Meltdown and Spectre ?—?Simon Smith from eVestigator? discusses the topic live
Simon J Smith
Cybercrime Expert Witness, Digital Forensic Investigator, Cybersecurity, IT/Software, CAM/CEM, Scams, Digital Fraud, Software 23+ yrs, CCISO CFE CCE CHFI MCSD/E PRINCE2/P CEH CAMS PSM CCSM COBIT5 ITIL CBP HTCIA IEEE FDRP
I have prepared a basic rundown of where the Meltdown and Spectre CPU vulnerabilities sit. What the vendors are doing, what it means to you, how to update your systems, and a bit of advice especially if you lease or host Virtual Private Servers.
First off, I started the week with a basic radio interview on the state of affairs Monday morning. This article/interview was not intended to be exhaustive as it was all still very fresh - but hopefully they will answer some questions you may have.
CURRENT STATUS - Google has now revealed more details about the CPU security flaw dubbed Meltdown and Spectre affecting many Intel CPU's. ARM (Intel) also appears to be affected by the security ‘vulnerability’, but the latest news at the time of writing this article is that AMD now too appear to be susceptible.
NON DISCLOSURE AGREEMENTS - Apparently it has been revealed that those in the industry involved, all the way from the chipset production to experts in the field had been made to sign non-disclosure agreements, as this was all known (at least to Google) over a month ago. As it is necessary, with every breach, which usually refers to data, but in this case, physical, it does mean immediate action must be taken.
FIRST THE NECESSARY BUT BORING BIT - Please contact your software and device manufacturers or carriers to make sure that all applications and operating systems installed on your Phones, Chromebook's, Laptops, PC's, Mac's and other devices are up to date. For those of you who have rooted or Jailbroken your phones (this means hacked the phone to gain super user rights) — you may want to think about going back to stock firmware!
WHAT DOES INTEL SAY? - Intel have began issuing their patches for both the Meltdown and Spectre vulnerabilities that affect its processors. The tricky part for Intel will be to get them sent through its distributor and branded network.
WHAT DOES MICROSOFT AND APPLE SAY? - Naturally both Corporations have patched their latest operating systems, including the latest releases of Linux, but to this date, there has been no announcement as to gaming consoles, smart televisions or any other devices. This is of grave concern.
APPLE, MACS, IPHONES AND IPADS - Those who run the Mac OS v 10.13.2 are fine with that version Apple has stated publicly. However, all Macs, iPhones and iPads are affected by Meltdown and the updates that were going to be scheduled for later this week have been ‘hurried up’ because the vulnerability got “discovered”.
GOOGLE ANDROID/SAMSUNG/HUNDREDS OF MANUFACTURERS - Android mobile devices and tablets are a concern. They almost all use ARM processors in their Android based devices, especially Samsung, the most popular. What is difficult here, is that these updates are going to have to be filtered down through manufacturers, and networks, and this creates several points of failure. It is vital that owners take control, and chase these updates, as although at the moment there is nothing “vicious” that has been created, you can bet that many hackers out there are trying!
THE BIGGEST CONCERN - Virtual Private Servers are of grave concern. If the main operating system and/or hardware is not patched on a host server, then any child VPS could possibly get direct access to cached portions of the CPU intended for a completely different “virtual server” or client. This could lead to a major cybersecurity breach, and this should be the top priority for any network engineer who is responsible for delivering services on the cloud.
Simon Smith - eVestigator
Remember, humans are the weakest link in any System. Technology comes second!
?New: Exciting new definition workshops coming soon from real Cybersecurity Investigator's and first responder's. This will give insight and clarity to many organisations' as to process, not confuse them.
Direct: +61410643121. Connect for Insights and Media Requests on LinkedIn: https://www.dhirubhai.net/in/simonsmithinvestigator/
https://www.evestigator.com.au (Available within Australia), https://www.cyberblog.com.au, https://www.evestigatorreviews.com.au
https://www.evestigatormedia.com.au (Available worldwide).
Subscribe to all media interviews via my YouTube Channel by clicking here: https://www.youtube.com/c/evestigatorAu/?sub_confirmation=1