Some serious security bug in INTEL CPUs?? Since Westmere possibly

eccerr0r replied

01-13-2018, 04:16 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by Stefan Payne View Post

We never would have because ia64 is incompatible to x86

Sure but the problem is that now we're finding it's a fundamental problem with x86 (well, superscalar execution), and switching from superscalar to VLIW was a solution.

and its just utter nonsense.

Define nonsense if it solves the problem at hand.

And Intel is the worst company in the world...

Sure, but that's just repeating the last point without saying why.

What you should have wished for is that Micro Channel was the thing to go and not PCI.

And that IBM would have kept the superiority and not Intel. Because whatever IBM did was pretty good.

What Intel does is from a technical standpoint garbage most of the times.
Like adding the +3,3V rail for ATX PSU, AGP and other stuff as well.

Who knew when it first came out? Demand for speed came so fast, interim solutions were needed.

I have my beef against ia64 too but it no speculation = no cache fetch execution crap like what we're seeing now. Alas it too has vendor lock-in which is probably the larger reason why x86-64 was taken (amd would have had to paid huge royalties to make ia64 chips). Sort of the exact problem with MCA, licensing fees for MCA were higher than PCI.
Leave a comment:
stj replied

01-13-2018, 03:14 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

the thing that used to piss me off,
AMD had 64bit well over a year before Intel,
but because Intel and M$ are so corrupt, m$ refused to release a 64bit version of windows until Intel had it's chips ready.
just to stop people buying AMD 64bit chips unless they used Linux.

not using windows anymore, i no longer give a fuck - i hope they try similar tricks again!
Leave a comment:
Stefan Payne replied

01-13-2018, 02:43 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by ChaosLegionnaire View Post

srsly, fuck u again intel x2!

Sadly, the INtel Fans don't care about that shit.

Also the performance drops for the Spectre and Meltdown Patches.
In Games (streaming heavy ones) it can also drop about 15% or so - nobody cares about that, sadly...
Leave a comment:
Stefan Payne replied

01-13-2018, 02:39 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by eccerr0r View Post

If we had gone itanium instead of x86-64...

We never would have because ia64 is incompatible to x86 and its just utter nonsense.
And Intel is the worst company in the world...

What you should have wished for is that Micro Channel was the thing to go and not PCI.

And that IBM would have kept the superiority and not Intel. Because whatever IBM did was pretty good.

What Intel does is from a technical standpoint garbage most of the times.
Like adding the +3,3V rail for ATX PSU, AGP and other stuff as well.
Leave a comment:
stj replied

01-13-2018, 01:47 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

reboot more often than normal

says it all, my AMD systems dont reboot - ever.

so for the sake of completeness, can intel tell us how often their cpu's reboot normally?
Leave a comment:
ChaosLegionnaire replied

01-13-2018, 12:15 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

now intel says the meltdown and spectre patches can cause reboot problems in older chips!

Originally posted by Reuters

Intel Corp on Thursday said that recently issued patches for flaws in its chips could cause computers using its older Broadwell and Haswell processors to reboot more often than normal and that Intel may need to issue updates to fix the buggy patches.

In a statement on Intel's website, Navin Shenoy, general manager of the company's data center group, said Intel had received reports about the issue and was working directly with data center customers to “discuss” the issue.

“We are working quickly with these customers to understand, diagnose and address this reboot issue,” Shenoy said in the statement. “If this requires a revised firmware update from Intel, we will distribute that update through the normal channels.”

Earlier on Thursday, the Wall Street Journal reported that Intel was asking cloud computing customers to hold off installing patches that address new security flaws that affect nearly all of its processors because the patches have bugs of their own. (on.wsj.com/2Eyo7yA)

Intel has identified three issues in updates released over the past week for “microcode,” or firmware, the newspaper reported, citing a confidential document the company had shared with some customers that it had reviewed.

The world's largest chipmaker confirmed last week that the security issues reported by researchers in the company's widely used microprocessors could allow hackers to steal sensitive information from computers, phones and other electronic devices.

Intel shares were down about half a percent to $43.20 in after-hours trading after the announcement. Intel shares have lost 4.5 percent since the news of the chip flaws emerged on Jan. 3.

Source: Reuters

srsly, fuck u again intel x2!
Leave a comment:
Topcat replied

01-12-2018, 09:44 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by hannah View Post

...are the AMD cores really better?

That's the age-old argument in the PC world...much like Ford vs Chevy in the car world....or coke vs pepsi....republican vs democrat...its an endless argument that no winner will ever emerge from.
Leave a comment:
hannah replied

01-12-2018, 09:30 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

I saw their reply to one of the issues presented in their chips. They practically just waved a hand at it by saying it can't do much damage in your files or something. Then proceeded to say it's not unique to Intel chips.

Anyway, are the AMD cores really better? God damn it! I upgraded to an i5 a year ago and I spent hours on hours looking at benchmarks and everything, but Intel always came out better. I hope they're not pulling that old Pentium IV scam again.
Leave a comment:
stj replied

01-12-2018, 07:40 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

lol always trust m$ to make things worse!
http://www.dailymail.co.uk/sciencete...-old-chips.htm

accident? yea-right!!

also:
https://arstechnica.com/information-...ment-firmware/

so it's a DP (porn industry term!)
Leave a comment:
eccerr0r replied

01-12-2018, 02:03 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

If we had gone itanium instead of x86-64...
Leave a comment:
hikaruichijo replied

01-12-2018, 03:39 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

The problem is that AMD always play fair even when the first Phenon bug apeared they admited it and fixed it and admited the loss off performance.
But Intel always lies and bends the truth to their own god, and if that's not posible, pais money to anybody who can bend the truth for then, for example youtubers, and reviewers that only care about the money.
Leave a comment:
retiredcaps replied

01-11-2018, 05:23 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by retiredcaps View Post

My E8400 is vulnerable. Patch for Lubuntu is supposed to be released Jan 9.

