News Intel Discovers AMD Spectre Patch Has Been Broken Since 2018, AMD Issues Fix

[Admin]

Intel's crack STORM security research team unearthed an issue with AMD's mitigations for the Spectre vulnerability that leaves users exposed to unhindered attackers. AMD has since changed its recommendations to a new type of mitigation.

Intel Discovers AMD Spectre Patch Has Been Broken Since 2018, AMD Issues Fix : Read more

 

[USAFRet]

And the never ending refrain from the peanut gallery was that AMD was immune to this.
Only the crappy Intel systems were affected.

 

[hotaru.hino]

This is making me wonder if branch prediction itself is insecure and we're going to be spending decades playing whack-a-mole.

 

[USAFRet]

This is making me wonder if branch prediction itself is insecure and we're going to be spending decades playing whack-a-mole.

Yes.

 

[Suiton20]

It seems like intel being plain salty and told their security team to do whatever it took to find a vulnerability on amd cpus.

 

[USAFRet]

It seems like intel being plain salty and told their security team to do whatever it took to find a vulnerability on amd cpus.

Can't find something that does not actually exist.

 

[Flyfisherman]

Wait, is this really a problem for the private user?
I mean spectre, meltdown and before it was, well something else.

I have never experienced any problem what so ever.
Best Regards from Sweden

 

[USAFRet]

Wait, is this really a problem for the private user?
I mean spectre, meltdown and before it was, well something else.

I have never experienced any problem what so ever.
Best Regards from Sweden

Even the original Spectre and Meltdown were not.

There wasn't a single instance of an exploit in the wild until about a year ago.

 

[Alvar "Miles" Udell]

In the name of speed in the face of a possible dramatic performance reduction to mitigate a vulnerability which is incredibly difficult (from everything I've read) to exploit...Take speed...

 

[USAFRet]

In the name of speed in the face of a possible dramatic performance reduction to mitigate a vulnerability which is incredibly difficult (from everything I've read) to exploit...Take speed...

I've personally not seen any performance reductions, since before and after all the mitigations were released and applied.

 

[JarredWaltonGPU]

I've personally not seen any performance reductions, since before and after all the mitigations were released and applied.

Run some storage benchmarks with a fast SSD!

But many of the attacks require access to the system to run malicious code. There are a few instances of web pages being able to leak data (ie, Meltdown), and for servers where multiple different tenants are running on the same hardware, it's a big concern. For your typical home user, most of these side-channel attacks are far less of a threat. For now, of course — someone will probably figure out how to perform an attack on home PCs and will wreak havoc.

It seems like intel being plain salty and told their security team to do whatever it took to find a vulnerability on amd cpus.

Did you read the article?

Intel's research into AMD's Spectre fix begins in a roundabout way — Intel's processors were recently found to still be susceptible to Spectre v2-based attacks via a new Branch History Injection variant, this despite the company's use of the Enhanced Indirect Branch Restricted Speculation (eIBRS) and/or Retpoline mitigations that were thought to prevent further attacks.

In need of a newer Spectre mitigation approach to patch the far-flung issue, Intel turned to studying alternative mitigation techniques. There are several other options, but all entail varying levels of performance tradeoffs. Intel says its ecosystem partners asked the company to consider using AMD's LFENCE/JMP technique. The "LFENCE/JMP" mitigation is a Retpoline alternative commonly referred to as "AMD's Retpoline."

As a result of Intel's investigation, the company discovered that the mitigation AMD has used since 2018 to patch the Spectre vulnerabilities isn't sufficient — the chips are still vulnerable. The issue impacts nearly every modern AMD processor spanning almost the entire Ryzen family for desktop PCs and laptops (second-gen to current-gen) and the EPYC family of datacenter chips.

In other words, Intel was looking to use AMD's "fix" and ultimately discovered it was broken, then notified AMD so that patches could be put in place. AFAICT, there was no ill intent in the original research.

 

[hotaru.hino]

It seems like intel being plain salty and told their security team to do whatever it took to find a vulnerability on amd cpus.

They should. Not because they're salty, but because we need more people to look at AMD processors.

 

[hotaru251]

And the never ending refrain from the peanut gallery was that AMD was immune to this.
Only the crappy Intel systems were affected.

not even that on my view.
its that the "fixes" intel does are much more costly (performance wise) than the fixes amd does.

Intel's ARE known to be affected more than AMD's just because of how they differ. (hence it costs more to fix on intel's side)


Both sides need to rethink how they make CPU's given these types have been occurring since what? 2017?

 

[spongiemaster]

not even that on my view.
its that the "fixes" intel does are much more costly (performance wise) than the fixes amd does.

Maybe because Intel's fixes actually patch the vulnerability.

 

[TerryLaze]

Both sides need to rethink how they make CPU's given these types have been occurring since what? 2017?

The only alternative to the mitigations that reduce performance in only some ways would be to not have any branch prediction at all and lose all of the performance.

 

[setx]

This tells us an important thing: (almost) no one actually bothers to check all those complex and performance affecting mitigations. And many "proof of concepts" are just videos and not a real code you can run and actually check that vulnerability is closed.

Maybe because Intel's fixes actually patch the vulnerability.

They aren't at all. Just look at MDS vulnerability: it was supposed to be fixed in hardware, but then TAA happened. And what Intel did? Just killed TSX as "solution": instead of actually solving the problem they just removed instructions that found another path to the broken design.

 

[jkflipflop98]

If you're a home user, you don't even have to worry about these types of attacks. The people that actually do this type of thing arent going to go through all the trouble it takes to actually pull off one of these attacks so they can see your browsing history and have access to the $300 in your checking account. You simply aren't worth their time.

 

[spentshells]

Unless you are using your computer online for reasons requiring securir... This is all a waste of performance and money.

Ivy bridge @4.0 wiith a graphics card up to 3060ti when specter patches are disabled Will

Play any game at any resolution at acceptable frame rates.

Don't be important you can game for cheap by disabling these patches.

 

[TerryLaze]

Unless you are using your computer online for reasons requiring securir... This is all a waste of performance and money.

Ivy bridge @4.0 wiith a graphics card up to 3060ti when specter patches are disabled Will

Play any game at any resolution at acceptable frame rates.

Don't be important you can game for cheap by disabling these patches.

You only loose a lot of performance on things that use extremely high amounts of IO ,for gaming it should not be high enough to be notable without benchmarks, and this is probably just the same for amd as well.

 

[hotaru.hino]

Both sides need to rethink how they make CPU's given these types have been occurring since what? 2017?

The fundamental issue with branch prediction that it's a convenience feature to speed up performance. But the problem is when it comes to security, convenience and security are mutually exclusive. It's like adding a backdoor to an encryption method meant for "lawful purposes." It's a convenience feature that massively speeds up the performance of whoever "lawfully" needs it. But it's also a massive security risk.

So how many more layers of security are we going to add to branch prediction because each of those layers keeps getting broken before it doesn't make sense to include branch prediction anymore?

 

[spentshells]

You only loose a lot of performance on things that use extremely high amounts of IO ,for gaming it should not be high enough to be notable without benchmarks, and this is probably just the same for amd as well.

I'm only speaking from experience with the initial specter patches, which clearly isn't quite the same. Guess I was just blowing hot air.

However in my experience I was gaining 15 to 25 frames at 1080Pdepensing on the game.