The fact that Spectre and Meltdown combined affect 72% of Android and Apple devices on the market offers a compelling reason to request a new work phone. In many cases the devices being used in large enterprises are old enough that there is no patch coming, the story Slashdot linked to suggests almost 25% of the devices in use will fall into that category. Since those devices have also missed out on numerous security features which were added in newer operating systems, you should have enough reasons to justify the expenditure. The next time you are banking or dealing with a service provider in your own personal life you might want to peek at the phone they use and make sure they aren't endangering your own information.
"Analysis of more than 100,000 enterprise mobile devices shows that just a tiny percentage of them have been protected against the vulnerabilities — and some simply may never be protected. Security firm Bridgeway found that just 4 percent of corporate phones and tablets in the UK have been patched against Spectre and Meltdown."
Here is some more Tech News from around the web:
- Security bods uncover four Google Chrome extensions harbouring ad-fraud malware @ The Inquirer
- Oracle says SPARCv9 has Spectre CPU bug, patches coming soon @ The Register
- DRAM prices to rise further in 1H18, says Nanya @ DigiTimes
- Mozilla Restricts All New Firefox Features To HTTPS Only @ Slashdot
- DNS-hijacking malware sneaks past anti-virus and creeps into Apple macOS @ The Inquirer
- Upset Equation Editor was killed off? Now you can tell Microsoft to go forth and multiply: App back from the dead @ The Register
- Selling used PC games through the blockchain? We’re not buying it @ Ars Technica
- Amount of pixels needed to make VR less crap may set your PC on fire @ The Register
- Joykill: Previously Undisclosed Vulnerability Endangers User Data @ Hack a Day
- hy Building a Gaming PC Right Now Is a Bad Idea, Part 2: Insane Graphics Card Prices @ TechSpot
… or just install Firefox
… or just install Firefox for Android with the NoScript addon to block JS and allow it on only trusted sites (there’s no way they can exploit Meltdown/Spectre from the browser without JS). Bonus: You can install HTTPS-Everywhere, uBlock Origin for blocking ads, and Decentraleyes for local CDN delivery of JS bundles (e.g. Ajax, jQuery, …)
There you go! Saved you a 500 bucks!