Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC Soon!

For everything that's not in any way related to PureBasic. General chat etc...
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC Soon!

Post by Zebuddi123 »

'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign -- Intel Processor Performance hits loom ~20-30%

Viva la AMD ? so does this affect AMD if not :) Who`s the Daddy Now
:shock: :lol: :lol: :lol: :lol: :lol: :lol:

https://www.theregister.co.uk/2018/01/0 ... sign_flaw/
malleo, caput, bang. Ego, comprehendunt in tempore
HanPBF
Enthusiast
Enthusiast
Posts: 563
Joined: Fri Feb 19, 2010 3:42 am

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by HanPBF »

Just have read about it in a well known German magazine.
That story will make it into TV and then hopefully you have no investment done in Intel stocks...

As far as I understood it's a security problem on CPU level.
As long as my smartphone is 100% secure...
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Zebuddi123 »

Hi HanPBF apparently it does affect Android and IOS too, But AMD is not affected "AMD said it is not affected. The wording of that message, though, rather gives the game away as to what the underlying cockup is"

Intel CEO sells 1/4 million stock for $11,000,000 keeping the the bare 250,000 shares he has to keep. To me smacks of Intel seniors Knew. This is what my former CEO did but in a different industry, 10,000 staff redundant and £6,000,000 in shares sold with bare minimum kept prior to the company going under.I`m not saying intel will go under but it`s certainly serious business.

https://www.fool.com/investing/2017/12/ ... stock.aspx

Zebuddi. :)
malleo, caput, bang. Ego, comprehendunt in tempore
User avatar
skywalk
Addict
Addict
Posts: 3972
Joined: Wed Dec 23, 2009 10:14 pm
Location: Boston, MA

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by skywalk »

This will drive increasing orders for next gen microprocessors. INTEL will be fine after a stock pullback. This was not a secret to Wall Street. It is up to AMD, QCOM, NVIDIA, ARM, IBM, etc. to deliver faster, cheaper, error-free processors to the market.
The nice thing about standards is there are so many to choose from. ~ Andrew Tanenbaum
DarkDragon
Addict
Addict
Posts: 2218
Joined: Mon Jun 02, 2003 9:16 am
Location: Germany
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by DarkDragon »

https://security.googleblog.com/2018/01 ... -need.html

"Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM"
Last edited by DarkDragon on Thu Jan 04, 2018 11:38 am, edited 1 time in total.
bye,
Daniel
Joris
Addict
Addict
Posts: 885
Joined: Fri Oct 16, 2009 10:12 am
Location: BE

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Joris »

Volkswagen became punished hard for there CO2-affaire, what about Intel now ?
Yeah I know, but keep in mind ... Leonardo da Vinci was also an autodidact.
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Zebuddi123 »

I wonder if/how many Military Systems, Nuke`s, ICBM`s, missiles affected. Whom provides their chips\SOC`s. What about Validation of chip design for these, if the aforementioned were true ~5-50% slow down when patched (in and out of user/kernel mode how many 1000+ times a millisecond system wide) :shock: :twisted:

For me I`m running a x5650 orig($1000) 7 years old cpu and still brilliant, as fast as I need soon to be possibly turned into a L5420 :twisted: :twisted: :twisted:

And yes like "Diesel Gate" how long have they known! if the Armed Forces and 5eyes are patched? (and how long) then its defiantly an IntelGate.

Zebuddi. :)
malleo, caput, bang. Ego, comprehendunt in tempore
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Zebuddi123 »

Wow Just a thought (yes that`s 2 today :) ) I should be able to buy a "Core i9-7980XE" for a couple of squid (£) in 6-12 months still be faster than mine patched.
:lol: :lol: :) :) :) :)

Thats because they are saying it`s not microcode fixable.
malleo, caput, bang. Ego, comprehendunt in tempore
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Zebuddi123 »

The researchers have created a website with more details on Meltdown and Spectre - https://meltdownattack.com/. Its FAQ, like many security-related FAQs, is simultaneously comforting and hair-raising. It starts with “Am I affected by the bug? Most certainly, yes.” It notes that there are patches for Meltdown for Windows, Linux, and macOS. It also notes that that Spectre, though harder for a hacker to implement, is more problematic: “As it is not easy to fix, it will haunt us for quite some time.”
malleo, caput, bang. Ego, comprehendunt in tempore
User avatar
tj1010
Enthusiast
Enthusiast
Posts: 621
Joined: Mon Feb 25, 2013 5:51 pm
Location: US or Estonia
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by tj1010 »

Funny thing is Zen and I think even last Bulldozer has a ARM co-processor. This vuln should be able to dump the Trustzone micro-kernel over SMC or even main MMU on Zen ARM and Apple, Qualcomm, and Nvidia ARM chips which means all PKI keystore and all the other features like SME can be defeated over time by mapping page table dumps from memory leaks..

