<div dir="ltr"><div><div class="m_3688866563108394168gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<table class="m_3688866563108394168backgroundTable" bgcolor="#ffffff" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top:0px solid rgb(0,0,0);border-bottom:1px solid rgb(255,255,255);background-color:rgb(255,255,255);text-align:center" align="center"><span style="font-size:10px;color:rgb(96,96,96);line-height:200%;font-family:verdana;text-decoration:none">Email not displaying correctly? <a href="http://www.oplin.org/4cast/" style="font-size:10px;color:rgb(0,0,255);line-height:200%;font-family:verdana;text-decoration:none" target="_blank">View it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top:0px solid rgb(51,51,51);border-bottom:0px solid rgb(255,255,255);background-color:rgb(255,255,255)">
<center><a><img id="m_3688866563108394168editableImg1" src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/4cast_email_header.png" title="OPLIN" alt="OPLIN 4Cast" align="middle" border="0"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width:763px;height:877px" bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size:12px;color:rgb(0,0,0);line-height:150%;font-family:'Gothic Sans',sans-serif" bgcolor="#ffffff" valign="top">
<p> <span style="font-size:20px;font-weight:bold;color:rgb(0,0,0);font-family:arial;line-height:110%">OPLIN 4Cast #576: Meltdown and Spectre Security Attacks</span><br>
<span style="font-size:11px;font-weight:normal;color:rgb(102,102,102);font-style:italic;font-family:arial">January 10th, 2018</span></p>
<p style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><img align="left" class="m_3688866563108394168alignleft m_3688866563108394168size-full m_3688866563108394168wp-image-6101" src="https://4cast.oplin.org/wp-content/uploads/2018/01/Fotolia_137139403_XS.jpg" alt="Laptop showing SECURITY BREACH" width="130" height="94" style="padding-right:14px;padding-top:4px;padding-bottom:4px"> The news went public last week of the discovery of two major vulnerabilities with widespread impact, affecting personal computers, mobile devices, and cloud services. "Meltdown" allows user applications (like browsers) to access kernel memory, normally reserved for the operating system. The "Spectre" vulnerability exploits techniques normally used to speed up processing, and tricks other applications into revealing information in their memory structures. The major web browser providers are issuing patches as a first line of defense. Initial concerns were that operating system fixes could slow processing by up to 30%. Of most concern are cloud services; while there is no indication that the exploits currently available could work against these platforms, companies are taking the threat seriously and doing everything they can to contain it.</p><ul>
<li style="list-style-type:none">
</li><li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><span style="font-size:1em"><span style="font-size:1em"><a href="https://www.nytimes.com/2018/01/03/business/computer-flaws.html" target="_blank">Researchers Discover Two Major Flaws in the World’s Computers</a> [New York Times | Cade Metz & Nicole Perlroth] "</span></span>To take advantage of Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers. T<span style="font-size:1em">hat is a major threat to the way cloud-computing systems operate.</span><span style="font-size:1em">"</span></li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.theverge.com/2018/1/9/16868290/microsoft-meltdown-spectre-firmware-updates-pc-slowdown" target="_blank">Microsoft reveals how Spectre updates can slow your PC down</a> [The Verge | Tom Warren] "Microsoft is essentially warning server customers to make a tricky choice between security and performance."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/" target="_blank">Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it</a> [Ars Technica | Peter Bright] "Longer term, it seems likely that Meltdown will recede into the distance—an annoyance, perhaps, but fully patched and protected against—but the rather more subtle Spectre is going to be with us for a while.<span style="font-size:1em">"</span></li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.washingtonpost.com/news/the-switch/wp/2018/01/09/microsoft-pauses-amd-updates-for-spectre-and-meltdown-after-consumer-issues/" target="_blank">Microsoft pauses AMD updates for Spectre and Meltdown after consumer issues</a> [Washington Post | Hamza Shaban] "Microsoft appears to pin the blame on the faulty updates with the manufacturer. 'After investigating, Microsoft has determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown.'"</li>
</ul>
<div style="text-align:left"> </div>
<p style="text-align:left;font-size:20px;font-family:arial;line-height:110%"><small><strong><em>From the <a href="http://ohioweblibrary.org" target="_blank">Ohio Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align:justify;font-size:16px;font-family:arial;line-height:110%">
<ul> <li>Crosman, Penny. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=buh&AN=127163777&site=ehost-live" target="_blank">What Bankers Need to Know about Meltdown, Spectre Chip Flaws</a>." <i>American Banker</i>, vol. 183, no. 6, 09 Jan. 2018, p. 1.</li> <li>Fox-Brewster, Thomas. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=buh&AN=127125329&site=ehost-live" target="_blank">Will Huge Chip Vulnerabilities Lead to Mass Intel, AMD and ARM Recalls?</a>" <i>Forbes.Com</i>, 04 Jan. 2018, p. 1.</li> <li>White, Jeremy B. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=cmh&AN=4HGINDINMLMMGLSTRY000029858040" target="_blank">Spectre and Meltdown Bugs Affect ‘Almost All’ Mac and iOS Devices, Says Apple</a>." <i>Independent (UK)</i>, 06 Jan. 2018.</li>
</ul>
</div>
<div style="text-align:left"> </div>
</td>
</tr>
<tr>
<td valign="top" width="760"><span style="font-size:10px;color:rgb(96,96,96);line-height:100%;font-family:verdana"> <hr>
<div style="text-align:justify">The <strong><em>OPLIN 4cast</em></strong> is a weekly compilation of recent headlines, topics, and trends that could impact public libraries. You can subscribe to it in a variety of ways, such as: <br>
</div>
<div style="text-align:left"> </div>
<ul>
<li style="text-align:justify"><strong>RSS feed.</strong> You can receive the OPLIN 4cast via RSS feed by subscribing to the following URL: <a href="http://www.oplin.org/4cast/index.php/?feed=rss2" target="_blank">http://www.oplin.org/4cast/<wbr>index.php/?feed=rss2</a>.</li>
<li style="text-align:justify"><strong>Live Bookmark.</strong> If you're using the Firefox web browser, you can go to the 4cast website (<a href="http://www.oplin.org/4cast/" target="_blank">http://www.oplin.org/4cast/</a>) and click on the orange "radio wave" icon on the right side of the address bar. In Internet Explorer 7, click on the same icon to view or subscribe to the 4cast RSS feed.</li>
<li style="text-align:justify"><strong>E-mail.</strong> You can have the OPLIN 4cast delivered via e-mail (a'la OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at <a href="http://lists.oplin.org/mailman/listinfo/OPLIN4cast" target="_blank">http://lists.oplin.org/<wbr>mailman/listinfo/OPLIN4cast</a>.</li>
</ul> </span> </td>
</tr>
<tr>
<td style="text-align:center;font-family:'Century Gothic',sans-serif;border-top:0px solid rgb(255,255,255);background-color:#2c4587;color:#fff" valign="top" width="760">© 2016 Ohio Public Library Information Network<br> <a href="http://www.slideshare.net/oplin" title="Find us on Slideshare" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/slideshare3.png" alt="Find us on Slideshare"></a> <a href="http://www.facebook.com/oplin.org" title="Find us on Facebook" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/facebook_0.png" alt="Find us on Facebook"></a> <a href="https://plus.google.com/107751358238995507967" title="Find us on Google+" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/google+.png" alt="Find us on Google+"></a> <a href="http://www.twitter.com/oplin" title="Find us on Twitter" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/twitter_0.png" alt="Find us on Twitter"></a> </td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></div></div></div></div></div></div>
</div>