‘Kernel memory leaking’ Intel processor design flaw

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

A fundamental design flaw in Intel’s processor chips related to virtual memory system (Intel x86-64 hardware) allows normal user programs (even JavaScript in web browsers) to discern to some extent the layout or contents of protected kernel memory areas.

It is understood the bug is present in modern Intel processors produced in the past decade. It appears a microcode update can’t address it, so it has to be fixed in software at the OS level. This has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug, which is expected to cause 5 to 30 per cent slow down of your computer on next update!

Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday. Patches for the Linux kernel are available. Apple’s 64-bit macOS, will also need to be updated.

This is bad news for Intel. Last year they had AMT vulnerability remote exploit and now this new blow in Intel security. I don’t think that computer buyers like that their computers become slower! 

Details of the vulnerability within Intel’s silicon are under wraps and are expected to be released later this month – so follow the comments for updates.

565 Comments

  1. Tomi Engdahl says:

    This 22-Year-Old Discovered How To Hack Billions Of Devices Globally Using One Of The Worst Chip Flaws In History
    http://www.iflscience.com/technology/this-22yearold-discovered-how-to-hack-billions-of-devices-globally/

    He wasn’t looking for fame. Instead, 22-year-old German Jann Horn just wanted to make sure his computer could handle a new number-crunching code he had created.

    What he unintentionally discovered was one of the worst chip flaws in history, which affects billions of products around the world – from baby monitors to iPads.

    The discovery is making the industry rethink its designs.

    Reply
  2. Tomi Engdahl says:

    Intel says Meltdown / Spectre patch causes reboots in computers with newer processors too
    https://www.theverge.com/2018/1/18/16904726/intel-meltdown-spectre-fix-higher-reboots

    Data center performance can degrade by up to 25 percent for certain workloads

    Reply
  3. Tomi Engdahl says:

    Intel: Problem in patches for Spectre, Meltdown extends to newer chips
    https://www.reuters.com/article/us-cyber-intel/intel-problem-in-patches-for-spectre-meltdown-extends-to-newer-chips-idUSKBN1F7087

    Data center computers with Intel Corp’s (INTC.O) newer chips might reboot more often than normal because of problems with the patches issued to fix the so-called Spectre and Meltdown security flaws, the company said on Wednesday.

    Intel confirmed that patches for the security flaws can cause higher-than-expected reboot rates in Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake processors, said Navin Shenoy, general manager of the data center group, in a statement on Intel’s website.

    The Kaby Lake chips are the company’s most recent offering.

    Reply
  4. Tomi Engdahl says:

    AMD, Apple Sued Over CPU Vulnerabilities
    http://www.securityweek.com/amd-apple-sued-over-cpu-vulnerabilities

    Apple and Advanced Micro Devices (AMD) are also facing class action lawsuits following the disclosure of critical CPU vulnerabilities that affect billions of devices.

    The Meltdown and Spectre attack methods, which rely on vulnerabilities that have been around for roughly two decades, allow malicious applications to bypass memory isolation mechanisms and access passwords, photos, documents, emails, and other sensitive data. Attacks can be launched against systems using processors from Intel, AMD, ARM, and others.

    Intel was hit the hardest – a majority of its processors are affected and they are the most likely to be targeted in attacks – so it came as no surprise when several class action lawsuits were filed against the company. However, lawsuits were also filed recently against AMD and Apple.

    Reply
  5. Tomi Engdahl says:

    Linux 4.15 becomes slowest release since 2011
    It needs a ninth release candidate, thanks in part to Meltdown and Spectre
    https://www.theregister.co.uk/2018/01/22/linus_4_15_needs_rc_9/

    Linus Torvalds has decided that Linux 4.15 needs a ninth release candidate, making it the first kernel release to need that much work since 2011.

    Fast-forward another week and Torvalds has announced “I really really wanted to just release 4.15 today, but things haven’t calmed down enough for me to feel comfy about it”.

    Reply
  6. Tomi Engdahl says:

    Meltdown/Spectre week three: World still knee-deep in something nasty
    And years away from safety
    https://www.theregister.co.uk/2018/01/22/meltdown_spectre_week_three_the_good_the_bad_and_the_wtf/

    t is now almost three weeks since The Register revealed the chip design flaws that Google later confirmed and the world still awaits certainty about what the mistakes mean and what it will take to fix them.

    The short version: on balance, it looks like we took one step forward but last week didn’t offer many useful advances.

    In the “plus” column, Microsoft and AMD got their act together to resume the flow of working fixes.

    Typing

    $ grep . /sys/devices/system/cpu/vulnerabilities/*

    into a Linux terminal window now reveals whether you have a problem to address.

    News that the sky has not fallen in on public clouds won a better reception. Indeed, there are even signs that big players have stopped worrying and learn to love the bomb, or at least minimise the impact of their patches.

    Smaller clouds have had less to say, perhaps because they resent not having been included in the original cabal that nutted out a response to Meltdown/Spectre.

    The Register hears gossip to the effect that Oracle, for one, is furious it wasn’t immediately included at the top table. It has, however, scheduled and/or executed patches. We’ve seen evidence of the same at VMware-on-AWS, Linode, IBM cloud and others.

    Reply
  7. Tomi Engdahl says:

    AMD, Apple Sued Over CPU Vulnerabilities
    http://www.securityweek.com/amd-apple-sued-over-cpu-vulnerabilities

    Apple and Advanced Micro Devices (AMD) are also facing class action lawsuits following the disclosure of critical CPU vulnerabilities that affect billions of devices.

    In the case of AMD, the lawsuits focus on the fact that, shortly after the existence of Meltdown and Spectre came to light, the company claimed that the risk of attacks against its customers was “near zero” due to the architecture of its processors. The company later admitted that the two vulnerabilities that allow Spectre attacks do affect its CPUs.

    Lawsuits announced by law firms Pomerantz and Rosen allege that AMD “made materially false and/or misleading statements and/or failed to disclose that: (1) a fundamental security flaw in Advanced Micro’s processor chips renders them susceptible to hacking; and (2) as a result, Advanced Micro’s public statements were materially false and misleading at all relevant times.”

    Reply
  8. Tomi Engdahl says:

    Russell Brandom / The Verge:
    Intel tells customers to stop deploying buggy Spectre/Meltdown patch, as it resulted in “higher than expected reboots and other unpredictable system behavior” — More problems from the massive processor vulnerability — Intel has a patching problem.

    Intel tells users to stop deploying buggy Spectre patch, citing technical issues
    More problems from the massive processor vulnerability
    https://www.theverge.com/2018/1/22/16919426/intel-advises-pause-deployment-of-spectre-patch

    Intel has a patching problem. All last week, users reported computers spontaneously rebooting after installing Intel’s Spectre/Meltdown patch. Now, Intel seems to be giving up on those patches entirely. In a post today, executive vice president Neil Shenoy announced that Intel had located the source of some of the recent reboot problems and is recommending users skip the patches entirely until a better version could be deployed.

    “We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms,” Shenoy wrote, “as they may introduce higher than expected reboots and other unpredictable system behavior.”

    The guidance applies to at least some of the processors from Intel’s last several generations of chips, with affected models in the Broadwell, Haswell, Coffee Lake, Kaby Lake, Skylake, and Ivy Bridge families. Certain lines are affected more than others — only Ivy Bridge datacenter/workstation processors are included, for instance — but at least some chips from most recent consumer lines appear to be impacted.

    Intel says that it’s identified the issue behind the unexpected reboots on Broadwell and Haswell processors
    The same issues have been happening on Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake processors too

    Steve Ranger / ZDNet:
    Linux creator Linus Torvalds criticizes Intel’s “garbage” Spectre and Meltdown patches, saying they “do things that do not make sense” — Linux guru complains about approach to patching the chip flaw. — Linus Torvalds is not happy about the patches that Intel …

    Spectre and Meltdown: Linux creator Linus Torvalds criticises Intel’s ‘garbage’ patches
    http://www.zdnet.com/article/spectre-and-meltdown-linux-creator-linus-torvalds-criticises-intels-garbage-patches/

    Linux guru complains about approach to patching the chip flaw.

    Linus Torvalds is not happy about the patches that Intel has developed to protect the Linux kernel from the Spectre and Linux flaws.

    In a posting on the Linux kernel mailing list, the Linux creator criticised differences in the way that Intel approached patches for the Meltdown and Spectre flaws. He said of the patches: “They do literally insane things. They do things that do not make sense.”

    Torvalds added: “And I really don’t want to see these garbage patches just mindlessly sent around.”

