Announcement

Collapse
No announcement yet.

Some serious security bug in INTEL CPUs?? Since Westmere possibly

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Some serious security bug in INTEL CPUs?? Since Westmere possibly

    Our Expert in one of the more elitest forums are speculating about some serious bug in all more modern Intel CPUs sold in the last 10 years and also right now.

    In short: it seems possible that you can break out of the user space and do excecute code in the kernelspace. Something like that.
    Sounds like it could be the worst security error in the last couple of years...

    Here the Links (GERMAN!!!11)
    https://www.forum-3dcenter.org/vbull...d.php?t=585993
    https://www.computerbase.de/2018-01/...erheitsluecke/

    #2
    Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

    So many issues with Intel's CPU's found in recent times!

    https://www.badcaps.net/forum/showpo...16&postcount=4
    "The one who says it cannot be done should never interrupt the one who is doing it."

    Comment


      #3
      Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

      i'm sure it wasnt intentional.

      Comment


        #4
        Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

        I like the FUCKWIT reference.

        http://www.theregister.co.uk/2018/01...u_design_flaw/

        "The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers."
        --- begin sig file ---

        If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

        We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

        Please do not post inline and offsite as they slow down the loading of pages.

        --- end sig file ---

        Comment


          #5
          Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

          I smell a class action lawsuit.
          <--- Badcaps.net Founder

          Badcaps.net Services:

          Motherboard Repair Services

          ----------------------------------------------
          Badcaps.net Forum Members Folding Team
          http://folding.stanford.edu/
          Team : 49813
          Join in!!
          Team Stats

          Comment


            #6
            Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

            re-posted from elsewhere:

            There is evidence of a massive Intel CPU hardware bug (currently under embargo) that directly affects big cloud providers like Amazon and Google. The fix will introduce notable performance penalties on Intel machines (30-35%).

            People have noticed a recent development in the Linux kernel: a rather massive, important redesign (page table isolation) is being introduced very fast for kernel standards... and being backported! The "official" reason is to incorporate a mitigation called KASLR... which most security experts consider almost useless. There's also some unusual, suspicious stuff going on: the documentation is missing, some of the comments are redacted (https://twitter.com/grsecurity/statu...47105684123649) and people with Intel, Amazon and Google emails are CC'd.

            According to one of the people working on it, PTI is only needed for Intel CPUs, AMD is not affected by whatever it protects against (https://lkml.org/lkml/2017/12/27/2). PTI affects a core low-level feature (virtual memory) and has severe performance penalties: 29% for an i7-6700 and 34% for an i7-3770S, according to Brad Spengler from grsecurity. PTI is simply not active for AMD CPUs. The kernel flag is named X86_BUG_CPU_INSECURE and its description is "CPU is insecure and needs kernel page table isolation".

            Microsoft has been silently working on a similar feature since November: https://twitter.com/aionescu/status/930412525111296000

            People are speculating on a possible massive Intel CPU hardware bug that directly opens up serious vulnerabilities on big cloud providers which offer shared hosting (several VMs on a single host), for example by letting a VM read from or write to another one.

            Summary article: http://pythonsweetness.tumblr.com/po...nux-page-table (a bit outdated, follow @grsecurity, @scarybeasts and others on Twitter for up-to-date info)

            This is going to make headlines and will probably be the worst hardware bug in years.
            Looks like this affects everything from the first Core (and Pentium-based Core series) and up.

            If AMD chips didn't die from electron migration so quickly, one would almost be tempted to move to them after reading this.
            EDIT by mods: discuss this last paragraph here instead please: https://www.badcaps.net/forum/showthread.php?t=66733
            Last edited by Per Hansson; 01-03-2018, 01:17 PM. Reason: split threads
            "We have offered them (the Arabs) a sensible way for so many years. But no, they wanted to fight. Fine! We gave them technology, the latest, the kind even Vietnam didn't have. They had double superiority in tanks and aircraft, triple in artillery, and in air defense and anti-tank weapons they had absolute supremacy. And what? Once again they were beaten. Once again they scrammed [sic]. Once again they screamed for us to come save them. Sadat woke me up in the middle of the night twice over the phone, 'Save me!' He demanded to send Soviet troops, and immediately! No! We are not going to fight for them."

            -Leonid Brezhnev (On the Yom Kippur War)

            Comment


              #7
              Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

              Good news: only one of my workstations in operation is effected (runs Xeon Westmere EPs). My server and other workstations are either socket 940 Opteron X2's, or Netburst Socket 604 Xeons.

              Bad News: There goes pretty much all of my laptop fleet (all of my Pentium M ones are dead with battery controller woes). Intel Atom (bay trail) also affected?

              Intel.
              sigpic

              (Insert witty quote here)

              Comment


                #8
                Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                I split this thread as per the small edit in mockingbird's post above.

                As for the topic at hand:


                Reposting a quote from this over at Techspot by a commenter that I found very fitting:
                Posted by senketsu on Techspot:
                A Google search for "CVE-2017-5925 Class: Design Error" took me to a nice National Institute
                of Standards and Technology National Vulnerability Database that gives tech folk more details.
                Unbelieveable that this was known (as @noname points out) as early as 27 Feb 2017.
                I don't understand most of this page, but when I see stuff like:
                Access Vector: Network exploitable
                Access Complexity: Low
                Authentication: Not required to exploit
                Impact Type: Allows unauthorized disclosure of information
                my morale falls into my shoes, my jaw hits the floor....gobsmacked as they say
                Overused word, but this truly is unbelieveable
                It's almost like if you say worked at Intel, maybe being it's CEO and knew about this since February 2017, that you'd be interested in some insider trading?

                https://www.nystocknews.com/2017/12/...poration-intc/

                https://www.reuters.com/finance/stoc...rtDir=&sortBy=

                https://www.fool.com/investing/2017/...-of-stock.aspx
                Attached Files
                Last edited by Per Hansson; 01-03-2018, 02:32 PM.
                "The one who says it cannot be done should never interrupt the one who is doing it."

                Comment


                  #9
                  Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                  lol
                  now check the stock movement records of all board-members and look for collusion between them.

                  then you have a conspiracy and RICO can be applied!!!

                  Comment


                    #10
                    Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                    I'm not defending Intel, but many big companies that offer stock options, it is common for the CXO suite to have pre-determined sell and volume dates in the future.

                    These dates are usually after they make quarterly announcements. In addition, there are usually blackout dates. For example, if the CXO knows they will miss a quarter very badly (i.e. revenue or profit), they cannot sell 1 or 2 weeks before announcing the results.
                    --- begin sig file ---

                    If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

                    We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

                    Please do not post inline and offsite as they slow down the loading of pages.

                    --- end sig file ---

                    Comment


                      #11
                      Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                      He used to have over 500k shares, since November he has only 250k shares.
                      And guess what the minimum number of shares the CEO at Intel may have is?
                      If you don't find that highly suspicious I guess we have different standards

                      Late edit: here it's put in words better than I can:
                      http://www.nasdaq.com/symbol/intc/insider-trades

                      In the last three months, insiders executed a total of 27 trades. 27 were sells. Insider ownership decreased by a total of 796378 shares, which suggests that INTC’s key executives are feeling less optimistic about the outlook for the stock. The data from the past twelve months tells a similar story: insiders executed 3 buys and 102 sells, and ownership decreased by a net of 1.98 million shares.
                      Source: https://stocknewsgazette.com/2017/11...poration-intc/
                      Last edited by Per Hansson; 01-03-2018, 02:48 PM.
                      "The one who says it cannot be done should never interrupt the one who is doing it."

                      Comment


                        #12
                        Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                        Originally posted by Per Hansson View Post
                        He used to have over 500k shares, since November he has only 250k shares.
                        And guess what the minimum number of shares the CEO at Intel may have is?
                        If you don't find that highly suspicious I guess we have different standards
                        I don't find that it suspicious because I'm more familiar with how these stock options and things work especially in high profile world wide known companies. If this were a no name company on the penny stock exchange, I would agree with you.

                        All CXOs will get new options every year or annually regardless of how well or bad they do. All options have an expiry. They have to sell otherwise they expire worthless.

                        All CXOs get options for free ($0). Some companies do require that CXOs purchase or hold a minimum amount of stock, but this is a mere drop in the bucket compared to the stock options potential especially in a bull market.

                        Personally, I don't like the stock options as a compensation model for CXOs because it alienates everyday employees. A CXO make might $100 Million with stock options and a basic Intel engineer might make $100K with no options.
                        Last edited by retiredcaps; 01-03-2018, 08:17 PM.
                        --- begin sig file ---

                        If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

                        We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

                        Please do not post inline and offsite as they slow down the loading of pages.

                        --- end sig file ---

                        Comment


                          #13
                          Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                          Originally posted by Per Hansson View Post
                          In the last three months, insiders executed a total of 27 trades. 27 were sells. Insider ownership decreased by a total of 796378 shares, which suggests that INTC's key executives are feeling less optimistic about the outlook for the stock. The data from the past twelve months tells a similar story: insiders executed 3 buys and 102 sells, and ownership decreased by a net of 1.98 million shares.
                          You will find the above to be similar for any Fortune 500 company. Especially in a long in the tooth bull market.
                          --- begin sig file ---

                          If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

                          We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

                          Please do not post inline and offsite as they slow down the loading of pages.

