Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

Page 75 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
amd6502

amd6502

Senior member
Apr 21, 2017
971
360
136
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,609
10,802
136
If a script kiddee got their hands on a tool to push signed drivers enabling a +.5v uptick on Intel systems, they could harass people by killing their entire PC. When I was younger, and back when there weren't yet any Federal laws against DoS/DDoS, I used Winnuke to knock out Win95 systems as a prank a few times. Don't think I would kill an entire PC, but I knew the kinds of people who might do that . . .
 
VirtualLarry

VirtualLarry

No Lifer
Aug 25, 2001
56,315
10,031
126
Given the severity and lack of current fix for that last mentioned vuln., I'm changing my limited warranty period for my Intel-based gaming PCs to 30 days, and not stocking any more Intel-based rigs.

What kind of timespan (generation-wise) are we talking about? 4th-gen through current? Or only 6th-gen through current? 4th-gen had FIVR, IIRC, and changing the "mobo CPU voltage" only varied the voltage input to the FIVR. So, possibly, 4th-Gen systems are immune? Just a thought, might be incorrect.
 
amd6502

amd6502

Senior member
Apr 21, 2017
971
360
136
maddie said:
Looks like all vendors might be at risk.
Click to expand...

These are just follow up studies from Graz university. It's so broad it covers about all modern processors (eg POWER, acorn risc, x86). However imho these are far fetched proofs of concept that are going to be hard to exploit.

A solution would be further sandbox the most likely vectors which are running withing browser; that is, malicious javascript scripts as well as webassembly. Hence browsers have the first duty to reduce the risk.

The main thing is that a lot of CPU time is needed to get a likely hit.

So browsers could timeout a javascript or webassembly program after a set amount (user specified) of cpu time and then decrease thread priority or niceness to the absolute minimum, and move (or let OS move) these to either a low power core with no to little out of order execution and less L2 privileges, or an emulated core with similar properties.
 
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
Direct link to the website: https://platypusattack.com/

Should be noted that this is not a new attack (monitoring power usage to extract data has been done before), what's new is that Intel's RAPL power monitoring interface is being used for that purpose. Also they looked only at Intel (again) whereas AMD also supports RAPL and very likely is also affected unless they already thought of that attack vector before (not unthinkable, its finer grained boost algorithm in Zen 2 and 3 may well be able to hide power usage differences of instructions as is).
 
Stuka87

Stuka87

Diamond Member
Dec 10, 2010
6,240
2,559
136
DrMrLordX said:
Just when you thought it was safe!

www.bleepingcomputer.com

Working Windows and Linux Spectre exploits found on VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.
www.bleepingcomputer.com www.bleepingcomputer.com

It looks less like an actual infected file and more like part of a pen testing toolkit. Still.
Click to expand...

If there is a toolkit with a working exploit, it wont be long until malware has them, assuming there isnt already malware with it.
 
VirtualLarry

VirtualLarry

No Lifer
Aug 25, 2001
56,315
10,031
126
So, this working Spectre exploit, means that three-plus-year-old Intel platforms, now truely are "unsafe at any speed", unless they've been BIOS-patched?
 
C

cortexa99

Senior member
Jul 2, 2018
319
505
136
VirtualLarry said:
So, this working Spectre exploit, means that three-plus-year-old Intel platforms, now truely are "unsafe at any speed", unless they've been BIOS-patched?
Click to expand...
Very likely, these exploits are fully utilized by hackers and not only Intel but also AMD, ARM were affected, and according to some tests under Windows Intel lost most performance after bios/software mitigation fix, Linux might be another story but I guess situation would be similar to Windows.
After this find by Virustotal, I personally might give up the consideration of second-hand rig from Intel which were before Cometlake......
 
Last edited:
B

beginner99

Diamond Member
Jun 2, 2009
5,210
1,580
136
VirtualLarry said:
So, this working Spectre exploit, means that three-plus-year-old Intel platforms, now truely are "unsafe at any speed", unless they've been BIOS-patched?
Click to expand...

Fun times ahead. Do you think corporate ITs mass-patch laptop bioses? Hint: they don't.
 
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,609
10,802
136
Stuka87 said:
If there is a toolkit with a working exploit, it wont be long until malware has them, assuming there isnt already malware with it.
Click to expand...

Yup! Only a matter of time. One should assume state actors and some independent hacking groups already have these capabilities for targeted attacks.

VirtualLarry said:
So, this working Spectre exploit, means that three-plus-year-old Intel platforms, now truely are "unsafe at any speed", unless they've been BIOS-patched?
Click to expand...

Yyyyyup

All those Skylake-SP shops that haven't updated already and are running with mitigations disabled for performance reasons should be sweating right about now.
 
  • Like
Reactions: spursindonesia and DarthKyrie
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,944
7,656
136
How long until Intel's mesh interconnect is also found to be unsafe? This is ridiculous. I guess Intel "innovations" need to be considered unsafe until proven otherwise.
 
  • Like
Reactions: DarthKyrie
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,609
10,802
136
moinmoin said:
How long until Intel's mesh interconnect is also found to be unsafe?
Click to expand...

The mesh shouldn't suffer from bus contention issues, I wouldn't think.

Fanatical Meat said:
How much of a threat is this ring vulnerability to a typical user?
Click to expand...

Unknown. Ring-based CPUs are exclusively outside of the workstation/server sector, so if anyone bothers to produce an exploit, it'll be targeted at corporate users and/or home users. Based on Spectre, it should be 2-3 years before any exploits show up in the wild.
 
C

cortexa99

Senior member
Jul 2, 2018
319
505
136
I'm not engineer and don't know how critical this Ring vulnerability is, but it sounds like it only affect Intel because of Ring. Is it fixable via bios update? Don't tell me this would lead to some other bit of performance lost......
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom