Post 3

How to Protect Against Meltdown and Spectre

Just like you, I was taught that browsers can be insecure. Fortunately, they are easy to patch by installing an updated version of the application. I was also taught that most operating systems have numerous flaws, but those vulnerabilities can be patched as well. But who would have guessed that the CPUs that power our computers, tablets and yes, even our smart phones, may have some serious security issues? This is a severe problem, because as we all know, CPUs cannot be patched that easily. The only guaranteed solution would be to purchase a new device, under normal circumstances.

Fortunately, the recent Meltdown and Spectre CPU issues can be patched through an operating system update. If you run a PC or a Mac, the O.S. developers have already sent the patch to the end users a few months ago. However, if you run a more obscure version of the Linux or Android operating systems, it could take quite a bit of time until all the problems are fixed for good.

Why is that happening? Well, because there are much fewer developers who support the less popular Linux distributions. And since there are so many custom Android distributions out there, only a few of their makers consider user data security a critical objective of their business. Phone and tablet manufacturers prefer to support their newest devices, because they are interested in boosting their sales.

The good news is that PC users can fix their computers through software updates. Well, you will need to download the latest BIOS update as well. But don't hurry, because even Intel itself has released a buggy UEFI firmware update, which has caused lots of system crashes for several users.

But how can you tell if your computer is affected by these vulnerabilities? Gibson research Corporation, a trusted security company, has released the free InSpectre tool, which will tell you if your computer is vulnerable to Meltdown and/or Spectre. It will also tell you if the CPU is fast enough, so your computer won’t be slowed down after applying the needed security patches.

As a conclusion, if your computer is vulnerable to Meltdown, the problem can be fixed by applying an operating system update, while a PC that is affected by the Spectre vulnerability can be fixed by installing a BIOS update.

Don’t forget that if the CPU performance isn't "GOOD", the operating system patch will slow down your computer noticeably. This means that you will have to choose between a computer that is safe and runs slowly, or a computer that is vulnerable and runs fast. It's a difficult choice, but I would always pick the first option.

As you already know, Android devices may be harder to patch. Sadly, all you can do is... wait! So, go to "Options", and then choose "About device" to see the version of the latest security patch that was applied. If it's older than January 2018, your device is vulnerable. And since many phone manufacturers focus their efforts on supporting their newest devices, your older smartphone may never be patched.

So, what can you do under these circumstances? Begin by limiting your browsing activities to websites you know and trust to be secure. Don't install any applications that come from unknown developers. Uninstall any piece of software that isn't necessary. It's not a guarantee that those vulnerabilities won't ever affect your device, but you will significantly diminish the risks.