My test machine running 18.04 with E8400 received an intel-microcode upgrade and kernel update. Looks like Intel isn't bothering with updating the firmware on the E8400.

Upgrade: intel-microcode:amd64 (3.20171117.1, 3.20180108.1), publicsuffix:amd64 (20171028.2055-1, 20171228.1526-2)

--- run script ---

https://raw.githubusercontent.com/sp...own-checker.sh

Spectre and Meltdown mitigation detection tool v0.27

Checking for vulnerabilities against live running kernel Linux 4.13.0-25-generic #29-Ubuntu SMP Mon Jan 8 21:14:41 UTC 2018 x86_64

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: NO
> STATUS: VULNERABLE (only 29 opcodes found, should be >= 70, heuristic to be improved when official patches become available)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation: NO
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: YES
> STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)

A false sense of security is worse than no security at all, see --disclaimer
Leave a comment:
jayjr1105 replied

01-11-2018, 01:53 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Ditched an i5 6600 (4 thread $200) for a Ryzen 1600 (12 thread also $200) and haven't looked back.
Leave a comment:
stj replied

01-11-2018, 12:59 PM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

AMD could pretty much kill Intel right now - if they wanted.
they just need to partner with the coreboot project,

then start marketing secure TRUSTABLE cpu's and motherboards.
with no hidden microcontroller ass-raping you in the background.

if they want to play on every fear and predudice, they could bring up the "management engine" and it's little-mentioned DRM code together with the fact that Intel is pretty much an Israeli company!!!!
Leave a comment:
hikaruichijo replied

01-11-2018, 10:48 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Intel whill increase the price of their cpus and new buyers will pay for the lawsuit, like it hapened with the pentium bug un 1994 and with the lies about the Pentium 4 performance.
And like they always do, they won't apologice and they'll say
"This things happens but our cpus are more expensive than the others because they are the best", well as long as the app tha is runing looks for the "Genuine Intel flag".
And don't forget about the Intel 6 series chipset sata problems, and the atom C2000 series...

Last edited by hikaruichijo; 01-11-2018, 10:51 AM.
Leave a comment:
Topcat replied

01-11-2018, 09:50 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by eccerr0r View Post

A lot of these appear to be theoretical attacks, and have merely proof of concept attacks which are legal code but shouldn't "work".

Rings out 'planned obsolescence' scam if anything else. If its going to be blamed on cockamamie conspiracy theories such as evil governments or Israeli agents....this theory is far more plausible. Think about it, the last 10 years processor technology really hasn't advanced much....what better way to sell some chips & systems than a mass scare with patches that slow CPU predecessors to a crawl.....

Originally posted by mockingbird View Post

I disagree.

AMD chips seem to be only vulnerable to localized attacks while Intel chips seem vulnerable to remote attacks...

An attack is an attack. This logic is like being 'almost pregnant'.... It doesn't fly. AMD doesn't get a pass if intel doesnt.
Leave a comment:
Stefan Payne replied

01-11-2018, 09:13 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by Behemot View Post

I can confirm though that in paralelised tasks, with 7 threads per FX-8150@4.1 GHz, it rips ass of everything I tested so far from Intel.

Bulldozer is a beast, BUT
a) needs optimized code
b) was far ahead of its time.

And that's why it failed.
AMD should have taken the year or so to optimize BD and should have brought Steamroller cores in the Beginning. They were quite good...
Leave a comment:
mockingbird replied

01-11-2018, 08:27 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Originally posted by eccerr0r View Post

A lot of these appear to be theoretical attacks, and have merely proof of concept attacks which are legal code but shouldn't "work". Some of these take a long time to get an accurate read of a particular address. Plus Linux having address space randomization, at least for 64-bit, having to search for "interesting" data can take a while (though it can be done clandestine).

In any case, "localized" vs "remote" doesn't quite make sense in terms of the traditional sense of these - all variants require bad code to be explicitly downloaded to the machine to exploit. However I think meltdown might be easier to exploit as it can be done "faster" (in terms of reading MB/sec) than exploiting spectre.

Have you seen AMD's page regarding the three variants?

https://www.amd.com/en/corporate/speculative-execution
[quote]

Originally posted by jayjr1105 View Post

Apparently anything 4th gen Haswell and older is going to get hit hard by the Spectre bug patch. That's not even the Intel screw up one (meltdown)

Source

I can handle even a 50% slowdown on my Haswell... It will still be more than 100% faster than that old HP core2duo laptop which would slow to a crawl when virtualization was being used.

Last edited by mockingbird; 01-11-2018, 08:29 AM.
Leave a comment:
jayjr1105 replied

01-11-2018, 07:26 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Apparently anything 4th gen Haswell and older is going to get hit hard by the Spectre bug patch. That's not even the Intel screw up one (meltdown)

Source
Leave a comment:
eccerr0r replied

01-11-2018, 01:58 AM
Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

A lot of these appear to be theoretical attacks, and have merely proof of concept attacks which are legal code but shouldn't "work". Some of these take a long time to get an accurate read of a particular address. Plus Linux having address space randomization, at least for 64-bit, having to search for "interesting" data can take a while (though it can be done clandestine).

In any case, "localized" vs "remote" doesn't quite make sense in terms of the traditional sense of these - all variants require bad code to be explicitly downloaded to the machine to exploit. However I think meltdown might be easier to exploit as it can be done "faster" (in terms of reading MB/sec) than exploiting spectre.
Leave a comment:

Announcement

Some serious security bug in INTEL CPUs?? Since Westmere possibly

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment: