, kind of like your brain. This is not a vulnerability that is limited to only Intel processors. It impacts all processor manufacturers on all device. If you know what a Kernel is, that is what is open to attack. Basically, every chip set in every electronic device after 1995 is at risk. Again, it is not a virus, it’s a flaw and there is a risk that the hardware can be attacked. Everyone, everywhere is at risk and it will impact every device you use and every cloud service you use. Your anti-virus software will not prevent this attack – in fact – it may block the software patch from being installed properly. Read what your antivirus vendor tells you. Typically, when researchers learn about this stuff, they privately go to the manufacturers and let them know about it. That is what Jann and others did. Then they go to work finding a fix, and afterwards they announce both the problem and the solution at the same time. If researchers talk about the problem before there is a fix, it encourages nefarious hackers to exploit the problem. To some extent, the problem was leaked before the […]

{ 0 comments }