Security vulnerabilities have a rippling effect, and because of this, SolidTrust Pay would like to briefly inform users about two new security flaws: Meltdown and Spectre.
Meltdown and Spectre are major security vulnerabilities that are found in processing chips, which are in many of the world’s phones and computers. This means that malicious programs have the ability to read the contents of a computer’s RAM, exposing passwords and encryption keys, otherwise known as information leakage. According to Ars Technica, “Meltdown, applicable to virtually every Intel chip made for many years, along with certain high-performance ARM [Advanced RISC Machine] designs, is the easier to exploit and enables any user program to read vast tracts of kernel data.” Although Meltdown is easier to exploit, it will be easier to patch than Spectre.
Companies, specifically the ones listed here, are not issuing any recalls of the technologies embedded with the chips. Even though patches and updates will be issued, the threat of information leakage will continue to be around for a lengthy, undisclosed amount of time.
For Meltdown, updates should happen by the end of January, says Intel CEO Brian Krzanich. After the fixes are implemented, you may find that your computer or personal device may be running slower. Spectre, on the other hand, doesn’t really have a fix, according to our sources.
This article lightly brushes over this complex topic, and it will be one to follow for months to come. We recommend reading credible tech news sources in regards to the latest on Meltdown and Spectre, specifically Ars Technica (really great if you are from an IT or development background) and Engadget (lighter reading for people with a background not in computers).
SolidTrust Pay’s Chief Security Officer advises users to “keep everything updated, [such as] Windows, web browsers, antivirus software, and only go to known and trusted websites. Don’t download anything unless you know 100% sure what it is.” In other words, stick to what you know best, and be diligent when using the internet.