    Reply
  9. Tomi Engdahl says:

    Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
    https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/

    Based on this, we are updating our guidance for customers and partners:

    We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
    We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release. We expect to share more details on timing later this week.
    We continue to urge all customers to vigilantly maintain security best practice and for consumers to keep systems up-to-date.

    Reply
  10. Tomi Engdahl says:

    A Congressman has new questions for chipmakers about Meltdown and Spectre response
    https://www.theverge.com/2018/1/16/16898094/meltdown-spectre-vulnerability-letter-congress-intel-amd-arm

    Congress is starting to ask hard questions about the fallout from the Meltdown and Spectre vulnerabilities. Today, Rep. Jerry McNerney (D-CA) sent a letter requesting a briefing from Intel, AMD, and ARM about the vulnerabilities’ impact on consumers. Embedded below, the letter indicates a newfound interest from Congress in the industry’s response to the bugs, and a potentially ominous sign if lawmakers aren’t satisfied with the companies’ answers.

    The two vulnerabilities are “glaring warning signs that we must take cybersecurity more seriously,” McNerney argues in the letter. “Should the vulnerabilities be exploited, the effects on consumers’ privacy and our nation’s economy and security would be absolutely devastating.”

    Reply
  11. Tomi Engdahl says:

    Intel Halts Spectre, Meltdown CPU Patches Over Unstable Code
    http://www.securityweek.com/intel-halts-spectre-meltdown-cpu-patches-over-unstable-code

    Intel on Monday said that users should stop deploying patches for the “Spectre” and “Meltdown” chip vulnerabilities disclosed by researchers earlier this month, saying the patches could cause problems in affected devices, including higher than expected reboots and other “unpredictable” system behavior.

    The US chip giant recommended that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions of the patches.

    “We have now identified the root cause of the reboot issue impacting Broadwell and Haswell platforms, and made good progress in developing a solution to address it,” Navin Shenoy, Intel data center group executive vice president, wrote in security update.

    Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
    https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/

    Reply
  12. Tomi Engdahl says:

    ‘WHAT THE F*CK IS GOING ON?’ Linus Torvalds explodes at Intel spinning Spectre fix as a security feature
    https://www.theregister.co.uk/2018/01/22/intel_spectre_fix_linux/

    Patches slammed as ‘complete and utter garbage’ as Chipzilla U-turns on microcode

    Intel’s fix for Spectre variant 2 – the branch target injection design flaw affecting most of its processor chips – is not to fix it.

    Rather than preventing abuse of processor branch prediction by disabling the capability and incurring a performance hit, Chipzilla’s future chips – at least for a few years until microarchitecture changes can be implemented – will ship vulnerable by default but will include a protection flag that can be set by software.

    Intel explained its approach in its technical note about Spectre mitigation, titled Speculative Execution Side Channel Mitigations. Instead of treating Spectre as a bug, the chip maker is offering Spectre protection as a feature.

    The decision to address the flaw with an opt-in flag rather than activating defenses by default has left Linux kernel steward Linus Torvalds apoplectic.

    “All of this is pure garbage. Is Intel really planning on making this shit architectural?” he asked.

    Torvalds’ ire arises from Intel’s plan to have future processors advertise that they include a Spectre v2 fix while also requiring that the fix is enabled at boot time by setting a flag called the IBRS_ALL bit.

    IBRS refers to Indirect Branch Restricted Speculation, one of three new hardware patches Intel is offering as CPU microcode updates, in addition to the mitigation created by Google called retpoline.

    Reply
  13. Tomi Engdahl says:

    Annoyed by this convoluted approach, Torvalds himself suggested Intel’s motivation is avoiding legal liability – recalling two decades of flawed chips would be ruinously expensive – and bad benchmarks. After all, Intel is already being sued all over the place right now

    Reply
  14. Tomi Engdahl says:

    HP, Dell Halt BIOS Updates Over Buggy CPU Patches
    http://www.securityweek.com/hp-dell-halt-bios-updates-over-buggy-cpu-patches

    Dell, HP and other system manufacturers have advised customers not to install the recent BIOS updates designed to address the Spectre and Meltdown CPU vulnerabilities due to unstable code delivered by Intel.

    As a result, vendors rushed to roll out patches and many of them turned out to be unstable.

