INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: Ugly Security Hole in CPU's  (Read 2731 times)

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72439
  • Where did I put my teeth?
Ugly Security Hole in CPU's
« on: January 04, 2018, 06:46:35 am »

Most CPU's have a vulnerability discovered by Google researchers.  Patches are rolling out.

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
Logged

Awesome Donkey

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 7805
  • Autumn shade...
Re: Ugly Security Hole in CPU's
« Reply #1 on: January 04, 2018, 07:04:14 am »

There's three vulnerabilities, variant 3 is being called Meltdown and variant 1 and 2 are being called Spectre (or Spectre 1 and Spectre 2).

Meltdown (which looks to only affect Intel CPUs - nearly all of them since 1995!) patches are being pushed out to Windows, macOS High Sierra (it's been fixed since 10.13.2, released nearly a month ago) and the Linux kernel. There's going to be a performance hit for Intel CPUs because of Kernel Page Table Isolation (KPTI), depending how old the CPU is and whether or not the CPU has Process-Context Identifiers (CPID) or not. Also the performance hit will depend on the workload(s).

Spectre on the other hand looks to affect Intel with both variant 1 and 2 whereas AMD and ARM CPUs are affected by variant 1 (AMD on Linux only? Some confusion there). Unlike Meltdown, Spectre is way harder to fix. Looks like applications will have to patch this one, in addition to stuff being added to OSes to help mitigate it. AMD has said they can fix Spectre 1 through software (again, Linux only?), after they do they won't be vulnerable to Spectre 1 anymore. Man, I wish I bought some AMD stock a few days ago! :D

Both Meltdown and Spectre are going to be a nightmare for cloud, enterprise and the IT industry in general.

https://meltdownattack.com/
Logged
I don't work for JRiver... I help keep the forums safe from "male enhancements" and other sources of sketchy pharmaceuticals.

Windows 11 24H2 Update 64-bit + Ubuntu 24.10 Oracular Oriole 64-bit | Windows 11 24H2 Update 64-bit (Intel N305 Fanless NUC 16GB RAM/500GB M.2 NVMe SSD)
JRiver Media Center 33 (Windows + Linux) | iFi ZEN DAC 3 | JBL 306P MkII Studio Monitors | Audio-Technica ATH-M50x Headphones

Awesome Donkey

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 7805
  • Autumn shade...
Re: Ugly Security Hole in CPU's
« Reply #2 on: January 04, 2018, 09:25:23 am »

Logged
I don't work for JRiver... I help keep the forums safe from "male enhancements" and other sources of sketchy pharmaceuticals.

Windows 11 24H2 Update 64-bit + Ubuntu 24.10 Oracular Oriole 64-bit | Windows 11 24H2 Update 64-bit (Intel N305 Fanless NUC 16GB RAM/500GB M.2 NVMe SSD)
JRiver Media Center 33 (Windows + Linux) | iFi ZEN DAC 3 | JBL 306P MkII Studio Monitors | Audio-Technica ATH-M50x Headphones

Hendrik

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 10935
Re: Ugly Security Hole in CPU's
« Reply #3 on: January 04, 2018, 01:12:09 pm »

Something that'll likely delight Jim a bit:
https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

The Windows 10 update is available, but apparently it causes some Anti-Virus software to BSOD your system because they did naughty things. AV software is truely evil.
Logged
~ nevcairiel
~ Author of LAV Filters

~OHM~

  • Citizen of the Universe
  • *****
  • Posts: 1825
  • "I Don't Play The Music The Music Plays Me"
Re: Ugly Security Hole in CPU's
« Reply #4 on: January 04, 2018, 02:40:23 pm »

AV software is truely evil.
A BIG Thumbs UP
Logged
“I've Reached A Turning Point In My Life. I Now Realize I Have More Yesterdays Then Tomorrows”

Awesome Donkey

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 7805
  • Autumn shade...
Re: Ugly Security Hole in CPU's
« Reply #5 on: January 04, 2018, 02:52:08 pm »

AV software is truely evil.

Understatement right here, IMO.
Logged
I don't work for JRiver... I help keep the forums safe from "male enhancements" and other sources of sketchy pharmaceuticals.

Windows 11 24H2 Update 64-bit + Ubuntu 24.10 Oracular Oriole 64-bit | Windows 11 24H2 Update 64-bit (Intel N305 Fanless NUC 16GB RAM/500GB M.2 NVMe SSD)
JRiver Media Center 33 (Windows + Linux) | iFi ZEN DAC 3 | JBL 306P MkII Studio Monitors | Audio-Technica ATH-M50x Headphones

bob

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 13874
Re: Ugly Security Hole in CPU's
« Reply #6 on: January 04, 2018, 04:39:05 pm »

I love this comment from the kernel maintainers for linux:

2) Namespace
   Several people including Linus requested to change the KAISER name.
   We came up with a list of technically correct acronyms:
     User Address Space Separation, prefix uass_
     Forcefully Unmap Complete Kernel With Interrupt Trampolines, prefix fuckwit_
   but we are politically correct people so we settled for
    Kernel Page Table Isolation, prefix kpti_

   Linus, your call :)
Logged

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72439
  • Where did I put my teeth?
Re: Ugly Security Hole in CPU's
« Reply #7 on: January 04, 2018, 04:46:57 pm »

How about KISS?  Keep it Separate Stupid

Not to be confused with Radio KISS  Keep it Simple Stupid
Logged

Awesome Donkey

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 7805
  • Autumn shade...
Re: Ugly Security Hole in CPU's
« Reply #8 on: January 04, 2018, 04:50:38 pm »

Linus also blasted Intel last night. Also they're allowing a patch to disable KPTI for AMD CPUs which is currently being enforced on all CPUs.

3 of my 4 OSes have KPTI implemented right now, but I haven't noticed any hit in general performance yet. VMs? Those actually seem a bit slower to me.
Logged
I don't work for JRiver... I help keep the forums safe from "male enhancements" and other sources of sketchy pharmaceuticals.

Windows 11 24H2 Update 64-bit + Ubuntu 24.10 Oracular Oriole 64-bit | Windows 11 24H2 Update 64-bit (Intel N305 Fanless NUC 16GB RAM/500GB M.2 NVMe SSD)
JRiver Media Center 33 (Windows + Linux) | iFi ZEN DAC 3 | JBL 306P MkII Studio Monitors | Audio-Technica ATH-M50x Headphones

astromo

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 2251
Re: Ugly Security Hole in CPU's
« Reply #9 on: January 06, 2018, 02:29:31 am »

Linus also blasted Intel last night.

Blast!!! Linus Torvalds Style
Quote
“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed,” Torvalds wrote in a sharply worded email sent to a Linux list on Wednesday.

“Or is Intel basically saying ‘we are committed to selling you sh!t forever and ever, and never fixing anything’?” Torvalds continued.
Logged
MC33, Win10 x64, HD-Plex H5 Gen2 Case, HD-Plex 400W Hi-Fi DC-ATX / AC-DC PSU, Gigabyte Z370 ULTRA Gaming 2.0 MoBo, Intel Core i7 8700 CPU, 4x8GB GSkill DDR4 RAM, Schiit Modi Multibit DAC, Freya Pre, Nelson Pass Aleph J DIY Clone, Ascension Timberwolf 8893BSRTL Speakers, BJC 5T00UP cables, DVB-T Tuner HDHR5-4DT
Pages: [1]   Go Up