Announcement

Collapse
No announcement yet.

Some serious security bug in INTEL CPUs?? Since Westmere possibly

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

    Originally posted by Topcat View Post
    Westmere is older than 5....but yea, typical Intel. I guess the world will explode, I'm not gutting systems over this. This whole thing totally reeks planned obsolescence scam to begin with.
    But at least, Intel don't appear to be as low as they were with 1993, 1994 and 1995 Pentiums... (The mid-1990s were their lowest point, so far!)

    That incident required physical hardware replacement, you were required to dump your CPU chips per-se!

    IIRC, Intel said that the Pentium 133s and higher, don't have the hardware bug...

    The mid-1990s Intel incident, was a lot worse than "Meltdown" and "Spectre".

    IIRC, late-1990s' Windows NT 4.0, had a work around for such Pentiums detected, but then the Pentiums will act like OC'ed 486 SXes, LOL.
    Last edited by RJARRRPCGP; 01-20-2018, 12:53 PM.
    ASRock B550 PG Velocita

    Ryzen 9 "Vermeer" 5900X

    16 GB AData XPG Spectrix D41

    Sapphire Nitro+ Radeon RX 6750 XT

    eVGA Supernova G3 750W

    Western Digital Black SN850 1TB NVMe SSD

    Alienware AW3423DWF OLED




    "¡Me encanta "Me Encanta o Enlistarlo con Hilary Farr!" -Mí mismo

    "There's nothing more unattractive than a chick smoking a cigarette" -Topcat

    "Today's lesson in pissivity comes in the form of a ziplock baggie full of GPU extension brackets & hardware that for the last ~3 years have been on my bench, always in my way, getting moved around constantly....and yesterday I found myself in need of them....and the bastards are now nowhere to be found! Motherfracker!!" -Topcat

    "did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

    Comment


      Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

      So when I get such old Pentium, it is likely it still has the bug? There is always somebody who does not get the replacement. I think that all systems check for the affected CPUs and in case they find them, they apply patch, no? At least Linux kernell does anyway.
      Less jewellery, more gold into electrotech industry! Half of the computer problems is caused by bad contacts

      Exclusive caps, meters and more!
      Hardware Insights - power supply reviews and more!

      Comment


        Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

        Originally posted by tom66 View Post
        The performance bug is actually *really* interesting, and also fucking terrible because there's literally *no way* to patch it on any processor without completing changing how CPUs work.

        Effectively, processors perform "speculative execution" and "out of order execution" where upon hitting a branch instruction in code, may decide to execute instructions ahead of time, before the result of the branch is known. This is a performance advantage, because in many cases the branch could take many cycles to evaluate (if it needs to read from arbitrary memory, then up to 300 cycles on a modern i7). So the processor executes these instructions and then if it finds out later that the branch was wrong, it rolls back the results. This is completely transparent to the user: incorrect data is never visible or committed.

        Spectre seems to work by exploiting speculative execution, which processors have had for about 15 years. You can write code that will trick the branch prediction logic into executing a block of malicious code. The code will run speculatively - but the catch is, it's not possible for the CPU to prevent reads to protected areas of memory, like other processes or the OS kernel. The CPU sorts this out *after* the speculative execution has finished, and it can check which areas are OK and which are no go (it must do this check afterwards because it can't be sure of the memory map yet). Now, normally this is not a problem because the malicious code cannot "output" anything - it remains transparent as the results never get committed because the addresses are found to be prohibited. But, by inserting timing-dependent code into the speculative execution block, you can "leak" data out of the execution path. You could make it take 10 cycles to process a "1" and 2 cycles to process a "0", then time many hundreds of executions.

        The example Google provided can read out any memory at 11KB/s, which isn't fast, but it's more than fast enough to exploit a system within ~10 minutes. You only need to find the Windows/Linux kernel process table, then you know the addresses of each application and can go to town on reading passwords, security keys, etc.

        It's a complete bombshell, and I'm frankly surprised INTC and other companies aren't feeling a stronger hit.
        So Intel will create a BIOS patch for newer CPUs first. I suspect Intel will have to supply an updated BIOS for any CPU less than 3 years old, since that is a standard lease term and there will be millions of these machines still in use in large organizations. Given it's market dominance, Intel could be viewed as an "essential service". Intel will be fully supported by the US govt to get this fixed for current machines. I suspect that anything older than 3 years will probably be "use at your own risk".

