{"id":205,"date":"2018-01-27T00:10:08","date_gmt":"2018-01-27T00:10:08","guid":{"rendered":"https:\/\/blog.dtc.ninja\/wp\/?p=205"},"modified":"2018-01-27T00:10:08","modified_gmt":"2018-01-27T00:10:08","slug":"meltdown-spectre","status":"publish","type":"post","link":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/","title":{"rendered":"2018 brings &#8230; Meltdown and Spectre!"},"content":{"rendered":"<p>So, 2018\u00c2\u00a0has really kicked off with a bang! \u00c2\u00a0If you use a computer, tablet, phone, etc (hint, if you think you&#8217;re not then how are you reading this page \ud83d\ude09 )&#8230; then you really need to be aware of one of the latest vulnerabilities &#8230; and, I would argue, one of the most significant the IT industry has faced to date!<\/p>\n<p>World, meet <a href=\"https:\/\/meltdownattack.com\" target=\"_blank\" rel=\"noopener noreferrer\">Meltdown<\/a> and <a href=\"https:\/\/spectreattack.com\" target=\"_blank\" rel=\"noopener noreferrer\">Spectre<\/a><!--more--><\/p>\n<h1>What is Meltdown\/Spectre?<\/h1>\n<p>For a rather interesting variety of reasons, I&#8217;m actually not going to\u00c2\u00a0cover the detail of what these vulnerabilities are, what they affect, or how they work. \u00c2\u00a0These have been well documented in many different locations, and you only need to Google\u00e2\u201e\u00a2 the two names to find out more (or, you could use one of the reference links below!).<\/p>\n<h1>What should I do?<\/h1>\n<p>A purely <strong>personal<\/strong> perspective &#8230; would be\u00c2\u00a0to:<\/p>\n<ul>\n<li>Patch in a non-production environment<\/li>\n<li>Test<\/li>\n<li>Test<\/li>\n<li>Test again<\/li>\n<li>Then, carefully promote\u00c2\u00a0to production, having taken into account a risk-based approach<\/li>\n<\/ul>\n<p>That patching is required is well documented, and clear. \u00c2\u00a0What is also clear is that there is an evolving set of\u00c2\u00a0patches from many different vendors. \u00c2\u00a0Before applying any patches, understand what is needed, understand what they do, verify that you have the latest information available. \u00c2\u00a0And please &#8230; test!<\/p>\n<h1>Did someone say &#8220;performance&#8221;?<\/h1>\n<p>There is a lot of\u00c2\u00a0<em>ahem<\/em> &#8220;speculation&#8221; about\u00c2\u00a0whether implementing the\u00c2\u00a0various mitigation patches will affect the performance of a system\/device. \u00c2\u00a0Without offering an opinion either way, I did find the following article from\u00c2\u00a0Olaf Kirch, Distinguished Engineer and VP of Engineering at SUSE, very interesting. \u00c2\u00a0In this article, he explains why it is so difficult to predict the performance impact of these mitigations and why the only real answer is to do your own benchmarks.<\/p>\n<p><a href=\"https:\/\/www.suse.com\/c\/meltdown-spectre-performance\/\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.suse.com\/c\/meltdown-spectre-performance\/<\/a><\/p>\n<h1>Reference Links<\/h1>\n<ul>\n<li><a href=\"https:\/\/security.googleblog.com\/2018\/01\/todays-cpu-vulnerability-what-you-need.html\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/security.googleblog.com\/2018\/01\/todays-cpu-vulnerability-what-you-need.html<\/a><\/li>\n<li><a href=\"https:\/\/googleprojectzero.blogspot.co.uk\/2018\/01\/reading-privileged-memory-with-side.html\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/googleprojectzero.blogspot.co.uk\/2018\/01\/reading-privileged-memory-with-side.html<\/a><\/li>\n<li><a href=\"https:\/\/meltdownattack.com\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/meltdownattack.com<\/a><\/li>\n<li><a href=\"https:\/\/spectreattack.com\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/spectreattack.com<\/a><\/li>\n<li><a href=\"https:\/\/exchange.xforce.ibmcloud.com\/collection\/Central-Processor-Unit-CPU-Architectural-Design-Flaws-c422fb7c4f08a679812cf1190db15441\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/exchange.xforce.ibmcloud.com\/collection\/Central-Processor-Unit-CPU-Architectural-Design-Flaws-c422fb7c4f08a679812cf1190db15441<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>So, 2018\u00c2\u00a0has really kicked off with a bang! \u00c2\u00a0If you use a computer, tablet, phone, etc (hint, if you think you&#8217;re not then how are you reading this page \ud83d\ude09 )&#8230; then you really need to be aware of one of the latest vulnerabilities &#8230; and, I would argue, one of the most significant the &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;2018 brings &#8230; Meltdown and Spectre!