Protecting Your Cryptocurrency from Meltdown and specter:
The recently discovered specter and Meltdown vulnerabilities in processing chips are considered as the worst security flaws ever known to modern day computing. The new bugs have opened the gates to confidential information security passwords, photos, emails, etc. in your from PCs & other devices. The extent of this vulnerability has also implications for the cryptocurrency realm. Encrypted wallets might be an exception to these vulnerabilities, but hackers can access private keys on your computer and diminish the profits. IT security experts urge users to exercise caution while dealing with cryptocurrencies.
Meltdown and specter Vulnerabilities
Meltdown and Specter are actually hardware errors in modern processors. The two vulnerabilities were announced on 3rd January 2017. These twin vulnerabilities exploit Intel, ARM, and AMD chips. These hardware errors provided an attack surface to malicious programs. The hackers can breach through these vulnerabilities to steal data from other programs. The data can be your password, browser password, photos, emails, business-critical documents, etc. The sad part is that If a hacker breaches his way into a wallet then he can execute a perfect crime with any trace. Let’s understand these vulnerabilities separately.
It all started, when chip makers decided to use “Speculative execution” for improving the clock speed of chips. This enables a processor to guess the outcome of instruction and execute all subsequent steps in the background. These chips started storing small chunks of data in the CPU cache memory itself. While speculating the data, the CPU throws open the door for exploits.
The meltdown was discovered by Technical University of Graz, Austria, Google Project Zero, and Cyber us Security. The bug allows hackers to leak kernel memory and retrieve keys/ passwords and sensitive information. Thankfully, most operating systems have fixed this bug, but vendors will take some more time in providing the update.
A Perfect Crime
These twin vulnerabilities are different from previous viruses that we have seen in the past. These bugs don’t alter binaries on the machine while stealing information. They just attack the CPU cache. There is no way to find out that you are hit by an attack or not and which information has been compromised. Once a breach occurs, it becomes hard to say that which part of the information has been compromised.
This means that Blockchain technology is safe, but the private keys of your wallet transferred from protected memory to cache memory is vulnerable. It will be unwise to store passwords on the browsers. The keys can be stored in dedicated storage options that provide watertight security. This will make it difficult for hackers to breach the keys and steal your information. Moreover, it will be better not to leave a huge amount of money on the exchange if you are not trading.