Meltdown & Spectre potpourri

Discussion in 'General Chat' started by DrinkLyeAndDie, Jan 4, 2018.

  1. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    I read about this yesterday but was too busy to get around to posting. Some sad humour.

    This relates to CVE-2018-8897:

     
    whatever_gong82 likes this.
  2. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

  3. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    "And the hits keep on coming."

    This news started rolling out in the last few days.

    Mitre CVE: CVE-2018-3639 - Speculative Store Bypass (SSB) - also known as Variant 4


    From the MacRumors article:

    Edit: This may or may not be related to a previously disclosed newer vulnerability. I'm losing track at this point.
     
    Last edited: May 24, 2018
  4. gereral1

    gereral1 Well-Known Member

    Does this mean more performance hits in I/O for intel?. Already took 18% hit
     
  5. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    The mitigation added in the firmware update will be defaulted to off. Yes, when enabled it WILL hurt performance. Again. When the mitigation is turned off there is no hit.
     
  6. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    Also from the MacRumors article:

    In essence, if you already have prior Meltdown & Spectre mitigations via BIOS updates and OS updates then it is addressed... mostly. According to Intel. However, they are going to release a full mitigation but since it'll hand everyone yet another performance hit they are making it optional... for now until the other shoe drops.
     
  7. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

  8. antipodes

    antipodes Well-Known Member

    @DrinkLyeAndDie after Intel and others have completed their analysis of the hardware issues do you think we will be required to get a new computer or will replacement boards be available? Thanks for your vigilance and reporting on this saga.
     
  9. Ch3vr0n

    Ch3vr0n Translator NL & Mod

    Required? Definitely not. With the bios updates (microcode patches) and the ones in the OS itself your adequately protected. Intel is working on a revised CPU architecture that will have hardwired protection. Just don't know if that's going to be in the 8th gen Core i processors or the 9th.

    Sent from my Nexus 6P with Tapatalk
     
  10. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    This is actually a complicated answer. It's not simply a yes or no question. It depends on the application of the system in question and how dangerous having the vulnerability is on the system. Is it a business machine (ie banking) or simply a home user? Who has more to lose and what will the repercussions be?

    I doubt it will happen for numerous reasons but I'd love to see re-designs that protect against such vulnerabilities that would still fit the same socket and be usable in existing motherboards. IOW, I'd like to see a new protected LGA 1151 CPU that can actually be used in my Z170 motherboard. I am currently running a Skylake 6700K which the Z170 is targeted at but if I wanted I could run a Kaby Lake 7700K which is also LGA 1151 but I can't run a Coffee Lake 8700K which is also LGA 1151. I seriously doubt that any redesigns even if they are LGA 1151 will work in older motherboards like the Z170. Thanks, Intel. If I am wrong then I'll be happy and amazed but, wow, will I be shocked. It's the right thing to do but since when does that matter?
     
    Last edited: May 23, 2018
  11. antipodes

    antipodes Well-Known Member

    Thanks for the advice DrinklyeAndDie and Ch3vr0n
     
  12. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    Haven't seen this discussed elsewhere but I found it interesting. This relates to the AMD Epyc processors.

    The Register: Researchers crack open AMD's server VM encryption

     
  13. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    ThreatPost: Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4

     
  14. BrianG61UK

    BrianG61UK Well-Known Member

  15. gereral1

    gereral1 Well-Known Member

    Built intel8700k did some 4k tests. Thru-put is 920mb/s read and write on 2 500g blue wd ssd m2 n raid 0. So these patches have no effect on my max hero x and Intel 8700k chip. Glad I went Intel. Fast pc for 4k ripping. I'm in heaven now
     
  16. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    Phoronix: CVE-2018-3665: Lazy State Save/Restore As The Latest CPU Speculative Execution Issue

    The Register: Intel chip flaw: Math unit may spill crypto secrets to apps – modern Linux, Windows, BSDs immune

    The Hacker News: New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs
    Mitre CVE: CVE-2018-3665
    Bleeping Computer: New Lazy FP State Restore Vulnerability Affects All Intel Core CPUs
     
  17. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    Fudzilla: Intel warns of lazy FP state restoration

     
  18. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    Interesting reading. This could definitely make for a brighter future in chip design.

    arXiv - Cornell University Library: SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation

    The Register: Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix

     
  19. DrinkLyeAndDie

    DrinkLyeAndDie Retired Moderator

    This has been talked about for a few days...

    Ars Technica: Hyperthreading under scrutiny with new TLBleed crypto key leak

     
  20. BrianG61UK

    BrianG61UK Well-Known Member

    Yet your user name commands us to commit suicide in one of the most horrific ways possible.

    Just seemed ironic.