Meltdown and Spectre, and Moodle

Meltdown and Spectre, and Moodle…Meltdown and Spectre are the names of two serious security flaws that have recently been found within computer processors. They could allow hackers to steal sensitive data without users knowing, one of them affecting chips made as far back as 1995.

Meltdown is a security flaw that could allow hackers to bypass the hardware barrier between applications run by users and the computer’s core memory, which is normally highly protected.  Spectre is slightly different. It potentially allows hackers to trick otherwise error-free applications into giving up secret information.

So how might this affect Moodle?

Well, it affects Moodle in the same way as any other server application.  The most obvious security risk being that usernames and passwords could (in theory) be stolen.  However, as Intel announced, there is no evidence of anyone exploiting this security issue so far.

But the important thing is that it reminds us how vitally important it is that Moodle administrators keep their servers up to date.

In a world where anyone can freely download and install Moodle, and run a server, there are many Moodle administrators that are ‘keen enthusiasts’ but who do not have a deep server admin background, for whom server security is a black art.  These are the people and sites most at risk.

Stuart Mealor

Managing Director at HRDNZ
Stuart is interested in all things e-learning, with specific interests in Moodle, e-learning strategy, and business development.His experience in education over 30 years, MBA in International Business, and knowledge of e-learning systems implementation, together with graphic design background, give him a unique skill set for e-learning projects.

Latest posts by Stuart Mealor (see all)

Stuart Mealor

Stuart is interested in all things e-learning, with specific interests in Moodle, e-learning strategy, and business development. His experience in education over 30 years, MBA in International Business, and knowledge of e-learning systems implementation, together with graphic design background, give him a unique skill set for e-learning projects.

Add a reply or comment...