Spectre and Meltdown vs. virtual desktops

On January 3, 2018, two hardware flaws were announced that affect nearly every computer sold within the last 20 years. Every virtualization service available relies on vulnerable computers, but you needn’t worry -- almost every vendor has already protected your virtual machines.

What are the risks of an unpatched computer?

Regardless of whether you are using a computer with all its hardware sitting on your desk, or you’re connected to a virtual computer drawing most of its computing resources coming from a cloud server, you’ll be using something called a central processing unit (CPU).

As unbelievably efficient pieces of technology, CPUs have been programed to recognize patterns. When a CPU recognizes a pattern, it stores everything it needs to complete that task in a temporary place. If the pattern changes, the information is thrown out. Spectre and Meltdown allow hackers to not only view trashed patterns, but also to trick a CPU into thinking a specific pattern has changed and should be dumped into this vulnerable storage.

In worst case scenarios, this could affect credit card information, passwords, and personally identifiable information. And even though a virtual desktop or server is created with software that partitions hardware resources on a large computer into several smaller, standalone computers -- Spectre and Meltdown flaws are still present.

How are they fixed?

Because these are hardware-level vulnerabilities, the only way to truly fix them is by replacing the CPUs. But because there aren’t any processors currently available without the Spectre and Meltdown flaws, software patches are the only option.

Amazon Web Services, Microsoft, and Google have all installed updates that essentially tell CPUs to stop recognizing patterns to store data ahead of time. However, predictive functions significantly increased the computing speeds of modern computers, meaning turning them off will slow down computer performance.

Virtualization is more cost effective than ever

This all sounds terrible, but it’s actually a huge selling point for virtual desktops and servers. First, it proves that big-name cloud platforms can push out urgent security updates to thousands upon thousands of clients in a relatively quick fashion. Those using “traditional” computers (remember, the ones with all the hardware sitting on your desk), need to apply these patches one-by-one, on-site.

Second, most virtualization platforms charge on a pay-for-what-you-use model. So, you’re not paying for hardware and its flaws, you’re paying for the actual work that is finished on your web-accessible computer.

Spectre and Meltdown will continue to affect the computing world for several months to come. However, businesses that use virtualization technology will not be hit nearly as hard. There’s no better time to make the switch than now -- give us a call today.

Published with permission from TechAdvisory.org. Source.