Badcaps.net Forum
Go Back   Badcaps Forums > General Topics > General Computer Discussion
Register FAQ Calendar Search Today's Posts Mark Forums Read

 
Thread Tools Display Modes
Old 01-20-2018, 12:43 PM   #161
RJARRRPCGP
Badcaps Veteran
 
Join Date: Jul 2004
City & State: Bellows Falls, Vermont
My Country: USA
Line Voltage: 123-127V 61.5-63.5 Hz
I'm a: Knowledge Seeker
Posts: 3,792
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Topcat View Post
Westmere is older than 5....but yea, typical Intel. I guess the world will explode, I'm not gutting systems over this. This whole thing totally reeks planned obsolescence scam to begin with.
But at least, Intel don't appear to be as low as they were with 1993, 1994 and 1995 Pentiums... (The mid-1990s were their lowest point, so far!)

That incident required physical hardware replacement, you were required to dump your CPU chips per-se!

IIRC, Intel said that the Pentium 133s and higher, don't have the hardware bug...

The mid-1990s Intel incident, was a lot worse than "Meltdown" and "Spectre".

IIRC, late-1990s' Windows NT 4.0, had a work around for such Pentiums detected, but then the Pentiums will act like OC'ed 486 SXes, LOL.
__________________
Asus P6T Deluxe

Core i7 Extreme "Bloomfield" 965

PNY GeForce GTX 960

Windows 7 SP1

SoundBlaster ZXR

Antec High Current Pro 1200 W


"There's nothing more unattractive than a chick smoking a cigarette" -Topcat

"Don't eat yellow snow!" -Salem

"did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

Last edited by RJARRRPCGP; 01-20-2018 at 12:53 PM..
RJARRRPCGP is offline   Reply With Quote
Old 01-20-2018, 12:57 PM   #162
Behemot
Badcaps Veteran
 
Behemot's Avatar
 
Join Date: Dec 2009
City & State: Prague, 504'52.22"N, 1423'30.45"E
My Country: CZ
Line Voltage: 230 V/50 Hz
I'm a: Knowledge Seeker
Posts: 4,202
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

So when I get such old Pentium, it is likely it still has the bug? There is always somebody who does not get the replacement. I think that all systems check for the affected CPUs and in case they find them, they apply patch, no? At least Linux kernell does anyway.
__________________
Less jewellery, more gold into electrotech industry! Half of the computer problems is caused by bad contacts

Exclusive caps, meters and more!
Hardware Insights - power supply reviews and more!
Behemot is offline   Reply With Quote
Old 01-20-2018, 02:57 PM   #163
bigbeark
Badcaps Veteran
 
Join Date: Jan 2010
City & State: Stratford, Ontario
My Country: Canada
Line Voltage: 120VAC 60Hz
I'm a: Knowledge Seeker
Posts: 473
Default Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

Quote:
Originally Posted by tom66 View Post
The performance bug is actually *really* interesting, and also fucking terrible because there's literally *no way* to patch it on any processor without completing changing how CPUs work.

Effectively, processors perform "speculative execution" and "out of order execution" where upon hitting a branch instruction in code, may decide to execute instructions ahead of time, before the result of the branch is known. This is a performance advantage, because in many cases the branch could take many cycles to evaluate (if it needs to read from arbitrary memory, then up to 300 cycles on a modern i7). So the processor executes these instructions and then if it finds out later that the branch was wrong, it rolls back the results. This is completely transparent to the user: incorrect data is never visible or committed.

Spectre seems to work by exploiting speculative execution, which processors have had for about 15 years. You can write code that will trick the branch prediction logic into executing a block of malicious code. The code will run speculatively - but the catch is, it's not possible for the CPU to prevent reads to protected areas of memory, like other processes or the OS kernel. The CPU sorts this out *after* the speculative execution has finished, and it can check which areas are OK and which are no go (it must do this check afterwards because it can't be sure of the memory map yet). Now, normally this is not a problem because the malicious code cannot "output" anything - it remains transparent as the results never get committed because the addresses are found to be prohibited. But, by inserting timing-dependent code into the speculative execution block, you can "leak" data out of the execution path. You could make it take 10 cycles to process a "1" and 2 cycles to process a "0", then time many hundreds of executions.

The example Google provided can read out any memory at 11KB/s, which isn't fast, but it's more than fast enough to exploit a system within ~10 minutes. You only need to find the Windows/Linux kernel process table, then you know the addresses of each application and can go to town on reading passwords, security keys, etc.