    Both software and firmware patches have caused problems. On Monday, Intel told users to stop deploying microcode updates that fix Spectre and Meltdown until it addresses issues that led to reboots and other unpredictable system behavior.

    Reply
  15. Tomi Engdahl says:

    Intel Halts Spectre, Meltdown CPU Patches Over Unstable Code
    http://www.securityweek.com/intel-halts-spectre-meltdown-cpu-patches-over-unstable-code

    Intel on Monday said that users should stop deploying patches for the “Spectre” and “Meltdown” chip vulnerabilities disclosed by researchers earlier this month, saying the patches could cause problems in affected devices, including higher than expected reboots and other “unpredictable” system behavior.

    The US chip giant recommended that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions of the patches.

    Several industrial control systems (ICS) vendors have advised customers not to apply them before conducting thorough tests.

    Reply
  16. Tomi Engdahl says:

    Red Hat Pulls Spectre Patches Due to Instability
    http://www.securityweek.com/red-hat-pulls-spectre-patches-due-instability

    Red Hat has decided to pull microcode patches for one variant of the Spectre exploit after users complained that updates had caused their systems to stop booting.

    Red Hat was among the first vendors to release mitigations for the CPU attack methods known as Spectre and Meltdown. In addition to kernel updates, users of the Linux distribution have been provided microcode updates that can be applied non-persistently using the microcode_ctl mechanism.

    By placing the microcode in /lib/firmware/, the update is applied each time the system boots. However, one of the Spectre mitigations has been causing problems and Red Hat has decided to remove it.

    The Meltdown attack relies on one vulnerability tracked as CVE-2017-5754. There are two main variants of the Spectre attack: one uses CVE-2017-5753 (Variant 1) and the other one CVE-2017-5715 (Variant 2).

    Red Hat determined that the mitigations included in its microcode_ctl and linux-firmware packages for CVE-2017-5715 have caused problems for some users, which is why the latest versions of these packages do not address this variant of the Spectre exploit.

    Reply
  17. Tomi Engdahl says:

    Intel Says Patches for Meltdown and Spectre are Flawed
    https://www.eetimes.com/document.asp?doc_id=1332880

    Firmware patches rolled out by Intel earlier this month to address the Meltdown and Spectre processor security vulnerabilities are flawed and cause computers to reboot more frequently, Intel said. The chip giant advised its customers and ecosystem partners to stop installing the patches.

    In a statement posted on Intel’s website Monday (Jan. 22), Navin Shenoy, executive vice president and general manager of Intel’s data center group, said Intel over the weekend began rolling out an early version of an updated solution to partners for testing. The company plans to make a final release version available once the testing is complete, Shenoy said.

    Reply
  18. Tomi Engdahl says:

    Meltdown, Spectre Forcing Intel Reboots
    https://www.eetimes.com/author.asp?section_id=36&doc_id=1332863

    Intel faces a tough hit this year dealing with growing concerns about the performance impacts from patches for Meltdown and Spectre.

    Reply
  19. Tomi Engdahl says:

    Intel asks customers to halt patching for chip bug, citing flaw
    https://www.reuters.com/article/us-cyber-intel/intel-asks-customers-to-halt-patching-for-chip-bug-citing-flaw-idUSKBN1FB2M9

    “I apologize for any disruption this change in guidance may cause,” Shenoy said. “I assure you we are working around the clock to ensure we are addressing these issues.”

    Reply
  20. Tomi Engdahl says:

    Intel Says Patches for Meltdown and Spectre are Flawed
    https://www.eetimes.com/document.asp?doc_id=1332880

    Firmware patches rolled out by Intel earlier this month to address the Meltdown and Spectre processor security vulnerabilities are flawed and cause computers to reboot more frequently, Intel said. The chip giant advised its customers and ecosystem partners to stop installing the patches.

    Reply
  21. Tomi Engdahl says:

    Troy Wolverton / Business Insider:
    CEO says Intel plans to release chips that have built-in Meltdown and Spectre protections later this year

    Intel plans to release chips that have built-in Meltdown and Spectre protections later this year
    http://nordic.businessinsider.com/intel-says-new-spectre-and-meltdown-proof-chips-coming-this-year-2018-1?op=1&r=US&IR=T

    Intel CEO Brian Krzanich said Wednesday the company is “working around the clock” to address the Spectre and Meltdown attacks.
    Getty/David Becker

    Intel plans to release chips that have built-in protections against the Spectre and Meltdown attacks later this year, company CEO Brian Krzanich said Wednesday.
    Krzanich made the announcement on a conference call focused on Intel’s latest quarterly earnings report.
    He didn’t immediately comment on the controversy surrounding his massive stock sale last fall.

    Intel expects to begin shipping its first chips with built-in protection against the Meltdown and Spectre attacks later this year, company CEO Brian Krzanich said Wednesday.

    The company has “assigned some of our very best minds” to work on addressing the vulnerability that’s exploited by those attacks, Krzanich said on a conference call following Intel’s quarterly earnings announcement. That will result in “silicon-based” changes to the company’s future chips, he said.

    “We’ve been working around clock” to address the vulnerability and attacks, Krzanich said. But, he added, “we’re acutely aware we have more to do.”

    Regaining trust after setbacks and missteps

    So far, the fixes for the chip vulnerability have come in the form of software updates provided by Intel, Microsoft and others. Those software patches can cause a PC’s performance to slow down in certain circumstances however.

    And earlier this week, Intel was forced to tell customers to delay installing its software patch after discovering that it caused certain PCs to unexpectedly reboot. The embarrassing situation was worsened after Linux creator Linus Torvalds publicly blasted Intel’s patches as “garbage.”

    Security has always been a priority for Intel, Krzanich said. But, he added, it’s “an ongoing journey.”

    “We’re committed to the task,” he said. “I’m confident we’re up for the challenge.”

    Krzanich did not immediately address the controversy over his massive stock sale in November. He gained $24 million by selling off all the shares and stock options he was allowed to divest.

    He made that sale months after the company was informed of the Spectre and Meltdown attacks but before they had been publicly announced. Intel has said that his sale was “unrelated” to knowledge of the security vulnerabilities.

    Ted Greenwald / Wall Street Journal:
    Intel reports Q4 revenue of $17.05B, up 4% YoY, vs. $16.34B analyst expectations, net loss of $687M after $5.4B expense due to recent tax overhaul; stock up ~4% — Books a $5.4 billion charge after recent changes in U.S. tax law — Intel Corp. INTC -.46% said it had record fourth-quarter revenue …

    Intel Revenue Rises, but Chip Maker Reports Loss on Tax Charge
    Charge of $5.4 billion is booked after recent changes in U.S. tax law
    https://www.wsj.com/articles/intel-revenue-rises-but-it-reports-loss-on-tax-charge-1516915803

    Reply
  22. Tomi Engdahl says:

    From http://www.linuxjournal.com/content/chrome-64-gcc-73-librem-5-phone-progress-and-more

    On a related note, today marks the release of GCC 7.3, which includes code generation options to mitigate Spectre Variant 2 x86 and PowerPC targets.

    GCC 7.3 Released
    https://gcc.gnu.org/ml/gcc/2018-01/msg00197.html

    Reply
  23. Tomi Engdahl says:

    Intel Promises More Secure Chips This Year
    https://www.eetimes.com/document.asp?doc_id=1332900

    Intel will begin releasing later this year redesigned chips that address recently disclosed processor security vulnerabilities, CEO Brian Krzanich said during a conference call with analysts after the company reported fourth quarter results and gave a first quarter forecast that beat Wall Street’s expectations.

    Reply
  24. Tomi Engdahl says:

    Intel’s record year ended in disaster

    Krzanich told financial reporters that the company has made progress in addressing vulnerabilities in its processor. This year, the company plans to bring more secure circuits to the market, Krzanich assured. Of course, just the worse the security of the company’s products could not have gone.

    Many have criticized Intel’s way of repairing vulnerabilities. Linus Torvalds has received most of the information that Intel is a “silk junk”. Torvalds, of course, used a much more colorful language in his familiar way.

    Torvalds’ criticism was one of three of the vulnerabilities Intel decided to be unmodified for the time being. The micronucleus is left vulnerable, but this can be “flagged” as a warning. Torvalds’ criticism is correct in two ways: Intel’s repair is weak and, on the other hand, a software error should not be left in the code. It does, in a way, part of the architecture.

    Torvalds’ fierce criticism has been considered unreasonable. Some analysts demand solutions from the Linux developer instead

    They have missed the solution presented by Torvalds in the sidebar, which the man himself did not think realistic: all the microprocessors sold over the last 20 years are called back

    Source: http://www.etn.fi/index.php/13-news/7460-intelin-ennatysvuosi-paattyi-katastrofiin

    Reply
  25. Tomi Engdahl says:

    Linus Torvalds slams Intel’s Spectre and Meltdown patches, calling them “COMPLETE and UTTER GARBAGE”. See LKML for more.

    https://lkml.org/lkml/2018/1/21/192

    From Linus Torvalds
    Date Sun, 21 Jan 2018 13:35:59 -0800
    Subject Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

    WHAT THE F*CK IS GOING ON?

    And that’s actually ignoring the much _worse_ issue, namely that the
    whole hardware interface is literally mis-designed by morons.

    It’s mis-designed for two major reasons:

    – the “the interface implies Intel will never fix it” reason.

    See the difference between IBRS_ALL and RDCL_NO. One implies Intel
    will fix something. The other does not.

    Do you really think that is acceptable?

    – the “there is no performance indicator”.

    The whole point of having cpuid and flags from the
    microarchitecture is that we can use those to make decisions.

    But since we already know that the IBRS overhead is huge on
    existing hardware, all those hardware capability bits are just
    complete and utter garbage. Nobody sane will use them, since the cost
    is too damn high. So you end up having to look at “which CPU stepping
    is this” anyway.

    I think we need something better than this garbage.

    Reply
  26. Tomi Engdahl says:

    Do Spectre, Meltdown Mean the Death of Moore’s Law?
    https://www.extremetech.com/computing/262787-spectre-meltdown-mean-death-moores-law

    Spectre and Meltdown are two of the most significant security issues to surface since the beginning of this millennium. Spectre, in particular, is going to be difficult to mitigate. Both AMD and Intel will have to redesign how their CPUs function to fully address the problem. Even if the performance penalties fall hardest on older CPUs or server workloads, instead of workstation, gaming, or general-purpose compute, there are going to be cases where certain customers have to eat a performance hit to close the security gap. All of this is true. But in the wake of these revelations, we’ve seen various people opining that the flaws meant the end of either the x86 architecture or, now, that it’s the final death knell for Moore’s law.

    That’s the opinion of The Register, which has gloomily declared that these flaws represent nothing less than the end of performance improvements in general purpose compute hardware. Mark Pesce writes: “[F]or the mainstay of IT, general purpose computing, last month may be as good as it ever gets.”

    A short-term decline in performance in at least some cases is guaranteed. But the longer-term case is more optimistic, I’d argue, than Pesce makes it sound.

    Sharpening the Argument

    Before we can dive into this any further, we need to clarify something. Pesce refers to this potential end of general compute performance improvements as the end of Moore’s Law, but that’s not really true. Moore’s Law predicts that transistor density will double every 18-24 months. The associated “law” that delivered the performance improvements that went hand-in-hand with Moore’s Law was known as Dennard Scaling, and it stopped working in 2005. Not coincidentally, that’s when frequency scaling slowed to a crawl as well.

    Why Meltdown, Spectre, Aren’t the End of CPU Performance Improvements

    The history of computing is definitionally a history of change. Spectre and Meltdown aren’t the first security patches that can impact performance; when Data Execution Prevention rolled out with Windows XP SP2 and AMD’s Athlon 64, there were cases where users had to disable it to make applications perform properly or at desired speed. Spectre in particular may represent a larger problem, but it’s not so large as to justify concluding there are few-to-no ways of improving performance in the future.

    Furthermore, the idea that general purpose compute has stopped improving is inaccurate. It’s true that the pace of improvements has slowed and that games, in particular, don’t necessarily run faster on a Core i7-8700K than on a Core i7-2600K, despite the five years between them. But if you compare CPUs on other metrics, the gaps are different.

    An 18 percent average improvement over several years is a far cry from the gains we used to see, but it isn’t nothing, either. And there’s no sign that these types of gains will cease in future CPU architectures. It may take a few years to shake these bugs off, particularly given that new CPU architectures take time to design, but the long-term future of general computing is brighter than it may appear. CPU improvements may have slowed, but there’s still some gas in the tank.

