Personal computing discussed

Moderators: Flying Fox, morphine

 
biffzinker
Gerbil Jedi
Topic Author
Posts: 1996
Joined: Tue Mar 21, 2006 3:53 pm
Location: AK, USA

New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 1:02 pm

A new security vulnerability has been found that only affects Intel CPUs - AMD users need not concern regarding this issue. Dubbed Spoiler, the newfound security vulnerability was discovered by the Worcester Polytechnic Institute in partnership with the University of Lübeck, and affects all Intel CPUs since the introduction of their Core architecture. This vulnerability too affects Intel's speculative execution design, and according to the researchers, works independent of OS, virtual machine, or sand boxed environments.

As the researchers explain, Intel's speculative execution of certain memory workloads requires the full physical address bits for the information in memory to be known, which could allow for the full address to be available in user space - allowing for privilege escalation and other micro-architectural attacks. According to the researchers, a software solution to this problem is impossible, which means this is yet another silicon-level bug that needs to be addressed in future processor designs.


Source: TechPowerUp

Original Source: The Register
Last edited by biffzinker on Tue Mar 05, 2019 1:30 pm, edited 3 times in total.
It would take you 2,363 continuous hours or 98 days,11 hours, and 35 minutes of gameplay to complete your Steam library.
In this time you could travel to Venus one time.
 
qmacpoint
Gold subscriber
Gerbil First Class
Posts: 193
Joined: Wed Mar 14, 2018 12:56 pm

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 1:14 pm

how realistic would this attack be? I don't wanna buy a new laptop :(
 
just brew it!
Gold subscriber
Administrator
Posts: 52648
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 1:41 pm

My understanding is that it is very difficult to exploit, and unlikely to be fixed any time soon.
Nostalgia isn't what it used to be.
 
DancinJack
Maximum Gerbil
Posts: 4400
Joined: Sat Nov 25, 2006 3:21 pm
Location: Kansas

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 1:58 pm

meh
i7 6700K - Z170 - 16GiB DDR4 - GTX 1080 - 512GB SSD - 256GB SSD - 500GB SSD - 3TB HDD- 27" IPS G-sync - Win10 Pro x64 - Ubuntu/Mint x64 :: 2015 13" rMBP Sierra :: Canon EOS 80D/Sony RX100
 
Krogoth
Gold subscriber
Gerbil Elder
Posts: 5691
Joined: Tue Apr 15, 2003 3:20 pm
Location: somewhere on Core Prime
Contact:

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 2:11 pm

Only if Intel had used glue in their micro-architectures. None of these security vulnerabilities would have existed.

INTEL BANKRUPTCY IN 2020 CONFIRMED!
Gigabyte Z390 AORUS-PRO Coffee Lake R 9700K, 2x8GiB of G.Skill DDR4-3600, Sapphire RX Vega 64, Corsair CX-750M V2 and Fractal Define R4 (W)
Ivy Bridge 3570K, 2x4GiB of G.Skill RIPSAW DDR3-1600, Gigabyte Z77X-UD3H, Corsair CX-750M V2, and PC-7B
 
DragonDaddyBear
Silver subscriber
Gerbil Elite
Posts: 908
Joined: Fri Jan 30, 2009 8:01 am

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 2:19 pm

Holy crap, another? While these kinds of things don't really impact us as users they have a real issue in the enterprise. I wonder just how much brand reputation Intel has lost and if this is driving the bigger dollar spenders to more strongly consider AMD systems.
 
meerkt
Graphmaster Gerbil
Posts: 1098
Joined: Sun Aug 25, 2013 2:55 am

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 2:21 pm

 
chuckula
Gold subscriber
Minister of Gerbil Affairs
Posts: 2066
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 3:01 pm

I don't even consider this a "vulnerability". It's just some statements about Rowhammer attacks that can extract some memory address information.

The real issue is Rowhammer.
4770K @ 4.7 GHz; 32GB DDR3-2133; Officially RX-560... that's right AMD you shills!; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
DragonDaddyBear
Silver subscriber
Gerbil Elite
Posts: 908
Joined: Fri Jan 30, 2009 8:01 am

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 3:18 pm

I think this is more than Rowhammer. That attack is a weakness in the way DDR is designed. This is an enhanced version of that. According to the original source this is "a weakness in the address speculation of Intel’s proprietary implementation of the memory subsystem." It says that this is a speculative attack using the memory controller.
 
just brew it!
Gold subscriber
Administrator
Posts: 52648
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 3:54 pm

chuckula wrote:
I don't even consider this a "vulnerability". It's just some statements about Rowhammer attacks that can extract some memory address information.

The real issue is Rowhammer.

