Google Reveals How it Protected Gmail from Spectre and Meltdown
While admitting that ‘Spectre’ and ‘Meltdown’ were two of the most complex flaws to fix in the past decade, Google has revealed the details of how it protected Gmail and other cloud services in a research shared with other tech companies, hoping they will deploy similar solutions to improve the cloud experience across the industry (via Engadget).
The company says that in order to protect its products, it deployed anti-Spectre and Meltdown solutions which users didn’t even notice. For one of the variants of Spectre, which Google says proved to be a lot more problematic, its engineers came up with a technique called ‘Reptoline’, which modifies programs to ensure that execution cannot be influenced by an attacker. It allowed the company to protect its services without having to modify source codes or to switch off hardware components.
By December, the company was done rolling our protections against all three variants. Google reiterates that it received no support tickets related to the updates, but then again, people might have attributed their complaints to other things if they didn’t know about the flaws.
Google considers this set of vulnerabilities the “most challenging and hardest to fix” it’s had to deal with in the past decade. That it was able to find solutions for them relatively quickly demonstrates just how powerful the company is.
To learn more about Reptoline, hit up this link.