Major Intel chip-level security flaw

swatkat

Down these mean skies, a kat must fly!
Joined
Jun 25, 2014
Messages
1,680
Reaction score
310
Location
Sactown, CA

Winston

Lorenzo von Matterhorn
Joined
Jan 31, 2009
Messages
9,542
Reaction score
1,702
Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it
Intel, Microsoft, ARM, and others have responded. We dig in.
5 Jan 2017

https://arstechnica.com/gadgets/201...el-apple-microsoft-others-are-doing-about-it/

Excerpt:

Intel is the company most significantly affected by these problems. Spectre hits everyone, but Meltdown only hits Intel and ARM (AMD is perhaps not entirely invulnerable from what I read in the tech PDF on Meltdown I've previously linked to here - W). Moreover, it only hits the highest performance ARM designs. For Intel, virtually every chip made for the last five, ten, and possibly even 20 years is vulnerable to Meltdown.

The company's initial statement, produced on Wednesday, was a masterpiece of obfuscation. It contains many statements that are technically true—for example, "these exploits do not have the potential to corrupt, modify, or delete data"—but utterly beside the point. Nobody claimed otherwise! The statement doesn't distinguish between Meltdown - a flaw that Intel's biggest competitor, AMD, appears to have dodged - and Spectre and, hence, fails to demonstrate the unequal impact on the different company's products.


----------

Also, as I've pointed out here in this post - https://www.rocketryforum.com/showt...hip-level-security-flaw&p=1754368#post1754368 - the claim that the CEO's sale of stock on 29 Nov 2017 leaving only the minimum amount he is contractually obligated to keep by virtue of his position at Intel was "automatic" and is, therefore, not a sign of illegal insider trading based upon info not available to the public is also disingenuous as that excuse has been used before in cases where it was shown that illegal behavior was involved in "automatic" stock sales which, by the way, the CEO established only one month prior to the radical sale of his stock.

Even though he's retiring at the end of January, the huge sale of stock by Intel's group president of Manufacturing, Operations and Sales could also be seen as suspicious. I'd like to know when he announced his retirement and when he established HIS "automatic" sale of stock. Not that long ago he was seen as the most likely replacement for the CEO.

EDIT:

Stacy Smith to Retire after 30 Years at Intel
August 22, 2017

https://newsroom.intel.com/news/stacy-smith-retire-30-years-intel/

In an email today, Intel CEO Brian Krzanich announced that Stacy Smith, Group President of Manufacturing, Operations and Sales at Intel, has decided to retire from the company at the end of January 2018.

These bugs were discovered in June of 2017 and chip manufacturers and OS producers were secretly notified to allow them to come up with fixes.

Intel Xeon's, an architecture positively known to be affected because it was part of the actual tests which discovered the problem, are widely used in massive quantities in network servers and any performance hits due to security patches are going to really piss off some big buck users with plenty of cash to hire top lawyers.
 

cerving

Owner, Eggtimer Rocketry
TRF Sponsor
TRF Supporter
Joined
Feb 3, 2012
Messages
5,354
Reaction score
3,358
As much publicity as this has received, I think the chances of it being used in a widespread malware attack are very slim. First of all, you can only read from privileged memory, not write to it, so it could only be used for data gathering. You'd have to know exactly what you were looking for, too. I think it may end up being used for something like a Stuxnet in which a nation-state targets a specific target with specific knowledge of their environment, but unless you're one of those targets you probably don't have a lot to worry about in relation to this feature (it's not a bug... it was designed to do this). Believe me, it's a whole lot easier to craft up an email attack that somebody clicks on so you can get some Bitcoin out of it... that's why ransomware attacks are so prevalent.
 

Winston

Lorenzo von Matterhorn
Joined
Jan 31, 2009
Messages
9,542
Reaction score
1,702
As much publicity as this has received, I think the chances of it being used in a widespread malware attack are very slim. First of all, you can only read from privileged memory, not write to it, so it could only be used for data gathering. You'd have to know exactly what you were looking for, too. I think it may end up being used for something like a Stuxnet in which a nation-state targets a specific target with specific knowledge of their environment, but unless you're one of those targets you probably don't have a lot to worry about in relation to this feature (it's not a bug... it was designed to do this). Believe me, it's a whole lot easier to craft up an email attack that somebody clicks on so you can get some Bitcoin out of it... that's why ransomware attacks are so prevalent.
"It's not a bug, it's a feature". The "bug" reference can be considered to be a short descriptive term for unintended harmful capabilities to exploit a feature.

As far as the ability to use this as an exploit, there are a BAZILLION ARM devices worldwide which will NEVER get the required updates, such as orphaned Chinese phones and tablets which NEVER receive updates of any kind from their manufacture and another BAZILLION x86 PCs whose users never update them, so the long term effect of this is yet to be seen.

