News Intel Responds to ZombieLoad and CacheOut Attacks

[Admin]

Intel processors are vulnerable to two attacks, ZombieLoad and CacheOut.

Intel Responds to ZombieLoad and CacheOut Attacks : Read more

 

[mitch074]

Every trimester you get a new Intel security problem...
I'm ever more appreciative of my Ryzen 2700X.

 

[Groveling_Wyrm]

Every trimester you get a new Intel security problem...
I'm ever more appreciative of my Ryzen 2700X.

Just because you hear about Intel's issues, does not mean that your Ryzen is any safer.

You should notice a few things:

First, AMD processors are just as vulnerable, in their own way. Some of the same issues that affect Intel also affect AMD. You should be concerned about this, because they will eventually find issues that seriously affect both Intel and AMD.

Second, you don't hear about issues with AMD because Intel has the majority of the market, and hackers will generally try to influence the majority of the market instead of hacking only a few, they are attacking the majority.

Third, Because of the popularity of Intel processors in the current market, any headline about Intel carries more weight than a headline about an AMD.

 

[mitch074]

Just because you hear about Intel's issues, does not mean that your Ryzen is any safer.

You should notice a few things:

First, AMD processors are just as vulnerable, in their own way. Some of the same issues that affect Intel also affect AMD. You should be concerned about this, because they will eventually find issues that seriously affect both Intel and AMD.

Second, you don't hear about issues with AMD because Intel has the majority of the market, and hackers will generally try to influence the majority of the market instead of hacking only a few, they are attacking the majority.

Third, Because of the popularity of Intel processors in the current market, any headline about Intel carries more weight than a headline about an AMD.

You're wrong, because I actually followed this topic even since the original SPECTRE and Meltdown vulnerabilities were disclosed. AMD chips have been TESTED AS NON VULNERABLE to most of these exploits. Those that worked have been fixed : proof-of-concept exploits do not work on AMD chips.
AMD have explained that ever since Bulldozer, they have implemented much stricter memory protection in their chips because console makers were very strict about it - and both Microsoft's and Sony's consoles are using AMD chips and haven't been hacked. This can be further proven with the history of implementing the only workaround currently available to Spectre (the one vulnerability that affects all OOP processors in existence) in the Linux kernel : retpoline. For the latter, kernel developers ended up disabling most of the mitigation when running on AMD chips, because firmware updates plugged most of the holes and those they didn't had low-impact workarounds.
So, the fact that Intel is easier to crack because they have a bigger slice of the market thus more attempts have been made is <Mod Edit> - AMD's total amount of chips on the market can be counted in the dozens of millions, if their chips were vulnerable they'd have been exploited already, especially the juicy console market where a single exploit would mean that ALL current consoles could be hacked instantly, including user accounts and credentials, often attached to a credit card account and used by people who are absolutely not tech-savvy.
Finally, considering that AMD is reaching a fifth of the x86 CPU shipments overall and 50% on the DIY market, any hacker worth their salt would try to exploit anything they could on them - and they were close : a vulnerability in the early Ryzen chipsets was found, and worked around quite quickly, for that very reason.
The only ones who said AMD were affected just as bad were Intel PR, and they were all debunked under 48 hours.

 

[robwright]

Just because you hear about Intel's issues, does not mean that your Ryzen is any safer.

You should notice a few things:

First, AMD processors are just as vulnerable, in their own way. Some of the same issues that affect Intel also affect AMD. You should be concerned about this, because they will eventually find issues that seriously affect both Intel and AMD.

Second, you don't hear about issues with AMD because Intel has the majority of the market, and hackers will generally try to influence the majority of the market instead of hacking only a few, they are attacking the majority.

Third, Because of the popularity of Intel processors in the current market, any headline about Intel carries more weight than a headline about an AMD.

Actually, YOU should note a few things:

First, AMD is not vulnerable to CacheOut. The researchers who discovered this latest speculative execution flaw make that pretty clear.

Second, hackers didn't discover this, or any of the other speculative execution/side channel attacks. Academic/computer researchers did. And they're not "attacking the majority" -- they've been analyzing chip architectures, including AMD, ARM and others for YEARS.

Third, and finally, while Intel is obviously the bigger and more well known company, that doesn't change the fact ALL of the previously discovered side channel attacks that were first revealed in January of 2018 (Meltdown, Spectre, Fallout, ZomebieLoad, and their respective variants) affect Intel chips, whereas only Spectre affects some AMD chips. So you can argue about headlines and media coverage, but the fact is the company has designed their chips -- and their subsequent patches -- in a way that makes them vulnerable to data leak attacks like CacheOut.

 

[Groveling_Wyrm]

You're wrong, because I actually followed this topic even since the original SPECTRE and Meltdown vulnerabilities were disclosed. AMD chips have been TESTED AS NON VULNERABLE to most of these exploits. Those that worked have been fixed : proof-of-concept exploits do not work on AMD chips.
AMD have explained that ever since Bulldozer, they have implemented much stricter memory protection in their chips because console makers were very strict about it - and both Microsoft's and Sony's consoles are using AMD chips and haven't been hacked. This can be further proven with the history of implementing the only workaround currently available to Spectre (the one vulnerability that affects all OOP processors in existence) in the Linux kernel : retpoline. For the latter, kernel developers ended up disabling most of the mitigation when running on AMD chips, because firmware updates plugged most of the holes and those they didn't had low-impact workarounds.
So, the fact that Intel is easier to crack because they have a bigger slice of the market thus more attempts have been made is bullsh*t - AMD's total amount of chips on the market can be counted in the dozens of millions, if their chips were vulnerable they'd have been exploited already, especially the juicy console market where a single exploit would mean that ALL current consoles could be hacked instantly, including user accounts and credentials, often attached to a credit card account and used by people who are absolutely not tech-savvy.
Finally, considering that AMD is reaching a fifth of the x86 CPU shipments overall and 50% on the DIY market, any hacker worth their salt would try to exploit anything they could on them - and they were close : a vulnerability in the early Ryzen chipsets was found, and worked around quite quickly, for that very reason.
The only ones who said AMD were affected just as bad were Intel PR, and they were all debunked under 48 hours.

You have totally missed the point of my post.

The point I was making is don't feel so secure about the processor you have.

Let me narrow it down to this. Just because they haven't found a vulnerability doesn't mean that there are none. Five years ago, Meltdown and Spectre didn't exist. They do now. Five years from now, who knows what will be discovered.

I will leave you with this thought. Any computer built by man can be hacked by man.

 

[Groveling_Wyrm]

Actually, YOU should note a few things:

First, AMD is not vulnerable to CacheOut. The researchers who discovered this latest speculative execution flaw make that pretty clear.

Second, hackers didn't discover this, or any of the other speculative execution/side channel attacks. Academic/computer researchers did. And they're not "attacking the majority" -- they've been analyzing chip architectures, including AMD, ARM and others for YEARS.

Third, and finally, while Intel is obviously the bigger and more well known company, that doesn't change the fact ALL of the previously discovered side channel attacks that were first revealed in January of 2018 (Meltdown, Spectre, Fallout, ZomebieLoad, and their respective variants) affect Intel chips, whereas only Spectre affects some AMD chips. So you can argue about headlines and media coverage, but the fact is the company has designed their chips -- and their subsequent patches -- in a way that makes them vulnerable to data leak attacks like CacheOut.

I was attempting to generalize. I am not saying that they are vulnerable to one specific vulnerability or another. I am stating that they do have their own weaknesses. I will say the same to you as I just did to Mitch. Just because they haven't found a vulnerability doesn't mean that there are none. Five years ago, Meltdown and Spectre didn't exist. They do now. Five years from now, who knows what will be discovered.

You might want to learn how the "Academics/computer researchers" are researching a vulnerability. It might surprise you on why they find issues with chip architectures, then you will understand a bit better. How long did it take them to find Spectre, Meltdown and the others?

And you should remember...its not the Academics/computer researchers" that you have to worry about. It is the people who take advantage of the vulnerabilities, aka, the hackers, that you do have to worry about.

I never said anything about Intel NOT making their stuff vulnerable. That is not my argument, and never was. You are misunderstanding.

Regardless of what Intel has done, AMD processors been proven to have vulnerabilities, such as Spectre. Who knows what others they will find in the future?

The one thing that DOES worry me is that these people know where to look, they know what to look for, courtesy of a few white papers, and now that the Ryzen line is growing in the market, is that these hackers WILL attempt to identify vulnerabilities in them and utilize that. They will do it because it's a challenge.

 

[robwright]

You might want to learn how the "Academics/computer researchers" are researching a vulnerability. It might surprise you on why they find issues with chip architectures, then you will understand a bit better. How long did it take them to find Spectre, Meltdown and the others?

Bro, I'm a tech journalist and I cover cybersecurity for a living. I've written and edited a number of stories about these side channel attacks, and I've interviewed members of the some of the research teams of these flaws. I know the history of Meltdown and Spectre, from the six-month-plus disclosure process to the research into ASLR bypasses that preceded the speculative execution findings. And more importantly, I know how quickly post-Meltdown & Spectre other researchers beyond Google's Project Zero and Graz University found additional side channel and speculative execution attacks for Intel chips.

Try again.

 

[Groveling_Wyrm]

Bro, I'm a tech journalist and I cover cybersecurity for a living. I've written and edited a number of stories about these side channel attacks, and I've interviewed members of the some of the research teams of these flaws. I know the history of Meltdown and Spectre, from the six-month-plus disclosure process to the research into ASLR bypasses that preceded the speculative execution findings. And more importantly, I know how quickly post-Meltdown & Spectre other researchers beyond Google's Project Zero and Graz University found additional side channel and speculative execution attacks for Intel chips.

Try again.

Quoting your occupation doesn't give you credibility on the internet.

You misunderstood, and we don't need to continue this. You are just trying to argue against point that I was never trying to make.

We are getting to the point of hijacking this thread. We will just agree to disagree.

 

[Makaveli]

Just because you hear about Intel's issues, does not mean that your Ryzen is any safer.

You should notice a few things:

First, AMD processors are just as vulnerable, in their own way. Some of the same issues that affect Intel also affect AMD. You should be concerned about this, because they will eventually find issues that seriously affect both Intel and AMD.

Second, you don't hear about issues with AMD because Intel has the majority of the market, and hackers will generally try to influence the majority of the market instead of hacking only a few, they are attacking the majority.

Third, Because of the popularity of Intel processors in the current market, any headline about Intel carries more weight than a headline about an AMD.

Citation needed for all for this.

Please post your proof.

 

[wownwow]

Who cares?
With 245 security vulnerabilities, Intel has been pumping $Bs Q after Q, so what does it matter?
People seem to be happy with paying more for MORE security vulnerabilities and the FREE patches!

But facts are facts!
AMD: No partial address, no related security vulnerabilities.
Intel: Partial addresses inside, more related security vulnerabilities.
AMD: 16 security vulnerabilities.
Intel: 243 (including 1 added in 10/2019) security vulnerabilities, a 15:1 difference in AMD’s favor.
The gap is just too large to ignore!

About using partial addresses, a cheap design shortcut:
People who live on a street with 4-digit addresses can get in each other's houses as long as having addresses with the same last three digits, amazing!

 

[bit_user]

Just because you hear about Intel's issues, does not mean that your Ryzen is any safer.

Please stop spreading disinformation on the basis of bad assumptions. When you have some evidence to back up your claims, then you can make them.

Let me narrow it down to this. Just because they haven't found a vulnerability doesn't mean that there are none. Five years ago, Meltdown and Spectre didn't exist. They do now. Five years from now, who knows what will be discovered.

Five years ago, almost nobody was looking. Today, the best thing a computer security researcher can do for their career prospects is to find one of these vulnerabilities. There's now vastly more scrutiny - not only by universities, but also Google, Microsoft, and others. And, as the sham "Ryzenfall" incident showed, also a lot of financial incentive to find them.

I will leave you with this thought. Any computer built by man can be hacked by man.

It's preposterous to claim that because no computer is completely safe, that we shouldn't be concerned about the poor safety track record of one particular vendor. That logic might work for you, but most people aren't so easily duped.

 

[Groveling_Wyrm]

Citation needed for all for this.

Please post your proof.

The post wasn't posted to you. Stop trying to hijack this thread.

 

[Groveling_Wyrm]

Please stop spreading disinformation on the basis of bad assumptions. When you have some evidence to back up your claims, then you can make them.


Five years ago, almost nobody was looking. Today, the best thing a computer security researcher can do for their career prospects is to find one of these vulnerabilities. There's now vastly more scrutiny - not only by universities, but also Google, Microsoft, and others. And, as the sham "Ryzenfall" incident showed, also a lot of financial incentive to find them.


It's preposterous to claim that because no computer is completely safe, that we shouldn't be concerned about the poor safety track record of one particular vendor. That logic might work for you, but most people aren't so easily duped.

None of these responses were targeted at you. Stop trying to hijack this thread.

 

[mitch074]

None of these responses were targeted at you. Stop trying to hijack this thread.

This is a forum. As long as it's on topic, users can answer other users as they see fit.

 

[bit_user]

None of these responses were targeted at you. Stop trying to hijack this thread.

The only one I see trying to hijack it is you! You should know by now that you can only control your own comments, not how they're received. You don't get to shut down the conversation, if you don't like where it goes.

You made a baseless and controversial assertion, and now you can't take it when everyone is trying to hold you to account.

If you can't stand the heat, get out of the kitchen.

 

[mitch074]

Five years ago, almost nobody was looking. Today, the best thing a computer security researcher can do for their career prospects is to find one of these vulnerabilities. There's now vastly more scrutiny - not only by universities, but also Google, Microsoft, and others. And, as the sham "Ryzenfall" incident showed, also a lot of financial incentive to find them.


It's preposterous to claim that because no computer is completely safe, that we shouldn't be concerned about the poor safety track record of one particular vendor. That logic might work for you, but most people aren't so easily duped.

As it stands, five years ago, only AMD was looking because their clients asked them to. They may have been in the same boat as Intel's if they hadn't been paid to be paranoid.

Also, since chip design at Intel's hasn't changed much these past 4 years and these attacks do target core design elements, Intel's spotty track record on these chips does indicate that there could be more to come and until Skylake is done for and replaced with a completely brand new chip design, you simply can't trust an Intel chip (except if you still have an Atom-based netbook).

In short, yeah, I'm glad for my 2700X

 

[bwana]

So why is intel having breakout earnings reports based on the 'datacenter' chips? Are these vulns not relevant? Do the people driving the purchasing decisions know something we don't?

 

[thor220]

You have totally missed the point of my post.

The point I was making is don't feel so secure about the processor you have.

Let me narrow it down to this. Just because they haven't found a vulnerability doesn't mean that there are none. Five years ago, Meltdown and Spectre didn't exist. They do now. Five years from now, who knows what will be discovered.

I will leave you with this thought. Any computer built by man can be hacked by man.

I'm going to take the side with the least assumptions. Right now Intel processors have far more vulnerabilities. Unless you can prove that AMD in fact has a ton of vulnerabilities we don't know about, you are assuming. Your assumptions do not stand up to fact.

FYI that same logic can be applied to Intel. If you can assume AMD have a bunch of unknown vulnerabilities, the same could also be said of Intel. That's just applying your logic evenly and it doesn't bode well for Intel in any case.

So why is intel having breakout earnings reports based on the 'datacenter' chips? Are these vulns not relevant? Do the people driving the purchasing decisions know something we don't?

Server partners have to buy new chips every time Intel releases new processors that "fix" the issue. Security in that segment is #1. These vulnerabilities are making Intel a boatload of money.

Citation needed for all for this.

Please post your proof.

It's stated specifically in the linked webpage that the researched tested on AMD and found them not vulnerable.

CacheOut

cacheoutattack.com

The same goes for every other Intel only exploit.

 

[Makaveli]

The post wasn't posted to you. Stop trying to hijack this thread.

lmao this isn't a private thread.

Post your proof of your claims unless of course you have none and are making it up?

lol Hijacking the thread hilarious.

 

[bit_user]

So why is intel having breakout earnings reports based on the 'datacenter' chips? Are these vulns not relevant? Do the people driving the purchasing decisions know something we don't?

Intel keeps releasing mitigations that they claim address the issues, and maybe they're doing some discounting and sweetheart bundle deals. Perhaps their customers are too lazy to switch up their infrastructure and just keep hoping that Intel has finally found and mitigated the last of the issues.

Also, to the extent their sales are through OEMs, companies like HP and Dell take a long time to add Epyc into their product stack. About 6 months ago, I was looking for a GPU server for my job, and it basically had to be Dell. I tried to find an Epyc-based option, but they only had Epyc -based servers for a narrow range of their product stack, and those were for storage - not GPUs. So, it would seem there's some real inertia that AMD is fighting against.

 

[NightHawkRMX]

Is it an incorrect assumption that Intel's "Core" architecture's age is the primary cause of these vulnerabilities?

AMD's original Zen architecture has FAR fewer currently known vulnerabilities than Intel CPUs.

AMD's original Zen architecture is a more secure design and has less need for performance hindering vulnerability patches because Zen was not vulnerable to many of the security problems above, to begin with.

Better yet, the already small need for software patches for prior Ryzen CPUs is even lower for modern Zen2 CPUs due to the architecture changes to Zen2 CPUs.

Yes, I'm glad I own a Ryzen 5 2600, even though I still am happy with my several Intel systems, some too old to receive most of these updates.

 

[mitch074]

So why is intel having breakout earnings reports based on the 'datacenter' chips? Are these vulns not relevant? Do the people driving the purchasing decisions know something we don't?

No, it's only because no one ever got fired for buying Intel, and Intel having production shortages they don't have to lower their prices on the high value data center shipments yet.
Well, no one got fired for buying Intel YET...

 

[Questors]

Those who switched to AMD: Phew, dodged yet another grenade sized bullet.

Intel fan bois: RRRREEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE!!

Also Intel fan bois: Oh yeah! Well my CPU maker is bigger than your CPU company and uh, uh and well uh...

Those who switched to AMD: 🆒

 

[robwright]

So why is intel having breakout earnings reports based on the 'datacenter' chips? Are these vulns not relevant? Do the people driving the purchasing decisions know something we don't?

The vulnerabilities are VERY relevant. The speculative execution attacks affect the vast majority of Intel processors. If they're not patched, then the systems are open to these data leak attacks. But if they ARE patched, they can experience performance issues.

And yes, Intel's Data Center Group had 19% YoY growth in the 4th quarter. Meltdown and Spectre didn't appear to affect Intel's earnings in 2018, and ZombieLoad and other variants didn't affect them last year either. However, I think that speaks more to Intel's OEM relationships with the major PC and server manufacturers, and perhaps enterprises' knowledge (or lack thereof) of these flaws. There's been no evidence that any of these speculative execution attacks have been exploited in the wild (though it's extremely hard to detect them since they don't show up in traditional logs), plus they're not exactly easy to pull off. So it's entirely possible that CIOs and purchases are shrugging them off.

It's also worth mentiong that, at least for CacheOut, the research team said "cloud providers have already deployed countermeasures against CacheOut as a result from our work." https://cacheoutattack.com/

So even though Intel hasn't pushed out its own microcode fixes yet, the major cloud providers have already implemented mitigations that protect their data centers, and their customers, from this type of attack. So if you're Google or Microsoft or any other CSP or data center company, CacheOut isn't a reason NOT to buy Intel chips.