Even PS4 and Xbox One security is mostly build on Trustzone micro-kernel. On the PS4 it's used for validated ELF binaries through SMC(don't ask me how I know this it's not on the internet). Xbox One and PS4 use it for chain of trust by loading a encrypted micro kernel from custom silicon ROM.

Everyone now are at the mercy of peoples laziness to prevent jailbreaks and privilege escalation.
The truth hurts.
HanPBF
Enthusiast
Enthusiast
Posts: 563
Joined: Fri Feb 19, 2010 3:42 am

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by HanPBF »

First day in office day after tomorrow and many questions will have to be answered.

Beside "all is broken", "nothing is 100% secure", etc. is there a probability for attacks that changed?

Web applications are safer than executables as things are hosted and "virtualized" through browsers?
Or vice versa, a local special exe is safer because attacks are done to known programs?
.NET and Java are safer, because they are JIT and not direct executables?

I know that everything is unsafe; but what needs the most effort to be attacked.
At the moment, I can not answer for myself; yes .NET/Java is separated from direct memory access but so wide spreaded used that I guess the situation is either lose-lose...
For me, everything was attackable before with more or less effort, but now attackers have a good base or universal key to attack what they want.

When I read tj1010 post I feel more and more sick... a desaster, isn't it?
User avatar
tj1010
Enthusiast
Enthusiast
Posts: 621
Joined: Mon Feb 25, 2013 5:51 pm
Location: US or Estonia
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by tj1010 »

HanPBF wrote:First day in office day after tomorrow and many questions will have to be answered.

Beside "all is broken", "nothing is 100% secure", etc. is there a probability for attacks that changed?

Web applications are safer than executables as things are hosted and "virtualized" through browsers?
Or vice versa, a local special exe is safer because attacks are done to known programs?
.NET and Java are safer, because they are JIT and not direct executables?

I know that everything is unsafe; but what needs the most effort to be attacked.
At the moment, I can not answer for myself; yes .NET/Java is separated from direct memory access but so wide spreaded used that I guess the situation is either lose-lose...
For me, everything was attackable before with more or less effort, but now attackers have a good base or universal key to attack what they want.

When I read tj1010 post I feel more and more sick... a desaster, isn't it?

To put it simply: Supposedly ring 0 memory has been read/wrote from v8 JS engine in a sandbox. Which means it can be done anywhere.

It's a bug in speculative execution algorithm which is in all modern chips. Except in-order(some Atoms like my 330 etc..) chips I think.
The truth hurts.
User avatar
blueznl
PureBasic Expert
PureBasic Expert
Posts: 6161
Joined: Sat May 17, 2003 11:31 am
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by blueznl »

Strictly speaking, it's not a bug per se, it's a design flaw I think (a rather stupid one at that). It also affects AMD, ARM, and what not...

Speculative data in the cache is accessible from the client thread, even if that data belongs to some other part of the system that would require access rights elevation.

Still waiting for the final impact on all (still to be patched older) systems...

(If we're talking about Spectre and Meltdown here, I assume...)
( PB6.00 LTS Win11 x64 Asrock AB350 Pro4 Ryzen 5 3600 32GB GTX1060 6GB)
( The path to enlightenment and the PureBasic Survival Guide right here... )
User avatar
Zebuddi123
Enthusiast
Enthusiast
Posts: 794
Joined: Wed Feb 01, 2012 3:30 pm
Location: Nottinghamshire UK
Contact:

Re: Intel x86 HW KPTI bug ~20-30% SlowDown Coming to ur PC S

Post by Zebuddi123 »

Hi blueznl.

Yes true, as since been reported :) and to be honest Ive not checked to see if patches have been released or even installed. If anyone did hack me and my bank account, they would have to deposit some first to steal it, all my money has been invested in shares "Son & Daughter Inc" shocking returns :shock: :oops: and I have just installed a (pcie x1 gen 2) to sata 3 controller card and an crucial 275gb ssd so the old dell t3500 is running to notch and at the moment not to sure if I would notice as its all been hushed and dampened down to make me want to do some tests.

zebuddi :)
malleo, caput, bang. Ego, comprehendunt in tempore
Post Reply