facebook linkedin twitter

Surveying the Damage of Meltdown and Spectre

Surveying the Damage of Meltdown and Spectre

At the time of this writing, it has only been about a half a year since the Meltdown and Spectre exploits became public knowledge. Fortunately, patches were swiftly rolled out to mitigate the problems that these exploits could cause, but that doesn’t mean that these exploits are dead and buried. Let’s look back at Meltdown and Spectre to help us establish where we stand today.

What Do They Do?
Both Meltdown and Spectre affect the processor of the targeted system. The accurately-named Meltdown virtually melts away the barriers that a processor has between application processes and the system memory, which is not a good thing. Spectre works differently, in that it can ‘fool’ the processor into accessing parts of a system’s memory that it shouldn’t. Either of these results could quite easily allow a greater threat to access a user’s system.

The worst thing about Spectre and Meltdown is that they are so widespread, with the capability to influence almost every computer chip manufactured in the past 20 years. This could potentially put any data at risk, regardless of how well it was otherwise protected.

How They Were “Fixed”
Unfortunately, there is no singular, magic bullet fix for Meltdown and Spectre. However, patches were quickly released and have continued to roll out, as these exploits are repeatedly updated. When first discovered and mitigated, developers warned that patching against Meltdown and Spectre may cause a dip in performance as high as thirty percent.

While these patches do influence performance, the influence they have is currently much less significant than initially advertised. While the actual numbers vary based on a few circumstances that can be found below, the average use case showed much smaller affects, topping out at around five percent. This may change as later patches are released. However, it is also important to remember that in these kinds of situations, the initial patches usually have the greatest effects.

What Influences Performance
As mentioned above, there are other circumstances that will make the patches for Meltdown and Spectre more of a burden on your system, thereby causing a slight dip in your performance.

Depending on your intended usage of your system, Meltdown and Spectre could have greater or lesser effect. A good rule of thumb to keep in mind is that applications and uses that lean more heavily on processing power will be more affected than others. So, if you rely heavily on virtualization, or have made investments into cryptocurrency mining, you may be disappointed to find your performance suffer.

Patch Used
A variety of companies have put out patches, which means that different patches are going to have different effects on the systems that they are applied to.

Device Configuration
Both your system’s hardware and software are going to influence how you may find your technology to be impacted by these patches. For instance, a newer processor will most likely be more resilient against the adverse effects of the patches, and a more up-to-date operating system, like Windows 10, will be impacted less than 7 or 8.

Our Best Advice
In order to fend off Meltdown and Spectre, we recommend that you follow a few basic best practices, including regularly installing updates to your software and being generally more security-minded as you utilize your technology. Additionally, it is probably also in your best interest, if you were considering a hardware refresh/update, to wait a while. There are currently efforts being made to develop processors that are resistant to these threats, but there is still no indication of when this hardware will be made available.

In the meantime, keep checking back to our blog for IT best practices, tips, and more.

Your Backup Needs to Meet Some Prerequisites
Tip of the Week: What You’ll Need to Leverage BYOD


