I'm a small business programmer. I love solving tough problems with Python and PHP. If you like what you're seeing, you should probably follow me here on dev.to and then checkout my blog.
Thanks. These are good tips to help people outsource some of the problems I mentioned, which is a viable strategy.
However, they don't address the underlying issues with software security. Your code is/was still vulnerable to Meltdown and Spectre no matter how you serve it.
I don't think that "code" can be vulnerable to Meltdown and Spectre. These are information leakage vulnerabilities which require to run code on your machine. If you're running your web application on bare metal (no shared host), you won't be affected much as long as you apply normal security best practices.
In cloud environments these vulnerabilities are critical, but I expect all major cloud platforms to apply the patches quickly.
Vulnerable clients should also apply normal security best practices, including ad blocking and patching.
I'm a small business programmer. I love solving tough problems with Python and PHP. If you like what you're seeing, you should probably follow me here on dev.to and then checkout my blog.
Thanks. These are good tips to help people outsource some of the problems I mentioned, which is a viable strategy.
However, they don't address the underlying issues with software security. Your code is/was still vulnerable to Meltdown and Spectre no matter how you serve it.
I don't think that "code" can be vulnerable to Meltdown and Spectre. These are information leakage vulnerabilities which require to run code on your machine. If you're running your web application on bare metal (no shared host), you won't be affected much as long as you apply normal security best practices.
In cloud environments these vulnerabilities are critical, but I expect all major cloud platforms to apply the patches quickly.
Vulnerable clients should also apply normal security best practices, including ad blocking and patching.
Yes. Where I said "code" it would have been more accurate to say "the security of the information contained in your app" is/was still vulnerable...