        People that cannot afford to replace their systems will need some workaround. Perhaps using an AMD machine as a file server for their unprotected Intel boxes.

        How is this accomplished and would it work?

        Comment


          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

          ^
          I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
          <--- Badcaps.net Founder

          Badcaps.net Services:

          Motherboard Repair Services

          ----------------------------------------------
          Badcaps.net Forum Members Folding Team
          http://folding.stanford.edu/
          Team : 49813
          Join in!!
          Team Stats

          Comment


            Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

            intel does not produce bioses. (except for it's own boards)
            they produce microcode and modules - updates are regularly put out.
            it's upto the motherboard maker to bother compiling an update or not.

            Comment


              Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

              Originally posted by stj View Post
              intel does not produce bioses. (except for it's own boards)
              they produce microcode and modules - updates are regularly put out.
              it's upto the motherboard maker to bother compiling an update or not.
              Correct
              <--- Badcaps.net Founder

              Badcaps.net Services:

              Motherboard Repair Services

              ----------------------------------------------
              Badcaps.net Forum Members Folding Team
              http://folding.stanford.edu/
              Team : 49813
              Join in!!
              Team Stats

              Comment


                Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                If you have a P120 or newer, it should not have the fdiv bug.

                It may have the F00F bug but it can be worked around and thus not recalled.

                ---

                As per post 140, I have experimentally verified my Core2 Quad (and also Core2 Duo) that predate all of the Intel-listed processors are at least affected by Spectre.

                I do wonder how hard it is to find the process table if all kernel addresses are random with ASLR within physical memory... Searching may be very time consuming, and the slower machines are even worse: I would think that the older machines (PPro to P3) are even more difficult to exploit beyond their inherent slowness because they have poor time measurement capability and lack state resetting capability within userspace, albeit they are still vulnerable. Chips starting with the P4 and Pentium-M and anything newer start to gain these things and thus are more dangerous.

                ---

                I would suggest that any machine that is subject to new, arbitrary code frequently to be most vulnerable (think: new apps, scripts, javascript, flash, ...). In this respect, other than the fact servers are not monitored, as long as servers run the same code over and over again and only download trusted code, they are safe. In any case, at least for Linux, the Meltdown fix (KPTI) is available for 64-bit and soon available for 32-bit x86; so after that patch, it'll be as safe as AMD boxes that may be affected by Spectre.

                Comment


                  Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                  Originally posted by Stefan Payne View Post
                  Look at the Link to Arstechnica.

                  For Ryzen that's not true, RYZEN is not suceptible to Spectre - the same as Samsungs EXYNOS Processors as well.
                  I'm just worried that we possibly have another first-gen-Phenom-like-severity bug again! Where you were required to replace the CPU chips per-se!

                  IIRC, for the first gen Phenoms, the solution is to replace your processor with a model having the suffix "50"... (And thus, for example, "8750" is in the clear, and "8700" is the faulty one!)
                  Last edited by RJARRRPCGP; 01-20-2018, 04:25 PM.
                  ASRock B550 PG Velocita

                  Ryzen 9 "Vermeer" 5900X

                  16 GB AData XPG Spectrix D41

                  Sapphire Nitro+ Radeon RX 6750 XT

                  eVGA Supernova G3 750W

                  Western Digital Black SN850 1TB NVMe SSD

                  Alienware AW3423DWF OLED




                  "¡Me encanta "Me Encanta o Enlistarlo con Hilary Farr!" -Mí mismo

                  "There's nothing more unattractive than a chick smoking a cigarette" -Topcat

                  "Today's lesson in pissivity comes in the form of a ziplock baggie full of GPU extension brackets & hardware that for the last ~3 years have been on my bench, always in my way, getting moved around constantly....and yesterday I found myself in need of them....and the bastards are now nowhere to be found! Motherfracker!!" -Topcat

                  "did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

                  Comment


                    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                    I thought these CPU bugs were gone the way of the dodo.
                    I remember the "KAP" processor which was supposed to be a SPARC clone, but had so many bugs fixed in the OS/software that it can't run SunOS anymore...

