Meltdown and Spectre Raise Security Concerns for Cryptocurrency Wallets and Exchange Reserves.
Last week, two substantial software flaws were unearthed to the technological public to much alarm. The vulnerabilities, dubbed Meltdown and Spectre by their finders, exploit weaknesses in the computer processors (CPUs) used in most of the world’s PCs, smartphones, and data hubs. These developments have raised questions the world over about the security of private data, leaving the cryptocurrency community wondering what this may mean for the safety of personal wallet funds and exchange reserves.
All of the above may have Implications for Crypto Realm. It is claimed that together, Meltdown and Spectre attacks can affect processing chips produced by Intel, AMD, and ARM, and its discoverers have called them “the worst GPU bugs ever found.” According to the researchers who discovered the flaws, the attacks can steal information from services and applications that a computer’s GPU processes.
“These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.”
For this reason, Michael Schwarz, one of the vulnerabilities’ discoverers, illustrates how Meltdown works in a visual tweet: in this detailed information it can be detailed that the vulnerability of the GPU is very likely due to a malicious program and exploit the information that is in the PC. This is very important to know in order to take the necessary corrective measures.
These vulnerabilities could have unfortunate consequences for cryptocurrency investors and enthusiasts. As one CoinKorea post points out, “the biggest problem is that if an attacker exploits the vulnerability, it can not be blocked by encryption or vaccination.” As such, encrypted wallets may offer little protection against such hacks, even if cryptocurrency investors are taking the utmost precautions.
The vulnerabilities could present obstacles to exchanges, too, as they already have. Last week, Bittrex tweeted that wallet functions were restricted while Microsoft was overhauling its Azure cloud service to protect against the security flaws. Bittrex, like many exchanges, uses the cloud to store hot wallet reserve funds for its customers. Keeping a ledger of private keys in such a centralized place has raised eyebrows within the community, as cloud services are just as vulnerable to Meltdown and Spectre as personal devices.
Some think that Intel should be in hot water and very worried. Despite news surfacing for the public just last week, CEO Brian Krzanich revealed in a CNBC interview that Intel was “made aware of this issue a while back from researchers at Google.” According to a Google Cloud blog post, Project Zero, one of Google’s tech research teams, knew of the vulnerabilities as early as June of last year.
Some might say that seven months ago is more than “a while back” as Krzanich’s statement suggests. To make matters more complicated, Krzanich reportedly sold off $24mln worth of Intel stocks and options in November. After the sell-off, the CEO was left with 250,000 shares, the bare minimum as per his employment agreement with the company.
A company spokesperson held that “Brian’s sale is unrelated” to Meltdown and Spectre and that Krzanich “continues to hold shares in line with corporate guidelines.”
Of course, the question arises: How can you protect yourself? There are software patches available to protect against both Meltdown and Spectre, and experts recommend that users update their systems immediately to accommodate these fixes.
Also, if you’re worried about the security of your funds, it’s best to never leave a substantial sum of funds on an exchange for an extended period of time.
Additionally, when handling your funds personally, there are a number of storage options that offer enhanced security compared to software and web wallets. If you want your funds completely divorced from technological breaches, a paper wallet is a safe bet, just make sure you backup your private keys and keep it in a secure place with little risk for damage. Moreover, hardware wallets like the Ledger Nano S provide excellent security against malware, hackings, and system vulnerabilities.
Ledger products are not vulnerable to the latest Meltdown & Spectre attacks. In this sense, as information regarding the security that must be had, it is necessary to look for information about the products and devices that can help improve the security of the digital assets that are held.
In summary every time that companies that build digital devices for PCs, like Intel, new questions arise, the products are safe? there are questions, which do not have immediate answers, until diligent people discover the vulnerabilities, therefore, the technology can be harmed by hackers, it is on the part of the investor to take the forecasts so as not to regret the lack of foresight. It waits for new ads.
Disclaimer: This press release is for informational purposes information does not constitute investment advice or an offer to invest. The views expressed in this article are those of the author and do not necessarily represent the views of infocoin, and should not be attributed to, Infocoin.