In my Jon Masters thriller series, my protagonist Jon has a friend named Ed Ochoa. Ed is a computer genius and often does some cyber-magic to produce secure, and usually unavailable, information that helps Jon out of a variety of life and death situations. Since I only have rather basic computer skills, I’m often searching the Internet for interesting tidbits of cyber information to dazzle my readers with just enough “computer geek” terms to make the story work and to make it as believable as possible.
Jon’s friend Ed often inserts bits of malware into unsuspecting computers to secure information that should remain . . . well, SECURE! Ed’s help for my protagonist Jon is invaluable because Ed’s cyber-magic allows Jon to cut legal corners and secure information that not only saves Jon’s life at various moments, but also saves the world a good bit of global grief from time to time.
Click on either of these book covers for a story synopsis.
In that spirit, I was most interested to read a recent article which detailed how a team of security experts uncovered flaws in the more commonly used, and most up-to-date, computer chips. These flaws allow hackers (such as Ed) to lift passwords, documents and other supposedly secure data from smartphones, PCs and cloud computing services.
There are two specific flaws, called Meltdown and Spectre, that are causing so much concern in the computer world this year. Both involve critical vulnerabilities in today’s computer processors by allowing an interloper to read secret data from stored files in different ways than before.
Both Meltdown and Spectre take advantage of the way computer chips are designed. In and of themselves, Meltdown and Spectre are not malware but rather basic flaws in computer chip technology that allow malicious hackers to use malware to exploit these critical vulnerabilities.
I thought I’d share this information, especially for writers who rely on any form of computer hacking in their storylines. You can be sure that I will tuck this information safely away (alas, maybe not on my computer) for use in a future thriller plot.
Meltdown breaks down the most fundamental walls between user applications and the operating system such that an attacker could use malicious software to easily access computer memory for sensitive data.
Spectre, on the other hand, breaks down the walls between different applications to allow an attacker to trick programs that are considered safe and error-free into releasing their secrets. My computer-savvy character Ed does just that by introducing “Trojan Horse” technology into secure databanks not only to access information but to trick the computers into sending back updated information on a regular basis.
According to what I’ve read about malware that can take advantage of the Spectre chip flaw, the safety checks of accepted best practices for computer security significantly increase the cyber-attack area (the computer chip data surface area, if you will). This makes computer applications more susceptible to the Spectre flaw. It’s said that, although the Spectre flaw is harder to exploit than Meltdown, it is also more difficult to mitigate without specific software patches.
So, for a more believable storyline that may involve computer hacking (or “shortcuts” as my protagonist Jon and his friend Ed would call them), check out Meltdown and Spectre for more tips on computer vulnerabilities.
Thoughts? Comments? I’d love to hear them!