                    And around the same time was the more or less flawless(?) 486? What 486 bugs were there?

                    Comment


                      Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                      Originally posted by Topcat View Post
                      ^
                      I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
                      A colleague buys virtually every piece of big Sun iron that he comes across. In his case, it's cheaper to pay some ridiculously inflated "spares" price (and hope the SURPLUS stuff actually works!) than it would be to rewrite the software that runs their enterprise. I often wonder what they could save on just their electric bill, alone, if they moved to more modern hardware!

                      [If you don't upgrade for a few decades, the prospect of upgrading is closer to sheer terror than anything else!]

                      Comment


                        Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                        Originally posted by bigbeark View Post
                        People that cannot afford to replace their systems will need some workaround. Perhaps using an AMD machine as a file server for their unprotected Intel boxes.

                        How is this accomplished and would it work?
                        This is not remotely exploitable, you need a way to put code on a victims system.
                        For example Javascript in a browser from a shady website.
                        Or malicious code via some other entry point like e-mail or such.
                        None of this should be running on a fileserver so that wont even need to be patched technically, because walled off properly it could never be exploited.

                        If the fileserver runs in a Virtual Machine with many other systems I'd be very afraid of exploitation though!
                        "The one who says it cannot be done should never interrupt the one who is doing it."

                        Comment


                          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                          Originally posted by Topcat View Post
                          ^
                          I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
                          Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?

                          Curious.George: what kind of Sun HW are we talking about? Anyways, it is not only about the SW, which is huge price today, it is also the whole HW ecosystem. Also remeber that big corporations have totaly different price of electricity, that's one of the last things which actually impact anything if we are talking about some industrial machinery.
                          Less jewellery, more gold into electrotech industry! Half of the computer problems is caused by bad contacts

                          Exclusive caps, meters and more!
                          Hardware Insights - power supply reviews and more!

                          Comment


                            Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                            Originally posted by Behemot View Post
                            Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?
                            I repair a lot of that stuff too... Seems like the CNC guys loved Soyo P3 & P4 boards, with ISA of course.
                            <--- Badcaps.net Founder

                            Badcaps.net Services:

                            Motherboard Repair Services

                            ----------------------------------------------
                            Badcaps.net Forum Members Folding Team
                            http://folding.stanford.edu/
                            Team : 49813
                            Join in!!
                            Team Stats

                            Comment


                              Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                              Have not actually had such in my hands, but I judge so from the volume of Pentium 4 (478) CPUs which I still resell. You get it pratically for free so even few bucks is nice sale (when the only work is cleaning it and making the advertisement).
                              Less jewellery, more gold into electrotech industry! Half of the computer problems is caused by bad contacts

                              Exclusive caps, meters and more!
                              Hardware Insights - power supply reviews and more!

                              Comment


                                Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                Originally posted by Behemot View Post
                                Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?
                                I repair allot of older stuff too, industrial stuff never becomes obsolete per se.
                                As long as you can find components or repair the old ones the customer will keep using the machines...
                                Of course I don't post very frequently about these repairs, but some I do post about.

                                https://www.badcaps.net/forum/showthread.php?t=39747

                                https://www.badcaps.net/forum/showthread.php?t=37091

                                http://www.jonnyguru.com/forums/show...78&postcount=5
                                "The one who says it cannot be done should never interrupt the one who is doing it."

                                Comment


                                  Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                  Originally posted by Per Hansson View Post
                                  This is not remotely exploitable, you need a way to put code on a victims system.
                                  For example Javascript in a browser from a shady website.
                                  Or malicious code via some other entry point like e-mail or such.
                                  None of this should be running on a fileserver so that wont even need to be patched technically, because walled off properly it could never be exploited.
                                  Well, it's apparently not remotely exploitable, unlike the Blaster virus incidents of 2003, and Sasser of 2004 (and maybe later in 2003)

                                  All you had to do to get exploited, with the 2003 and 2004 incidents, was to hop on the internet without a firewall!

