• AnyStream is having some DRM issues currently, Netflix is not available in HD for the time being.
    Situations like this will always happen with AnyStream: streaming providers are continuously improving their countermeasures while we try to catch up, it's an ongoing cat-and-mouse game. Please be patient and don't flood our support or forum with requests, we are working on it 24/7 to get it resolved. Thank you.

Meltdown & Spectre potpourri

Tom's Hardware: Intel’s Latest On Spectre Fix Reboot Issue: Updated Fix Being Tested

[...]

Intel announced that it has made progress in correcting the issue causing random reboots in the fix for the Spectre vulnerability that it issued to hardware partners earlier.

The news from Intel that the CPU microcode update, which it issued to patch the Spectre vulnerability, was inducing random system reboots just made the Meltdown/Spectre issue go from bad to worse. Intel first announced that the issue affected Haswell and Broadwell systems, but later expanded the list to include Kaby Lake, Skylake, Ivy Bridge, and Sandy Bridge. The issue was discovered after a huge amount of hardware partners had already issued the fix to their customers, leaving some stuck with the issue.

[...]

Intel says that it has root-caused the issue on Haswell and Broadwell systems and that it has already issued a version of the fix to hardware partners, which are currently testing it. Intel’s official advisory to hardware partners hasn't changed: Don’t issue anymore of the bugged update and start testing the new one. However, Intel says it is also working to create a new version of its original update that removes Spectre variant 2-related fixes, but maintains Spectre variant 1 and Meltdown fixes. This new update will be made available for the interim period.

[...]
 
I fucking knew I shouldn't have updated so soon, even if it was a severe bug like these. Luckily I haven't had any system reboots or locks yet and I hope I never do. Though they better fix their shit soon. And when that's done, I'm going back to MAYBE 1 bios update every 6-12m

MAYBE!

Sent from my Nexus 7 with Tapatalk
 
Fudzilla: Intel warns about installing its chip patch

[...]

Torvalds was right - Intel is a chicken with its head cut off

A day after Linus Torvalds warned that Intel’s patching for a severe security flaw on its chips was “garbage”, Intel has warned users not to upgrade.

[...]

According to Executive Vice President Navin Shenoy, on the Intel Newsroom site, the current advice is: “We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and unpredictable system behaviour."

[...]
 
Computer World: Belay that order: Intel says you should NOT install its Meltdown firmware fixes

[...]

According to Executive Vice President Navin Shenoy, on the Intel Newsroom site, the current advice is:

"We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior."

And that covers just about everybody in the sentient non-ARM universe.

[...]

What can you do about it? Not much. Except to realize that not one single Meltdown- or Spectre-based piece of malware is in circulation.

Moral of the story: It pays to hold off on firmware patches, too.

[...]
 
Still have updates disabled! who's going to pay local computer shop for Microsoft fuckup as their pc need a format or worse yet a new motherboard
 
No touchy for me for AMD updates..... wait tell the last possible moment
 
Microsoft released fixes for the AMD issues last week. I haven't heard any horror stories since they did. Actually, I've really not heard anything which is really good or no one is installing it.

ZD Net: Windows 10 Meltdown-Spectre patch: New updates bring fix for unbootable AMD PCs
Please do not install. My issue was my hard drives would not load files, edge browser closed and every time tried to recover pages and the windows Taskbar would not show the list of programs. Great it stops boot issues but nothing mentioned about this stuff. Disabled......not updating hell no
 
Please do not install. My issue was my hard drives would not load files, edge browser closed and every time tried to recover pages and the windows Taskbar would not show the list of programs. Great it stops boot issues but nothing mentioned about this stuff. Disabled......not updating hell no

Hopefully the issues have been reported and are being dealt with.
 
ZD Net: Spectre flaw: Dell and HP pull Intel's buggy patch, new BIOS updates coming

[...]

On Tuesday, HP pulled its softpaqs BIOS updates with Intel's patches from its website, and on Thursday will release a BIOS update with a previous version of Intel's microcode.

Intel has prepared microcode updates for OEMs like HP and Dell that don't trigger the reboots, but also don't contain its patch for Variant 2, while leaving in place mitigations for Meltdown Variant 3 and Spectre Variant 1.

In the meantime, it's also developed a complete and -- hopefully -- stable patch for Broadwell and Haswell, but this is still being tested with OEMs. New microcode updates for Kaby Lake and Sky Lake will be released later.

[...]

In the meantime ASUS is still listing the BIOS update on their support pages.

Google's "Reptoline" solution sounds interesting but, unfortunately, apparently doesn't fully work on Skylake:

[...]

Google has developed its own mitigation for Variant 2 called Retpoline, which achieves IBRS' goal without impacting performance. Retpoline has been integrated with the Linux kernel and offers a software-based mechanism to isolate indirect branches from speculative execution.

IBRS has been a source of contention among Linux kernel developers. In an email exchange with Linux kernel engineer David Woodhouse, Linus Torvalds called Intel's patches"complete and utter garbage".

Woodhouse pointed out that Retpoline mitigates against Variant 2 attacks on most Intel CPUs, but not fully on Skylake and so has recommended IBRS be only used on this generation of processors. Besides this, IBRS doesn't have the same performance impact on Skylake as it does for older CPUs.

[...]
 
Last edited:
Tom's Hardware: Intel Announces 'In-Silicon' Fixes For Meltdown And Spectre Coming This Year, 10nm Update

[...]

Here Comes The Silicon Patch

Intel CEO Brian Krzanich started the call with a short restatement of the company's commitment to security, which sounded very similar to his statements in the CES 2018 keynote.

