• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Another Intel CPU vulnerability

MaXxBoulton said:
no there is no need AMD are not affected, Mahahaha
Click to expand...

? OpenBSD 6.4 disables SMT by default, not sure about 6.5.

Disabling of Intel HT and to follow with disabling SMT for other architectures is being done in the name of security. "SMT (Simultanious Multi Threading) implementations typically share TLBs and L1 caches between threads. This can make cache timing attacks a lot easier and we strongly suspect that this will make several spectre-class bugs exploitable. Especially on Intel's SMT implementation which is better known as Hypter-threading. We really should not run different security domains on different processor threads of the same core."
...
Those wishing to toggle the OpenBSD SMT support can use the new hw.smt sysctl setting on OpenBSD/AMD64 and is being extended to cover CPUs from other vendors and architectures.
Click to expand...
 
Well i suppose if you disable hyperthreading like it needs to be to be totally secure (well until another hole is discovered) the 9900 only drops to 8 threads which seems to be decent enough for most folk.
that said if i bought a 500 quid cpu that pretended to be the sun when pushed i would be rather unnamused at it all of a sudden being a 9700.

Hence no one should be thinking of buying intels over rated garbage right now.
 
davida76 said:
Yes you're affected and anyone on a cpu earlier than sandybridge is **** out of luck, no microcode updates for you. Scary thing is there's a lot of companies still running esxi instances on kit prior to sandybridge...eek!
Click to expand...

I might be affected, but I doubt I'll lose much performance though. I will say I'm looking at AMD for the first time. 3000 series I'll be watching out for.
 
voidshatter said:
I'm wondering the stance of FreeBSD regarding SMT.
Click to expand...
AMD has obviously thought lot more about security in their implementation of SMT and speculative code execution.
But Intel's HyperThreading and speculative code execution clearly take so much shortcuts that it's complete guess how many various ways there are around its security.
I mean you can keep trying to secure doors, but if whole building is rotten so that you can punch hole through wall next to lock and open that lock from inside, it's waste of time.
(like in breaking to CIA records vault scene in 2010 film Red)

I'm starting to think that Ice Lake being so many years late has as much to do with Intel trying to redesign architecture to fix all those vulnerabilities, as with 10nm fiasco.
With their resources having it already ported to 14nm should have been possible.
 
laiT said:
Quoting from the exploiter's website https://zombieloadattack.com/

Can my antivirus detect or block the ZombieLoad attack?
While possible in theory, this is unlikely in practice. However, your antivirus may detect malware which uses the attacks by comparing binaries after they become known.


In other words to close the stable door after the horse has bolted
Click to expand...

You're misreading it. Antivirus cannot stop the attack, but it can stop the attacker. I.e. if you have a piece of malware on your system exploiting this, anti-virus cannot stop it from doing so. But it can detect the malware and get rid of that. Spectre is a way to cross internal security boundaries between processes on your system. It is not a way to get access to your system, per se.
 
You must log in or register to reply here.
Back
Top Bottom