facebook linkedin twitter

Surveying the Damage of Meltdown and Spectre

Surveying the Damage of Meltdown and Spectre

At the time of this writing, it has only been about a half a year since the Meltdown and Spectre exploits became public knowledge. Fortunately, patches were swiftly rolled out to mitigate the problems that these exploits could cause, but that doesn’t mean that these exploits are dead and buried. Let’s look back at Meltdown and Spectre to help us establish where we stand today.

What Do They Do?
Both Meltdown and Spectre affect the processor of the targeted system. The accurately-named Meltdown virtually melts away the barriers that a processor has between application processes and the system memory, which is not a good thing. Spectre works differently, in that it can ‘fool’ the processor into accessing parts of a system’s memory that it shouldn’t. Either of these results could quite easily allow a greater threat to access a user’s system.

The worst thing about Spectre and Meltdown is that they are so widespread, with the capability to influence almost every computer chip manufactured in the past 20 years. This could potentially put any data at risk, regardless of how well it was otherwise protected.

How They Were “Fixed”
Unfortunately, there is no singular, magic bullet fix for Meltdown and Spectre. However, patches were quickly released and have continued to roll out, as these exploits are repeatedly updated. When first discovered and mitigated, developers warned that patching against Meltdown and Spectre may cause a dip in performance as high as thirty percent.

While these patches do influence performance, the influence they have is currently much less significant than initially advertised. While the actual numbers vary based on a few circumstances that can be found below, the average use case showed much smaller affects, topping out at around five percent. This may change as later patches are released. However, it is also important to remember that in these kinds of situations, the initial patches usually have the greatest effects.

What Influences Performance
As mentioned above, there are other circumstances that will make the patches for Meltdown and Spectre more of a burden on your system, thereby causing a slight dip in your performance.

Depending on your intended usage of your system, Meltdown and Spectre could have greater or lesser effect. A good rule of thumb to keep in mind is that applications and uses that lean more heavily on processing power will be more affected than others. So, if you rely heavily on virtualization, or have made investments into cryptocurrency mining, you may be disappointed to find your performance suffer.

Patch Used
A variety of companies have put out patches, which means that different patches are going to have different effects on the systems that they are applied to.

Device Configuration
Both your system’s hardware and software are going to influence how you may find your technology to be impacted by these patches. For instance, a newer processor will most likely be more resilient against the adverse effects of the patches, and a more up-to-date operating system, like Windows 10, will be impacted less than 7 or 8.

Our Best Advice
In order to fend off Meltdown and Spectre, we recommend that you follow a few basic best practices, including regularly installing updates to your software and being generally more security-minded as you utilize your technology. Additionally, it is probably also in your best interest, if you were considering a hardware refresh/update, to wait a while. There are currently efforts being made to develop processors that are resistant to these threats, but there is still no indication of when this hardware will be made available.

In the meantime, keep checking back to our blog for IT best practices, tips, and more.

Your Backup Needs to Meet Some Prerequisites
Tip of the Week: What You’ll Need to Leverage BYOD


