Intel Hyper-Threading Accused of Being a Security Threat

Hitman928 · Aug 27, 2018

dualsmp said:
That was a case where they were recommending to temporarily disable HT when the flaw was discovered. However a microcode update was able to fix it later on and HT could be re-enabled without consequence.

In the case of the L1TF flaw every Intel processor on the planet with HT cannot be mitigated with a microcode update or software update. The only way to mitigate the L1TF flaw completely is to disable HT in BIOS forever. HT needs a completely new architecture to fix it and most likely even the newest Intel 9000 series processors are affected.

That's not entirely true. It can be mitigated, but not in a VM environment where each instance cannot be guaranteed to be safe. So for cloud providers, yeah, there's no mitigation (except turn off HT), but for end users, there are microcode / OS updates available for mitigation.

maddie · Aug 27, 2018

french toast said:
I think your intentionally muddying the waters, these flaws most likely have been known for years and years, far too simple for those expert engineers at intel to not notice, they left it in for a reason, they have the most R&D, the most engineer's, the most experience with speculative execution and SMT.

They said cascade lake was pulled from tape in and fixed for some vulnerabilities in two weeks!.

That tells you they more than likely knew and had hardware contingency plan just 'in case' or for future product's, the R&D had already been done for this fix and put on ice.
That is why you can't just give intel a free pass and say AMD/ARM/Intel are all the same.

Just my opinion.

Are you sure about the fix being a hardware one versus microcode? If they knew, had a fix ready, and didn't use it until compromised, then I see many lawsuits.

french toast · Aug 27, 2018

maddie said:
Are you sure about the fix being a hardware one versus microcode? If they knew, had a fix ready, and didn't use it until compromised, then I see many lawsuits.

Anandtech interview: Lisa Spelman;
"We will continue to make good decisions on this – it was the right decision to stop a product, get the mitigation in, take the couple of weeks hit, and move on. We will continue to do that too."
Ian Cutress;
"IC: Are you saying that it took two weeks to fix and design in hardware?"
"LS: It certainly took longer than that, but if you look at the intercept of our product flow, we held back the tape-in until we had the IP in place
https://www.anandtech.com/show/1320...tels-dcg-discussing-cooper-lake-and-smeltdown

Edit; Now these vulnerabilities were known officially by Intel by mid/late last year...cascadelake is a Q3/4 2018 launch, how much time would they have had to look into, design, test and put into silicon these hardware fixes before tape in, tapeout, testing and validation, = launch 2018??.
Very very suspicious if you ask me.

Markfw · Aug 27, 2018

french toast said:
Anandtech interview: Lisa Spelman;
"We will continue to make good decisions on this – it was the right decision to stop a product, get the mitigation in, take the couple of weeks hit, and move on. We will continue to do that too."
Ian Cutress;
"IC: Are you saying that it took two weeks to fix and design in hardware?"
"LS: It certainly took longer than that, but if you look at the intercept of our product flow, we held back the tape-in until we had the IP in place
https://www.anandtech.com/show/1320...tels-dcg-discussing-cooper-lake-and-smeltdown

Edit; Now these vulnerabilities were known officially by Intel by mid/late last year...cascadelake is a Q3/4 2018 launch, how much time would they have had to look into, design, test and put into silicon these hardware fixes before tape in, tapeout, testing and validation, = launch 2018??.
Very very suspicious if you ask me.

Intel has been doing "dirty" and illegal things since they tried to shut out AMD many years ago. Unfortunately, I have been like everyone else, buying their stuff, since it was the only decent hardware for the last 10 years until last year.

deathBOB · Aug 27, 2018

It was Colonel Mustard in the Library with Hyperthreading!

dualsmp · Aug 27, 2018

Hitman928 said:
That's not entirely true. It can be mitigated, but not in a VM environment where each instance cannot be guaranteed to be safe. So for cloud providers, yeah, there's no mitigation (except turn off HT), but for end users, there are microcode / OS updates available for mitigation.

Theo de Raadt recommends CVE-2018-3620 have HT disabled, so I'm not sure Intel is forthcoming with all information. Theo also predicts there will be more "artifacts" of the L1TF bug in the future.

https://marc.info/?l=openbsd-tech&m=153431475429367&w=2

french toast · Aug 27, 2018

Markfw said:
Intel has been doing "dirty" and illegal things since they tried to shut out AMD many years ago. Unfortunately, I have been like everyone else, buying their stuff, since it was the only decent hardware for the last 10 years until last year.

Exactly. That's why we shouldn't give them the benefit of the doubt when things are suspicious, trust is earned and easily lost...too many times have we seen this type of crud from them.

Saying that we can all admit they make brilliant processors and for along time they were the only worthwhile option, i have criticised them in the past but the continued improvement to the 14nm process leading to what we expect the i9 to become, they deserve some credit.
Wish they would cut the crud out though, they don't need to do it.

wahdangun · Aug 28, 2018

Does anyone experience some error in VM like "critical problem" ? After new patch ? I'm using hyper v windows server 2012 r2.

It's make my VM paused and some VM can't change state.

Search

Intel Hyper-Threading Accused of Being a Security Threat

Hitman928

Diamond Member

maddie

Diamond Member

french toast

Senior member

Markfw

Moderator Emeritus, Elite Member

deathBOB

Senior member

dualsmp

Golden Member

french toast

Senior member

wahdangun

Golden Member

TRENDING THREADS