&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[23],"tags":[79,89,27,90,81],"class_list":["post-205","post","type-post","status-publish","format-standard","hentry","category-security","tag-cpu","tag-meltdown","tag-security","tag-spectre","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>2018 brings ... Meltdown and Spectre! - Digging Through Chaos<\/title>\n<meta name=\"description\" content=\"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"2018 brings ... Meltdown and Spectre! - Digging Through Chaos\" \/>\n<meta property=\"og:description\" content=\"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/\" \/>\n<meta property=\"og:site_name\" content=\"Digging Through Chaos\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-27T00:10:08+00:00\" \/>\n<meta name=\"author\" content=\"barnesa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@andrewbarnes666\" \/>\n<meta name=\"twitter:site\" content=\"@andrewbarnes666\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"barnesa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/\"},\"author\":{\"name\":\"barnesa\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/#\\\/schema\\\/person\\\/28671f6a276e93878c5c6078f5598b99\"},\"headline\":\"2018 brings &#8230; Meltdown and Spectre!\",\"datePublished\":\"2018-01-27T00:10:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/\"},\"wordCount\":333,\"commentCount\":1,\"keywords\":[\"CPU\",\"meltdown\",\"security\",\"spectre\",\"Vulnerability\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/\",\"url\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/\",\"name\":\"2018 brings ... Meltdown and Spectre! - Digging Through Chaos\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/#website\"},\"datePublished\":\"2018-01-27T00:10:08+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/#\\\/schema\\\/person\\\/28671f6a276e93878c5c6078f5598b99\"},\"description\":\"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/2018\\\/01\\\/27\\\/meltdown-spectre\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"2018 brings &#8230; Meltdown and Spectre!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/#website\",\"url\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/\",\"name\":\"Digging Through Chaos\",\"description\":\"One Geek&#039;s journey through barely controlled Chaos\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.dtc.ninja\\\/wp\\\/#\\\/schema\\\/person\\\/28671f6a276e93878c5c6078f5598b99\",\"name\":\"barnesa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g\",\"caption\":\"barnesa\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"2018 brings ... Meltdown and Spectre! - Digging Through Chaos","description":"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/","og_locale":"en_US","og_type":"article","og_title":"2018 brings ... Meltdown and Spectre! - Digging Through Chaos","og_description":"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre","og_url":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/","og_site_name":"Digging Through Chaos","article_published_time":"2018-01-27T00:10:08+00:00","author":"barnesa","twitter_card":"summary_large_image","twitter_creator":"@andrewbarnes666","twitter_site":"@andrewbarnes666","twitter_misc":{"Written by":"barnesa","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/#article","isPartOf":{"@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/"},"author":{"name":"barnesa","@id":"https:\/\/blog.dtc.ninja\/wp\/#\/schema\/person\/28671f6a276e93878c5c6078f5598b99"},"headline":"2018 brings &#8230; Meltdown and Spectre!","datePublished":"2018-01-27T00:10:08+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/"},"wordCount":333,"commentCount":1,"keywords":["CPU","meltdown","security","spectre","Vulnerability"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/","url":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/","name":"2018 brings ... Meltdown and Spectre! - Digging Through Chaos","isPartOf":{"@id":"https:\/\/blog.dtc.ninja\/wp\/#website"},"datePublished":"2018-01-27T00:10:08+00:00","author":{"@id":"https:\/\/blog.dtc.ninja\/wp\/#\/schema\/person\/28671f6a276e93878c5c6078f5598b99"},"description":"So, 2018 has really kicked off with a bang! World, meet Meltdown and Spectre","breadcrumb":{"@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/27\/meltdown-spectre\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.dtc.ninja\/wp\/"},{"@type":"ListItem","position":2,"name":"2018 brings &#8230; Meltdown and Spectre!"}]},{"@type":"WebSite","@id":"https:\/\/blog.dtc.ninja\/wp\/#website","url":"https:\/\/blog.dtc.ninja\/wp\/","name":"Digging Through Chaos","description":"One Geek&#039;s journey through barely controlled Chaos","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.dtc.ninja\/wp\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.dtc.ninja\/wp\/#\/schema\/person\/28671f6a276e93878c5c6078f5598b99","name":"barnesa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a9959dbb2f296be6a198a91b8e9b6b4628adfa31c5bf138814a1aa35f4183874?s=96&d=mm&r=g","caption":"barnesa"}}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9551p-3j","jetpack-related-posts":[{"id":212,"url":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/31\/cisco-live-europe-2018-day-2\/","url_meta":{"origin":205,"position":0},"title":"Cisco Live Europe 2018 \u00e2\u20ac\u201c Day 2 #cleur","author":"barnesa","date":"January 31, 2018","format":false,"excerpt":"Wow - so Day 2 of Cisco Live Europe (#CLEUR) 2018 was BUSY! \u00c2\u00a0There were keynotes, there were presentations, there were meetings ... oh ... and I won a prize! Stick with me - this post could be long! Tuesday 30\/Jan\/2018 saw\u00c2\u00a0#CLEUR move into full swing, and it wouldn't be\u2026","rel":"","context":"In &quot;Cisco&quot;","block_context":{"text":"Cisco","link":"https:\/\/blog.dtc.ninja\/wp\/category\/cisco\/"},"img":{"alt_text":"20180130 - Cisco Live Keynote Entrance","src":"https:\/\/i0.wp.com\/blog.dtc.ninja\/wp\/wp-content\/uploads\/2018\/01\/IMG_6198-300x225.