Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

I'd be careful about any Microcode patches, afaik Intel are still calling them BETA!

https://security-center.intel.com/ad...nguageid=en-fr

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

No one's saying you should go out and buy a new CPU that has this errata. Heck, I'm not selling any more Intel until Cannon Lake comes out. But there's no need to be too cautious. Intel says the reboot issue is fixed, there's no reason not to believe them.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

All I was saying is it's better to hold out a while and see if any issues crop up.
After all what did they say about the first patch, that it was riddled with "reboot issues"?

Of course they didn't, because they didn't test it properly before release.
And how transparent is it to call a BSOD / data corruption issue a "reboot issue" to begin with?

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

On my test machine with Lubuntu 18.04 (alpha) with the latest kernel patch today.

Spectre and Meltdown mitigation detection tool v0.35

Checking for vulnerabilities on current system
Kernel is Linux 4.15.0-10-generic #11-Ubuntu SMP Tue Feb 13 18:23:35 UTC 2018 x86_64
CPU is Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: NO
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: NO
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: NO
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: NO (model 23 stepping 10 ucode 0xa0b)
* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: YES

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel has array_index_mask_nospec: YES (1 occurence(s) found of 64 bits array_index_mask_nospec())
* Kernel has the Red Hat/Ubuntu patch: NO
> STATUS: NOT VULNERABLE (Mitigation: __user pointer sanitization)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: NO
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation)
> STATUS: NOT VULNERABLE (Mitigation: Full generic retpoline)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: YES
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (Mitigation: PTI)

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Another system running Lubuntu 16.04 with AMD processor.

Spectre and Meltdown mitigation detection tool v0.35

Checking for vulnerabilities on current system
Kernel is Linux 4.4.0-116-generic #140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x86_64
CPU is AMD Phenom(tm) 9500 Quad-Core Processor

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: NO
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: NO
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: NO
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: NO
* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: NO

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel has array_index_mask_nospec: NO
* Kernel has the Red Hat/Ubuntu patch: YES
> STATUS: NOT VULNERABLE (Mitigation: OSB (observable speculation barrier, Intel v6))

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: YES
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation)
> STATUS: NOT VULNERABLE (Mitigation: Full AMD retpoline)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: YES (kernel confirms that your CPU is unaffected)
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: NO
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Retiredcaps, what performance hit are are you seeing? Do we need big increases in RAM? More powerful video cards? How stable so far? What is the impact on earlier hardware (=now completely obsolete)? Finally where does one get the test tool?

Sorry for the barrage of questions! I use E8400 as my goto CPU, so thanks for this.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Performance hit with workaround => need more MHz to counter it... Depending on the software it can be almost negligible or up to 20%+ to even 50% on syscall-heavy software.

RAM usage does not increase much - marginal code size increase.

Really old hardware is harder to exploit due to the sideband not reliable, but your E8400 is not old enough to be "old" (P3 and older are considered "old")... Basically P4 and newer are easier to exploit, and the core-iX (nehalem and newer) easiest.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

The big question is are they removing branch prediction completely from the new silicon or are they reimplementing it securely...

retiredcaps -

I wonder how Core2 will fare with Windows since it doesn't seem Intel is releasing newer microcode for that generation...

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

They are probably either doing it more securely (probably stopping branch prediction execution on the syscall until it's resolved.) There's too much performance loss if branch prediction is removed. Unfortunately this could cost some MHz penalty but less than the complete removal of branch prediction.

There appears to be some core2 that will have new microcode (mostly servers only), otherwise they may end up needing to be discarded to the "security not guaranteed" pile.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

I haven't noticed any slowdown in normal web browsing using chrome. There might be a 5 to 10% slowdown, but I can't perceive it in everyday usage. Depending on your applications, you may not notice as well.

Either way, I'll take a performance hit to mitigate these bugs.

Chrome, itself, has some mitigation built in for these bugs. See

https://www.chromium.org/Home/chromium-security/ssca

Same for Firefox.

https://blog.mozilla.org/security/20...timing-attack/

I haven't increased my DRAM and I'm using plain old onboard built in video.

So far, I haven't had any crashes before or after the new kernel mitigations.

Supposedly Intel might release a patch for the Wolfdale (E8x00 series) as per



It is in the "planning" stage according to the pdf.

The test tool is at

https://github.com/speed47/spectre-meltdown-checker

It is at version 0.35 currently.