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, November 13, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Business Computing Software Hackers Microsoft Workplace Tips Managed Service Provider Backup Productivity Data Hardware Business Saving Money Email Malware Network Security IT Services Efficiency IT Support Hosted Solutions Google Small Business Computer User Tips Smartphones Mobile Devices Quick Tips Gadgets Business Continuity Disaster Recovery Innovation Android Microsoft Office Mobile Office Virtualization Network Social Media Server Mobile Device Management VoIP Communication Miscellaneous Smartphone Data Backup Collaboration Ransomware Upgrade Windows 10 Tech Term Windows IT Support Data Recovery Unified Threat Management Remote Monitoring Passwords Operating System Productivity Managed IT services Mobile Computing Vendor Management BYOD Remote Computing Holiday Cybersecurity WiFi communications BDR Apps Facebook Analytics The Internet of Things Marketing Users Mobile Device Phishing Automation Firewall History Apple Data Management Managed IT Services Outsourced IT Internet of Things Alert Artificial Intelligence IT Consultant Big data Browser Save Money App Going Green Health Encryption Spam Bring Your Own Device Gmail Antivirus Maintenance Content Filtering Office Bandwidth Cost Management Best Practice Information Technology Lithium-ion Battery Managed IT Office 365 Budget Help Desk Two-factor Authentication Wireless Technology Outlook Hiring/Firing Windows 8 Search Hard Drives Cybercrime Printer Virus Tech Support Hacking Update IBM Phone System Cloud Computing Money Document Management Recovery Saving Time Computers Employer-Employee Relationship Business Technology VPN Travel Training Compliance Data storage Risk Management Hard Drive Windows 10 Save Time Networking Customer Service Legal Administration Access Control Regulations Government Running Cable Website Proactive IT Humor SaaS It Management Intranet Education Law Enforcement File Sharing Applications Solid State Drive Hacker Excel Data Breach Google Maps Flexibility Managed Service Black Market Customer Relationship Management Mobility Augmented Reality Business Intelligence Current Events Project Management Laptop Digital Payment User PowerPoint Websites Social Engineering Downtime Business Growth Wireless Comparison Tablet Fax Server Company Culture DDoS Computer Repair Information Paperless Office Sports Social Networking Avoiding Downtime Data Security Machine Learning Computing Disaster End of Support Word Telephone Systems Hosted Solution Robot Twitter iPhone Patch Management Blockchain Password Cortana Data Loss Securty Scam Streaming Media Identity Theft Redundancy Processors Bluetooth USB Net Neutrality Politics Digital Virtual Reality Cryptocurrency Presentation Chrome Conferencing Google Docs Gaming Console User Error Automobile Co-managed IT Emails Start Menu Tech Terms Virtual Desktop Router Chromebook Experience Specifications Safety Monitors Social Text Messaging Mobile Technology Vendor Computing Infrastructure Hack Cleaning Webcam Computer Accessories Monitoring Office Tips Documents How To Software as a Service Trending Lifestyle Uninterrupted Power Supply Private Cloud Heating/Cooling Download Entertainment YouTube Storage Mouse Management Unified Communications Settings Bitcoin Telephony Statistics Vulnerabilities Data Protection Inbound Marketing Programming Microchip Taxes Network Congestion Distributed Denial of Service Retail Healthcare eWaste Pain Points Public Cloud Value IT service Turn Key Relocation Tablets switches Writing Entrepreneur Analytic Printer Server Username Assessment SharePoint Proxy Server Banking Botnet Music Troubleshooting Recycling Unified Threat Management Backup and Disaster Recovery Upgrades Environment Product Reviews Trojan Gamification Google Calendar Electronic Medical Records Sync HIPAA Screen Reader Customer Resource management Tip of the week Electronic Payment Upselling Piracy Upload VoIP LiFi Competition Smart Tech Read Organize Distribution Touchscreen News Directions Notifications CCTV Database Knowledge Reliable Computing Video Surveillance HTML Consultation Evernote Dark Web Business Metrics Computer Malfunction Business Owner Fiber-Optic Deep Learning Mobile Security Technology Tips Health IT In Internet of Things Work/Life Balance IP Address Saving ZTime Device Management Telephone System Virtual Assistant Human Resources Software License Business Managemenet Trends Audit Visible Light Communication Memory Application Content Management Multi-Factor Security Cost Fake News Fraud Tactics Scalability IT consulting Debate Devices Webinar Data Warehousing Bookmark Motion Sickness Harddrive Messenger Tracking GPS UTM Content Access online Currency Emergency Hard Drive Disposal CIO IT Plan Enterprise Resource Planning Computer Care Advertising Digital Signature Flash External Harddrive Legislation Error Microsoft Excel Processor Rental Service Meetings email scam LinkedIn Addiction Cabling Windows XP Teamwork Accountants A.I. Google Drive Windows Server 2008 Browsers Web Server Staffing Google Wallet Vulnerability Books Workers Displays 3D Ebay Multi-factor Authentication Spyware Mobile Payment User Tip Wi-Fi Administrator Society Thin CLient Micrsooft PDF Migration Skype Best Practives Connected Devices Electricity Printing Smart Phones Archive Wireless Headphones Telephone Supercomputer Network Management Worker Best Available Keyboard Equifax Fleet Tracking Windows 7 Data Analysis Drones Reading Samsung Adminstration Pirating Information Point of Contact Device security MSP cache Television Domains Leadership Microserver Employer Employee Relationship Desktop Finance WannaCry Downloads G Suite Permissions Language Public Speaking Nanotechnology Social Network Business Cards Get More Done Service Level Agreement Corporate Profile Licensing Shortcut Startup Asset Tracking Time Management Freedom of Information Fileless Malware Hacks Physical Security CrashOverride Managing Stress Capital Managed IT Service 3D Printing Regulation Productuvuty Navigation Printers