    Business
    Death notice: Moore’s Law. 19 April 1965 – 2 January 2018
    Done in by the weaponisation of optimisation, and now 2017 may be as good as it ever got
    http://www.theregister.co.uk/2018/01/24/death_notice_for_moores_law/

    Reply
  27. Tomi Engdahl says:

    Intel does its best to tamp down impact of Spectre and Meltdown in earnings call
    https://techcrunch.com/2018/01/26/intel-does-its-best-to-tamp-down-impact-of-spectre-and-meltdown-in-earnings-call/?utm_source=tcfbpage&sr_share=facebook

    Intel CEO Brian Krzanich was delighted to report that Intel had a record year in the company’s quarterly earnings call with analysts yesterday. Of course, he also had to acknowledge the Spectre and Meltdown chip vulnerabilities revealed earlier this month in perhaps the ultimate good news-bad news moment.

    AdChoices
    MenuTechCrunch
    Intel does its best to tamp down impact of Spectre and Meltdown in earnings call
    Posted 16 hours ago by Ron Miller (@ron_miller)

    Intel CEO Brian Krzanich was delighted to report that Intel had a record year in the company’s quarterly earnings call with analysts yesterday. Of course, he also had to acknowledge the Spectre and Meltdown chip vulnerabilities revealed earlier this month in perhaps the ultimate good news-bad news moment.

    Like any good salesman, Krzanich led with the good news. “2017 was a record year for Intel and fourth quarter results were outstanding. Well ahead of the forecast we outlined in October, based on the strength on both our PC-centric and data-centric businesses.”

    Then came the not-so good news on Spectre and Meltdown, which he valiantly tried to sweep aside in his opening remarks. “We’ve been around the clock with our customers and partners to address the security vulnerability know as Spectre and Meltdown. While we made progress, I’m acutely aware that we have more to do, we’ve committed to being transparent keeping our customers and owners appraised of our progress and through our actions, building trust,” he said.

    He added that the company is working on a more permanent solution for later this year. “We’re working to incorporate silicon-based changed to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year,” he said.

    While acknowledging the obvious issues ahead, the company surprisingly doesn’t see any substantial impact from the security problems. And in spite of all the negative news in recent weeks, the stock surged in after hours trading up $6.71

    Comments:
    No fluctuation in share price because their clients [HP, Acer, Apple, Lenovo etc.] have no option but to buy vulnerable chips in order to meet their sales targets. Will there be a reduction in computer prices prior to the chip fix? Heavens no! The Walls Street machine grinds on, our computers just grind down.

    HP E also. Ryzen looks better and better for me. Cool that HP E released some new AMD servers.

    If this isn’t an example of a corrupt monopoly exerting its power & will over vendors and consumers, I don’t know what is. The way Intel is trying to spread the blame and silence the issue is just shameless.

    Reply
  28. Tomi Engdahl says:

    Intel reportedly notified Chinese companies of chip security flaw before the U.S. government
    https://techcrunch.com/2018/01/28/intel-reportedly-notified-chinese-companies-of-chip-security-flaw-before-the-u-s-government/?ncid=rss&utm_source=tcfbpage&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29&utm_content=FaceBook&sr_share=facebook

    new report from The Wall Street Journal today, which suggests that Intel didn’t immediately notify the U.S. government of the issues, to that list.

    The Journal is reporting that Intel notified some of its customers of the security flaws in its processors, dubbed Spectre and Meltdown, but left out the U.S. government as part of that. Some of the companies Intel notified included Chinese technology companies, though the report suggests there is no evidence that any information was misused.

    Companies can notify some major customers and parties of flaws before they’re publicly disclosed so fixes and patches can come out and contain as much of the fallout as possible. The Meltdown and Specter flaws were particularly hazardous because they theoretically can affect pretty much everyone and the end result is a massive cleanup effort to make sure everything gets patched.

    Intel reported its fourth-quarter earnings last week, after which the stock jumped nearly 10% despite the news about Meltdown and Spectre continuing to trickle in.

    Reply
  29. Tomi Engdahl says:

    Free Meltdown Tool for Linux

    SentinelOne has released a free Linux tool that identifies Meltdown vulnerability to exploit cyber attacks. In addition, the company develops a similar tool to protect Spectre vulnerability.

    The Blacksmith tool is free. The company’s goal is to increase the protection of Linux systems while developing vulnerabilities in the core of the operating system and in different distribution versions.

    There have been tools in the market that tell if the system is vulnerable to exploiting the famous vulnerabilities

    According to SentinelOne, Linux systems are, at least in theory, subject to high risk as the operating system spins for example all super machines and banking systems.