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":208,"url":"https:\/\/blog.dtc.ninja\/wp\/2018\/01\/31\/cisco-live-europe-2018-day-1\/","url_meta":{"origin":205,"position":1},"title":"Cisco Live Europe 2018 &#8211; Day 1 #cleur","author":"barnesa","date":"January 31, 2018","format":false,"excerpt":"Greetings from Barcelona - it's nearly the end of January 2018, it's sunny, and ... it's time for Cisco Live Europe 2018 #CLEUR On-Time Arrival! In difference to my trip to Barcelona last year for VMworld 2017 Europe, my trip to Barcelona this year was without fault, in fact, RyanAir\u2026","rel":"","context":"In &quot;Cisco&quot;","block_context":{"text":"Cisco","link":"https:\/\/blog.dtc.ninja\/wp\/category\/cisco\/"},"img":{"alt_text":"20180129 - Arriving at Cisco Live","src":"https:\/\/i0.wp.com\/blog.dtc.ninja\/wp\/wp-content\/uploads\/2018\/01\/IMG_6173-300x225.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":184,"url":"https:\/\/blog.dtc.ninja\/wp\/2017\/11\/30\/nov-2017-intel-security-vulnerabilities\/","url_meta":{"origin":205,"position":2},"title":"Nov 2017 &#8211; Intel Security Vulnerabilities","author":"barnesa","date":"November 30, 2017","format":false,"excerpt":"In recent days, Intel has announced a new set of vulnerabilities that could potentially impact certain PCs, servers, and IoT platforms. Specifically, they have found issues with systems using certain firmware.\u00c2\u00a0 This is documented in the following advisory -\u00c2\u00a0Intel-SA-00086 -\u00c2\u00a0https:\/\/security-center.intel.com\/advisory.aspx?intelid=intel-sa-00086 Firmware at risk Intel have advised that systems using one\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/blog.dtc.ninja\/wp\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":150,"url":"https:\/\/blog.dtc.ninja\/wp\/2017\/10\/16\/wpa2-wifi-security-compromised\/","url_meta":{"origin":205,"position":3},"title":"KRACK &#8211; WPA2 WiFi Security Compromise","author":"barnesa","date":"October 16, 2017","format":false,"excerpt":"In what has been a tightly guarded message to manufacturers of WiFi Access Points, it has now been revealed that the long-trusted WPA2 security protocol has been compromised. Proof of Concept Compromise The Proof of Concept (PoC) exploit has been nick-named\u00c2\u00a0\"KRACK\" - short for \"Key Reinstallation AttaCKs\" by the security\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/blog.dtc.ninja\/wp\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":104,"url":"https:\/\/blog.dtc.ninja\/wp\/2017\/09\/13\/blueborne-bluetooth-devices-beware\/","url_meta":{"origin":205,"position":4},"title":"Blueborne &#8211; Bluetooth devices beware!","author":"barnesa","date":"September 13, 2017","format":false,"excerpt":"So I've just finished reading about a new Bluetooth attack called \"Bluebourne\". \u00c2\u00a0This new attack allows for remote compromise of a Bluetooth-enabled device, even if the devices are not paired to being with! The announcement follows the disclosure, by security researchers, \u00c2\u00a0of 8 new zero-day vulnerabilities in the Bluetooth protocol.\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/blog.dtc.ninja\/wp\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1151,"url":"https:\/\/blog.dtc.ninja\/wp\/2022\/03\/18\/importance-of-source-code-management\/","url_meta":{"origin":205,"position":5},"title":"Importance of Source Code Management","author":"barnesa","date":"March 18, 2022","format":false,"excerpt":"A thought on security risks associated with code inheritance and supply chain security risks The article below highlights a very interesting risk associated with Source Code Management. https:\/\/www.theregister.com\/2022\/03\/18\/protestware_javascript_node_ipc\/?td=rt-3a This is not the first time that a developer has\u00a0purposely made changes\u00a0to code which have caused issues with either service availability and\/or\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/blog.dtc.ninja\/wp\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/posts\/205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/comments?post=205"}],"version-history":[{"count":0,"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/posts\/205\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/media?parent=205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/categories?post=205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.dtc.ninja\/wp\/wp-json\/wp\/v2\/tags?post=205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}