Surveying the Damage of Meltdown and Spectre

Surveying the Damage of Meltdown and Spectre

At the time of this writing, it has only been about a half a year since the Meltdown and Spectre exploits became public knowledge. Fortunately, patches were swiftly rolled out to mitigate the problems that these exploits could cause, but that doesn’t mean that these exploits are dead and buried. Let’s look back at Meltdown and Spectre to help us establish where we stand today.

What Do They Do?
Both Meltdown and Spectre affect the processor of the targeted system. The accurately-named Meltdown virtually melts away the barriers that a processor has between application processes and the system memory, which is not a good thing. Spectre works differently, in that it can ‘fool’ the processor into accessing parts of a system’s memory that it shouldn’t. Either of these results could quite easily allow a greater threat to access a user’s system.

The worst thing about Spectre and Meltdown is that they are so widespread, with the capability to influence almost every computer chip manufactured in the past 20 years. This could potentially put any data at risk, regardless of how well it was otherwise protected.

How They Were “Fixed”
Unfortunately, there is no singular, magic bullet fix for Meltdown and Spectre. However, patches were quickly released and have continued to roll out, as these exploits are repeatedly updated. When first discovered and mitigated, developers warned that patching against Meltdown and Spectre may cause a dip in performance as high as thirty percent.

While these patches do influence performance, the influence they have is currently much less significant than initially advertised. While the actual numbers vary based on a few circumstances that can be found below, the average use case showed much smaller affects, topping out at around five percent. This may change as later patches are released. However, it is also important to remember that in these kinds of situations, the initial patches usually have the greatest effects.

What Influences Performance
As mentioned above, there are other circumstances that will make the patches for Meltdown and Spectre more of a burden on your system, thereby causing a slight dip in your performance.

Depending on your intended usage of your system, Meltdown and Spectre could have greater or lesser effect. A good rule of thumb to keep in mind is that applications and uses that lean more heavily on processing power will be more affected than others. So, if you rely heavily on virtualization, or have made investments into cryptocurrency mining, you may be disappointed to find your performance suffer.

Patch Used
A variety of companies have put out patches, which means that different patches are going to have different effects on the systems that they are applied to.

Device Configuration
Both your system’s hardware and software are going to influence how you may find your technology to be impacted by these patches. For instance, a newer processor will most likely be more resilient against the adverse effects of the patches, and a more up-to-date operating system, like Windows 10, will be impacted less than 7 or 8.

Our Best Advice
In order to fend off Meltdown and Spectre, we recommend that you follow a few basic best practices, including regularly installing updates to your software and being generally more security-minded as you utilize your technology. Additionally, it is probably also in your best interest, if you were considering a hardware refresh/update, to wait a while. There are currently efforts being made to develop processors that are resistant to these threats, but there is still no indication of when this hardware will be made available.

In the meantime, keep checking back to our blog for IT best practices, tips, and more.

Your Backup Needs to Meet Some Prerequisites
Tip of the Week: What You’ll Need to Leverage BYOD