It's a complete bombshell, and I'm frankly surprised INTC and other companies aren't feeling a stronger hit.
So Intel will create a BIOS patch for newer CPUs first. I suspect Intel will have to supply an updated BIOS for any CPU less than 3 years old, since that is a standard lease term and there will be millions of these machines still in use in large organizations. Given it's market dominance, Intel could be viewed as an "essential service". Intel will be fully supported by the US govt to get this fixed for current machines. I suspect that anything older than 3 years will probably be "use at your own risk".

People that cannot afford to replace their systems will need some workaround. Perhaps using an AMD machine as a file server for their unprotected Intel boxes.

How is this accomplished and would it work?
bigbeark is offline   Reply With Quote
Old 01-20-2018, 03:12 PM   #164
Topcat
The Boss Stooge
 
Topcat's Avatar
 
Join Date: Oct 2003
City & State: Salem, MO
My Country: United States
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 11,170
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

^
I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
__________________
<--- Badcaps.net Founder & Owner

Badcaps.net Services:

Premade Capacitor Kits
Badcaps.net Capacitor Master List


Motherboard Repair Services


If you've come here in search of replacement capacitors or repair services, please use the links above.
----------------------------------------------
Badcaps.net Forum Members Folding Team
http://folding.stanford.edu/
Team : 49813
Join in!!
Team Stats
Topcat is offline   Reply With Quote
Old 01-20-2018, 03:16 PM   #165
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 17,431
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

intel does not produce bioses. (except for it's own boards)
they produce microcode and modules - updates are regularly put out.
it's upto the motherboard maker to bother compiling an update or not.
stj is offline   Reply With Quote
Old 01-20-2018, 03:21 PM   #166
Topcat
The Boss Stooge
 
Topcat's Avatar
 
Join Date: Oct 2003
City & State: Salem, MO
My Country: United States
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 11,170
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by stj View Post
intel does not produce bioses. (except for it's own boards)
they produce microcode and modules - updates are regularly put out.
it's upto the motherboard maker to bother compiling an update or not.
Correct
Topcat is offline   Reply With Quote
Old 01-20-2018, 03:32 PM   #167
eccerr0r
Solder Sloth
 
eccerr0r's Avatar
 
Join Date: Nov 2012
City & State: CO
My Country: USA
Line Voltage: 120VAC 60Hz
I'm a: Hobbyist Tech
Posts: 2,544
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

If you have a P120 or newer, it should not have the fdiv bug.

It may have the F00F bug but it can be worked around and thus not recalled.

---

As per post 140, I have experimentally verified my Core2 Quad (and also Core2 Duo) that predate all of the Intel-listed processors are at least affected by Spectre.

I do wonder how hard it is to find the process table if all kernel addresses are random with ASLR within physical memory... Searching may be very time consuming, and the slower machines are even worse: I would think that the older machines (PPro to P3) are even more difficult to exploit beyond their inherent slowness because they have poor time measurement capability and lack state resetting capability within userspace, albeit they are still vulnerable. Chips starting with the P4 and Pentium-M and anything newer start to gain these things and thus are more dangerous.

---

I would suggest that any machine that is subject to new, arbitrary code frequently to be most vulnerable (think: new apps, scripts, javascript, flash, ...). In this respect, other than the fact servers are not monitored, as long as servers run the same code over and over again and only download trusted code, they are safe. In any case, at least for Linux, the Meltdown fix (KPTI) is available for 64-bit and soon available for 32-bit x86; so after that patch, it'll be as safe as AMD boxes that may be affected by Spectre.
eccerr0r is offline   Reply With Quote
Old 01-20-2018, 04:22 PM   #168
RJARRRPCGP
Badcaps Veteran
 
Join Date: Jul 2004
City & State: Bellows Falls, Vermont
My Country: USA
Line Voltage: 123-127V 61.5-63.5 Hz
I'm a: Knowledge Seeker
Posts: 3,792
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Stefan Payne View Post
Look at the Link to Arstechnica.

For Ryzen that's not true, RYZEN is not suceptible to Spectre - the same as Samsungs EXYNOS Processors as well.
I'm just worried that we possibly have another first-gen-Phenom-like-severity bug again! Where you were required to replace the CPU chips per-se!

IIRC, for the first gen Phenoms, the solution is to replace your processor with a model having the suffix "50"... (And thus, for example, "8750" is in the clear, and "8700" is the faulty one!)

Last edited by RJARRRPCGP; 01-20-2018 at 04:25 PM..
RJARRRPCGP is offline   Reply With Quote
Old 01-20-2018, 11:08 PM   #169
eccerr0r
Solder Sloth
 
eccerr0r's Avatar
 
Join Date: Nov 2012
City & State: CO
My Country: USA
Line Voltage: 120VAC 60Hz
I'm a: Hobbyist Tech
Posts: 2,544
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

I thought these CPU bugs were gone the way of the dodo.
I remember the "KAP" processor which was supposed to be a SPARC clone, but had so many bugs fixed in the OS/software that it can't run SunOS anymore...

