Often by the time when we heard there are new found computer security flaws, they were usually being patched (fixed) before the news was released. Therefore, consumers weren’t needing to do too much except… installing the patches to fix the flaws. So … no harm would be caused by the new found computer flaws. However, this time… it’s different in ever possible way. First, the news was released before the flaws were able to be patched. Second, there are no ways to fix both flaws because the two problems, called Meltdown and Spectre, are resided in the processors. To fix Spectre will require the re-design of the modern processors. Also, even though there is a fix for the Meltdown problem, it will slow your computer down for 20% ~ 30%.
We aren’t going to get into too details about those two computer flaws (meaning that the specific steps to steal owners’ information); however, in a nutshell… those flaws will allow hackers to own your information such as password. It’s an enormous problem in the cloud computing since one server serves (usually) multiple customers. Hackers can just rent a space on the server and … get the access to other customers’ data.
If you are interested in a bit more details, you can click here to read from "The Register" or here from "The New York Times".
All iPhones, iPads, and Macs Are Affected by Chip Flaws
In the world of mobility, the smartphones, tablets, as well as all the IoT stuff filled in our lives nowadays. And … what computing device everyone uses most often daily? It’s iPhone(s) and iPad(s). In the world of iPhone(s), we basically assume that it’s the most secure device in the world and we won’t be attacked by the hackers since … Apple would protect us 100%. Well… that’s true to a degree as long as you are not the 10% of the iPhone users who like to jailbreak the device. To be specific, to gain advantages of those two flaws, hackers will need to load programs (apps) right on your device in order to get access. Therefore, if you only download apps from Apple App Store, you should be fine.
On Thursday (yesterday), Apple released an announcement regarding this issue (About speculative execution vulnerabilities in ARM-based and Intel CPUs ). Basically, all the iPhones, iPads, and Macs are all affected by those two problems caused by the processor.
Apple released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2.
Performance after update
Apple’s testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.
Apple will release an update for Safari on macOS and iOS in the coming days to mitigate these exploit techniques.
Performance after update
Apple’s current testing indicates that the upcoming Safari mitigations will have no measurable impact on the Speedometer and ARES-6 tests and an impact of less than 2.5% on the JetStream benchmark. Apple continue to develop and test further mitigations within the operating system for the Spectre techniques, and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.
What You Need To Do?
You should update your browsers right away. Also, whenever your OS has an update, you should do it. The followings are a bit info on this topic,