Meltdown and Spectre and why we run our own servers
Published on January 18, 2018
If you’ve heard about the recently discovered Meltdown and Spectre vulnerabilities, you may be wondering if they could affect us at Hushmail. We’re very happy to tell you that they don’t. There are many reasons why Hushmail chooses to run its own servers, and Meltdown and Spectre demonstrate why this is such an important part of our business.
Meltdown and Spectre are variations of a design flaw that is showing up in almost every computer chip manufactured in the last 20 years. The flaw makes hardware vulnerable to cyber attackers, allowing them to run malicious software that can compromise previously protected data. This is a problem for your PC if you get a virus. It can also make you vulnerable to attackers through cloud computing. Fortunately, multiple patches have already come out this month and more are on their way. If you would like to learn more about this complicated security issue, you can read about it here.
Many businesses use cloud sharing to deliver services to their customers. Even though multiple security measures have been put in place, they aren’t foolproof, and the cloud is vulnerable to attack. Meltdown and Spectre are revealing some serious cracks.
When a business uses a cloud-based system to run the services they offer their customers, they are also sharing that system with the cloud service’s other customers. When security issues like Meltdown and Spectre appear, the concern is that you don't know who you’re sharing hardware with and whether they are all trustworthy.
This is why Hushmail isn’t affected. At Hushmail, we don’t use other people’s hardware. We run our own servers exclusively, and the only software we run on that hardware is software that we install ourselves. Although we use third-party cloud services for sales, marketing, and customer support, according to our Privacy Policy, we don’t put sensitive customer information there. This means we never have to worry about someone else running malicious software that can exploit a flaw to break into our systems and compromise our customers’ data.
Our own servers are worth the extra effort
From a business perspective, there are some drawbacks to running our own servers. First of all, we take on the entire workload of maintaining those servers. This requires multiple jobs that businesses using outside servers don't have to worry about. We also have to plan carefully in advance to scale our system as we continue grow. We can't just purchase additional server space from our cloud provider.
At Hushmail, we all agree that having our own servers gives us and our customers peace of mind that is well worth the extra effort. This is especially evident when serious vulnerabilities like Meltdown and Spectre are discovered. The responsibility and work involved in running our own servers are necessary for the business we’re in and give us the control and first-party accountability that make us a reliable choice when choosing an encrypted email provider.