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, July 17, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Software Microsoft Hackers Business Computing Backup Managed Service Provider Productivity Workplace Tips Data Hardware Saving Money Business Malware Email IT Support IT Services Hosted Solutions Google Network Security Small Business Efficiency Smartphones Quick Tips Gadgets User Tips Mobile Devices Business Continuity Computer Disaster Recovery Mobile Office Virtualization Network Innovation Android Microsoft Office VoIP Social Media Mobile Device Management Server Smartphone Miscellaneous Ransomware Windows 10 Upgrade Unified Threat Management Windows Operating System Remote Monitoring BYOD Remote Computing Holiday Collaboration Communication Mobile Computing Passwords Managed IT services WiFi Vendor Management Apps Cybersecurity Data Backup Marketing The Internet of Things Data Recovery Facebook IT Support Users History communications Apple Firewall Analytics Data Management Internet of Things Alert Productivity Automation BDR Tech Term Managed IT Services Outsourced IT Phishing App Artificial Intelligence IT Consultant Save Money Office Health Bandwidth Content Filtering Gmail Big data Going Green Mobile Device Spam Bring Your Own Device Printer Search Cost Management Virus Tech Support Budget Best Practice Information Technology Managed IT Lithium-ion Battery Encryption Outlook Browser Windows 8 Cybercrime Hiring/Firing Hard Drives Wireless Technology Maintenance Antivirus Hacking Computers Office 365 Travel Phone System Update IBM Recovery Employer-Employee Relationship Money Help Desk Document Management Saving Time Cloud Computing VPN SaaS Intranet Windows 10 Education Law Enforcement Customer Service Two-factor Authentication Risk Management Compliance Data storage Training Website Government Save Time Legal Networking It Management Hard Drive Business Technology Proactive IT Administration Running Cable Regulations Humor Paperless Office Data Loss Social Networking Social Engineering Hacker Disaster Hosted Solution Avoiding Downtime Data Breach Twitter End of Support Robot User Securty iPhone Project Management Current Events Solid State Drive Telephone Systems Wireless Excel Black Market DDoS Business Intelligence Flexibility Customer Relationship Management Access Control Digital Payment Laptop Augmented Reality Downtime Business Growth File Sharing PowerPoint Fax Server Data Security Applications Comparison Tablet Word Company Culture Password Cortana Computer Repair Mobility Patch Management Blockchain Emails YouTube Automobile Scam Statistics Chromebook Sports Programming Unified Communications Settings Computing Infrastructure Hack Processors Network Congestion Computing Redundancy How To Inbound Marketing USB Presentation Download Private Cloud Digital Streaming Media IT service Pain Points Specifications Safety Telephony Websites Virtual Desktop Start Menu Tech Terms Taxes Social Machine Learning User Error Vulnerabilities Net Neutrality Distributed Denial of Service Mobile Technology Co-managed IT Documents Bluetooth Chrome Software as a Service Heating/Cooling Healthcare Uninterrupted Power Supply Storage Public Cloud Cryptocurrency Google Docs Router Computer Accessories Identity Theft Experience Gaming Console Bitcoin Lifestyle Data Protection Retail Monitors Cleaning Trending Office Tips Text Messaging eWaste Google Maps Webcam Mouse Virtual Reality Politics Value Society Corporate Profile Troubleshooting Mobile Security Skype Displays Time Management Freedom of Information Microserver Entrepreneur Conferencing Archive HIPAA Software License Trends Motion Sickness Micrsooft 3D Ebay Assessment SharePoint Environment Multi-Factor Security Scalability Thin CLient Fraud Tactics Drones Google Calendar Electronic Payment Devices Point of Contact Messenger Tracking Smart Phones Tip of the week Get More Done Competition VoIP Printer Server Business Owner UTM Content Rental Service Meetings Touchscreen News Turn Key Monitoring Knowledge Trojan IP Address IT Plan Enterprise Resource Planning Web Server Adminstration Pirating Information Consultation Evernote Legislation Cabling Permissions Language Leadership Application email scam Addiction Recycling Wi-Fi Administrator Technology Tips Organize Human Resources Accountants Analytic Books Workers Virtual Assistant Music Audit Multi-factor Authentication Information Product Reviews Supercomputer switches Writing Fake News Management Migration Connected Devices Microchip Upgrades Data Warehousing Wireless Headphones Read Worker Digital Signature Network Management Access Equifax Reading Samsung LiFi Emergency Hard Drive Disposal Device Management G Suite Upselling Computer Care Webinar Entertainment Device security MSP Employer Employee Relationship Microsoft Excel Teamwork Desktop Finance Business Managemenet Hacks Physical Security Deep Learning Video Surveillance Google Drive Windows Server 2008 Nanotechnology Content Management Licensing Work/Life Balance Business Cards Service Level Agreement Banking Botnet Spyware Mobile Payment PDF Startup Relocation Tablets Visible Light Communication Memory Saving ZTime Vulnerability Unified Threat Management Backup and Disaster Recovery online Currency Sync Electricity Printing IT consulting Best Available Keyboard Harddrive Domains Gamification Notifications CCTV Debate Windows 7 Screen Reader Best Practives Public Speaking Piracy Upload LinkedIn Business Metrics Computer Malfunction CIO GPS cache Television Smart Tech Reliable Computing Advertising Flash Fiber-Optic Database In Internet of Things Staffing Google Wallet WannaCry Downloads HTML Windows XP External Harddrive Shortcut Managing Stress CrashOverride Capital Productuvuty Username 3D Printing