And around the same time was the more or less flawless(?) 486? What 486 bugs were there?
eccerr0r is offline   Reply With Quote
Old 01-21-2018, 12:13 AM   #170
Curious.George
Badcaps Veteran
 
Join Date: Nov 2011
Posts: 341
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Topcat View Post
^
I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
A colleague buys virtually every piece of big Sun iron that he comes across. In his case, it's cheaper to pay some ridiculously inflated "spares" price (and hope the SURPLUS stuff actually works!) than it would be to rewrite the software that runs their enterprise. I often wonder what they could save on just their electric bill, alone, if they moved to more modern hardware!

[If you don't upgrade for a few decades, the prospect of upgrading is closer to sheer terror than anything else!]
Curious.George is offline   Reply With Quote
Old 01-21-2018, 12:29 AM   #171
Per Hansson
Super Moderator
 
Per Hansson's Avatar
 
Join Date: Jul 2005
City & State: ----
My Country: Sweden
Line Voltage: 230v 50Hz
I'm a: Knowledge Seeker
Posts: 3,908
Default Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

Quote:
Originally Posted by bigbeark View Post
People that cannot afford to replace their systems will need some workaround. Perhaps using an AMD machine as a file server for their unprotected Intel boxes.

How is this accomplished and would it work?
This is not remotely exploitable, you need a way to put code on a victims system.
For example Javascript in a browser from a shady website.
Or malicious code via some other entry point like e-mail or such.
None of this should be running on a fileserver so that wont even need to be patched technically, because walled off properly it could never be exploited.

If the fileserver runs in a Virtual Machine with many other systems I'd be very afraid of exploitation though!
__________________
"The one who says it cannot be done should never interrupt the one who is doing it."
Per Hansson is offline   Reply With Quote
Old 01-21-2018, 03:29 AM   #172
Behemot
Badcaps Veteran
 
Behemot's Avatar
 
Join Date: Dec 2009
City & State: Prague, 504'52.22"N, 1423'30.45"E
My Country: CZ
Line Voltage: 230 V/50 Hz
I'm a: Knowledge Seeker
Posts: 4,202
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Topcat View Post
^
I know corporations still using pentium4-era stuff....I still get things that old in for repair by businesses.
Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?

Curious.George: what kind of Sun HW are we talking about? Anyways, it is not only about the SW, which is huge price today, it is also the whole HW ecosystem. Also remeber that big corporations have totaly different price of electricity, that's one of the last things which actually impact anything if we are talking about some industrial machinery.
Behemot is offline   Reply With Quote
Old 01-21-2018, 09:06 AM   #173
Topcat
The Boss Stooge
 
Topcat's Avatar
 
Join Date: Oct 2003
City & State: Salem, MO
My Country: United States
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 11,170
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Behemot View Post
Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?
I repair a lot of that stuff too... Seems like the CNC guys loved Soyo P3 & P4 boards, with ISA of course.
Topcat is offline   Reply With Quote
Old 01-21-2018, 09:11 AM   #174
Behemot
Badcaps Veteran
 
Behemot's Avatar
 
Join Date: Dec 2009
City & State: Prague, 504'52.22"N, 1423'30.45"E
My Country: CZ
Line Voltage: 230 V/50 Hz
I'm a: Knowledge Seeker
Posts: 4,202
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Have not actually had such in my hands, but I judge so from the volume of Pentium 4 (478) CPUs which I still resell. You get it pratically for free so even few bucks is nice sale (when the only work is cleaning it and making the advertisement).
Behemot is offline   Reply With Quote
Old 01-21-2018, 11:25 AM   #175
Per Hansson
Super Moderator
 
Per Hansson's Avatar
 
Join Date: Jul 2005
City & State: ----
My Country: Sweden
Line Voltage: 230v 50Hz
I'm a: Knowledge Seeker
Posts: 3,908
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Behemot View Post
Of course, there are things like CNC machines or embedded stuff using that. Even Pentiums III, I think it was Per Hansson repairing such device recently and posting it here?
I repair allot of older stuff too, industrial stuff never becomes obsolete per se.
As long as you can find components or repair the old ones the customer will keep using the machines...
Of course I don't post very frequently about these repairs, but some I do post about.

https://www.badcaps.net/forum/showthread.php?t=39747

https://www.badcaps.net/forum/showthread.php?t=37091

http://www.jonnyguru.com/forums/show...78&postcount=5
Per Hansson is offline   Reply With Quote
Old 01-21-2018, 11:40 AM   #176
RJARRRPCGP
Badcaps Veteran
 
