facebook linkedin twitter

Surveying the Damage of Meltdown and Spectre

Surveying the Damage of Meltdown and Spectre

At the time of this writing, it has only been about a half a year since the Meltdown and Spectre exploits became public knowledge. Fortunately, patches were swiftly rolled out to mitigate the problems that these exploits could cause, but that doesn’t mean that these exploits are dead and buried. Let’s look back at Meltdown and Spectre to help us establish where we stand today.

What Do They Do?
Both Meltdown and Spectre affect the processor of the targeted system. The accurately-named Meltdown virtually melts away the barriers that a processor has between application processes and the system memory, which is not a good thing. Spectre works differently, in that it can ‘fool’ the processor into accessing parts of a system’s memory that it shouldn’t. Either of these results could quite easily allow a greater threat to access a user’s system.

The worst thing about Spectre and Meltdown is that they are so widespread, with the capability to influence almost every computer chip manufactured in the past 20 years. This could potentially put any data at risk, regardless of how well it was otherwise protected.

How They Were “Fixed”
Unfortunately, there is no singular, magic bullet fix for Meltdown and Spectre. However, patches were quickly released and have continued to roll out, as these exploits are repeatedly updated. When first discovered and mitigated, developers warned that patching against Meltdown and Spectre may cause a dip in performance as high as thirty percent.

While these patches do influence performance, the influence they have is currently much less significant than initially advertised. While the actual numbers vary based on a few circumstances that can be found below, the average use case showed much smaller affects, topping out at around five percent. This may change as later patches are released. However, it is also important to remember that in these kinds of situations, the initial patches usually have the greatest effects.

What Influences Performance
As mentioned above, there are other circumstances that will make the patches for Meltdown and Spectre more of a burden on your system, thereby causing a slight dip in your performance.

Depending on your intended usage of your system, Meltdown and Spectre could have greater or lesser effect. A good rule of thumb to keep in mind is that applications and uses that lean more heavily on processing power will be more affected than others. So, if you rely heavily on virtualization, or have made investments into cryptocurrency mining, you may be disappointed to find your performance suffer.

Patch Used
A variety of companies have put out patches, which means that different patches are going to have different effects on the systems that they are applied to.

Device Configuration
Both your system’s hardware and software are going to influence how you may find your technology to be impacted by these patches. For instance, a newer processor will most likely be more resilient against the adverse effects of the patches, and a more up-to-date operating system, like Windows 10, will be impacted less than 7 or 8.

Our Best Advice
In order to fend off Meltdown and Spectre, we recommend that you follow a few basic best practices, including regularly installing updates to your software and being generally more security-minded as you utilize your technology. Additionally, it is probably also in your best interest, if you were considering a hardware refresh/update, to wait a while. There are currently efforts being made to develop processors that are resistant to these threats, but there is still no indication of when this hardware will be made available.

In the meantime, keep checking back to our blog for IT best practices, tips, and more.

Your Backup Needs to Meet Some Prerequisites
Tip of the Week: What You’ll Need to Leverage BYOD


