Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

[A///]

Pretty sad for the industry, when due to a design defect, they have to replace their processors with inferior ones (compared to the competition)

True but easier to qualify the intel systems than amd for specific use cases for dc's. The performance hit due to this vuln is ridiculous. Intel's next q report should be better as a result of this semi industry problem.

 

[DrMrLordX]

Pretty sad for the industry, when due to a design defect, they have to replace their processors with inferior ones (compared to the competition)

Intel has benefitted from this before, when Spectre/Meltdown drove a bunch of shops off Skylake-SP systems to Cascade Lake-SP.

 

[A///]

Intel has benefitted from this before, when Spectre/Meltdown drove a bunch of shops off Skylake-SP systems to Cascade Lake-SP.

rope a dope in play.

 

[Panino Manino]

Oh please, stop, my low end Skylake mobile can't take much more.
Seriously, I'm considering disabling the mitigations (on Linux) to see how the notebook performs. It really is risky for an average user that just wants to browse the web on Vivaldi?

 

[IEC]

Initial Benchmarks Of The Intel Downfall Mitigation Performance Impact (Phoronix)

Performance impacts range from "meh" to "ouch":


My laptops are both Tiger Lake (11800H, 1135G7) and I'm sure firmware updates will apply the fix automatically.

 

[A///]

Initial Benchmarks Of The Intel Downfall Mitigation Performance Impact (Phoronix)

Performance impacts range from "meh" to "ouch":
View attachment 84300

My laptops are both Tiger Lake (11800H, 1135G7) and I'm sure firmware updates will apply the fix automatically.

people were wondering how intel could garner more sales, guess that answers the million dollar question everyone wanted to ask with bated breath. or they go for amd, but intel is the easier answer for most who still believe in the old bs about amd quality.

 

[DrMrLordX]

Oh please, stop, my low end Skylake mobile can't take much more.
Seriously, I'm considering disabling the mitigations (on Linux) to see how the notebook performs. It really is risky for an average user that just wants to browse the web on Vivaldi?

It seems unlikely that this vulnerability will affect end-user machines.

 

[A///]

the issue with localised access vulns is that many interpret it needing physica localised access. plenty of attacks can be thrown at unknowing participants that deploy on the victims computer in the background which would give it local access under an administrator environment. security software is useless unless the code on the attack follows points of interest or portions of interest on heuristics. if it's 100% custom it won't be detected for a while until av companies do. you need to be looking for these things and I'd suspect none of these vulns would be detected by most users especially if they sit there minding its own business collecting your data.

needing 100% physical access to the victims computer is a lot more difficult. while the typical consumer victim here isn't important because they'd be a nobody to attackers who spends their days on the youtube, watching adult cinemas, animes, films on their computer alongside gaming, access to confidential data that is monetarily lucrative is still worth exploiting to these groups. the number of people who work from home and lead sensitive positions would also be affected if still using intel hardware of these generations. it's slim if its a company supplied laptop, not so slim if it's a personal equipment. running a vpn through a vm wouldn't help them much either.

 

[DrMrLordX]

the issue with localised access vulns is that many interpret it needing physica localised access. plenty of attacks can be thrown at unknowing participants that deploy on the victims computer in the background which would give it local access under an administrator environment.

That may be true, but if you get admin access on a single-user laptop (or whatever), you've already pwned it. No need to go to the trouble of breaking things out of a sandbox with a cache exploit at that point.

 

[A///]

That may be true, but if you get admin access on a single-user laptop (or whatever), you've already pwned it. No need to go to the trouble of breaking things out of a sandbox with a cache exploit at that point.

most people run their computers as admin. non admin is far too locked down. most vm's will try to prevent and exploit from jumping and later windows 10 and 11 security functions that monitor an environment outside dedicated software such as av and even microsoft's own memory protection wouldn't stop it. who'd go through all that trouble? typical credentials are useless unless you're targeting a big shot, but a sweet of thousands of computers that may tyield a 15% return on sensitive materials, it's worth it. by the time any checks are made a lot of damage has been done. getting admin access through traditional means is child's play. this is all one example. exploiting how the processor behaves is a much much much much much larger security issue than most can imagine. even on a dumbed down account these vulns would prove to be "fatal" to the processor's security with the holes modern operating systems such as macos, linux, windows have. if there is a will there is a way. If someone gets access to a datacenter vm, they can punch outside the vm and into the data center's infra. If this wasn't an issue as you claim it isn't, you wouldn't have companies scrambling to get a hot fix out. this or the prior intel based vulns.

