Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
AMD Security

AMD Zen 3 CPUs Vulnerable To Spectre-like Attacks via PSF Feature (therecord.media) 52

US chipmaker AMD advised customers last week to disable a new performance feature if they plan to use CPUs for sensitive operations, as this feature is vulnerable to Spectre-like side-channel attacks. From a report: Called Predictive Store Forwarding (PSF), this feature was added to AMD CPUs part of the company's Zen 3 core architecture, a processor series dedicated to gaming and high-performance computing, which launched in November 2020. The feature implements a technique called speculative execution, which works by running multiple alternative CPU operations in advance to make results available faster, and then discarding "predicted" data once deemed unneeded.
This discussion has been archived. No new comments can be posted.

AMD Zen 3 CPUs Vulnerable To Spectre-like Attacks via PSF Feature

Comments Filter:
  • by SirSpanksALot ( 7630868 ) on Friday April 02, 2021 @12:26PM (#61228866)
    AMD is catching back up to Intel's lead in vulnerabilities!
    • Well Intel still defines the standards and AMD *has* to be application-compatible after all...

    • Does that mean Slashdot has forgiven AMD for PSP then?

    • There would need to be a LOT more AMD only vulnerabilities for Intel to catch up. Like three times as many.

      • by Luthair ( 847766 )
        I predicted quite a while ago that AMD wouldn't be immune here, Intel was under the microscope as the dominant platform and at a certain point it becomes easier to find problems in another architecture as the "easier" problems were found in Intel. Similar now that people have more direct access to Apple's silicon in PCs it'd be very surprising for problems not to emerge there.
  • For most of my machines I'd rather have the vulnerabilities and better performance, and keep a spare laptop for secure stuff (and secure stuff only).

    • by thegarbz ( 1787294 ) on Friday April 02, 2021 @12:44PM (#61228960)

      This! I also have a front door and a window made of glass, vulnerable to a brick. But I prefer light in my room and the ability to leave the house quickly and easily rather than need to open a bank vault in a cement bunker.

      Even with this analogy people somehow seem to think that their PCs are storing national security relevant data, rather than games, and porn.

      • But...but...it's compromising porn.

    • when any machine can be valuable as a zombie, there is no practical purpose to reserving some mythical hardened computer for secure stuff while allowing the remainder of your equipment to be wide open. It all has to be secure and connected, or completely isolated and disconnected. There is not much room for compromise between those two extremes.

      • Vulnerable to spectre is not equivalent to wide open. There is quite a spectrum in terms of security and performance, just as there is a spectrum of possibilities for securing e.g. a house. So yes, there is a great deal of room for compromise -- it is about making system compromise not worth the effort for an attacker in terms of what they gain. Make it possible to mitigate these attacks at a cost of performance, and then leave the option open. But don't make such mitigations mandatory. Spectre and friends

  • For some applications, using long-proven, long-studied hardware or at least something based on "old, simpler" designs is far better than using high-performance hardware.

    Ditto for software and, for that matter, "well-established standard business practices" and other "human element required" ways of doing things.

    In short: Reliability and predictability in the face of unknowns - whether malicious attacks, a user being sloppy, or just cosmic rays - can be much more important than raw performance in some situa

  • Pretty obvious one at that. This is mitigated in hardware for cases most care about.
    • Pretty obvious one at that. This is mitigated in hardware for cases most care about.

      "US chipmaker AMD advised customers last week to disable a new performance feature if they plan to use CPUs for sensitive operations"

      Hit job?

      • OP just hand waving it away like typical fanboy. Why isn't the secure mode enabled by default?
        • Because most people aren't running cloud services on their workstation. If you are the only client accessing the cpu, then there is no vulnerability. If you are building a shared data center, you probably already knew about this mode.
          • > If you are the only client accessing the cpu,

            We can all dream, can't we?

          • Yeah, hate to tell you, but there are thoisands of people accessing your CPU: Everyone who contributed to any code you run on your system.

            At least Android shields different app creators from each other by giving each app a different user.
            I don't get why this is not the standard for Linux-based PCs... Why are we still acting like it's a mainframe, and a user's files would be less important and less worthy of protection than the OS?

  • Need we say more?

    Performance, security, reliability - pick two.
  • Not like Intel that dragged their heels and kept lying about the size of the issue.

  • I'm sure AMD will mitigate the security issue before anybody is actually able to find a decent Zen3 available for sale. I've been trying to build a new system since November 2020 and still can't get my hands on a Zen3 or an Nvidia RTX 3000 series GPU (EBay scalpers are not an option for me). So, this is a non- problem!
  • Intel did the same thing. Apparently, for years they were warned about speculative execution, but they pushed ahead, giving themselves a 10%-15% performance benefit.

    And as soon as they deployed the SPECTRE fixes, what happened? You guessed right, they lost all that performance advantage, and some:
    https://www.reddit.com/r/build... [reddit.com]

    And what do they recommend (roguhyl): "our customers should decide whether to deploy the fixes or not"

    Et, tu AMD?

  • Don't fall victim to the hordes of scary exploits that have hit the pavement allow you to login to OpenSSH as root without creds. Oh.... Wait.... That's bullshit. That never happened. That was all a big scare tactic and it turns out its' a difficult thing to exploit and mostly works locally only. Don't you love how we were all told that Spectre, Meltdown, and lots of other similar speculative execution bugs were going to be exploited to the moon if we all didn't upgrade our CPU right this minute or submit t
  • AMD whitepaper (Score:4, Informative)

    by tfranzese ( 869766 ) on Friday April 02, 2021 @05:48PM (#61230334)
  • .. that has been NSL'd into being?

  • Lots of it.
    Ideally built right into the CPU.

    Then we can access it at full speed,
    and do not need to twiddle our thumbs, speculating about what might come.

    I can't believe SRAM is still supposed to be that expensive. AFAIK it's six transistors per bit.

    If there is one thinf we should be focusing on, it's going back to a form of core memory that runs as fast as the CPU can handle.

    • by Bengie ( 1121981 )
      A bit is useless if you can't read/write it. The interconnects are N^2 scaling. Larger caches can quickly monopolize all of the transistors. There are ways around this, but they increase the latency. At some point very quickly, the latency of the SRAM approaches DRAM and DRAM is cheaper.
  • by dkman ( 863999 )

    Just like Spectre everyone says"disable this CPU feature" and nobody parts HOW to do that. Thanks internet

/earth: file system full.

Working...