This week's announcement shook the cyber community. Two new security lapses were found to be embedded in the computer systems.
One of them, called Meltdown is named aptly. It points to the glitch where two distinct processes may cause data leakage and potentially allow malicious software onto the home core system.


This however is the least of it. A software patch is enough to take care of the first, the second vulnerability is not that simple. Known as Spectre, it is a ghost vulnerability, that allows one application running on a chip to look for data being used by another.
Considering that the current technology is promoting cloud computing, it is a serious issue that needs to be addressed. But compared to the first one, this vulnerability is harder for hackers to take advantage of.



These vulnerabilities are bound to be added to the hacker's arsenal.These can be used to steal any kind of data from a target computer. Currently there is no confirmation that these vulnerabilities have been used to steal information. However, it is a given that the hacker's tool-kits will be updated to include these vulnerabilities.

Users cannot do much about it rather than to maintain their latest software updates for all their devices. Apple and Android have rolled out updates. Linux and Windows have their patches ready. The patches for spectre is not expected to have any immediate effect on day to day performance, however tasks which involve writing lots of files will slow down.

Meltdown was independently discovered and reported by three teams, including Jann Horn from Google’s Project Zero, Werner Haas and Thomas Prescher from Cyberus Technology and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology in Austria.

Spectre was independently discovered by two people, including Horn and Paul Kocher, who worked in collaboration with Daniel Genkin, from University of Pennsylvania and University of Maryland, Mike Hamburg from tech firm Rambus, Lipp, and Yuval Yarom from the University of Adelaide and Data61.



Post a Comment

Previous Post Next Post