Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

[arandomguy]

If Microsoft were to apply the patch to both AMD and Intel equally - would they be open to legal action by AMD if they refused to add the 2 lines of code in that it would take to qualify patch applicability?

So for me what is interesting about this situation is what happens in terms of a liability scenario?

Let's say AMD asserts they do not need any type of patch and do not want one due to performance implications. Microsoft (or whatever equivalent software vendor) can choose whether or not to believe this or make it an optional toggle (and with what default setting). Now Amazon (or whatever service provider) or other user of said software can choose what to believe in whether or not to enable said toggle.

We move down a few years and find out that this assertion by AMD ended up being wrong and someone exploited these attack vectors and causes a massive data breach. Who ends up bearing liability in this case?

It seems to me for a party such as Microsoft they have no stake, at least presumably, in any specific IHV and so would implement said solution just to cover themselves or at least default any toggle to on. For a service provider using their OS they themselves would have to weigh the potential risk with respect to hardware acquisition. As it seems impractical at the end should such a scenario occur to then chase AMD for liability.

 

[moinmoin]

Nope AMD chips aren't affected as far as the research shows. They tried it on AMD chips.

It's just intel chips which have this bug according to all the information we have now.

They simply can not rule out AMD chips being affected because they don't have a 100% robust proof. This isn't surprising in any scientific method because proving a negative is difficult or impossible. But again: all the information we have is that Meltdown does not affect AMD CPUs because it's only intel CPUs with this specific bug.

Not affected by what exactly? Spectre reportedly works on AMD chips as long as the access doesn't cross privilege boundaries (Spectre variant 1) which is exactly what I wrote.

 

[Shivansps]

Yeah good point. Proving a negative is difficult or impossible, so lets just assume... What? What's your point?

From all the researchers have seen is that there's basically zero chance AMD is susceptible to Meltdown. And astronomers will say there's basically zero chance an asteroid will destroy earth tomorrow. You might not understand it, but this is how responsible people who subscribe to the scientific method will word their statements.

And those same papers writen by those researchers said that it may be possible to create another vector of attack that works and they are unsure of why it dosent work. If AMD is right they are inmune to it, the thing is, they need to convice Microsoft not to take preventive measures with that, not me or you.

 

[richaron]

Not affected by what exactly? Spectre reportedly works on AMD chips as long as the access doesn't cross privilege boundaries (Spectre variant 1) which is exactly what I wrote.

Ahhh, my bad. To me it seemed yours was another post to confuse the problems we've heard about recently.

Meltdown is the worst recently discovered exploit and appears to be an intel CPU only bug. But Spectre appears to be more esoteric, industry wide, and patched with basically zero performance penalty. Plus obviously access in the same privilege levels is nowhere near as bad as accessing kernel level data.

 

[richaron]

And those same papers writen by those researchers said that it may be possible to create another vector of attack that works and they are unsure of why it dosent work. If AMD is right they are inmune to it, the thing is, they need to convice Microsoft not to take preventive measures with that, not me or you.

Are you talking about the much worse Meltdown bug which has only been shown to affect intel CPUs?

Yeah again astronomers will not say with 100% certainty that an asteroid will not destroy the earth tomorrow. And these researchers also are unable to find the negative proof that Meltdown will not affect AMD CPUs.

But all the information we have is that the Meltdown bug is only in intel CPUs. The researchers tried it in AMD CPUs and couldn't make it work.

 

[SpaceBeer]

Also, just because those researchers tried only one variant of exploit and said some others might be possible, doesn't mean AMDs people haven't tried many other variants

 

[Shivansps]

Are you talking about the much worse Meltdown bug which has only been shown to affect intel CPUs?

Yeah again astronomers will not say with 100% certainty that an asteroid will not destroy the earth tomorrow. And these researchers also are unable to find the negative proof that Meltdown will not affect AMD CPUs.

But all the information we have is that the Meltdown bug is only in intel CPUs. The researchers tried it in AMD CPUs and couldn't make it work.

What means absolutely nothing, this falls way intro preventive measures territory, and is up to Microsoft to decide what to do, and to AMD to try to convice them not to. If this ends up backfiring its going to be Microsoft fault, and security is more important than performance for the server enviroment here.

 

[arandomguy]

Are you talking about the much worse Meltdown bug which has only been shown to affect intel CPUs?

