Spectre Can Attack Your Favorite Browser

by | Jan 21, 2018 | Web & Cloud

The Chrome, Safari, Microsoft Edge, and Firefox browsers may not be as safe from Spectre. Security researchers recently discovered that computer chips manufactured in the past two decades contain major security vulnerabilities. Spectre can be used by hackers to gain access to sensitive data.

What is Spectre?

To understand this unprecedented vulnerability, you need to know some computer chip basics. Modern chips try to speed up their work by storing information related to predictable and repetitive processes. Whenever CPUs perform calculations ahead of time that ends up being unnecessary, the data is thrown away into a supposedly secure storage cache.

Hackers can gain access to the discarded data by using malware to create digital backdoors. From there, they can simply sneak in and sift through the private information. They can trick the processor into throwing away even more sensitive information. This is known as a Spectre attack.

The exploit is highly technical and difficult to execute. However, researchers said Spectre affects all modern processors. These include those developed by Intel, AMD, and ARM.

How does Spectre affect browsers?

Hackers would need to install malware on a device to perform a Spectre attack. One tactic experts found effective is if hackers build a malicious program and embed it on a website. Should anyone visit the rogue website, their browser will automatically run the malicious program.

Once inside, the attacker can use Spectre to gain full access to keystrokes, encryption keys, and login credentials.

So far, there is no evidence of Spectre attacks actively being used to steal data from web browsers. However, they are difficult to detect. Experts also predict hackers will likely develop specialized malware now that this information is available to the public.

Is there a way to protect my digital life?

Fortunately, major browser developers were quick to release updates as soon as the Spectre attack was discovered.

Mozilla also has security features to prevent some Spectre attacks. They also announced a full-blown solution is in the works.

As for Chrome, users can expect an update as early as January 23. For the time being, Google recommends enabling the Site Isolation feature. This limits how much access browser plugins have to your computer. This feature can be enabled by going to your address bar and entering: chrome://flags/#enable-site-per-process.

Some of the updates may affect browser performance. But, it’s a small price to pay compared to having your credit card or SSN stolen.

Like it or not, Spectre is just one of the many threats targeting your web browsers. That’s why you should call us today. We offer expert advice and cutting-edge solutions to make sure your browsing experience is a pleasant and safe one.

Published with permission from TechAdvisory.org. Source.