If your website is hosted with us, you should have little to fear from the epic Meltdown and Spectre bugs that surfaced recently.
In case you haven’t heard, these two exploits are among the scariest ever, in part because they affect essentially every computer or device made since 1995. That’s the bad news.
The good news is that these bugs are extremely difficult or impossible to exploit remotely. They mainly affect “the cloud” and other shared hosting environments, where multiple, mutually distrustful users share a single processor. Here, a bad actor could sniff passwords and other sensitive information on an unpatched system.
Sadly, that is by far the most common way that websites are hosted today — on shared hosting environments. However, it is NOT how we do it.
We run our own, exclusive physical hardware server located in a highly secured data center connected to multiple Tier 1 backbones and backed up by a sophisticated emergency backup system. No one but us has access to this system, other than through typical browser-based, well sand-boxed admin panels. Meltdown and Spectre appear to be almost impossible to exploit remotely, and that is good news for us, and our clients, too.
Disclaimer number one: a few of our older sites that require outdated operating system software do run on virtual servers. There are only a handful of such sites that we still maintain, however, and given the age of the software, there are probably easier ways to attack them, should anyone wish to.
Disclaimer number two: We also keep a backup server in a virtual hosting environment. This is so that, should our main server fail, we can quickly point our clients’ domain names at the backup while we rebuild the main server. This system is intended to ensure that no client ever experiences downtimes of more than 4 hours (our typical nameserver time-to-live). The threat of a Meltdown- or Spectre-style attack on this virtual backup server is quite low, however, because it uses the system processor only rarely, during routine, scheduled synchronizations with the main server that typically do not involve passwords or other sensitive data.
Dedicated hardware is expensive, but inherently faster and more secure than any other approach. Might as well have the best.
Incidentally, offsite backups are only part of our “belt, suspenders, and parachute” commitment to securing your data. Our dedicated server has two drives. For best performance, one drive handles the live databases and backs up the webserver filesystem. The other serves up the filesystem and backs up the database. The last time we lost a drive, we were on vacation at our in-laws ranch. It was the day after Thanksgiving. We stayed up all night with a borrowed laptop and cellphone, but by morning, all of our sites were fully restored and operational, and not a single client noticed the interruption.
We have never had to use our off-site backups. But, in the event California falls into the ocean, there they are.