Krzanich later said the company would begin to ship products with "in-silicon" fixes for the vulnerabilities by the end of the year (Q4). He did not quantify the statement further, but logically this means that the company will include these fixes in the 10nm generation of products. Krzanich also later stated that the company expects to continue developing its 14nm products in 2018, so we could see yet another round of 14nm processors (sigh). Of course, one could speculate that these chips might also have in-silicon patches for the vulnerabilities.

Intel's newer chips (post-Broadwell) support a PCID (Post-Context Identifier) feature that helps reduce the performance impact of the Meltdown patches on newer hardware. Intel's plans to institute in-silicon fixes could reduce the impact even further, or perhaps remove it entirely. That's a sorely needed feature for a company that is reeling from the never-ending onslaught of press coverage around the vulnerabilities.

Some analysts are predicting that Intel could experience higher sales as companies refresh their hardware to offset the lost performance from the patches. Considering Intel's apparently fast cadence of in-silicon fixes, that could hold true. Krzanich also said the company is focused on developing high-quality mitigations for customers, and it has created a website dedicated to helping customers deal with the vulnerabilities. (The link to this website has not been provided. We have requested the link.)

[...]

Sadly, this doesn't help those of us stuck with flawed CPUs.
 
Tom's Hardware: Intel Releases Fixed Spectre Patch For Skylake CPUs

Intel announced that it has released to its hardware partners a fixed version of its previously bugged Spectre-mitigating patch for Skylake CPUs.

After about two weeks since its last update on the issue, Intel would like us all to know that it hasn’t forgotten about fixing the faulty BIOS updates that were distributed en masse to patch the Spectre Variant 2 vulnerability in its CPUs. If this sounds sarcastic, it’s because it’s hard not to be after reading Intel’s latest progress update on its efforts.

[...]
 
Thread retitled from MS releases Windows 10 "Meltdown" patch (KB4056892) to Meltdown & Spetre potpourri.
 
Intel: Security Issue Update: Progress Continues on Firmware Updates

Intel continues to work closely with industry partners to protect customers against the security exploits disclosed by Google Project Zero. As I shared January 22, we identified the root cause of the reboot issue affecting the initial Broadwell and Haswell microcode updates. Since then, we’ve been focused on developing and validating updated microcode solutions for those and other impacted platforms.

Earlier this week, we released production microcode updates for several Skylake-based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms in the coming days. We also continue to release beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production.

Ultimately, these updates will be made available in most cases through OEM firmware updates. I can’t emphasize enough how critical it is for everyone to always keep their systems up-to-date. Research tells us there is frequently a substantial lag between when people receive updates and when they actually implement them. In today’s environment, that must change. According to the Department of Homeland Security’s cyber-emergency unit, US-CERT, as many as 85 percent of all targeted attacks1 can be prevented with – among other things – regular system updates.

[...]
 
Ars Technica: Intel releases new Spectre microcode update for Skylake; other chips remain in beta

[...]

The new microcode is being distributed to hardware companies so that they can include it in a new range of firmware updates. This latest update is only for mobile Skylake and mainstream desktop Skylake chips. It neither fixes the Broadwell or Haswell problems, nor does it apply to Kaby Lake, Skylake X, Skylake SP, or Coffee Lake processors. Intel says that beta testing of other microcodes for these processors is ongoing. As such, laptop and desktop owners of Skylake systems should see firmware updates arriving soon. Everyone else, however, still has to wait.
 
Well you and me are covered ;) Our 6700k is skylake :p, but why don't they wait and release an update that works for everyone instead of releasing a half baked one that only works for a certain generation
 
Well you and me are covered ;) Our 6700k is skylake :p, but why don't they wait and release an update that works for everyone instead of releasing a half baked one that only works for a certain generation

I suspect it's basically because they are at least attempting to cover their butts among other things. They've had over 6 months to work on this. As a workable and [hopefully] bug-free solution is released for each CPU generation then Intel will kick it to vendors to release to consumers. If the vendors drag their feet on releasing the updates then that's a noose around their neck and not Intel's. The quicker the solution is out and people are protected from the vulnerability the better with respect to their bottom line, shareholders, lawsuits, etc. We really don't want to see a in-the-wild attack using these vulnerabilities on banking and business. I expect that the microcode updates are also going to be tailored to the relevant CPU generations and not be a one-size-fits-all. Leveraging the differences in design can help mitigate [some of] the performance losses in some generations (ie Skylake). Some CPUs support CPID but not all, etc. Really old generations are going to take the brunt of the losses.
 
Well do a search, there already are based on the POC. But this time I'll wait a couple weeks after it's been released :p

Sent from my Nexus 6P with Tapatalk
 
Tom's Hardware: Newly Discovered Variants Of Meltdown/Spectre Exploit Cache Coherency Across Cores

Researchers created a new method of exploiting the Meltdown and Spectre vulnerabilities, which they’ve dubbed MeltdownPrime and SpectrePrime, that works by observing the effects of speculative execution on data shared between caches of different CPU cores. Existing software mitigations for Meltdown/Spectre are believed to be effective against the new variants.

[...]

In the process of their testing, they discovered that the speculative execution methods that are exploited by the Meltdown and Spectre vulnerabilities leave a trail that might not be observable in only a CPU’s shared cache, but in its cores’ individual caches as well. The explanation lies in the design of the invalidation-based cache coherence protocol of many CPUs.

[...]

Before you get too alarmed, the researchers said that current software-based Meltdown/Spectre mitigations seem successful in blocking their new exploits. However, these exploits will likely need their own distinct fix, different from those for traditional Spectre, if they are to be mitigated in hardware. It looks like Intel and AMD will have their work cut out for them in their next generation of CPUs.
 
Back
Top