Join Date: Jul 2004
City & State: Bellows Falls, Vermont
My Country: USA
Line Voltage: 123-127V 61.5-63.5 Hz
I'm a: Knowledge Seeker
Posts: 3,792
Default Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

Quote:
Originally Posted by Per Hansson View Post
This is not remotely exploitable, you need a way to put code on a victims system.
For example Javascript in a browser from a shady website.
Or malicious code via some other entry point like e-mail or such.
None of this should be running on a fileserver so that wont even need to be patched technically, because walled off properly it could never be exploited.
Well, it's apparently not remotely exploitable, unlike the Blaster virus incidents of 2003, and Sasser of 2004 (and maybe later in 2003)

All you had to do to get exploited, with the 2003 and 2004 incidents, was to hop on the internet without a firewall!

You could get exploited within seconds on 56K, IIRC!

Last edited by RJARRRPCGP; 01-21-2018 at 11:43 AM..
RJARRRPCGP is offline   Reply With Quote
Old 01-21-2018, 11:55 AM   #177
Topcat
The Boss Stooge
 
Topcat's Avatar
 
Join Date: Oct 2003
City & State: Salem, MO
My Country: United States
Line Voltage: 120VAC 60Hz
I'm a: Professional Tech
Posts: 11,170
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Quote:
Originally Posted by Per Hansson View Post
I repair allot of older stuff too, industrial stuff never becomes obsolete per se.
As long as you can find components or repair the old ones the customer will keep using the machines...
Of course I don't post very frequently about these repairs, but some I do post about.

https://www.badcaps.net/forum/showthread.php?t=39747

https://www.badcaps.net/forum/showthread.php?t=37091

http://www.jonnyguru.com/forums/show...78&postcount=5
If I posted about everything I repair, there'd be a gazillion threads/posts about it all....I may post about something unusual now and then...but otherwise bore people with my kooky boredom builds.
Topcat is offline   Reply With Quote
Old 01-21-2018, 12:11 PM   #178
RJARRRPCGP
Badcaps Veteran
 
Join Date: Jul 2004
City & State: Bellows Falls, Vermont
My Country: USA
Line Voltage: 123-127V 61.5-63.5 Hz
I'm a: Knowledge Seeker
Posts: 3,792
Default Re: Some serious security bug in INtel CPUs?? Since Westmere possibly

Quote:
Originally Posted by RJARRRPCGP View Post
Well, it's apparently not remotely exploitable, unlike the Blaster virus incidents of 2003, and Sasser of 2004 (and maybe later in 2003)

All you had to do to get exploited, with the 2003 and 2004 incidents, was to hop on the internet without a firewall!

You could get exploited within seconds on 56K, IIRC!
It was the dark ages of computing! The period that made Topcat put his feet down, due to widespread bad motherboard caps! (Also includes the period of the widespread-bad-Antec-PSU-caps-problem...)

Last edited by RJARRRPCGP; 01-21-2018 at 12:15 PM..
RJARRRPCGP is offline   Reply With Quote
Old 01-21-2018, 01:28 PM   #179
stj
Great Sage 齊天大聖
 
stj's Avatar
 
Join Date: Dec 2009
City & State: Europe
My Country: some shithole run by Israeli agents
I'm a: Professional Tech
Posts: 17,431
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

a guy on eevblog has a good solution.
Quote:
The only way to fix this situation, is to take about 10% of the top management of Intel and Microsoft, and kill them. Give the companies 30 days to open source the entire platform and a year to remove all the spying bullshit, on pain of the next 10% getting the same treatment. And so on.
sounds good to me, but 25% may be more effective!
stj is offline   Reply With Quote
Old 01-21-2018, 03:07 PM   #180
mariushm
Badcaps Veteran
 
Join Date: May 2011
City & State: Romania
Line Voltage: 230VAC 50Hz
I'm a: Hobbyist Tech
Posts: 3,606
Default Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

Yeah, the problem is you don't know how many of these bugs were required by NSA and other organizations to be put there in the first place , or how much money Intel received to NOT fix some of these bugs.
Or how many things Intel is forced through non disclosure agreements and other national security letters and laws not to reveal.
There's even rumors that NSA has people inside Intel working as programmers or managers with agenda to make such exploits possible.

But the most likely reason why such problems exist is just arrogance and bad attitude and managers pushing chip designers and programmers to make something faster and with less money, rushing everything to release new stuff every one or two years.
mariushm is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



Badcaps.net Technical Forums 2003 - 2018
Powered by vBulletin ®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
All times are GMT -6. The time now is 01:47 AM.

Did you find this forum helpful?