Spectre and meltdown are two processor level vulnerabilities. The Intel-specific vulnerability has
been called Meltdown, while the other vulnerability is spectre which is not an
intel- specific vulnerability but affects all other chip makers as well, though
spectre is a vulnerability that can be called more serious as it’s rooted in
fundamental processor design flaws these two vulnerabilities are
a result of a change in processing that was supposed to increase the speed of
the processor the processors are made to anticipate what the users are going to
do next and do calculations according to the input in the background, thus the
relevant details are displayed as an output this process is called speculative
execution, this system seems faster to the user.
Kernels in operating systems have
complete control over the entire system, and connect applications to the processor
and the memory. Due to this speculative execution the programs can go through
the kernel access protections allowing regular apps to read the information of
kernel memory Sensitive information such as passwords can
easily be accessed. Linux programmers are coming up with a
solution which separates the kernels memory away from user processes this is
now being called the kernel page table isolation.
The problem with the bug fixes is
that this will result in a slowdown from about 5% to 30% depending upon the Intel
processors while linux patches have been coming out in the past months a
windows 10 fix is still not available. This has become a major concern as these
vulnerabilities have been around for about 20 years, allowing programmers to gain access to data all these years, there is no way to know how much
data has been acquired through these vulnerabilities.
The long term fix for these problems would
happen at the processor level, and that is possible only when the next
generation of processors come out and are developed to eliminate this loophole
in the first place. Till then it is quite important t keep updating systems
with these systems as soon as possible. But it’s quite likely that the next
generation processors will be slower then the ones that have been released
recently. With the digital world we live in it is necessary we stay vigilant as
to make sure that we are safe from such threats.