PS. There was an ad on my local kijiji for some i7 machines (about 40 of them) with no hard drives for $20 CDN each. I contacted the seller, but so far no reply. I was going to buy 5 of them and sell/give away all my Core2Duos and AMD X2. I gave away all my P4 systems when I saw that some linux distros are dropping 32 bit support.

Even if I get i7s, I would still be running a lightweight distro like Lubuntu so everything is blazing fast. Lubuntu, chrome with ublock origin runs well with Core2Duos.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

My 5400 series xeons (C2Q's) still get it done.... I have several westmere systems in the mix as well... I still haven't patched anything for this knee jerk panic attack exploit...

Has anyone actually seen a real-world malware that uses these exploits?

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Why not use a sacrificial machine for those applications that MUST be "exposed" (to potential remote attacks) and keep everything of value air-gapped on another machine(s)?

E.g., I don't bother with AV, security updates, etc. -- because my only risk is if an INTRUDER gains physical access to my machines. In which case, there's nothing stopping him from carrying them off and tinkering with them (and the data they contain) at his leisure!

My few "on-line" machines are disposable; I can rebuild them in minutes. (My ecommerce machine effectively has a write-protected hard drive)

Anything of value that I retrieve from an on-line resource (that I want to KEEP) gets moved onto portable media and sneakernetted to another machine (which, itself, may be airgapped from the rest of the machines, here).

Yeah, this leaves me potentially vulnerable -- but not with any of the things that are truly important/valuable.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Source?

That's great news... There's no problem repurposing old 771 CPUs into 775 machines. It's the cost of about a dollar for the sticker, and then the rest of the mod consists of grinding away at the sides of the CPU to get it to fit and modding the BIOS with Xeon microcodes.

So far though I've not seen any 771 microcode updates... They are still dated 2010ish.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Check retiredcaps (post #210) - there's an intel pdf that at least says Yorkfield is being investigated and that's a core2.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

I finally got a reply and went to pick them up, but only some were i7s and they were already cherry picked by other people. The guy selling them said one guy took twelve i7s. Another took eight i5s just when I got there. The rest were Core2Duos.

I managed to get four i5s. One is i5-660. Since I didn't do any research ahead of time, it looks like the single core performance between a E8500 and i5-660 is minimal. I didn't realize the i5-660 is only dual core.

I haven't tested the other 3 yet, but will get around to it next week, but suspect they will be the same. The guy said he would have more for sale next week and I asked him to put some i7s aside for me, but I don't know if he will come through despite paying him a bit extra.

The Intel document says these Clarkdale CPUs are in pre-beta or beta stage depending on which i5-660 I have.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

The 600 series has some interesting instruction like AES. Good for mining

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Here is a list of CPUs that received the updated fix as of the 12th of March. (I've already flashed my Haswell laptop - there is no noticeable drop in performance, even with an XP x64 VM running in the back).

SNB - SANDY BRIDGE
JKT - SANDY BRIDGE XEON
IVB - IVY BRIDGE
IVT - IVY BRIDGE XEON
HSW - HASWELL
HSW-ULT - HASWELL
CRW - CEDARVIEW?
HSX - HASWELL?
HSX-EX - HASWELL?
BDW-U/Y - BROADWELL
BDW-H - BROADWELL
BDX-DE - BROADWELL?
BDW-DE - BROADWELL
SKL-U/Y - SKYLAKE
SKL - SKYLAKE
KBL-U/Y - KABY LAKE
KBL - KABY LAKE
CFL - COFFEE LAKE
SKX - SKYLAKE?

Time to hack your BIOS if you have one of these CPUs. Motherboard makers WILL NOT update the BIOS for their older boards. You will have to do it yourself. Or you can wait for Microsoft to release OS-level microcode updates.

Keep in mind, if you rely on OS-level microcode updates, your system is vulnerable as soon as the KB is no longer present.

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Trying out this chrome extension called chrome zero ...

"Chrome Extension Protects Against JavaScript-Based CPU Side-Channel Attacks"

https://www.bleepingcomputer.com/new...annel-attacks/

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Mybe this deserves another thread but it seen the problems continue but now in the AMD side but they look biased and not fully reliable.

http://www.tomshardware.com/news/cts...pyc,36660.html
https://www.bleepingcomputer.com/new...lnerabilities/

Maybe we can rename meldown to "inteldown".
Well not sure what to think about these new discoverys, The company CTS Labs does not look very reliable and is based in Israel...

Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

It's being discussed in the linked thread hikaruichijo:
https://www.badcaps.net/forum/showth...691#post812691