Announcement

Collapse
No announcement yet.

Some serious security bug in INTEL CPUs?? Since Westmere possibly

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #61
    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

    Originally posted by stj View Post
    let me give you a quick abreviated version.

    if you use Intel and/or m$ your pretty fucked.
    if you use AMD with Linux you probably have a smile on your face.
    Ähm, no.
    From what we know right now, it seems that it isn't as bad as with Linux.

    The Security Scientists said something like everything under Linux could be read and most things under Windows.

    Most is a bit better than everything.

    Comment


      #62
      Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

      Originally posted by lti View Post
      AMD CPUs are affected by Spectre, so you need to switch to VIA.
      Spectre 1 but that is something that hits ALL CPUs with speculative excecution...
      But _NOT_ Spectre 2 and not Meltdown...

      So it would be nice if we would stick to the facts and not try to downplay this shit.

      Comment


        #63
        Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

        Originally posted by eccerr0r View Post
        I also have an N270 Atom in my eeePC. I'm glad, it doesn't need to get any slower than it already is...
        Lol, you're not kidding. It was an amazing bit of kit back in the day though. Mobile computing anywhere and it's wasn't the weight of a brick.

        Comment


          #64
          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

          Originally posted by RJARRRPCGP View Post
          Best describes my 2008 Core 2 Quad "Kentsfield" Q6600 at around 3.0 Ghz. LOL.
          When it comes to heating the house, I use the BladeServer (dual 3.6GHz Xeon, 8GB RAM and 144GB of disk space per blade, 14 blades). Have to unplug the clothes dryer to use the damn thing

          I think each of the fans ("blowers") draws 50W...

          Comment


            #65
            Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

            Originally posted by Stefan Payne View Post
            Spectre 1 but that is something that hits ALL CPUs with speculative excecution...
            No, it also relies on having access to a sense of time and the ability to run arbitrary/untrusted binaries directly on the hardware. Deny any of these and the exploit falls apart.

            Comment


              #66
              Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

              Originally posted by diif View Post
              Lol, you're not kidding. It was an amazing bit of kit back in the day though. Mobile computing anywhere and it's wasn't the weight of a brick.
              Honestly it's only firefox that's really miserable on it now. But I still find use in it as a shell box with a normal keyboard (granted, it's still a bit small for my fingers, but much better than a touchscreen virtual keyboard that wastes screen real estate...)

              I do wonder how much slower it'd get if I set up full disk encryption on it, along with the pending recompile of all binaries so I can keep up with the linux distribution (it's the cost of not requiring a reinstall every few years and stlil stay up to date)...

              Comment


                #67
                Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                Originally posted by Curious.George View Post
                When it comes to heating the house, I use the BladeServer (dual 3.6GHz Xeon, 8GB RAM and 144GB of disk space per blade, 14 blades). Have to unplug the clothes dryer to use the damn thing

                I think each of the fans ("blowers") draws 50W...
                So you're in the Americas and it uses 240 V input? (or 220 V, maybe 208 V, if the poco you have, has an old transformer, IIRC)

                In the Americas, at least north America and central America, (probably) use 2 120 V legs for 240 V.
                Last edited by RJARRRPCGP; 01-07-2018, 04:05 PM.
                ASRock B550 PG Velocita

                Ryzen 9 "Vermeer" 5900X

                16 GB AData XPG Spectrix D41

                Sapphire Nitro+ Radeon RX 6750 XT

                eVGA Supernova G3 750W

                Western Digital Black SN850 1TB NVMe SSD

                Alienware AW3423DWF OLED




                "¡Me encanta "Me Encanta o Enlistarlo con Hilary Farr!" -Mí mismo

                "There's nothing more unattractive than a chick smoking a cigarette" -Topcat

                "Today's lesson in pissivity comes in the form of a ziplock baggie full of GPU extension brackets & hardware that for the last ~3 years have been on my bench, always in my way, getting moved around constantly....and yesterday I found myself in need of them....and the bastards are now nowhere to be found! Motherfracker!!" -Topcat

                "did I see a chair fly? I think I did! Time for popcorn!" -ratdude747

                Comment


                  #68
                  Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                  Originally posted by RJARRRPCGP View Post
                  So you're in the Americas and it uses 240 V input? (or 220 V, maybe 208 V, if the poco you have, has an old transformer, IIRC)

                  In the Americas, at least north America and central America, (probably) use 2 120 V legs for 240 V.
                  In most american homes, the only places to conveniently access BOTH legs are:
                  • electric stove/range (if you cook with electric)
                  • air conditioner (typ central air as MOST window units are 110)
                  • clothes dryer (if you don't use gas)


                  A (central) air conditioner is a dedicated branch circuit and won' t have an "outlet" that you can conveniently access.

                  The outlets behind the stove/oven and dryer require moving a large appliance to gain access. Most homes can live without a functioning dryer (AND a dryer that has been moved away from the wall to gain access) but pulling the stove/oven out usually meets with some stiff resistance (from female household members).

