- Jan 1, 2018
- 18,490
- 3,974
- 73,540
If the fix can be software patched, I'd hope Microsoft would be on it. This seems like a pretty bad issue if Intel is actually suggesting to disable a key performance feature of their CPUs in order to mitigate the issue.
Imagine a large company uses thousands of Intel-powered computers. Most companies cannot afford to lose computers or have data breaches thanks to infections. The way Intel recommends (currently) to help keep them safer from this type of attack causes them to lose a lot of performance from there CPUs, potentially causing that company to lose money. Good going team blue...
So here's how I take this. Am I correct?
Are AMD CPUs and Intel CPUs lacking HT (9700k for ex) at least less susceptible to this part of spectre? I recall AMD, ARM, and Intel CPUs being susceptible to other parts of spectre.
Imagine a large company uses thousands of Intel-powered computers. Most companies cannot afford to lose computers or have data breaches thanks to infections. The way Intel recommends (currently) to help keep them safer from this type of attack causes them to lose a lot of performance from there CPUs, potentially causing that company to lose money. Good going team blue...
So here's how I take this. Am I correct?
Are AMD CPUs and Intel CPUs lacking HT (9700k for ex) at least less susceptible to this part of spectre? I recall AMD, ARM, and Intel CPUs being susceptible to other parts of spectre.
- Sep 10, 2006
- 7,884
- 140
- 35,640
Was reading it's something new this time, newer than what I read anyway.
Can still check the system on the GRC website though so see if there is a problem.
They seem to have the latest check for it.
TechyInAZ
Titan
For mainstream users, this won't be a problem. Leaving hyperthreading on isn't a huge deal. And if you are careful with your computer and don't go to dangerous sites, not a big deal if you leave it on.
But for anybody who is dealing with very sensitive stuff and needs security, yeah definitely turn off hyperthreading.
But for anybody who is dealing with very sensitive stuff and needs security, yeah definitely turn off hyperthreading.
jeremyj_83
Glorious
- Aug 23, 2017
- 5,303
- 1,849
- 44,440
TechyInAZ
Titan
I think your misunderstanding the post. 8th and 9th gen CPUs are affected EXCEPT for Whiskey Lake.
jasonelmore
Distinguished
- Aug 10, 2008
- 626
- 7
- 18,995
Intel needs to offer it's 7XXX series customers chip replacements. I just bought a $1000 7900X a year and a half ago and day after day I read about how many security flaws are in my processor. What a joke.
- Jan 1, 2018
- 18,490
- 3,974
- 73,540
Intel would never do that. With the shortages Intel is experiencing and the struggles to make a node shrink, Intel has their hands full. Some Intel CPUs (Whisky Lake) have hardware mitigation for some of these bugs, but most of the desktop CPUs coming out of Intel's factories still don't have any hardware fixes for these bugs.
Intel will try to do everything possible to get the security bugs patched either in firmware or software, however considering how many CPUs exist with major bugs, there is no way they can replace anyones CPU.
Some of these flaws date back decades.
Read more about "Spectre and Meltdown in Hardware: Intel Clarifies Whiskey Lake and Amber Lake":
https://www.anandtech.com/show/13301/spectre-and-meltdown-in-hardware-intel-clarifies-whiskey-lake-and-amber-lake
Intel will try to do everything possible to get the security bugs patched either in firmware or software, however considering how many CPUs exist with major bugs, there is no way they can replace anyones CPU.
Some of these flaws date back decades.
Read more about "Spectre and Meltdown in Hardware: Intel Clarifies Whiskey Lake and Amber Lake":
https://www.anandtech.com/show/13301/spectre-and-meltdown-in-hardware-intel-clarifies-whiskey-lake-and-amber-lake
- Dec 22, 2014
- 33,007
- 3,020
- 116,640
Was reading it's something new this time, newer than what I read anyway.
Can still check the system on the GRC website though so see if there is a problem.
They seem to have the latest check for it.
But, again, there is NO issue with AMD processors regarding this latest problem. NONE.
- Sep 10, 2006
- 7,884
- 140
- 35,640
Solandri
Illustrious
- Jan 4, 2012
- 4,919
- 98
- 39,240
This. You're not important enough that someone is going to go through the trouble to exploit these flaws to try to lift your bank account number and password. If they're going to go to all that trouble, they're going to target some corporate VM which might give them access to a bank account with tens of millions of dollars. Not your puny bank account with a few thousand or tens of thousands of dollars.
So for home users, just run everything as you did before with HT enabled. If you're paranoid, you can get a cheap notebook with 8th/9th gen Intel or AMD processor for doing your banking. If you're doing risky activities like running pirated games, then yeah someone might use this to get your gaming account login info. But the real solution there is don't do risky activities like pirating games.
not really.
