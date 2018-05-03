'Next Generation' Flaws Found on Computer Processors (reuters.com) 94
An anonymous reader shares a report: Researchers have found eight new flaws in computer central processing units that resemble the Meltdown and Spectre bugs revealed in January, a German computing magazine reported on Thursday. The magazine, called c't, said it was aware of Intel's plans to patch the flaws, adding that some chips designed by ARM Holdings, a unit of Japan's Softbank, might be affected, while work was continuing to establish whether Advanced Micro Devices chips were vulnerable. Meltdown and Spectre bugs could reveal the contents of a computer's central processing unit -- designed to be a secure inner sanctum -- either by bypassing hardware barriers or by tricking applications into giving up secret information.
Nothing will ever be 100% secure, so just give up.
A 100 percent secure computer can be turned into a military grade cipher machine by every competent computer scientist...
Nope. A 100% secure system wouldn't let the computer scientist modify it or even determine that its hardware met milspec.
I think the point FudRucker is making that there is no point in buying high-end stuff at premium prices when a year or two down the line you will have to apply crippleware patches to secure it - and reduce it to half the original performance; if you buy yesterday's tech, you could get the same cripplewared performance at a fraction of the price.
That's why you release new OS's and software that *only* work with "new generation" hardware while promulgating new web standards that embrace "new generation" hardware-specific standards but are incompatible with the old.
This is simply not true. Speculative execution has real benefits on real code. Disabling it makes processors drastically slower, not just in benchmarks.
Luckily it looks like we can get to keep most of the benefits without the security flaws.
This is simply not true. Speculative execution has real benefits on real code. Disabling it makes processors drastically slower, not just in benchmarks.
Luckily it looks like we can get to keep most of the benefits without the security flaws.
Yeah, and fetching things from memory during speculative execution has replaced prefetching, and removing that would get is back to needing instrumented prefetching, so they need to be smarter in undoing an invalid fetch.
What exactly do you think the difference between prefetching and speculative execution is? Most prefetches use program patterns (some even go so far as runahead to guess addresses) to prefetch into cache. It's this exact behavior of populating the cache before permissions are resolved that is both fast (speedup) and insecure.
"The problem is, Intel tried to cheat. "Speculative execution" is just a marketing gimmick created so they could claim that their chips were faster than the competition. "
The fact that some douche can say this on Slashdot and get upthumbed shows just how far the level of technical competency on this website has fallen.
Yeah, so you're just an AMD fanboy who wants to pretend that RyZen's shit don't stink when literally the only "new" features in RyZen are its sub-par cache architecture.
Speculative execution only help's Intel's performance?
Sure.. tell ya what: Turn it off on RyZen and tell me how your "3D rendering" performance goes.
As for your irrelevant rant about hyperthreading, just remember that hyperthreading sucks so bad that AMD went out of its way to copy it in RyZen and abandoned its failed experiments from Bulldo
That was a typical performance improvement in a mixed workload, aka lots of multitasking. Worst case decrease was about 5% reduction and best case increase was over 100%, super linear. My cousin was an admin at a datacenter where he saw all kinds of work loads. Some where he disabled HT because of negative performance, and other where he got over a 50% improvement in system throughput.
Please.
Are you seriously suggesting that some random on slashdot doesn't actually know more than a team of researchers at intel/amd?
Holy crap there is a lot of stupid here. First of all, out-of-order execution is older than Intel itself. Intel is a relative latecomer to the OOO party, having been beating by at least Control Data, IBM, and AMD. Second, it is not a 'marketing gimmick', it actually makes the processor run workload faster. There is no 'cheating. Perhaps you think the switch from relays to tubes to transistors to ICs were also all 'marketing gimmicks' to make processors 'seem' faster?
Out-of-order execution is similar to the way hospitals are run. You have a number of instructions (patients), you have treatment rooms (arithmetic units), waiting rooms (caches). Any patient might need a number of tests to be performed on a single visit, and the need to perform a particular test might depend on previous tests. Not all treatment rooms are available at the same time, so there is a need to keep patients waiting. There is also the security/confidentiality restriction that patients aren't suppos
Z80 is 100% immune. Time to dust off the old TRS-80.
Grab a solar panel and as many old MIPS WRT boxes as you can carry and run for the hills!
Good luck. From understanding the flaw, finding a solution, testing for unintended consequences, creating a new mask with the changes to fabrication....probably a year wait or longer.
Best we can hope for is a microcode update that doesn't leave much of a performance hit.
Except they won't. At least not till quantum computers actually become usable by the regular consumer. Until then all processors will be vulnerable to some extent to SPECTRE class attacks(not however meltdown, that was purely Intel's fuckup) because you lose way too much performance dropping speculative execution entirely. There will merely be mitigation in place to make exploiting such attacks as difficult as possible.
A lot of hot moist air coming from your direction, do I also detect some alcohol?
I own my computer. I also own my own body. I may not be able to tinker with everything in my computer but the same applies to my body. IOW bogus.
No these problems/vulnerabilities aren't intentional. Anybody with a working brain would understand that but as you seem to lack that part: these fall out perfectly logically when tracking the progress of processor design, also adding a problem intentionally means giving up ones market
We know how to make secure chips and there are research done in that area.
Yep. But we don't actually follow through on it, nor do consumers demand assurances to that effect, so the point is moot until that changes.
You are clearly talking out of your ass.
Why, are you running a public virtualization service?
I'm not, so I'm not really worried about Meltdown/Spectre attacks on my infrastructure.
You realize this flaw exists in almost every CPU built in the past 2.5 decades right? The newer CPUs are actually less susceptible...
I'm still on a 2600k and Windows 7 for my gaming box.
There are about 3 titles that are DX12 / Windows 10 exclusive that interest me - Killer Instinct, Sea of Thieves, and probably something else that I can't remember. Sea of Thieves currently has no content worthy of a purchase, so I'm fine passing on it for now. (I did play in the stress tests on a physically separate Win 10 install.)
Or "Computertechnik"... but naaaahh... that doesn't fit the magazine's topic at all.
More of an issue now (Score:5, Insightful)
We're also running programs written in C and connecting them to the internet
... we don't need javascript to be wide open.
This is why I have been saying for years Javascript as GOT to go. It was made in an age when the biggest threat was infected floppy discs and since then its been band aids on bullet wounds. You shouldn't be running complex code off of third party sites that have had ZERO vetting and with JS and ads these days? Hell malware authors couldn't have designed a better delivery system if they tried!
IDK if we should go to a locked sandbox with very limited tools, or have only a set of vetting building blocks that
Full page reload for every action? (Score:2)
This is why I have been saying for years Javascript as GOT to go.
Would you prefer a form submission and full page reload for every action that you perform in a web application?
IDK if we should go to a locked sandbox with very limited tools
That's what JavaScript was supposed to be.
Uh, OK. Are you under the impression that Javascript has access to your file system or something?
Insofar as some of these CPU bugs are supposedly exploitable in Javascript (and while one of Spectre/Meltdown was, the other wasn't but was widely confused as being the same thing), the same exploit would work in any Turing complete language.
So you'd need more than sandboxing to protect against these kinds of CPU flaw. You'd need a language so
Not a language issue (Score:2)
Direct article link (Score:5, Informative)
here [heise.de] (German)
And here in English also [heise.de].
Next generation (Score:5, Insightful)
You clearly have no idea what you are talking about. First of all, what 'architecture' are you talking about? If it is the ISA, then ANY ISA will benefit from out-of-order execution, which is why even RISC processors use it (unless you know of some magical way to make memory accesses run at CPU speed). And if you mean the micro-architecture, then they clearly DID 'make the investments in making a better architecture' as they switched from an in-order architecture to an out-of-order one.
Meltdown was not c
contents of a computer's central processing unit -- designed to be a secure inner sanctum --
All these nerds who have been using the computers since they were toddlers would find this description of the CPU really really fresh, novel and eh, yes, news.
Reserving CVE numbers is a meta-security hole. (Score:2)
The process of reserving CVE numbers clearly discloses timing of discovery of vulnerabilities. The CVE numbering authority should close that potential security hole.
I'm at least half serious about this. Arguably, knowing that vulnerability disclosures are coming reduces the value of current and upcoming products and can even have an effect on stock prices. It may also embolden black-hat security to step up efforts to discover vulnerabilities, knowing of the presence of them, and encourage them to attempt to
There's no clear need for CVE numbers to be issued sequentially at all, whether individually or in blocks; only that they be unique.
It is likely that there are other bugs related to speculative execution that can leak data. For example, you could have code that leaks data through timing instead of through direct cache impact. You measure the number of cycles after writing clever code that consumes one more or less based on a bit of restricted data.
That's also what Spectre (and Meltdown did). They timed cache accesses before and after speculative loads using secure data as the "forwarding address".
The other variants (BranchScope if you're interested) uses a similar technique except it trains the branch predictor using secure data bits and then times the execution time.
Lore
Maybe the entire architecture paradigm needs a start-from-scratch perspective?
We've been doctoring and hacking the PC architecture for what, 30 years now? Under the hood, everything still basically laid out the same as it was with the first 286 and 386 machines. Not much has changed. Maybe it's time to redo everything?
Old Skool Time (Score:2)