If I am reading things correctly, the rowhammer angle is just one piece of this vulnerability. It also enables new timing attacks.
Nostalgia isn't what it used to be.
 
chuckula
Gold subscriber
Minister of Gerbil Affairs
Posts: 2066
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Re: New Security Vulnerability Found, Poor Intel

Tue Mar 05, 2019 10:38 pm

Having read the paper I'm still massively unimpressed and I once again don't think this is an actual flaw.

Basically the "flaw" in Intel's speculative execution is that the mapping of virtual addresses to physical addresses in the memory is predictable, which is supposed to make Rowhammer attacks more efficient.

That's about it. Without working Rowhammer attacks, this isn't a flaw. Period. Frankly, having predictable and stable mappings of virtual addresses and physical addresses sounds like a good thing to me, not a bad thing. Oh, and there's nothing about this "flaw" that makes Rowhammer magically work where it wouldn't work on some other platform at a physical level, it's just that the "flaw" makes it easier to predict virtual addresses that map to adjacent rows in the physical memory. Once again, nothing about that relationship is supposed to be "secret" and frankly to think that you can't find the relationships in other CPU architectures beyond Intel's is pretty naive, even if Intel's relationships are easier to identify since they probably did a superior job of implementing spatial locality in physical RAM... which is a performance booster.

In a nutshell: Rowhammer is bad. It's still bad after this paper. It's still bad on all platforms that are affected. And being able to predict the virtual address --> physical address mapping of a CPU isn't a bug if you actually address the underlying issue that Rowhammer is bad.

Oh, and even the authors admitted that Intel's SGX defeats their attacks. Funny, it's been almost a year since AMD's encrypted VM's were split open like a pinata mere months after Epyc launched and there's been literally zero fixes forthcoming from AMD. https://www.theregister.co.uk/2018/05/2 ... on_bypass/

#Post2001MonolithCONFIRMED
4770K @ 4.7 GHz; 32GB DDR3-2133; Officially RX-560... that's right AMD you shills!; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
just brew it!
Gold subscriber
Administrator
Posts: 52648
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: New Security Vulnerability Found, Poor Intel

Wed Mar 06, 2019 7:45 am

chuckula wrote:
Having read the paper I'm still massively unimpressed and I once again don't think this is an actual flaw.

Basically the "flaw" in Intel's speculative execution is that the mapping of virtual addresses to physical addresses in the memory is predictable, which is supposed to make Rowhammer attacks more efficient.

It also makes cache timing attacks more efficient, so it is not JUST an issue for systems susceptible to Rowhammer.

That said, it seems like it is difficult to exploit, but also pretty difficult to mitigate since these types of optimizations are an inherent feature of how modern high-performance CPUs work. IOW for most people it is very low-risk in the grand scheme of things, and there isn't a damn thing you can do about it anyway.

The people who design DRAM and DRAM controllers really need to fix Rowhammer regardless...
Nostalgia isn't what it used to be.
 
Mr Bill
Gold subscriber
Gerbil Jedi
Posts: 1681
Joined: Mon Jan 21, 2002 7:00 pm
Location: Colorado Western Slope
Contact:

Re: New Security Vulnerability Found, Poor Intel

Wed Mar 06, 2019 2:24 pm

Seems it Sith a Core design problem. Apparently the "Dark Side" of speculative memory address loading is not dark enough.
X6 1100T BE | Gigabyte GA-990FXA-UD3 AM3+ | XFX HD 7870 | 16 GB DDR3 | Samsung 830/850 Pro SSD's | Logitech cherry MX-brown G710+ | Logitech G303 Daedalus Apex mouse | SeaSonic SS-660XP 80+ Pt | BenQ 24' 1900x1200 IPS | APC Back-UPS NS-1350 | WinXP64 Pro
 
LoneWolf15
Silver subscriber
Gerbil Elite
Posts: 906
Joined: Tue Feb 17, 2004 8:36 am
Location: SW Meecheegan

Re: New Security Vulnerability Found, Poor Intel

Mon May 13, 2019 8:25 pm

Remember this, in context.

How many Spectre and Meltdown exploits have we seen active in the wild?

Yes, that'd be zero.

Easier said than done. As this appears to be too.
i9-9900K @4.7GHz, GIGABYTE Z390 Aorus Pro WiFi, 32GB (2 x 16) G.Skill RipJaws V
Corsair 650D, Seasonic 1Kw Platinum PSU
2x Samsung 850 Pro 512GB, 1TB WD Black, NEC 7200 DVDRW
2x Gigabyte GTX 1070 Founders Ed. SLI, Dell 2408WFP-HC

Who is online

Users browsing this forum: No registered users and 1 guest