I know big picture: Intel has a joke security involving its HT system.
But the average user will NOT be effected in msot cases..meaning theres no real need to lose performance forever . a backup/restore is simple to do and doesnt sacrifice anythign but a few hours of your time.
"just disable HT" is a joke fro mthem given some ppl bought their cpu specifically FOR that benefit.
I HAD planned to upgrade to a newer intel cpu, but i'll just wait for 2021+ when they finally decide to actually re-make their current architecture
JQB45
Splendid
- Jun 23, 2006
- 3,599
- 51
- 24,040
Lets say I am a software engineer and I turn evil and decide to write a virus of some sort that stealthily infects 10,000 people. Now I don't know who I am going to infect or if they use online banking. But lets say I get 10% who use online banking. That is a 1000 people now lets say they each have 2 financial accounts each with an avg. of 1000 dollars in it.
I can now harvest banking information for 2000 financial accounts worth an avg total of $2,000,000.00. I can now work on automating the acquisition of this cash and placing it in accounts I control.
See where I am going with this? And infecting 10,000 people is nothing for a virus.
And now no one would know they got attacked until after their cash is gone...
This is all hypothetical but my point is, everyone is vulnerable.
Another scenario is harvesting usernames and passwords and selling them wholesale.
I can now harvest banking information for 2000 financial accounts worth an avg total of $2,000,000.00. I can now work on automating the acquisition of this cash and placing it in accounts I control.
See where I am going with this? And infecting 10,000 people is nothing for a virus.
And now no one would know they got attacked until after their cash is gone...
This is all hypothetical but my point is, everyone is vulnerable.
Another scenario is harvesting usernames and passwords and selling them wholesale.
Last edited:
jeremyj_83
Glorious
- Aug 23, 2017
- 5,303
- 1,849
- 44,440
That is exactly what I have said for 4 different posts on this thread. There have been multiple other posts that were people were misunderstanding that I had said that only Whiskey Lake, Atom, and Knights Landing CPU were unaffected.
redgarl
Distinguished
- Jun 4, 2009
- 2,882
- 190
- 21,240
Man, are you serious!? So after all this BS, and the inflated price for the performances, and the insane margins Intel charge to their customers, and their unfriendly customer approach forcing you to switch motherboard every year... you are simply still going to support them?!!
Wake up! This is a wake up call. AMD is around the corner with Ryzen 3000 and Intel has nothing until they get to 7nm.
I am done with Intel for good. They will only understand if people start to hurt their wallet.
- Dec 22, 2014
- 33,007
- 3,020
- 116,640
I already conceded to that.
I had old info.
I didn't get that at all from what you posted. But I'm not surprised by that. Anyway lets move on.
jeremyj_83
Glorious
- Aug 23, 2017
- 5,303
- 1,849
- 44,440
i find this hilarious:
https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
Is Intel recommending that I disable HT?
No. Intel is not recommending that users disable Intel® Hyper threading. It’s important to understand that doing so does not alone provide protection against MDS, and may impact workload performance or resource utilization that can vary depending on the workload.
so they say to disable it verbally, but their own page says there is no need to and even disabling it wont stop it alone.
https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
Is Intel recommending that I disable HT?
No. Intel is not recommending that users disable Intel® Hyper threading. It’s important to understand that doing so does not alone provide protection against MDS, and may impact workload performance or resource utilization that can vary depending on the workload.
so they say to disable it verbally, but their own page says there is no need to and even disabling it wont stop it alone.
Solandri
Illustrious
- Jan 4, 2012
- 4,919
- 98
- 39,240
This exploit does not give you unfettered access to info on the computer. It only gives you access to other info which happens to be loaded in that particular core at the moment your exploit code happens to run. So there's a very large element of luck involved. Your malicious code has to just happen to run at the same moment(s) the banking account number and password were in memory. So you need to multiply what you've written by like the 0.000001% probability of your exploit code happening to run at the exact moment someone's banking password passes through the same core's registers (and being able to identify it as a banking password). That low probability means no or very few successes, so anyone going to the trouble of exploiting it will aim for a high-profile target with a big payout should they happen to succeed.
Most exploits are actually like this. That's why they're not used for the main exploit - they're only leveraged to root the system. Once you have root (admin) access, you can then run arbitrary code which can capture the bank account info. But AFAIK there is no way to exploit these particular vulnerabilities to gain root. All they do is allow you to peek into other the memory registers of other random threads at random times.
In other words, the fact that the system got a virus at all in the first place is a greater threat than this exploit. If you've managed to put a virus on someone's computer, the next step would be to root it so you can install a keylogger or something to capture their passwords. You wouldn't bother with this particular exploit because its chance of success is way too low. The risk is only really for high-security systems where they're constantly actively scanning for things like root exploits and keyloggers. Since this exploit represents a different vector of attack, someone could conceivably use it to slip past the other anti-malware protections the secure system has installed.