                  Some homes are wired with 12/3 w/GND in their kitchens. As such, you can conceivably access both legs from any outlet (half of the outlets are wired to one leg while the other half are wired to the other -- a net saving in copper). And, the countertop branch circuits must be 20A so this ensures you can feed the 2KW power supply in the server. But, any semi-permanent arrangement (i.e., something that you could use, again) like this would probably raise lots of eyebrows with building inspectors (and fire marshalls in the event of a fire... in someplace like a KITCHEN! )

                  Comment


                    #69
                    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                    if you do your own wiring, fit some 16A CEE17 connectors.

                    http://cpc.farnell.com/pce/113-6/16a...skt/dp/PL15600

                    http://cpc.farnell.com/pce/313-6/p-m...30v/dp/PL15608

                    http://cpc.farnell.com/pce/013-6/plu...30v/dp/PL15567

                    i just picked up a couple of IP67 ones for the garden

                    Comment


                      #70
                      Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                      Originally posted by stj View Post
                      if you do your own wiring, fit some 16A CEE17 connectors
                      It's not a question of having the skillset and components to "make it work" but, rather, the legal/liability consequences of doing things that aren't to Code.

                      Of course, you can do damn near anything you want inside your home -- no one is going to come knocking to inspect it! OTOH, have a fire or similar and you can't roll back time to undo those Code violations so they aren't visible to the insurance/fire "incident" inspectors.

                      [Of course, there's a REASON for all those Code requirements/constraints so you should be asking yourself, "what do the writers know that I don't?"]

                      Comment


                        #71
                        Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                        code??
                        those are globally recognised standard connectors with all the usual aprovals.
                        go down to your nearest McDonalds and see them hanging from the ceiling.
                        (just dont eat the "food")

                        Comment


                          #72
                          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                          Originally posted by stj View Post
                          code??
                          those are globally recognised standard connectors with all the usual aprovals.
                          go down to your nearest McDonalds and see them hanging from the ceiling.
                          (just dont eat the "food")
                          Doesn't matter if the components are NEMA, etc. There are use questions involved.

                          E.g., I wanted to put a 220V 60A outlet by the air conditioner compressor and a "plug" on the end of the cable to the compressor. Plug the compressor into the outlet, arrange for the outlet to be encased in a weatherproof housing, etc.

                          Then, put a similar plug on our electric kiln.

                          When we wanted to use the kiln, unplug the compressor and plug the kiln into the circuit. Instead of running a separate circuit for just the kiln (which is rarely used).

                          Electrically, everything is kosher -- kiln doesn't draw more than the branch circuit is rated, grounding issues are correct, weatherproofing, etc.

                          But, local Code doesn't allow this. Compressor must be on a dedicated circuit... a circuit dedicated to the compressor (not "generic 220V 60A loads").

                          Likewise, wanted to put an electric "instant" hot water heater located under the sink on the kitchen circuit. Had to run a separate circuit for it as the counter circuits are not to support any "fixed appliances".

                          In each case, everything would work as expected, circuit breakers (and GFCI's) would provide required protections, etc. but Code doesn't allow.

                          I am free to ignore that and do as I please -- until something goes wrong and I'm found to be out of compliance (will insurer pay if signs of obvious code violations? how long will city give me to have a LICENSED electrician bring things up to Code? will they allow occupancy while that is happening? etc.)

                          OTOH, it is normal for an oven or a clothes dryer to have a 30+A 220V outlet to connect the appliance. And, there's no law against operating a server out of your kitchen or laundry room in lieu of said appliance (it just "looks odd")

                          Comment


                            #73
                            Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                            Oh my, glad we have normal line voltage here and while the laws and regulations are also sack of shit already, it's still not so bad. Yet.
                            Less jewellery, more gold into electrotech industry! Half of the computer problems is caused by bad contacts

                            Exclusive caps, meters and more!
                            Hardware Insights - power supply reviews and more!

                            Comment


                              #74
                              Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                              land-of-the-free.
                              you need to do a bit more swamp-draining.

                              pretty damned funny considering some of the dangerous crap that is permissable or common.
                              like insulation-displacement connectors and those laughable domestic power outlets.

                              Comment


                                #75
                                Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                oooo.....
                                i bet Intel paid a lot for this "feature" to be included.
                                it's just too perfect to be an accident.
                                http://www.theregister.co.uk/2018/01...d_powered_pcs/

                                so now they can tell people to stick with "reliable" Intel shit!!

                                Comment


                                  #76
                                  Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                  Originally posted by stj View Post
                                  pretty damned funny considering some of the dangerous crap that is permissable or common.
                                  like insulation-displacement connectors and those laughable domestic power outlets.
                                  Just because they are RULES doesn't mean they are followed!

                                  Walking around the neighborhood, I can see plenty of cases where NM cable is stapled to the exterior of facia boards without even running it through conduit or liquid-tight. But, an inspector driving by isn't going to get out of his car and write the guy up -- they'll wait for the house to catch fire from some other cause...

