List

It’s 2018. Technology is everywhere. More people trust the cloud with their lives now than ever before. Gmail. Youtube. iCloud. Dropbox. I’m sure you’ve used one of these platforms, and if you’re like most of us, they contain your digital life. Internet-connected computers power everything from airports, power plants, to of course cloud applications.

Imagine hackers reading your emails, stealing your passwords, and accessing critical components of our infrastructure. These are all very real possibilities our society faces by placing these things on the internet. Sure, we expect the big guys to keep our information safe, but why not target the chips that power them? Intel has been quoted having 99.2% of the entire server market, which makes it a great platform for governments, malicious hackers, and security researchers to look at. Find one major flaw, and you would have essentially the equivalent of total world domination.

This is why bugs like the latest x86 architecture flaw are so concerning. A chip design flaw of the century, appropriately dubbed “Meltdown” and “Spectre”. If you haven’t heard of this, I recommend you check out the arstechnica article on it, but the bottom line is that nearly every modern CPU is vulnerable to an exploit that allows apps to break out of it’s designated memory space, granting it much more power into other components of the system. Sure, your home PC or your laptop is vulnerable, but why would you be the target of such an attack? The real money lies in our cloud platforms.

This is why I’d like us to be mindful that nothing is perfect, and to reconsider our fixation on connecting everything to the internet. You don’t need smart toasters, or behavior tracking wearables. And just because a product is “secure” today, doesn’t mean an attack won’t surface tomorrow. We are already completely at the mercy of cloud companies, do we really want to put more of our lives on the line (pun intended)?

PS: If Meltdown isn’t scary enough, almost every Intel chipset comes with its own operating system, the Intel Management Engine (IME). The IME requires full network access, runs it’s own web server, and is even on when your computer is turned off by design. In addition to this, it is impossible to boot a computer with the IME disabled. It’s no wonder companies like Google are actively trying to kill it off.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Posts

1 2 3 4
February 28th, 2018

Concluding the February Challenge

Writing every day for the month of February has been an experience, and has changed my perspective on writing tremendously. […]

February 27th, 2018

Cloudflare2DB

Cloudflare stats are very useful, but they expire and can’t be tracked over a long period of time. That’s why […]

February 26th, 2018

Nightly Database Backups to Google Drive

If you have a Google Apps account (a business account with more than 5 users or one provided by your […]

February 25th, 2018

Sublime Text

Sublime Text is a really powerful text editor and includes tons of functionality relevant to programming. I will dive into […]

February 24th, 2018

Great Resources for Student Developers

Being enrolled in a university comes with its pros and cons (a topic itself worthy of many other blog posts), […]

February 23rd, 2018

What is MVC?

MVC is a term thrown around lots of software development projects. Laravel, Zend, CodeIgniter, Ruby on Rails, Django, iOS, and […]

February 22nd, 2018

Getting Started With Phalcon PHP

To get started with Phalcon, I already have my server stack setup with Ubuntu 16.04, Percona MySQL, Nginx, and PHP […]

February 21st, 2018

What is Phalcon?

Phalcon is a modern PHP framework with the typical feature set you’d expect. Database ORM, error handling, MVC architecture, and […]

February 20th, 2018

Setting Up a PHP Development Environment

If you do PHP development, moving to a PHP IDE is extremely beneficial especially when debugging. PHPStorm is a great […]