                          --- end sig file ---

                          Comment


                            #14
                            Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                            Again, I'm not defending Intel and or its CEO, just saying that planned sales are in place for big companies.

                            http://www.businessinsider.com/intel...ip-flaw-2018-1

                            "To avoid charges of trading on insider knowledge, executives often put in place plans that automatically sell a portion of their stock holdings or exercise some of their options on a pre-determined schedule, typically referred to as Rule 10b5-1(c) trading plans. According to an SEC filing, the holdings that Krzanich sold in November — 245,743 shares of stock he owned outright and 644,135 shares he got from exercising his options — were divested under just such a trading plan. "
                            --- begin sig file ---

                            If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

                            We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

                            Please do not post inline and offsite as they slow down the loading of pages.

                            --- end sig file ---

                            Comment


                              #15
                              Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                              Oh shit:

                              http://www.zdnet.com/article/securit...rs-vulnerable/

                              According to that the issue goes back to 1995... Which if memory serves would be the Pentium Pro, the first P6 platform and would make sense as a point of a common problem emerging. P6 had many things in the cache design changed (such as having on-die L2 cache in the first place).

                              I doubt it was "added" as a backdoor; probably a design flaw that was never fixed. Was it discovered and then kept open as a backdoor? Possibly. I smell a class action suit brewing.
                              sigpic

                              (Insert witty quote here)

                              Comment


                                #16
                                Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                i was thinking less of a backdoor, more of a performance trick.
                                remember at that time they had competition from AMD and Cyrix for the same mobo sockets!!

                                i have a nice mobo here now from my old tower with a K6-2 on it.

                                Comment


                                  #17
                                  Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                  Originally posted by retiredcaps View Post
                                  I don't find that it suspicious because I'm more familiar with how these stock options and things work especially in high profile world wide known companies. If this were a no name company on the penny stock exchange, I would agree with you.
                                  Certain others disagree:

                                  https://www.avanza.se/placera/pressm...rporation.html

                                  https://www.marketwatch.com/story/in...ure-2018-01-03
                                  "The one who says it cannot be done should never interrupt the one who is doing it."

                                  Comment


                                    #18
                                    Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                    Originally posted by stj View Post
                                    i was thinking less of a backdoor, more of a performance trick.
                                    Exactly. Lots of bugs creep in when designers get "too creative by half" in their attempts to squeeze more performance out of designs -- instead of concentrating on other issues (like "correctness" or "security"). The Linux weenies fail to see these cautionary omens in their obsession with performance as an end to justify all.

                                    I take a more practical approach: design things "correctly" and "securely" and let the technological advances make it faster. It costs a lot to back-port "fixes" to deal with past sins!

                                    Comment


                                      #19
                                      Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                      The performance bug is actually *really* interesting, and also fucking terrible because there's literally *no way* to patch it on any processor without completing changing how CPUs work.

                                      Effectively, processors perform "speculative execution" and "out of order execution" where upon hitting a branch instruction in code, may decide to execute instructions ahead of time, before the result of the branch is known. This is a performance advantage, because in many cases the branch could take many cycles to evaluate (if it needs to read from arbitrary memory, then up to 300 cycles on a modern i7). So the processor executes these instructions and then if it finds out later that the branch was wrong, it rolls back the results. This is completely transparent to the user: incorrect data is never visible or committed.

                                      Spectre seems to work by exploiting speculative execution, which processors have had for about 15 years. You can write code that will trick the branch prediction logic into executing a block of malicious code. The code will run speculatively - but the catch is, it's not possible for the CPU to prevent reads to protected areas of memory, like other processes or the OS kernel. The CPU sorts this out *after* the speculative execution has finished, and it can check which areas are OK and which are no go (it must do this check afterwards because it can't be sure of the memory map yet). Now, normally this is not a problem because the malicious code cannot "output" anything - it remains transparent as the results never get committed because the addresses are found to be prohibited. But, by inserting timing-dependent code into the speculative execution block, you can "leak" data out of the execution path. You could make it take 10 cycles to process a "1" and 2 cycles to process a "0", then time many hundreds of executions.

                                      The example Google provided can read out any memory at 11KB/s, which isn't fast, but it's more than fast enough to exploit a system within ~10 minutes. You only need to find the Windows/Linux kernel process table, then you know the addresses of each application and can go to town on reading passwords, security keys, etc.

                                      It's a complete bombshell, and I'm frankly surprised INTC and other companies aren't feeling a stronger hit.
                                      Please do not PM me with questions! Questions via PM will not be answered. Post on the forums instead!
                                      For service manual, schematic, boardview (board view), datasheet, cad - use our search.

                                      Comment


                                        #20
                                        Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                        so, what does the future hold?
                                        Amiga,
                                        or Unix on PPC / MIPS?

                                        Comment

                                        Working...
                                        X