Profile cover photo
Profile photo
Damon Lynch
669 followers -
Anthropology student, photographer, and free software developer
Anthropology student, photographer, and free software developer

669 followers
About
Posts

Post has shared content
True expert advice here!
Various less technical folks have been asking a lot about what they should be doing about the new exploits. These are my personal opinions.

1. Most embedded devices are probably not affected because a) they typically use small low power processors that don't speculate or not much. b) they only run code that was loaded on them by the vendor. Many don't even implement any kind of internal security model so this exploit doesn't make them any less secure than they were - which for much Internet of Things stuff is alas not very.

2. If your personal desktop/laptop is set up as things typically are with you having a single login that lets you do everything then all your apps don't need this exploit to hack one another and you are pretty much trusting the suppliers of them as well as your OS supplier. What you do need to care about big time is javascript because the exploit can be remotely used by javascript on web pages to steal stuff from your system memory. Mozilla and Chrome both have pending updates. and some recommendations about protection. Also consider things like Adblockers and extensions like noscript that can stop a lot of junk running in the first place. Do that ASAP. When OS updates appear apply them.

3. If you are using a public cloud then make sure your cloud provider has taken appropriate measures to protect your virtual machine from everyone else. Actually updating your own guest kernel is less of a priority. If your provider does not have a fix then now is a good time to practice that recovery plan you should have for what to do when your cloud provider goes down.....

4. Phones are a bit more complicated but if you've got a cheap crappy phone the chances are the processor in it is not that vulnerable and you get to laugh at people with ultra high tech toys. What we don't have yet is any good list of processors which are not affected but judging by the ARM provided list of afflicted processors it seems likely that an awful lot of low end phone stuff simply isn't going to be vulnerable in the first place.

Overall though the general rules apply because it's not the only vulnerability that is going to be discovered this year, and it doesn't take a security hole to break a system. So keep backups, test they work and have an up to date plan for what to do if/when your machine gets hit by something evil (or for that matter gets killed by coffee, cats, fire or other natural disasters).

Do you have the phone number to cancel your bank cards if you have no computer or internet ?.
Do you know how to restore a backup on a new machine ?
If you are dealing with proprietary software do you have copies of any license keys ?
What plan do you have to change passwords on accounts and how will you do it with no PC of your own working?

Add a comment...

Post has attachment
"Looking at Ara Güler’s photographs of the city, its streets, and its views, I notice that the basic emotions they evoke—such as melancholy, weariness, insignificance, humility—are often also present in the expressions of the people in the foreground."
Add a comment...

Post has attachment
Add a comment...

Post has shared content
Check out the cool new features in the alpha version of Rapid Photo Downloader for Linux
Add a comment...

Post has attachment
Rapid Photo Downloader 0.9.0a1 comes with the cheeky motto "work smart, not dumb". Read why here!
Add a comment...

Post has attachment
Rapid Photo Downloader 0.9.0a1 comes with the cheeky motto "work smart, not dumb". Read why here!

Post has shared content

Post has shared content
We call those without a conscience who murder and harm other people psychopaths. Plenty but not all psychopaths are cruel to animals before they move on to being cruel to people. Now the FBI is tracking animal abuse because of the compelling connection between cruelty to animals and people. Hurrah!
It won't be long before we can read minds, and then we'll see that the minds of animals reflect a very large portion of what we think is uniquely human awareness and emotion.
Add a comment...

Post has attachment
Dress traditionally worn by the #bride and other women in weddings held in the southern #Iranian city of #Evaz
Photo
Add a comment...

Post has attachment
It might be from 1989, but the developer has upgraded it to a whopping 64MB of RAM
Add a comment...
Wait while more posts are being loaded