                                  And, there are plenty of licensed electricians who will gladly look the other way if financially motivated.

                                  Comment


                                    #77
                                    Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                    Just watched the first two minutes of Intel's CEO keynote. I didn't hear the word sorry or aplogize. Just see Intel not taking any blame with the slide that shows all CPU architectures are vulnerable. Brian also doesn't strike me as a likeable or sympathic guy. I don't see him doing well in crisis control mode in public scrutiny.

                                    https://www.youtube.com/watch?v=f71yokde704

                                    My E8400 is vulnerable. Patch for Lubuntu is supposed to be released Jan 9.

                                    Spectre and Meltdown mitigation detection tool v0.17

                                    Checking for vulnerabilities against live running kernel Linux 4.13.0-17-generic #20-Ubuntu SMP Mon Nov 6 10:04:08 UTC 2017 x86_64
                                    Will use vmlinux image /boot/vmlinuz-4.13.0-17-generic
                                    Will use kconfig /boot/config-4.13.0-17-generic
                                    Will use System.map file /boot/System.map-4.13.0-17-generic

                                    CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
                                    * Kernel compiled with LFENCE opcode inserted at the proper places: NO (only 42 opcodes found, should be >= 70)
                                    > STATUS: VULNERABLE

                                    CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
                                    * Mitigation 1
                                    * Hardware (CPU microcode) support for mitigation: NO
                                    * Kernel support for IBRS: NO
                                    * IBRS enabled for Kernel space: NO
                                    * IBRS enabled for User space: NO
                                    * Mitigation 2
                                    * Kernel compiled with retpoline option: NO
                                    * Kernel compiled with a retpoline-aware compiler: NO
                                    > STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

                                    CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
                                    * Kernel supports Page Table Isolation (PTI): NO
                                    * PTI enabled and active: NO
                                    > STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability)
                                    --- begin sig file ---

                                    If you are new to this forum, we can help a lot more if you please post clear focused pictures (max resolution 2000x2000 and 2MB) of your boards using the manage attachments button so they are hosted here. Information and picture clarity compositions should look like this post.

                                    We respectfully ask that you make some time and effort to read some of the guides available for basic troubleshooting. After you have read through them, then ask clarification questions or report your findings.

                                    Please do not post inline and offsite as they slow down the loading of pages.

                                    --- end sig file ---

                                    Comment


                                      #78
                                      Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                      From what I understand, this behavior is not exactly "wrong" based on the specification, but rather "undefined"... unfortunately it's the worst possible undefined behavior.

                                      Anyone here still run 32-bit Linux? As far as I know, nobody has really looked into getting a fix for meltdown for these machines yet. 64-bit has a patch for meltdown.

                                      The current PoCs out there either do not work on 32-bit or work poorly on them, especially pre-P4 machines.

                                      Comment


                                        #79
                                        Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                        Originally posted by eccerr0r View Post
                                        From what I understand, this behavior is not exactly "wrong" based on the specification, but rather "undefined"... unfortunately it's the worst possible undefined behavior.
                                        I think that would fall in the realm of lawyer-talk.

                                        The protection domains exist for the express purpose of isolating userland from kernel (in this case). Anything that can be exploited to violate that functionality would be a breach of faith -- in the community that will ultimately be buying your product(s).

                                        [I.e., try to claim it's "unspecified" and they'll remind you that their dollars are similarly "unspecified" and could just as easily patronize your competitor.]

                                        You can claim that the TRANSPARENT GLASS walls in the dressing rooms in your store serve to isolate customers from each other and safeguard their belongings (from theft). But, I suspect most folks would say the primary reason for walls in dressing rooms is to interrupt the flow of photons!

                                        Comment


                                          #80
                                          Re: Some serious security bug in INTEL CPUs?? Since Westmere possibly

                                          Yes this is lawyer talk. This means that you can't sue intel or AMD or ARM or whatever because the user (implicitly the computer system designer) accepted the document that defined how the CPU operates... There was no declaration on what the CPU should do in the situation that the code given.

                                          It's the equivalent that you had a chance to see the transparent glass when you built the store, but you didn't see it. So, you think it's okay, and kept going. Now the customers come in the store and find out they can see through the transparent glass if they push this button, slide this cover to the other side, grab a piece of polarizer, and place it in this certain position at the right time...

                                          There is no question that this is indeed improper behavior. However, if people start suing hardware companies for mistakes like this, it just will mean hardware will get more expensive as insurance will start being necessary for covering these problems... now the question should software companies also be liable for unexpected behavior, like due to buffer overflows? What about unchecked bounds?

                                          Then what about the software that is written incorrectly that exposes a hardware bug, if you write it a certain way then the hardware bug isn't exposed?

                                          It's just opening a can of worms.

                                          Comment

                                          Working...
                                          X