IDrive Remote Backup

Spectre / Meltdown Patching and Refrigerator Locks

January 5, 2018 Jumbofoot Business, Security Tags: , 0 Comments

If you haven’t heard yet, the “big” news is that Intel, AMD and ARM chips contain specific flaws that could allow an attacker to access information stored in your computer RAM (memory). And while this isn’t a “good” thing, the reality (as I understand it) is that the attacker would need to have already, effectively taken over your computer in order to launch the hack to gain access to your system’s memory/contents! So the bad actor will need to already be in your computer in order to access your memory. Hmm…

Refrigerator Locks

And so, it seems to me this latest kerfuffle is a bit like coming to the “shocking” realization that you don’t have a lock on your refrigerator! This is AFTER the burglar has already broken your door lock, defeated your alarm system and is standing in your home office rifling through your file cabinet. Of course he has access to your refrigerator. And so (logically!?), we’ll all be getting refrigerator locks soon (patches from Microsoft, etc. are already being released). In the normal flow of your life having a refrigerator lock would slow you down a bit (have to unlock and lock that sucker each time you go hunting for a snack). It’s the same for the patches that are being released. They will slow you down, as now access to memory will be more regulated; estimates put the slowdown range between 5% – 30%.

Performance Fix?

If you have an older computer, it’s entirely possible that the patch will cause a noticeable slowdown. Most newer machines should shrug it off. If you do find that you’re struggling, we may be able to install an SSD (Solid State Drive) to help recover some performance. We’ll just have to evaluate things on a case by case basis.

What’s Next?

Some computers that received the early patches (refrigerator locks) froze (see what I did there?). The most common issue was an incompatibility with antivirus software. And so now your patch will not deliver and install until Webroot (or your other AV program) certifies that it is compatible. Webroot has announced that it will release a new version next week that will allow the update patches to proceed. At this time there are no known exploits in the wild, so this delay does not seem to pose much of an increased security issue. Indeed we may benefit from a bit more shakeout to take place while we’re on the shelf.

Mobile Devices

These same flaws apply to just about every mobile device in use as well. So far I haven’t seen anything but “downplay” by the mobile device manufacturers and software providers (Apple, Android). It’s less clear if a software fix will be possible or even warranted. At this point, I would definitely keep up with device and/or carrier updates pushed to you. I’ll do more research on this front and let you know if I uncover anything interesting/urgent. If you have specific information… please share!

SonicWALL?

The last communication I received from SonicWALL indicated that their firewalls are not affected by this processor flaw.

Serious (refrigerator) Note

Of course we should all take serious security issues… seriously. It’s a good thing that this flaw has been exposed and that remediation steps are underway. If the attack surface were to expand to malformed websites, or social media apps, etc., then this would be really bad, really fast. So even if I have mocked it as a refrigerator lock (nothing-burger), it is still an important fix to apply (if not yet urgent). I’ll follow-up with any updates that seem important (especially if new information forces me to revise my refrigerator lock analogy).

Questions / Share

If you have questions or posses more information, please, let me know.

Jason Salit
Jumbofoot Managed Services

Could not resolve host: urls.api.twitter.com