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, September 21, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Software Business Computing Hackers Microsoft Backup Managed Service Provider Productivity Workplace Tips Data Hardware Business Saving Money Malware Email Network Security IT Services IT Support Hosted Solutions Google Small Business Efficiency Smartphones User Tips Quick Tips Gadgets Computer Business Continuity Mobile Devices Disaster Recovery Microsoft Office Mobile Office Virtualization Network Innovation Android Social Media Mobile Device Management Server VoIP Smartphone Miscellaneous Ransomware Communication Windows 10 Upgrade Unified Threat Management Collaboration Windows Data Recovery Operating System Passwords Remote Monitoring Data Backup Tech Term BYOD Remote Computing Holiday Managed IT services Mobile Computing IT Support Vendor Management Apps Facebook Cybersecurity communications WiFi Marketing The Internet of Things Automation History Firewall Apple Users BDR Analytics Outsourced IT Internet of Things Productivity Alert Data Management Phishing Managed IT Services IT Consultant App Artificial Intelligence Save Money Mobile Device Gmail Bandwidth Office Browser Content Filtering Big data Going Green Maintenance Spam Bring Your Own Device Health Antivirus Search Two-factor Authentication Managed IT Cybercrime Outlook Windows 8 Lithium-ion Battery Encryption Best Practice Information Technology Cost Management Printer Virus Tech Support Hiring/Firing Budget Hard Drives Wireless Technology Phone System Computers Travel Recovery Employer-Employee Relationship Update Training IBM Hacking Money Office 365 Help Desk Document Management Cloud Computing Customer Service Saving Time VPN It Management Law Enforcement Government Website Business Technology Intranet Compliance Education Data storage Risk Management Windows 10 Humor Networking Hard Drive Legal Save Time Regulations Proactive IT Administration SaaS Running Cable Access Control End of Support Social Networking Hosted Solution Applications Robot Wireless Current Events Securty DDoS Data Security Avoiding Downtime Twitter Machine Learning Solid State Drive Patch Management Blockchain Data Loss Telephone Systems iPhone Flexibility Word Black Market Fax Server Password Cortana Data Breach Excel Laptop File Sharing Business Intelligence Business Growth Customer Relationship Management Digital Payment Hacker Project Management Augmented Reality Downtime Mobility PowerPoint Comparison Tablet Paperless Office Social Engineering User Company Culture Sports Computing Computer Repair Disaster Social How To Documents Private Cloud Statistics Bitcoin Download Programming User Error Managed Service IT service Heating/Cooling Co-managed IT Network Congestion Data Protection Conferencing Inbound Marketing Storage Telephony Taxes Bluetooth Distributed Denial of Service Streaming Media Pain Points Monitoring Retail Scam Lifestyle eWaste Public Cloud Cryptocurrency Redundancy Net Neutrality Value Google Docs Chrome Information Identity Theft Management Experience Monitors Digital Cleaning Processors Google Maps Websites Router Vulnerabilities Vendor Office Tips Politics Computer Accessories Gaming Console USB Virtual Reality Healthcare Start Menu Tech Terms YouTube Mobile Technology Automobile Presentation Emails Trending Text Messaging Unified Communications Settings Software as a Service Chromebook Webcam Mouse Virtual Desktop Computing Infrastructure Hack Specifications Uninterrupted Power Supply Safety Gamification Spyware Mobile Payment Skype Screen Reader Customer Resource management Vulnerability Rental Service Meetings Archive Thin CLient Electricity Printing Cabling Smart Tech Distribution 3D Ebay Permissions Language Digital Signature Web Server Piracy Upload Books Workers HTML Teamwork Windows 7 Wi-Fi Administrator Point of Contact Fiber-Optic Database Smart Phones Entertainment Mobile Security switches Writing cache Television Webinar Telephone System Music Supercomputer Leadership Upgrades PDF WannaCry Downloads Worker Multi-Factor Security Cost Adminstration Pirating Information Microchip Software License Trends Corporate Profile Reading Recycling Samsung Devices LiFi Best Available Keyboard Time Management Freedom of Information Fraud Analytic Tactics Electronic Medical Records Employer Employee Relationship UTM Content Assessment SharePoint G Suite Product Reviews Domains Deep Learning Google Calendar Licensing Legislation Error Work/Life Balance Public Speaking Tip of the week Hacks Physical Security IT Plan Read Enterprise Resource Planning VoIP Best Practives Relocation Tablets Accountants A.I. Visible Light Communication Memory Shortcut Touchscreen News Banking Botnet email scam Addiction Health IT Device Management Multi-factor Authentication Upselling IT consulting Entrepreneur Consultation Evernote Sync Troubleshooting Knowledge Environment Technology Tips Business Managemenet Wireless Headphones Telephone Video Surveillance HIPAA Virtual Assistant Microserver Notifications CCTV Content Management Migration Connected Devices Electronic Payment Audit Reliable Computing Equifax Fleet Tracking Advertising Flash Competition Fake News Business Metrics Computer Malfunction Network Management Saving ZTime CIO online Currency Device security MSP Windows XP Data Warehousing In Internet of Things Staffing Google Wallet Business Owner Get More Done Harddrive Displays Access Printer Server Nanotechnology Social Network Debate Society IP Address Emergency Hard Drive Disposal Turn Key Desktop Finance Micrsooft Human Resources Computer Care Trojan Scalability LinkedIn Startup Asset Tracking GPS Application Microsoft Excel Motion Sickness Business Cards Service Level Agreement User Tip Messenger Tracking Username Google Drive Windows Server 2008 Organize Unified Threat Management Backup and Disaster Recovery External Harddrive Drones Printers Managing Stress Regulation CrashOverride 3D Printing Capital Productuvuty