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, February 16, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Computing Software Hackers Business Management Microsoft Data Workplace Tips Backup Managed Service Provider Productivity Hardware Business Saving Money Email Network Security Malware Hosted Solutions IT Services Efficiency IT Support Google Small Business Computer Quick Tips Smartphones Mobile Devices User Tips Innovation Gadgets Business Continuity VoIP Disaster Recovery Microsoft Office Social Media Android Network Data Backup Mobile Office Collaboration Virtualization Server Productivity Smartphone Mobile Device Management Communication Miscellaneous Data Recovery communications Ransomware Tech Term Windows 10 Upgrade IT Support Unified Threat Management Windows Holiday Remote Monitoring Operating System Passwords Facebook Cybersecurity Vendor Management Mobile Computing BYOD Remote Computing Managed IT services Apps Users Phishing WiFi Automation BDR Mobile Device Analytics The Internet of Things Marketing Data Management Outsourced IT History Firewall Apple Alert Artificial Intelligence Internet of Things Browser Managed IT Services App Save Money IT Consultant Big data Encryption Printer Office 365 Bring Your Own Device Office Health Antivirus Gmail Bandwidth Cloud Computing Spam Content Filtering Going Green Maintenance Saving Time Tech Support Virus Help Desk Budget Windows 10 Wireless Technology Two-factor Authentication Search Managed IT Cybercrime Windows 8 Outlook Hiring/Firing Best Practice Information Technology Hard Drives Lithium-ion Battery Business Technology Cost Management Computers VPN Training Travel Update Phone System Healthcare Recovery Access Control Employer-Employee Relationship Money Document Management Hacking Blockchain IBM Regulations Augmented Reality PowerPoint Intranet Twitter Education SaaS Information Customer Service Administration Law Enforcement Hard Drive Risk Management Government Compliance Mobility Website Data storage Save Time Applications It Management Running Cable Networking Managed Service Proactive IT Legal Humor Machine Learning Customer Relationship Management Scam Telephone Systems Paperless Office Data Breach Sports Disaster User Computing Digital End of Support Project Management Hosted Solution Robot File Sharing Websites Social Securty Wireless Current Events Google Maps DDoS Business Intelligence Solid State Drive Social Engineering Avoiding Downtime Digital Payment Router Downtime Flexibility Black Market Word iPhone Cryptocurrency Data Security Laptop Fax Server Comparison Tablet Value Company Culture Password Cortana Business Growth Computer Repair Excel Patch Management Data Loss Hacker Social Networking Microchip Taxes Programming Statistics Processors Distributed Denial of Service USB Network Congestion YouTube Redundancy Presentation Unified Communications Settings Monitoring Gaming Console Evernote Public Cloud Text Messaging Streaming Media Virtual Desktop Webcam Specifications Safety Management Identity Theft IT service Documents Start Menu Tech Terms Heating/Cooling Mobile Technology Entertainment Net Neutrality Vulnerabilities Co-managed IT Politics Storage Chrome Cooperation Software as a Service User Error Virtual Reality Inbound Marketing Emails Bluetooth Automobile Vendor Uninterrupted Power Supply Chromebook Computer Accessories Retail Bitcoin Computing Infrastructure Hack Google Docs Lifestyle Pain Points How To eWaste Data Protection Download Private Cloud Trending Experience Monitors Mouse Cleaning Office Tips Telephony Conferencing Software License Trends Video Surveillance Competition Tech Assessment SharePoint Microserver Windows XP Multi-Factor Security Cost Worker Electronic Payment Staffing Google Wallet Point of Contact Fileless Malware Google Calendar Displays Devices Reading Saving ZTime Samsung Business Owner Voice over Internet Protocol Tip of the week Society Fraud Tactics VoIP Micrsooft UTM Content Employer Employee Relationship IP Address Modem Touchscreen News Get More Done G Suite Proxy Server Drones IT Plan Enterprise Resource Planning Hacks Physical Security Debate Application Term Consultation Turn Key Legislation Error Harddrive Licensing Human Resources Electronic Medical Records Knowledge Printer Server Banking GPS Botnet Analytic Directions Technology Tips Accountants A.I. Relocation Tablets Recycling Recording Virtual Assistant Trojan email scam Addiction Product Reviews Dark Web Audit Organize Multi-factor Authentication External Harddrive SSID Fake News Permissions Language Sync Migration Connected Devices Notifications CCTV Digital Signature Read Processing Data Warehousing Wireless Headphones Telephone Health IT Network Management Business Metrics 3D Computer Malfunction Ebay Teamwork Managed IT Service Access switches Writing Equifax Fleet Tracking Reliable Computing Thin CLient Emergency Hard Drive Disposal Music Bookmark Computer Care Upgrades Device security MSP Smart Phones Device Management Microsoft Excel In Internet of Things Webinar Desktop Finance Content Management Google Play Google Drive Windows Server 2008 LiFi Nanotechnology Social Network PDF Business Managemenet Business Cards Service Level Agreement Adminstration Motion Sickness Pirating Information Best Available Keyboard Processor Spyware Mobile Payment Startup Asset Tracking Scalability Leadership Vulnerability Browsers Electricity Printing Deep Learning Username Messenger Tracking online Currency Domains Medical IT Work/Life Balance Unified Threat Management Backup and Disaster Recovery Gamification Rental Service Meetings Public Speaking Security Cameras Windows 7 Visible Light Communication Memory Screen Reader Customer Resource management User Tip Piracy Upload Web Server Shortcut Navigation cache Television IT consulting Smart Tech Distribution Cabling LinkedIn Wi-Fi Administrator Entrepreneur Data Analysis WannaCry Downloads HTML Books Workers Troubleshooting Professional Services Best Practives Fiber-Optic Database Corporate Profile CIO Mobile Security Supercomputer HIPAA Archive GDPR Time Management Freedom of Information Advertising Flash Telephone System Upselling Environment Skype CrashOverride Regulation Capital Productuvuty 3D Printing Managing Stress Printers