Last edited:
- Jan 1, 2018
- 18,490
- 3,974
- 73,540
For most desktop users AMD is the way to go. Ryzen offers more performance than intel at the price points most people are wanting to spend on a pc.
However i still think for laptops, Intel is preferred. AMDs mobile cpus have come a long way and do have some great Igpus, however they have relatively low 1 thread performance. Since Ryzen mobile tops out at 4c 8t, Ryzen Mobile cpus lack the core count advantage that desktop ryzen enjoys, making most Intel laptops better for single or multithreaded applications. Intel makes has 6 and 8 core laptops available.
For servers I would love to learn more. Apparently Cascade lake has hardware mitigation for spectre attacks simmilar to to whisky lake. Epyc is stealing intels sales slowly, but who knows what will happen.
However i still think for laptops, Intel is preferred. AMDs mobile cpus have come a long way and do have some great Igpus, however they have relatively low 1 thread performance. Since Ryzen mobile tops out at 4c 8t, Ryzen Mobile cpus lack the core count advantage that desktop ryzen enjoys, making most Intel laptops better for single or multithreaded applications. Intel makes has 6 and 8 core laptops available.
For servers I would love to learn more. Apparently Cascade lake has hardware mitigation for spectre attacks simmilar to to whisky lake. Epyc is stealing intels sales slowly, but who knows what will happen.
jeremyj_83
Glorious
- Aug 23, 2017
- 5,303
- 1,849
- 44,440
I can tell you from experience that the Epyc are an awesome CPU. The density that they provide over anything that Intel has, well Cascade Lake AP is even more dense but at over 2x the power requirements, is quite nice. We have a couple Dell R7425's and have been happy with them ever since we got them.
jeremyj_83
Glorious
- Aug 23, 2017
- 5,303
- 1,849
- 44,440
If HT is turned on in the BIOS it should be working. However, according to Intel, just disabling HT won't fix this issue.
Solandri
Illustrious
- Jan 4, 2012
- 4,919
- 98
- 39,240
My understanding of how these exploits work is that when you run code in a core, the core speculates what the next instruction will be and tries to pre-process that instruction. e.g. The core has separate hardware for calculating addition vs multiplication. So if you've loaded 2 and 3 into separate registers on the core (a register is just a small cubbyhole of memory used to hold a single piece of data), the core guesses the next instruction will be an addition or multiplication. Instead of waiting to read the next instruction in the code before running the addition or multiplication, it goes ahead and completes both operations while it's reading the next instruction.
When it finishes reading the next operation and sees that it's addition, it doesn't need to add 2 and 3. It already did that the previous clock cycle, and the answer (5) is already sitting in the addition register. It can just read the answer and proceed to the next instruction. So speculative execution saves a clock cycle in this simplified example.
The key to the exploit is: what happens to the answer in the multiplication register? It came up with the answer 6. If you go to the trouble of erasing the wrong speculated answers, that defeats most of the speed gains you got from speculative execution (if the subsequent operation is a multiplication, but your multiplication hardware is busy erasing the previous speculated answer, now it has to wait an extra clock cycle and you lose the cycle you gained from speculating the addition). But if you leave the answer there, then that's information that could be read back later in the code. Not a problem with a single-threaded task. But if you're multitasking or hyperthreading, then the next piece of code which has access to that multiplication register may not be yours. It could be malware code attempting to use this exploit to figure out the data your code was working on.
So yeah, just disabling HT doesn't completely fix the problem. It greatly reduces your vulnerability exposure (since two threads are not running on the same core simultaneously, and have access to each others' unused core registers). But the same exploit is still possible if you're multitasking and the OS decides it's time to run a different thread on that same core. (I focused on the data registers in this explanation. But there is all sorts of caching going on in the processor as well.)
It's kinda the same problem as with deleting files on your drive not really deleting the data. The computer just marks the file as deleted, assuming the data will be overwritten the next time that disk space is used. But if the next program to access that disk space is not going to overwrite it with new data, but instead intentionally tries to find deleted data (an undelete program), then it can find and read that data which was supposed to have been deleted. I've heard that force-clearing all the registers and cache every time there's a context switch (the thread running on the core changes - equivalent to zeroing out all the deleted disk space whenever you run a new program in the file deletion analogy) introduces a rather large performance penalty. So it's not that simple to fix this.
TRENDING THREADS
-
-
-
Review AMD Ryzen 7 9800X3D Review: Devastating Gaming Performance- Started by Admin
- Replies: 201
Facebook
Twitter
Instagram