the only vulns not worth thinking twice about are ones where you need local access in addition to physically being there. those are lab vulns that simply don't make much sense to worry about. how often do you read about an attacker gaining access to a secure facility that requires numerous checks to get to?

 

[Panino Manino]

It seems unlikely that this vulnerability will affect end-user machines.

Update arrived here, now I need a way to disable it if it is the case it's unlikely I'll be affected.

 

[igor_kavinski]

Update arrived here

Windows updates? Or BIOS updates?

 

[A///]

windows. the fix is applied each time as windows loads into the ram.

 

[igor_kavinski]

If it's Windows based, there should be a way to disable the mitigation with a registry edit or a Powershell command.

 

[Panino Manino]

Windows updates? Or BIOS updates?

Linux, microcode update.

 

[igor_kavinski]

Linux, microcode update.

Disable mitigations: https://sleeplessbeastie.eu/2020/03/27/how-to-disable-mitigations-for-cpu-vulnerabilities/

 

[Panino Manino]

Disable mitigations: https://sleeplessbeastie.eu/2020/03/27/how-to-disable-mitigations-for-cpu-vulnerabilities/

I know how to do this, I was thinking about disabling selected mitigations.
Does everyone only uses the option to enable ALL mitigation? I always see people talking, "this new mitigation is very improbable to be a risk for the end user in the real work", so they got me thinking, what if I disable some? Maybe the saved performance would be worth the risk.

 

[JoeRambo]

Does everyone only uses the option to enable ALL mitigation? I always see people talking, "this new mitigation is very improbable to be a risk for the end user in the real work", so they got me thinking, what if I disable some? Maybe the saved performance would be worth the risk.

Frankly there is no single answer to this question as a lot depends on what a said Linux system is doing and how exposed it is overall.

There is also a problem of uCode that is updated automagically and loaded on next reboot of system, kernel version etc.

Very complex landscape, but on Linux You at least have a lot of control, heck if You don't update BIOS ( or there is no BIOS update ) one could run those Skylakes as God intented in 2013.

To reduce complexity i would recommend a tool ( not CIA approved obviuosly ):

GitHub - speed47/spectre-meltdown-checker: Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD - speed47/spectre-meltdown-checker

github.com

always up to date overview of what Your system is vulnerable or not vulnerable to and what are the options, For example on one of our SKL dev tool boxes:


So it can be anything from mitigations off to granular control of disabling the ones that only cloud guys should care about and don't really apply to kids laptop.

 

[deasd]

Open interest of pursuing lawsuit against Intel due to Downfall. Another potential damage since Meltdown/Spectre.

Class-Action Lawsuit Forming Against Intel for 'Downfall' Chip Bug

Tallying up damages and compensation.

www.tomshardware.com

 

[DrMrLordX]

Open interest of pursuing lawsuit against Intel due to Downfall. Another potential damage since Meltdown/Spectre.

Hmm, did Intel get sued over SMeltdown?

 

[Hitman928]

Hmm, did Intel get sued over SMeltdown?

They were sued by many people/groups. I think they were all joined together into a class action which is still making it's way through the system.

 

[aigomorla]

I feel this thread has served its purpose.
Any new exploits should be given a new thread in regards to the CPU.
I will leave the thread up for continued discussion, but it will no longer be stickied.

Moderator Aigo

 

[Panino Manino]

Why create a new thread for each new exploit?
Much better to keep it all here.

 

[DrMrLordX]

Why create a new thread for each new exploit?
Much better to keep it all here.

We can still do that. This thread just isn't stickied.

 

[igor_kavinski]

Update: https://www.tomshardware.com/pc-com...ons-of-cpus-knowing-of-downfall-vulnerability

That complaint PDF should be interesting to read.