grandeduc - Fotolia
Risk & Repeat: Are the Meltdown and Spectre flaws overhyped?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
Were the Meltdown and Spectre flaws as bad as some claimed? That question was raised by the Pwnie Awards at Black Hat 2018 earlier this month.
While the Meltdown and Spectre flaws were nominated for the Most Innovative Research and Best Privilege Escalation Bug awards, the flaws were also nominated for the Most Overhyped Bug award. According to the Pwnie Awards, the "hype train jumped the tracks a bit" with the reaction to Meltdown and Spectre.
While the Most Overhyped Bug award eventually went to another vulnerability, the Pwnie nomination illustrated the ongoing debate over the seriousness of Meltdown and Spectre. While some experts at Black Hat argued the flaws opened up a dangerous new avenue of attacks, others said Meltdown and Spectre aren't nearly as threatening as other recent bugs.
Were the Meltdown and Spectre flaws overhyped by some media outlets and security researchers? How dangerous can the flaws be if there's no evidence they've been successfully exploited in the wild? Have we seen the worst of Meltdown and Spectre or are more variants coming? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in this episode of the Risk & Repeat podcast.