Yeah again astronomers will not say with 100% certainty that an asteroid will not destroy the earth tomorrow. And these researchers also are unable to find the negative proof that Meltdown will not affect AMD CPUs.

But all the information we have is that the Meltdown bug is only in intel CPUs. The researchers tried it in AMD CPUs and couldn't make it work.

From the perspective of someone such as Microsoft I'd assume the concern is one of added risk and liability for negligible gain.

This is why I think its understandable as we have seen that all the software providers have defaulted to broad prevention. Well Linux is a bit of a different situation.

 

[bryanW1995]

What means absolutely nothing, this falls way intro preventive measures territory, and is up to Microsoft to decide what to do, and to AMD to try to convice them not to. If this ends up backfiring its going to be Microsoft fault, and security is more important than performance for the server enviroment here.

The patches that are currently being rolled out are only for meltdown, which is a hack that takes advantage of a specific flaw in intel (and some ARM) cpus. Why should AMD cpus take the performance penalty? If a new exploit is found to get around AMD's security measures, then a new patch will be required to fix that.

 

[Lodix]

The patches that are currently being rolled out are only for meltdown, which is a hack that takes advantage of a specific flaw in intel (and some ARM) cpus. Why should AMD cpus take the performance penalty? If a new exploit is found to get around AMD's security measures, then a new patch will be required to fix that.

Did I read it right on ARM web that Cortex A75 is affected by meltdown?

 

[arandomguy]

Did I read it right on ARM web that Cortex A75 is affected by meltdown?

The research paper stated they could not definitively say whether or not ARM or AMD are exploitable. The only fully successful proofs were done against Intel systems.

6.4 Limitations on ARM and AMD We also tried to reproduce the Meltdown bug on several ARM and AMD CPUs. However, we did not manage to successfully leak kernel memory with the attack described in Section 5, neither on ARM nor on AMD. The reasons for this can be manifold. First of all, our implementation might simply be too slow and a more optimized version might succeed. For instance, a more shallow out-of-order execution pipeline could tip the race condition towards against the data leakage. Similarly, if the processor lacks certain features, e.g., no re-order buffer, our current implementation might not be able to leak data. However, for both ARM and AMD, the toy example as described in Section 3 works reliably, indicating that out-of-order execution generally occurs and instructions past illegal memory accesses are also performed.

 

[Phynaz]

You're talking about the much worse Meltdown bug which appears to only affect intel CPUs? This is the exploit the researchers tried on AMD and couldn't make it work?

I guess I'm not surprised you're still trying to pretend it affects all chips equally...

Meltdown is an implementation of an side channel attack on speculative execution. Not a bug. Read the meltdown paper before you respond to me again, or join my ignore list. Your choice.

 

[richaron]

What means absolutely nothing, this falls way intro preventive measures territory, and is up to Microsoft to decide what to do, and to AMD to try to convice them not to. If this ends up backfiring its going to be Microsoft fault, and security is more important than performance for the server enviroment here.

Nonsense. Dude you've bitten and swallowed the Argument from ignorance logical fallacy.

intel CPUs are the only ones to be shown to be affected from the Meltdown bug (plus a couple of ARM designs?). They tried AMD CPUs and couldn't make it work.

The fact they couldn't disproof the possibility of Meltdown working on AMD is moot, since I say again and again, even astronomers will not say with 100% certainty the earth will not be destroyed by an asteroid tomorrow. Microsoft should, like any logical person, simply listen to the information we have. And the information we have in that Meltdown only works because of an intel CPU bug.

 

[CatMerc]

If AMD is so sure of it, then as the Linux devs put it, "let it be on their heads".

If things turn ugly it can be easily reenabled for AMD systems, and AMD will eat the PR and possibly monetary hit involved.

 

[richaron]

Meltdown is an implementation of an side channel attack on speculative execution. Not a bug. Read the meltdown paper before you respond to me again, or join my ignore list. Your choice.

Read it. We've covered this before.

The Meltdown bug is a bug which only affects intel CPUs as far as anyone can tell.

 

[arandomguy]

If AMD is so sure of it, then as the Linux devs put it, "let it be on their heads".

If things turn ugly it can be easily reenabled for AMD systems, and AMD will eat the PR and possibly monetary hit involved.

The issue here is it is easier for Linux devs to have this perspective compared to Microsoft. Should something happen Microsoft will be the target or say Amazon should they choose not to knowingly not enable such a fix.

