Android, Antivirus, Apple, Chromebook, Enterprise, Internet Security, iPhone, Mobile, OS X

CPU Security Flaw (Meltdown and Spectre) – What you need to know

Processors (CPUs) provide the brainpower for all the computerized devices we use day to day, from PCs and smartphones down…

Processors (CPUs) provide the brainpower for all the computerized devices we use day to day, from PCs and smartphones down to mundane things such as ATMs. Therefore an exploit – or exploits – that affects virtually all of these devices at the same time is a shocking thing to hear about.

Unfortunately, early 2018 saw just such a thing happen with the news that a design flaw in nearly all modern processors had been found.
 

What are Meltdown and Spectre?

Meltdown and Spectre are the names given to the two newly discovered vulnerabilities that affect virtually every device with a processor in it.

They rely on retrieving small amounts of data that are made available outside of the processor temporarily. This happens due to a design in processors called “speculative execution”.

This is the process where a CPU essentially guesses what information it will need next to function quickly.

Spectre allows attackers to force the processor itself to start the speculative execution process. They then access the extra data to obtain sensitive information that should never be available.

Meltdown fundamentally breaks down the mechanism that stops applications from accessing system memory. By doing so it enables exploits to access arbitrary system memory to retrieve sensitive data.
 

Who discovered them?

Both exploits were independently discovered by multiple teams of researchers.

Meltdown

  • Jann Horn (Google Project Zero)
  • Werner Haas, Thomas Prescher (Cyberus Technology)
  • Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz(Graz University of Technology)

Spectre

  • Jann Horn (Google Project Zero)
  • Paul Kocher in collaboration with Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61)

 

What systems are affected?

On a technical level, every Intel processor that implements out-of-order execution (speculative execution) is potentially affected. This includes almost all Intel processors dating back all the way to 1995!
A portion of AMD processors and ARM processors are also affected.

All desktop, laptop and cloud computing services may be affected by Meltdown.
 

Am I affected by Meltdown and Spectre?

Yes!

This may seem like a very blunt answer but due to the wide-reaching nature of the design flaw, you almost certainly have a device that will have been affected.
 

Does my antivirus protect me?

Antivirus programs could theoretically detect the use of these exploits, however, in practice it is very unlikely. It is possible that your antivirus could detect malware designed to exploit these vulnerabilities but not the actual vulnerabilities themselves.
 

How do I protect myself?

The Meltdown exploit is able to be fixed with a software patch as it relies on breaking the isolation between user apps and the operating system.

Computers fitted with a vulnerable processor and running unpatched operating systems will be open to exploit.

Fortunately, Operating system vendors have released relevant patches to protect their users. As long as you regularly update your operating system using built-in update tools, you should be fully protected from the Meltdown vulnerability.

As usual, it is best to operate safe web browsing habits and not install any potential malware on to your device that may potentially make use of these vulnerabilities.

Spectre has proven to be much harder to protect from as it is executed at the hardware level.

Initial advice so far is to follow the basic steps (similar to meltdown):

  • Update your operating system frequently
  • Install updates from your hardware manufacturer (firmware updates)
  • Turn on isolation mode in your web browser ( Chrome and Firefox ) – This prevents exploits in javascript from utilizing Spectre vulnerability.

 

What next?

The main thing for most people to do is to not panic. If you have followed the basic security steps and best practices above then you will almost certainly be safe.

It is important to note that some of the security patches that have been released may deliver a performance hit to your device. This is a widespread complaint and many of the operating system vendors recognize this as an issue.

They have stated that the performance hit should not be noticeable to the average user, however, hits to performance are “highly variable and depend on a number of factors”.

If you feel like your device performance has been significantly affected, do some research on whichever update you just installed. Other people may have suggestions and/or the vendor themselves may recognize a compatibility issue with certain device setups.
 

Conclusion

The shock release of these two huge vulnerabilities should be a wakeup call to the entire world.

It is increasingly important in this day and age to be ever vigilant about what information you store on your devices.

More importantly, users and companies should focus on preventative practices, such as being aware of potential malware that could expose devices to cybercriminals.
For more advice on what users should look out for in 2018, check our article – Internet security threats to look out for in 2018

Be the first to write a comment.