                                  You could get exploited within seconds on 56K, IIRC!
                                  Last edited by RJARRRPCGP; 01-21-2018, 11:43 AM.
                                  ASRock B550 PG Velocita

                                  Ryzen 9 "Vermeer" 5900X

                                  16 GB AData XPG Spectrix D41

                                  Sapphire Nitro+ Radeon RX 6750 XT

                                  eVGA Supernova G3 750W

                                  Western Digital Black SN850 1TB NVMe SSD

                                  Alienware AW3423DWF OLED




                                  "¡Me encanta "Me Encanta o Enlistarlo con Hilary Farr!" -Mí mismo

                                  "There's nothing more unattractive than a chick smoking a cigarette" -Topcat

                                  "Today's lesson in pissivity comes in the form of a ziplock baggie full of GPU extension brackets & hardware that for the last ~3 years have been on my bench, always in my way, getting moved around constantly....and yesterday I found myself in need of them....and the bastards are now nowhere to be found! Motherfracker!!" -Topcat

                                  "did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

                                  Comment


                                    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                    Originally posted by Per Hansson View Post
                                    I repair allot of older stuff too, industrial stuff never becomes obsolete per se.
                                    As long as you can find components or repair the old ones the customer will keep using the machines...
                                    Of course I don't post very frequently about these repairs, but some I do post about.

                                    https://www.badcaps.net/forum/showthread.php?t=39747

                                    https://www.badcaps.net/forum/showthread.php?t=37091

                                    http://www.jonnyguru.com/forums/show...78&postcount=5
                                    If I posted about everything I repair, there'd be a gazillion threads/posts about it all....I may post about something unusual now and then...but otherwise bore people with my kooky boredom builds.
                                    <--- Badcaps.net Founder

                                    Badcaps.net Services:

                                    Motherboard Repair Services

                                    ----------------------------------------------
                                    Badcaps.net Forum Members Folding Team
                                    http://folding.stanford.edu/
                                    Team : 49813
                                    Join in!!
                                    Team Stats

                                    Comment


                                      Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

                                      Originally posted by RJARRRPCGP View Post
                                      Well, it's apparently not remotely exploitable, unlike the Blaster virus incidents of 2003, and Sasser of 2004 (and maybe later in 2003)

                                      All you had to do to get exploited, with the 2003 and 2004 incidents, was to hop on the internet without a firewall!

                                      You could get exploited within seconds on 56K, IIRC!
                                      It was the dark ages of computing! The period that made Topcat put his feet down, due to widespread bad motherboard caps! (Also includes the period of the widespread-bad-Antec-PSU-caps-problem...)
                                      Last edited by RJARRRPCGP; 01-21-2018, 12:15 PM.
                                      ASRock B550 PG Velocita

                                      Ryzen 9 "Vermeer" 5900X

                                      16 GB AData XPG Spectrix D41

                                      Sapphire Nitro+ Radeon RX 6750 XT

                                      eVGA Supernova G3 750W

                                      Western Digital Black SN850 1TB NVMe SSD

                                      Alienware AW3423DWF OLED




                                      "¡Me encanta "Me Encanta o Enlistarlo con Hilary Farr!" -Mí mismo

                                      "There's nothing more unattractive than a chick smoking a cigarette" -Topcat

                                      "Today's lesson in pissivity comes in the form of a ziplock baggie full of GPU extension brackets & hardware that for the last ~3 years have been on my bench, always in my way, getting moved around constantly....and yesterday I found myself in need of them....and the bastards are now nowhere to be found! Motherfracker!!" -Topcat

                                      "did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

                                      Comment


                                        Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                        a guy on eevblog has a good solution.
                                        The only way to fix this situation, is to take about 10% of the top management of Intel and Microsoft, and kill them. Give the companies 30 days to open source the entire platform and a year to remove all the spying bullshit, on pain of the next 10% getting the same treatment. And so on.
                                        sounds good to me, but 25% may be more effective!

                                        Comment


                                          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                          Yeah, the problem is you don't know how many of these bugs were required by NSA and other organizations to be put there in the first place , or how much money Intel received to NOT fix some of these bugs.
                                          Or how many things Intel is forced through non disclosure agreements and other national security letters and laws not to reveal.
                                          There's even rumors that NSA has people inside Intel working as programmers or managers with agenda to make such exploits possible.

                                          But the most likely reason why such problems exist is just arrogance and bad attitude and managers pushing chip designers and programmers to make something faster and with less money, rushing everything to release new stuff every one or two years.

                                          Comment

                                          Working...
                                          X