| John Von Essen on 4 Jan 2018 08:27:34 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] It's the final meltdown!! (Security vulnerabilies) |
| I know people are freaking out about this, and its a big deal, but…. the thing I dont fully understand is why cant antivirus detect the “act” of grabbing leaked memory data? Also, what are the uneffected CPUs? Even if antivirus cant detect the reading of CPU memory, the attack still requires a piece of software to implement, most hackers will ultimately end up using and distributing the same or similar software, so that can be tagged by anti-virus. I mean do you think every hacker will write their own custom malware. Lastly, you still need to get the malware on your PC, so if you are very careful, behind a firewall, and only install “approved” or “signed” apps, you should be good. On my work PC, for the past 10 years, I have never gotten infected by anything, the only software I install is commercial products like Office, etc.,. and I never download random apps, I mainly download PDFs, and misc content. So with good self control, this shouldn’t be too bad. The real threat is cloud computing, where a hacker can just buy a VM, run their malware, and read all the contents of the cloud platforms CPU. Hence another reason not to use the cloud for critical stuff or sensitive data. Cloud is great for little web sites of content, but super sensitive data should be on your own hardware. -John
|
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug