“. . .there is no such thing as total security. . . .
There is only risk management. “
–Scott and Michael Shinn
A quick report:
Two major security flaws were recently discovered in the chips that are in nearly every computer and phone (yes, iPhones) on the planet, and given dramatic, scary names: Spectre and Meltdown.
Predictably, there’s a lot of hysteria in the reporting. Let’s put this in perspective.
1. These flaws have existed for DECADES and there is no evidence so far that they’ve been exploited.
2. To exploit them on your device, a hacker has to have access to the device, either physically or through malware you have installed.
3. Protecting your own devices so far involves only the normal steps you should be following anyway:
- Update your software regularly*
- Don’t install anything unless you are sure it’s from a trusted source
- Use antivirus software
- Back up, back up, back up
- Don’t reuse passwords
More concerning is that these vulnerabilities can affect cloud services (iCloud, gmail, Amazon’s web hosting), but since the discovery was made by a Google researcher six months ago, the service providers we all patronize have been actively working on solutions.
So while these are significant flaws, they’re flaws we have been living with all along–we just didn’t know it. (Ignorance is bliss). They will cause a lot of sleepless nights in the industry, but they shouldn’t for you.
Alison Holtzschue
and the computers dot mom team
*IMPORTANT: The Windows update is not compatible with all antivirus products–notably McAfee–as of this writing. If you are using an incompatible product, your computer will NOT receive the update until the antivirus product is fixed.