Support 100 years of independent journalism.

  1. Science & Tech
5 January 2018updated 01 Jul 2021 1:15pm

Should you freak out about the Apple flaws affecting all Macs and iPhones?

Plus, what you can do to protect yourself. 

By Amelia Tait

This morning when you woke up and instinctively grappled for your iPhone like a baby reaching out for the comfort of its mother’s finger, you probably saw an alarming piece of news.

All iPhones, iPads and Macs are currently affected by two major flaws in the computer chips Apple uses.

These flaws – named Meltdown and Spectre – could allow hackers to steal your sensitive data. As far as the security flaws go, they’re big ‘uns, but Apple is assuring consumers that there is no evidence these vulnerabilities have been exploited yet.

Which is all very well and good, but what does this mean for YOU? Is it Freak Out O’clock?

Are only Apple devices affected?

The Meltdown and Spectre flaws are found within computer processors – basically the main chip in a computer. They have been found in chips made by Intel and ARM and the industry has been aware of the issue for a while, but Apple specifically has hit the headlines today because it wrote a blog explaining the issue and declared “All Mac systems and iOS devices are affected”. In reality, nearly all computers worldwide are affected.

Sign up for The New Statesman’s newsletters Tick the boxes of the newsletters you would like to receive. Quick and essential guide to domestic and global politics from the New Statesman's politics team. The New Statesman’s global affairs newsletter, every Monday and Friday. The best of the New Statesman, delivered to your inbox every weekday morning. A weekly round-up of The New Statesman's climate, environment and sustainability content. A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A weekly dig into the New Statesman’s archive of over 100 years of stellar and influential journalism, sent each Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.

However Apple Watch isn’t affected by Meltdown, which is nice for… some of you guys, somewhere out there, we guess.

OK, but what exactly are Meltdown and Spectre, apart from names for an up-and-coming YA series about an ordinary girl with the weight of the world on her shoulders?

If you boil it down, add some salt, and then boil it down again, these flaws in essence allow hackers to read sensitive information from your computer’s memory – meaning they could access your passwords, card details, and even key strokes (the keyboard keys you’ve been pressing and the order you’ve been pressing ‘em in).

The two flaws are of course endlessly more complicated than this in practice, and can be exploited in different ways, with Spectre being the most difficult for hackers to take advantage off. Daniel Miessler, a security professional from San Francisco, has written a handy explanation of the precise differences between Meltdown and Spectre.

Content from our partners
Cyber security is a team game
Why consistency matters
Community safety includes cyber security

Yeah, I didn’t really want to know all that. What I really want to know is WHAT DO I DO?

Apple has advised that you only download software from trusted sources, so if you’re on your iPhone, for example, don’t downloading anything that’s not from the App Store. Apple have also released patches to protect users, so it’s important to update your devices so they’re running the latest iOS (iOS 11.2) by going to Settings > General > Software Update and latest macOS (High Sierra 10.13.2) here.

The National Cyber Security Centre (NCSC) has released guidance clarifying that the flaws are also exploitable from web browsers, so they advise to “take care when executing any untrusted code, including JavaScript on web pages”.  

And what is Apple doing to fix this? I WAS TOLD BY APPLE CAREEEE!!

In its blog post, Apple says it has released “mitigations” to defend against Meltdown, and are releasing those against Spectre in the next few days.

I’m still not sure if I need to freak out…

Listen, this is a big deal – and now it has been publicised in such a large way, there are potentially more opportunities for people to start exploiting it. Still, the NCSC says the vulnerabilities haven’t been exploited yet.

All that big-deal-oh-shit-oh-shit stuff aside, there’s nothing you can do about this so you may as well calm down (no offence, my friend, your talents are many and varied in other areas). So that said, UPDATE THE SOFTWARE ON YOUR DEVICES RIGHT NOW, and go for some damn lunch. 

Topics in this article: