Spectre blog post

src/_includes/services.html

@@ -71,7 +71,7 @@
         <p>
           A grounded and principled understanding of the cybersecurity domain can ensure
           your organisation is not liable to any unwanted security threats. We provide
-          structured training.
+          structured training taliored to your threat model.
         </p>
       </li>
     </ul>

src/_posts/2016-09-23-our-founding-principles.md

@@ -1,8 +1,8 @@
 ---
 layout: post
 title: Our Founding Principles
-description: Autonomic Co-operative And Our Core Values.
+description: Autonomic Co-operative And Our Core Values
-image: pic01.jpg
+image: thinkpad.jpg
 category: values
 date: 2017-10-03
 ---

src/_posts/2018-01-11-spectre-and-meltdown.md

@@ -0,0 +1,150 @@
+---
+layout: post
+title: Spectre and Meltdown
+description: A Spectre Is Haunting Our Processors...
+image: spectre.jpg
+category: values
+date: 2018-01-11
+---
+
+Autonomic have now completed the process of applying patches to to all
+of our servers in response to the so called Spectre and Meltdown 
+vulnerabilities. Our upstream providers have also confirmed that they have
+patched their infrastructure. We will monitor the situation as it develops.
+
+We are currently super busy with clients so we decided to repost the
+excellent security bulletin from our friends over at [Rise Up](https://riseup.net/) 
+which goes into detail oh how to update various operating systems. All credit
+to them for the rest of this blog post.
+
+## The Facts
+
+As you have probably read, there are three related security problems in
+contemporary CPUs. These vulnerabilities open the potential for a
+nefarious program to steal passwords, secrets, and personal information
+from you computer, even if the program is just Javascript loaded from a
+web site you visit. These vulnerabilities are as serious as they sound,
+and you should take action to upgrade your software. 
+
+* The first flaw, called "Meltdown," affects nearly all Intel CPUs and
+has been fixed with updates to most operating systems. 
+
+* The two other flaws, called "Spectre," apply to nearly all CPUs built
+in the last 20 years, not just Intel, although they are more difficult
+to exploit. There are no permanent fixes for Spectre available at this
+time, although if you update your software you will make these attacks
+much less likely. 
+
+You should take *both* these steps now, for all your devices: 
+
+* Upgrade your web browser (see below). These fixes make the new
+attacks against CPUs more much difficult. 
+
+* Upgrade your operating system. There are updates available for
+Windows, macOS, and GNU/Linux that fix the Meltdown vulnerability for
+Intel CPUs and provide some mitigations for Spectre. Additionally, new
+releases of iOS and Android have mitigations for Spectre.
+
+Better fixes will continue to arrive in the next weeks/months for your
+operating system and software. Please keep your system up to date! 
+
+## Browsers 
+By updating your browser, you can make it significantly harder for an
+attacker to steal secrets off your computer using Javascript loaded from
+a web site you visit. 
+
+Firefox version 57.0.4 and later [includes mitigation measures](https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/) 
+against Spectre attack. 
+
+Edge has been updated to include Spectre migitations. When you apply the
+latest Windows update, you will get the new version of Edge. 
+
+Safari will be updated very soon, according to Apple. Check the App
+Store updates. 
+
+Chrome will include Spectre mitigations starting with version 64, to be
+released Jan 23. In the mean time, you can change your configuration to
+greatly mitigate [against the Spectre vulnerability by enabling](https://support.google.com/chrome/answer/7623121?hl=en)
+ "site isolation."
+
+Additionally, please see [Rise Up's better browsing guide](https://riseup.net/en/better-web-browsing) for
+instructions on best practices for securing your web experience (which
+will also help mitigate against these new attacks). 
+
+## Windows 
+For Windows 10, you must first upgrade any anti-virus software before
+upgrading Windows. [Failure to do so may make your computer stop working](http://www.theregister.co.uk/2018/01/04/microsoft_windows_patch_meltdown/).
+
+To upgrade Windows 10: 
+
+```
+Select the Start button, and then go to Settings > Update & security > Windows Update, and select Check for updates. 
+```
+
+Now is a good time to enable automatic updates: 
+
+```
+Select the "Start" button, then select "Settings" > "Update & security" > "Windows Update" > "Advanced options" 
+and then under "Choose how updates are installed", select "Automatic (recommended)". 
+```
+
+If you are running Windows 7 or 8, an update is also available. 
+
+## macOS 
+If you already have macOS version 10.13.2 then you are [protected against Meltdown](https://support.apple.com/en-us/HT208394). 
+Otherwise, to upgrade macOS: 
+
+```
+Open the App Store app on your Mac. Click "Updates" in the App Store toolbar, then use the "Update" buttons 
+to download and install any updates listed.
+```
+
+Now is a good time to check enable automatic updates: 
+
+```
+Select the Apple menu, then select "System Preferences" > "App Store" > "Automatically check for updates". 
+```
+
+Apple plans to soon release an update to Safari browser to provide some
+mitigation against Spectre. 
+
+## iOS
+Apple has said that iOS is affected by Spectre, and an update to
+mitigate against most of the new attacks has been released. If you have
+iOS version 11.2 or later, [then you are good](https://support.apple.com/en-us/HT208394). 
+
+To check for new updates, go to `Settings > General > Software Update.` 
+
+## Android 
+The bad news is that Android is vulnerable to Spectre and unless you
+have a Google-branded phone or run a custom firmware you might not get
+an update for months, if ever. However, the consensus among security
+researchers at the moment is that the Spectre attack is difficult enough
+that there are probably easier ways to compromise an Android device.
+Yeah? 
+
+There is one thing you can do now to make your Android device more safe
+against these new CPU attacks: 
+
+* Turn on ["site isolation" in Chrome](https://support.google.com/chrome/answer/7623121?hl=en)
+* Upgrade Chrome Browser after Jan 23. 
+* Alternately, use Firefox for Android. 
+
+## Debian/Ubuntu GNU/Linux 
+Run "Software Center" or "Software Updater." 
+
+Alternately, open a terminal and type: 
+
+```
+sudo apt update 
+sudo apt upgrade 
+sudo reboot 
+```
+
+## Fedora GNU/Linux 
+Open a terminal and type: 
+
+```
+sudo dnf --refresh update kernel 
+sudo reboot 
+```