{"id":1240,"date":"2018-01-17T11:35:53","date_gmt":"2018-01-17T15:35:53","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=1240"},"modified":"2018-03-02T17:03:31","modified_gmt":"2018-03-02T21:03:31","slug":"living-spectre-fallout-meltdown-spectre","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/","title":{"rendered":"Living with a Ghost: The Fallout of Meltdown and Spectre"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1241\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg\" alt=\"spectre meltdown haunting fallout\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Imagine for a moment that you own a house \u00a0with a persistent termite problem. You do what you can to stop the pests: protecting your support beams, closing off entry routes, monitoring for any signs of infestation. You know you may not be able to completely remove the termites, but you believe that you can at least minimize the damage and reduce the number of infestations you experience. Maybe with a few upgrades to the house and the right pest solution, you can even reduce the problem to a negligible state.<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/security-information-event-management-vendor-map\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/02\/SIEM_VM_SB.jpg\" alt=\"Download Link to SIEM Vendor Map\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Now imagine the company who built your home announced that the foundation is made of softwood and that termites could reach it every time you opened any door in the house&#8230;and that the same problem applies to all of the houses in the world. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">That\u2019s about on par with how the revelations about Meltdown and Spectre felt like to cybersecurity professionals. The truth that microprocessors\u2019 native functions could result in key memory compromises\u2014and that even if remediation is possible it would result in significant operational slowdowns\u2014left many shocked and reeling. That these issues have existed undetected for the past two decades, affecting virtually every computer and mobile device built since 1995, only fueled the collective anxiety. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">These issues, nicknamed Meltdown and Spectre, are still being parsed, patched, re-patched, and debated at time of writing. It can be hard for anyone to wrap their head around. We\u2019ve already <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/intel-confirms-long-standing-microprocessor-chip-hacking-vulnerability\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">provided<\/span><\/a><span style=\"font-weight: 400\"> our own <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/weekend-cybersecurity-review-new-intel-security-flaw-hackers-targeting-u-s-senate\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">coverage<\/span><\/a><span style=\"font-weight: 400\"> and spoken with <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/neil-weitzel-cygliant\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Neil Weitzel<\/span><\/a><span style=\"font-weight: 400\"> of Cygilant about these monumental security vulnerabilities, but this story continues to unfold. At this rate, it may prove one of the most devastating discoveries in InfoSec history. We want to make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned: <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>A Quick Refresher<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Spectre and Meltdown are security flaws embedded in the operation of microprocessors. Chips by Intel, Arm, and AMD\u2014the three largest microprocessors manufacturers\u2014all contain it; experts believe flaws are inherent in the design, rooted in the race for greater processing speeds during the home computer revolution of the mid-to-late 90s. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">It all comes down to speculative execution. Microprocessors achieve their incredible modern speeds by essentially predicting what operation they will need to do next\u2014the user has activated X, therefore I will be called to activate Y\u2014and prerunning it so it can launch it quickly. But by prerunning operations early, speculative execution opens a backdoor to the operating systems\u2019 normally secured kernel memory\u2014where the most important data, passwords, and documents are stored. Meltdown and Spectre are the exploits of this backdoor. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Returning to the earlier metaphor, it doesn\u2019t matter how many barricades you place on the walls, the house\u2019s foundations are fragile and weak, ready to collapse with the right push. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Intentional Delays in the Response<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">All of the microprocessor manufacturers were made aware of Meltdown and Spectre sometime around June 2017. The public announcement of the flaws\u2019 existence did not occur until just about two weeks ago (at time of writing). <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">On one level, this does make sense\u2014reporting the issue without having some sort of patch in place is like setting out the welcome mat for hackers to conduct <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/the-expanded-glossary-of-digital-threats\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">zero-day attacks<\/span><\/a><span style=\"font-weight: 400\">. It is customary for solutions providers and manufacturers, once made aware of a security hole, to take a few months to explore the issue and generate a patch.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, the patches for Meltdown and Spectre seemed to take much longer than expected, and some writers have criticized the manufacturers for a <\/span><a href=\"https:\/\/www.theverge.com\/2018\/1\/10\/16871856\/intel-cpu-meltdown-spectre-response-computer-slow-down-issues\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">lack of transparency<\/span><\/a><span style=\"font-weight: 400\">. Initially, the plan for Intel was to disclose Spectre and Meltdown during CES, the world\u2019s largest technical show, with the news under embargo until then. But the truth was revealed slightly earlier than expected, as discoveries by independent researchers forced everyone\u2019s hand. When the news did come out, there were serious deployment issues, as if the manufacturers were still unprepared. We\u2019ll discuss that in more in detail below. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Adding fuel to the suspicions, Intel\u2019s CEO Brian Krzanich sold the maximum amount of stock he is legally allowed to in Q4\u2014 before the news became public but after Intel was informed of Spectre and Meltdown. There is now a very real possibility of an SEC investigation. Even if the sale was legal as Krzanich contends, it does not speak confidence to Intel\u2019s (and other chip manufacturer\u2019s) ability to solve the problem. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Meltdown and Spectre are Actually Three Different Vulnerabilities<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Yes, despite having two names, Spectre and Meltdown are in fact three variations on the same abuse of the speculative execution processes. Spectre is actually two different vulnerabilities that forces programs to reveal secure data to attackers. It requires more sophisticated knowledge of the program\u2019s inner mechanics and only works on individual programs, but it can work on almost any chip. Both variants are more challenging to fix than Meltdown, with the second variant \u201cBranch Target Injection\u201d proving to be extremely difficult to solve without serious performance compromises.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">By contrast, Meltdown uses speculative execution to gain access to all of a systems data that would normally be secure, including the data of other programs and information that only administrators should have access to. While easier to \u201csolve,\u201d many of the complaints of slow downs we\u2019ll explore in more detail below stem from the Meltdown mitigation processes. \u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>The Patches Aren\u2019t Working Well&#8230;Or Aren\u2019t Being Deployed at All<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">To their credit Intel, Arm, AMD, Microsoft, and Google among others are releasing patches and possible solutions as quickly as they can to fix Spectre and Meltdown. But problems with the patches are emerging. Overall, the patches have been reported as buggy and potentially damaging.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Intel has asked people to no longer use the microcode update to defend against Spectre after numerous reports of systems crashes from the patch. Microsoft had to halt deployment of the AMD chip patch after complaints arose that they were causing Blue Screen of Death errors. In the first days of the patches, the patches were known to clash with certain anti-virus solutions; Microsoft responded by essentially holding all of its updates hostage until solutions providers registered as compatible with the patches. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Even though most solutions providers should be integrated with the patches now, older solutions or apps that no longer update should be removed as the manufacturers will not create patches for them. Indeed, endpoint security vendor <\/span><a href=\"https:\/\/www.crowdstrike.com\/blog\/chip-flaws-spectre-and-meltdown-are-actually-three-vulnerabilities-and-proving-hard-to-mitigate\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Crowdstrike<\/span><\/a><span style=\"font-weight: 400\"> notes that those most at risks are those with older browsers and lesser-known applications with vendors not up-to-date with these vulnerabilities\u2014and the microprocessor manufacturers appear to be confirming this observation. Intel only provided patch benchmarks for the latest Intel processors, leaving older models behind. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Microsoft withdrew its AMD systems patch after crashes, and industrial manufacturers are experiencing product driver incompatibilities with Meltdown patches and are currently avoiding implementation until these are resolved.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>No One Has Weaponized Meltdown or Spectre&#8230;Yet<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">As of time of writing, no wild permutation of a Meltdown and Spectre attack has appeared. That\u2019s the good news. However, researchers state with confidence that hackers are getting closer by the day; their academic studies have gotten remarkably close to cracking how to utilize the exploits. That\u2019s the bad news. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If the patches cannot adequately protect against Spectre and Meltdown by the time a hacker figures out how to weaponize them, then literally almost every person on earth is left vulnerable. Sensitive data will have no respite, and sandboxing would be an exercise in futility. It would represent some of the most potent malwareless attack vectors ever conceived. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">It\u2019s an apocalyptic vision, yes. But not necessarily an inaccurate one. The possibility of a zero-day attack increases by the day. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>The Patches Will Negatively Affect Performance On Some Systems<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Between the reports of incessant reboots resulting from the patches and inadequate protections, a more basic issue has also emerged: because the patches affect a process that boosts the performance of operating systems, the patches will have a negative effect on that performance. It stems from the need to increase the kernel memory\u2019s overhead, increasing its protections but also bloating its processes. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Intel was initially bullish that the slowdowns would be minimal at best, but over time their message has become increasingly bleak. Most recently, they contend that the performance impacts shouldn\u2019t be \u201csignificant\u201d for \u201caverage\u201d computer users, without defining their terms. Perhaps the problem lies in the individuality of the endpoints affected; the particular chip in each computer and mobile device, the age of their operating system, and the apps they run all affect the potential slowdown time. General estimations on processing slowdowns range from 5% to 30%. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Microsoft in particular has been transparent about these issues, warning Windows Servers customers of more significant performance impacts and other customers to hold off on firmware updates if they don\u2019t run untrusted code. The impact of the Meltdown and Spectre patches is that bad. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>What Should You Do? \u00a0<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Arm CEO <\/span><a href=\"https:\/\/www.cnet.com\/news\/spectre-meltdown-arm-intel-apple-qualcomm-softbank-simon-segars-pcs-phones\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Simon Segars<\/span><\/a><span style=\"font-weight: 400\"> noted that Meltdown and Spectre may only really be the beginning. What has been deemed safe for years may yet prove vulnerable. The problems stems from the hardware, and according to experts nothing less than a complete physical microprocessor overhaul could actually totally eradicate the problem. Yet none of the microprocessor manufacturers are offering anything more than software patches\u2014bandaids for major gashes. Therefore none of the patches will be 100% effective against the inevitable Spectre and Meltdown attacks; indeed, it will be hard to know how effective they will be at all. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">There are still some best practices you can do to fortify your enterprise against Spectre and Meltdown. First, as expensive as it may be, it may be time to evaluate what endpoints and operating systems you can afford to update. Intel and other microprocessor manufacturers have made it clear that they will not be providing patches for older endpoints, operating systems, and apps. See if you can make updates without compromising valuable data and intra-office processes. Additionally, check your anti-malware and SIEM solutions and make sure they are compatible with Spectre and Meltdown patches; if your solution has been end-of-lifed it is definitely time for a change. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Second, reports suggest that Google\u2019s Retpoline tool\u2014developed by their internal response team\u2014is effective against the second variance of Spectre. The second variance is considered one of the most difficult to patch for and potentially the worst of the three issues to suffer. According to reports, Retpoline has only a negligible effect on performance. It might be worth seeing if it compatible with your endpoints, OS, and solutions. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Finally, staying informed is the best policy when it comes to fighting against Spectre and Meltdown. Keep abreast of announcements by Intel, Arm, AMD, Microsoft, and Google\u2014Google alerts are often a handy tool for staying up-to-date\u2014and listen to what they recommend on doing to keep yourself protected. Coordinate with your IT and cybersecurity teams to see how you can execute on their recommendations. Check with your solution provider, as third party patches are becoming more prevalent and effective at containing the problem.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Above all, stay vigilant. These spectres will follow us for some time.<\/span><\/p>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>Imagine for a moment that you own a house \u00a0with a persistent termite problem. You do what you can to stop the pests: protecting your support beams, closing off entry routes, monitoring for any signs of infestation. You know you may not be able to completely remove the termites, but you believe that you can [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1241,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1,3,43],"tags":[374,95,145,112,57,22],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Living with a Ghost: The Fallout of Meltdown and Spectre<\/title>\n<meta name=\"description\" content=\"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Living with a Ghost: The Fallout of Meltdown and Spectre\" \/>\n<meta property=\"og:description\" content=\"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-17T15:35:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-03-02T21:03:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/\",\"name\":\"Living with a Ghost: The Fallout of Meltdown and Spectre\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg\",\"datePublished\":\"2018-01-17T15:35:53+00:00\",\"dateModified\":\"2018-03-02T21:03:31+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"spectre meltdown haunting fallout\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Living with a Ghost: The Fallout of Meltdown and Spectre\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Living with a Ghost: The Fallout of Meltdown and Spectre","description":"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/","og_locale":"en_US","og_type":"article","og_title":"Living with a Ghost: The Fallout of Meltdown and Spectre","og_description":"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2018-01-17T15:35:53+00:00","article_modified_time":"2018-03-02T21:03:31+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/","name":"Living with a Ghost: The Fallout of Meltdown and Spectre","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg","datePublished":"2018-01-17T15:35:53+00:00","dateModified":"2018-03-02T21:03:31+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Make sure you have all the information you need to adequately understand and prepare against Meltdown and Spectre. Here\u2019s what we\u2019ve learned.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/haunted-house-mod.jpg","width":800,"height":400,"caption":"spectre meltdown haunting fallout"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/living-spectre-fallout-meltdown-spectre\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Living with a Ghost: The Fallout of Meltdown and Spectre"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1240"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=1240"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1240\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1241"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=1240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=1240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=1240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}