The Cheat Sheet

Spectre, Meltdown and you

JINOY JOSE P | Updated on January 17, 2018 Published on January 17, 2018

Sounds like James Bond meets Lehman Brothers. A new blockbuster?

I wish. To be frank, this is about a blockbuster discoveryin the world of computing, which exposed two serious vulnerabilities in most computers in the world.

Oh, that sounds dramatic!

For starters, just a few weeks ago, computer security experts spotted two alarming vulnerabilities in the microprocessors used in computers and similar gadgets, which they named Spectre and Meltdown.

But who first spotted these?

Security researchers, mainly Jann Horn at Google and academics at Graz University of Technology, discovered the flaws first, reports The New York Times. Last year, they had informed big tech companies such as Microsoft and Apple about this and had, reportedly, planned to make them public later. These are not recent challenges, mind you; both Spectre and Meltdown date back to year 1995 and they have the potential to damage precious, and private, data in millions of computers, smart gadgets and web browsers.

Tell me more about it!

Hackers can now steal the entire content (data) in a computer’s memory. And you can guess how important this data can be! This vulnerability can even put remote, Cloud-connected services out of gear. If you want to know more about how exactly these glitches happen, here’s a better explanation (from the web): Both the Spectre and Meltdown exploit a process called speculative execution existing in microprocessors. This happens when the computer or gadget estimates what the user will do next so that it can get the task done faster. This particular stack of data is stored in a not-so-great fashion, making it vulnerable to breaches.

Quite cerebral! But why did it take us so long to figure this out?

All I can say is better late than never. Meltdown is mainly seen in processors developed and produced by Intel. And Intel processors power hundreds of PC brands and mobile phones. Spectre hits Intel, AMD and ARM processors.

In case you don’t know, these three processors cover almost all the computers and gadgets in the world.

Scary! What are we going to do?

Computer-makers and chip producers are frantically releasing software updates to fix this flaw. But that’s not easy given the magnitude of the problem and the vast pool of users ignorant of the existence of such vulnerabilities.

So, it makes sense to update my computer asap, right?

Absolutely. But don’t fret. Companies such as Google, Microsoft and Apple seem to have spotted these vulnerabilities much earlier and had started releasing software fixes.

In December, Apple reportedly rejigged its Safari browser to plug the leaky parts. That seems to have worked, but a similar effort from Microsoft backfired, making many computers stop working. Microsoft had to recall those updates. Google also sent out its patch, called Retpoline, and plans to update the Chrome browser this week. So, watch out for your updates. Remember, hackers are also fiddling around in the meantime, making your digital lives suitably risky.

Is it all doom then?

No! That’s unnecessary nihilism. Technology, especially computing tech, has been transforming human life and work in brilliant ways, enabling us to do things we never thought we could. But risks remain. After all, progress is ridden with risks. That’s a necessary evil. Happy surfing.

A weekly column that helps you ask the right questions

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on January 17, 2018
This article is closed for comments.
Please Email the Editor