Anyway, it may not as be as bad for Intel as expected although, as always, time will tell:

Intel Releases Patch For Spectre and Meltdown – Apple, Google, Microsoft, Amazon Measure No Significant Performance Degradation For Vast Majority Of Use-Cases

https://wccftech.com/intel-patch-meltdown-spectre/

Intel will release Spectre and Meltdown patch for 90% of processors introduced in the last 5 years by the end of next week

Soon after the initial PR, Intel also rolled out statements from 4 of its biggest clients, namely Google, Amazon, Apple and Microsoft, all 4 of whom have stated that they are witnessing little to no impact on the vast majority of their cloud workloads. This still means that there will be significant performance impact on a small minority of use cases, but so far things are starting to look good for the industry in general.
 

Winston

Lorenzo von Matterhorn
Joined
Jan 31, 2009
Messages
9,542
Reaction score
1,702
Big rockets use chips too bro. Maybe this explains all of North Korea's failed launches.
Yeah, I love comments like that in a forum section intended for comments not directly related to rockets. Most of mine are at least science/tech/milporn related. Meanwhile, small talk conversations not only not related to rockets but having no science or tech content don't get the same complaints (although I don't bother to read those very often so I'm not so sure about that).
 

Viperfixr

Born Again Rocketeer
Joined
Jan 19, 2009
Messages
1,474
Reaction score
71
Glad my last computer build included a AMD Ryzen 1700X CPU! Runs like a champ, overclocked with a few clicks above 1800X levels and runs cool too.

Winston, despite some of the inappropriate negativity leveled in another thread, just wanted to let you know that I always read your postings and find them very interesting. Often thought provoking. Thank you for posting them. Oh, and I had to Google the Lorenzo Von Matterhorn thing too, so thanks for that laugh as well!
 

o1d_dude

'I battle gravity'
Joined
Jan 18, 2009
Messages
8,379
Reaction score
1,277
Location
A Banana Republic
Read this morning that those folks like myself who are running older systems like my Devil’s Canyon i5-4690K and Windows 7 will see a noticeable performance hit following the mediation code install. Unless something is seriously wrong with your PC flashing the OS is not all that desirable. In this case, it looks like the BIOS flash may be necessary...assuming an upgrade is available for the specific hardware.

Microsoft’s position is to update/replace your hardware and “upgrade” to Win10.

Apple has prepared an iOS update that is pretty much guaranteed to hurt performance on most of their hardware...even the new iPhone X. The older the hardware, the larger the performance hit.

Fun times ahead.
 

Winston

Lorenzo von Matterhorn
Joined
Jan 31, 2009
Messages
9,542
Reaction score
1,702
Spectre and Meltdown patches causing trouble as realistic attacks get closer
Driver incompatibilities and microcode problems are both being reported.
15 Jan 2018

https://arstechnica.com/gadgets/201...sing-trouble-as-realistic-attacks-get-closer/

The Spectre updates are also proving problematic. Microsoft withdrew the patch for AMD systems last week after some machines were left unable to boot. The company has resumed distribution of the patch to most AMD systems, but some older machines are still being excluded.

Intel issued a microcode update that provided extra features that operating systems could use to protect against Spectre. But after reports of crashes, the company is now warning not to install it on systems with Haswell and Broadwell processors. If your motherboard or system vendor has an updated firmware with the new microcode, don't install it, and if you're using software such as VMware ESXi to update your microcode, VMware says you should revert to an earlier version.

This is all a mess. Some companies, such as cloud service providers, have no real option but to install all the updates, including the microcode updates, because their vulnerability is so great; their business is running untrusted third-party code. For the rest of us, there is urgency, but that needs to be balanced against reliability.

That urgency is growing with each day, however, particularly when it comes to the Meltdown attack. The research and proof-of-concept is currently missing certain pieces of information. The Meltdown technique described in the paper works (and researchers have already devised certain other similar techniques that build on the same principles), but it is subject to certain limitations. Specifically, it's unable to leak information not in the processor's level 1 cache, and it's somewhat slow. This makes effective malicious use difficult, if not impossible.

However, these difficulties are not insurmountable. The researchers have a technique that can be used to retrieve any kernel data, and that technique (or some other technique, with the same capability) has been independently reinvented by at least three other people. This research still seems to be some way short of the claimed 500kB/s claimed in the paper, but it's clear that researchers are getting closer to turning Meltdown into a truly useful attack.

What the good guys can do, so too can the bad guys; it can't be long now before real-world attacks use these techniques to locate sensitive data or break out of sandboxes. The race is truly on, and it's by no means guaranteed that the buggy drivers and microcode will be fixed before malicious hackers start exploiting Meltdown.


Researcher finds another security flaw in Intel management firmware
12 Jan 2018

https://arstechnica.com/information...r-security-flaw-in-intel-management-firmware/

[video=youtube;zO-lgAIzX_M]https://www.youtube.com/watch?v=zO-lgAIzX_M[/video]
 
Top