Leave a Reply

Internet Security

Solana Attack: Slope Is to Blame; Sam Bankman Extends Support

Following yesterday’s attack on the Solana ecosystem, information is now emerging suggesting wallet provider Slope is primarily to blame for the security flaw that allowed thousands of Solana customers to have their cryptocurrency stolen. Slope is a layer-1 (L1) Web3 wallet service for the Solana blockchain…

Following yesterday’s attack on the Solana ecosystem, information is now emerging suggesting wallet provider Slope is primarily to blame for the security flaw that allowed thousands of Solana customers to have their cryptocurrency stolen. Slope is a layer-1 (L1) Web3 wallet service for the Solana blockchain…
Read More

Continue Reading
Internet Security

Solana and Slope Confirm Wallet Security Breach

Key Takeaways Solana has confirmed that addresses affected by today’s security breach were created or used within the Slope wallet. Slope also published an official statement on the situation, noting that it will provide a full postmortem in the future. Full details of the attack are still under investigation. Share this article URL Copied The…

Key Takeaways

  • Solana has confirmed that addresses affected by today’s security breach were created or used within the Slope wallet.
  • Slope also published an official statement on the situation, noting that it will provide a full postmortem in the future.
  • Full details of the attack are still under investigation.

Share this article

The Solana Foundation and Slope have provided additional information on a security breach that affected thousands of wallets today.

Solana Confirms Wallet Breach

The Solana Foundation has published new details about today’s attack.

Earlier, nearly 8,000 addresses were drained through what was believed to be a breach of the third-party wallet app Slope.

This afternoon, the Solana Foundation confirmed on the Solana Status Twitter account that the addresses affected by the attack “were at one point created, imported, or used in Slope mobile wallet applications.”

It added that private key information was accidentally transmitted to an application monitoring service. It said that further details “are still under investigation.”

The attack only affected Slope’s downloadable wallet app; Slope hardware wallets are still secure. Though thousands of wallets were drained, the Solana Foundation added that the Solana protocol itself remains secure.

Slope also commented on the situation. It said that a “cohort” of Slope wallets were compromised and confirmed that several of its own staff wallets were drained.

Slope said that it had not confirmed the nature of the attack. “We have some hypotheses as to the nature of the breach, but nothing is yet firm,” Slope said in its official statement. It committed to publishing a full post-mortem in the future.

The company also suggested that users take action to secure their funds. It advised users to create a new seed phrase and wallet and transfer their funds to that wallet.

Both companies say that they are performing internal investigations and working with external auditors.

Various other individuals within the Solana ecosystem provided information and speculated on the attack earlier today.

At least two other projects in the Solana ecosystem have been hacked this year. Cashio was hacked for $28 million in March, while Wormhole was hacked for $322 million in February.

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and other cryptocurrencies.

Share this article

Read More

Continue Reading
Internet Security

How automation is transforming security and compliance

Presented by Vanta

Presented by Vanta


Security is more than a threat mitigator — it’s a growth enabler too. Catch up with this VB On-Demand event to learn how an automated security and compliance improves your security posture, helps meet SOC 2, HIPAA, or ISO 27001 regulations, gets you compliant fast, and more.

Watch free on demand here.


Cyber criminals are getting smarter, their attacks are continuously evolving, and their successes are leaving marks. Assaults are scaled effortlessly, from the one-to-one text phishing attempts on employees who post about new jobs on LinkedIn, to the “unprecedented” campaign against the Costa Rican government that brought much of their infrastructure to a standstill, resulting in losses of $125 million over 48 hours.

“What’s notable is the sophistication,” says Kaitlin Pettersen, VP of customer experience at Vanta. “The seeming legitimacy is improving. They’re getting smarter. They’re getting more strategic, and the financial and reputational cost of these data breaches is high.”

Customer trust is easily lost, but not easily won back — and that directly impacts your bottom line. Globally, fines for GDPR violations are huge, but smaller companies are also facing financial consequences for violations. The CCPA in California opens the door to lawsuits from customers whose data was involv

Read More

Continue Reading
Apple

“National Security Risk”: TikTok Responds To Concerns Over User Data, Republican’s Request To Remove App From Apple & Google Stores

TikTok is the latest social media platform to come under the scrutiny of US lawmakers, with Republican senators and a regulator both arguing that the app poses a national security risk. The Guardian reports that Nine Republican senators this week issued a later to TikTok following a report by Buzzfeed last month claiming that employees…

TikTok is the latest social media platform to come under the scrutiny of US lawmakers, with Republican senators and a regulator both arguing that the app poses a national security risk. The Guardian reports that Nine Republican senators this week issued a later to TikTok following a report by Buzzfeed last month claiming that employees [……
Read More

Continue Reading