 

[coercitiv]

I might believe AMD if they disclose what the "near zero" statement means. I'm speculating it has something to do with their earlier statements about page faults. They claim this doesn't occur in AMD CPUs when a page fault occurs. What about if a page fault doesn't occur?

I read the "near zero" assessment as something that cannot be methodically shown to be impossible but has no attack method, and the "zero" assessment as something clearly proven to be impossible.

Think of it as Intel's PR statement having "zero" value for you while AMDs statement having "near zero" value.

 

[CatMerc]

The issue here is it is easier for Linux devs to have this perspective compared to Microsoft. Should something happen Microsoft will be the target or say Amazon should they choose not to knowingly not enable such a fix.

They're using hardware provided by a manufacturer with documentation and validation. It's on AMD's head if they claim they're not affected by this when they are. Can Microsoft be blamed if the manufacturer claims that the processor doesn't have an issue, nobody can prove it for years, and then suddenly someone figures out a way?

 

[arandomguy]

They're using hardware provided by a manufacturer with documentation and validation. It's on AMD's head if they claim they're not affected by this when they are. Can Microsoft be blamed if the manufacturer claims that the processor doesn't have an issue, nobody can prove it for years, and then suddenly someone figures out a way?

Well for one you'd need AMD to firstly actually make statements to the fact in which it will need to them accepting full responsibility, but you'll notice that they have at this time still hedged slightly in their statements. Beyond that in this specific situation I'm assuming someone like Microsoft would want AMD to officially (not just acknowledge they aren't vulnerable, or have an individual state this) that they do not want them to patch this and accept liability at a minimum as well.

Aside from that the main problem is the reality with this stuff is different. The larger and more visible company in the chain will be the target. Also in this case what is the gain for them to take on the potential risk?

This is why you've seen Microsoft and others like Google at this time adopt broad preventative measures as the default stance.

 

[Hitman928]

Meltdown is an implementation of an side channel attack on speculative execution. Not a bug. Read the meltdown paper before you respond to me again, or join my ignore list. Your choice.

You're still on this? No one cares, it's arguing semantics and only makes intel look worse if it isn't a 'bug'.

Anyway, funny you should insist on reading the Meltdown paper, let me quote from it:

We also tried to reproduce the Meltdown bug on several ARM and AMD CPUs. However, we did not manage to successfully leak kernel memory with the attack de-scribed in Section 5, neither on ARM nor on AMD.

 

[maddie]

Is it possible, that even with this patch for Meltdown on Intel systems, there might be other possible exploits using the same flaw and that this patch only works with this variation?
If true then no one can say that Intel is 100% safe even after applying the patch.

 

[Qwertilot]

No one can say that anything remotely this complex is ever 100% safe. That's why you get such cautious language

Rather dramatically shown by these things suddenly turning up after they've notionally been out there for 10+ years.

 

[Malogeek]

but you'll notice that they have at this time still hedged slightly in their statements.

https://www.amd.com/en/corporate/speculative-execution

Zero AMD vulnerability due to AMD architecture differences.

I'd call that a definitive statement. There's no Intel PR crap in their statement, just laying out the facts and providing a clear response as to their vulnerability status. The quoted one here specifically to Meltdown before certain people here quote other stuff regarding Spectre again and again.

 

[arandomguy]

https://www.amd.com/en/corporate/speculative-execution

I'd call that a definitive statement. There's no Intel PR crap in their statement, just laying out the facts and providing a clear response as to their vulnerability status. The quoted one here specifically to Meltdown before certain people here quote other stuff regarding Spectre again and again.

It seems like you are selectively quoting?

Google Project Zero (GPZ) Research Title Details
Variant One Bounds Check Bypass Resolved by software / OS updates to be made available by system vendors and manufacturers. Negligible performance impact expected.
Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
Variant Three Rogue Data Cache Load Zero AMD vulnerability due to AMD architecture differences.

That aside that is still murky as it relates to whether or not someone like Microsoft should broadly patch. Microsoft will want to protect themselves as tightly as possible as they have no gain to take any risk for AMD.

 

[zinfamous]

In this thread, I see many purported techy/sciency people failing to understand common, simple scientific language.

Yes, there is a near-zero chance that your DNA that we found at the crime scene isn't your DNA but, you know, you can hold onto that argument as long as you want.