• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel meltdown and spector

CONSOLE_BUTCHER

CONSOLE_BUTCHER

CONSOLE_BUTCHER

Associate
Joined
10 Apr 2014
Posts
789
Location
Hampshire
what is the current state of this problem? I know the jist of whats happened and how people are being affected. But what is it that intel are saying at this point.

Will i need to change hardware or just be patient and ride it out?
 
Are you a home user? Then no.

Are you a major player in providing distributed computing resources? Also no, but you might need to provision more resources to help with the increase in load caused by the 'fixes'.
 
The biggest threat from these exploits is where you have an effectively sandboxed environment that isn't easily exploited by other means - the biggest issue for home users is from web-browsing where malicious code on a web-site could access information it shouldn't be able to - in most cases the browser developers have updated to sanitise the use of code functions that would facilitate that. (EDIT: So making sure you are using an up to date version of your web browser and/or one that has updated to protect against this is important).

After that it is any system where the code running inside it needs to be isolated from the host OS i.e. people testing malware in a VM or where external users can login to an environment where they can execute code such as VMs used for virtual private servers, etc. in this case OS and microcode patches are pretty much mandatory and the potential performance implications might only be worked around by new hardware when available and/or if appropriate looking at buying hardware less/not vulnerable.

(People testing malware, etc. should really be air gapping a disposable system anyhow at the end of the day - though will have to be more careful as to what is potentially vulnerable in the host OS).

After that there is the potential threat to Linux and the likes of Android whereby the built in user security is fairly robust and/or allows for granular levels of app permission (unlike much of Windows which is more easily defeated by other means and/or has to allow elevated permissions wholesale so once software is running on your system these vulnerabilities are the least of your concerns) where this would provide an avenue to defeat that.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom