PSA – Computer Exploit Impacts Billions

Google has made a public announcement for an exploit/hack for computer chips they discovered back in June last year. Back in June, they revealed the information to all the chip makers and operating system developers in the hopes that they would have fixes pushed out to the public in time.

Please don’t be complacent about this. It’s a big flaw that could allow even the most secure of systems to be compromised by anyone. There are examples that show it’s possible that websites could use the issue to collect all the data your browser stores in memory – passwords, browsing history, everything.

While the chip makers fixed the flaw in future chips, older chips couldn’t be fixed with software, so the burden of protecting these users fell on the like of Microsoft, Apple, The Linux Kernel team, Google/Android, etc.

Microsoft, Linux, and Apple have pushed out patches for the problem, and if you’ve had automatic updates enabled, you should be fine – if you don’t have that enabled, run the updates yourself now.

If you’re still reading this, I assume you had auto updates on. Otherwise, stop reading and update your damn system.

Android has been patched with the latest fix, but it’s up to the OEMs (Samsung, LG, HTC, Sony, Motorola, OnePlus, Xiaomi, Huawei, ZTE, Acer, Nokia, etc) to roll out the fix to their users. This is where the trouble starts.

  • If your phone is older than two years, the chances of you getting the fix is so small, I would run out of zero’s writing it out. It would be safer to get a new phone (unless you’ve got the geek-fu skills to install your own ROM with an updated kernel, in which case, you shouldn’t be reading this, as you already know about it all).
  • If your phone is in that 1 year – 2 year age range, it’ll be hit or miss whether you get a fix – it all really depends on the version of Android on the phone and the manufacturer.
    • I doubt many Android 4 or 5 phones will be getting the fix pushed out to them.
    • If you’ve got Android 6 you might get the update, and it will likely be one of the last ones you do.
    • Android 7 should be fine.
    • Android 8 is almost certain to get the fix.

If your phone is less than two years old, get on facebook, twitter, everything, and pester your manufacturer for the update. If they say they won’t update your phone, find out if you can install a new custom ROM for it – search “LineageOS <phone make and model>” and hope it returns results saying your specific model of the phone is supported. For example, the LG G6 is supported, even the LG G6 H870 can be unlocked for custom ROMs, but the LG G6 H870DS I have has no way of getting a custom ROM installed because LG decided the dual sim varieties didn’t deserve freedom of choice. If you’re running with a phone that can get LineageOS or something similar find a geek who will do it for you – no, I will not fix your (Tablet, Phone, Computer, Toaster), I have too many of my own to fix right now