    Source: http://www.etn.fi/index.php/13-news/7468-ilmainen-meltdown-tyokalu-linuxiin

    Reply
  30. Tomi Engdahl says:

    SentinelOne Releases Free Linux Tool to Detect Meltdown Vulnerability Exploitations
    https://www.sentinelone.com/blog/sentinelone-releases-free-linux-tool-detect-meltdown-vulnerability-exploitations/

    Blacksmith can be downloaded here, tested on Ubuntu 17.04, 17.10. Try at your own risk.
    https://www.sentinelone.com/wp-content/uploads/2018/01/s1-blacksmith.zip

    Reply
  31. Tomi Engdahl says:

    Meltdown/Spectre – A tale of two vendors
    https://www.sentinelone.com/blog/meltdown-spectre-tale-two-vendors/

    The new year erupted with a lot of activity because of Microsoft’s patches to deal with the Meltdown and Spectre vulnerabilities. Due to concerns about incompatibilities with AVs, Microsoft will release these patches to only those devices which have a specific registry key set.

    A superficially conservative move, this is going to leave millions of endpoints exposed for a longer window of time than the macs, primarily because Apple pushed changes to all devices as part of their recent High Sierra release.

    In breaking existing security products and forcing every vendor through a redesign, Apple succeeded in making sure that High Sierra was protected and secure as soon as it was released.

    Microsoft has taken a different approach, by transferring the responsibility of setting the registry key to the AV vendor. While our testing revealed no incompatibilities, we are unwilling to take on the risk of setting this registry key.

    This is because our customers may have other software products that use unsupported/undocumented APIs that are incompatible with Microsoft’s latest patches. In such a case, our customers may experience stop errors/system instabilities caused by other products that are not compatible with Microsoft fixes.

    Reply
  32. Tomi Engdahl says:

    The Week In Review: Design
    Meltdown, Spectre tough to tackle; tools for RISC-V; power models; GDDR6; automotive GPU.
    https://semiengineering.com/the-week-in-review-design-114/

    Security
    Addressing the Meltdown and Spectre speculative execution vulnerabilities has not gone smoothly.

    Intel’s firmware update caused unexpected behavior and a higher than expected number of reboots for its Haswell and Broadwell chips, leading the company to recommend users stop patching until an updated version of the patch is available. Microsoft’s attempts to fix the issue left some Windows AMD systems unbootable (the issue is now resolved) and some Windows patches were prevented from running by third-party antivirus software. Meanwhile, Andes Technology says none of its processors are affected by either Meltdown or Spectre due to a difference in processor pipeline design.

    A list of links to official advisories is available from the Meltdown/Spectre info site.

    https://meltdownattack.com/#faq-advisory

    Reply
  33. Tomi Engdahl says:

    Linus Finally Releases Linux 4.15 Kernel, Blames Intel For Delay
    https://linux.slashdot.org/story/18/01/29/0143204/linus-finally-releases-linux-415-kernel-blames-intel-for-delay?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot%2Fto+%28%28Title%29Slashdot+%28rdf%29%29

    inus Torvalds has released Linux 4.15 following the lengthy development cycle due to the Spectre v2 and Meltdown CPU vulnerability mitigation work.

    “This obviously was not a pleasant release cycle, with the whole meltdown/spectre thing coming in in the middle of the cycle and not really gelling with our normal release cycle,” Linus writes. “The extra two weeks were obviously mainly due to that whole timing issue..

    Linux 4.15
    http://lkml.iu.edu/hypermail/linux/kernel/1801.3/02794.html

    Reply
  34. Tomi Engdahl says:

    Microsoft Announces Emergency Patch on Weekend – Corrects Intel’s patches that caused crashing and data loss

    Microsoft has unveiled an emergency update for Windows on a weekend outside of the schedule. The update reverses the previously made correction for Specter Vulnerability for the Second Variant (CVE-2017-5715).

    The update number is KB4078130 and is intended for all supported Windows versions of Windows 7 SP1.

    According to Microsoft , the repair that was previously installed had been canceled, as Intel reported last week’s system crashes and other unexpected problems. At worst, problems may be due to data loss, Intel warned. Microsoft said that it had detected the problems mentioned by Intel in updated systems.

    A recent update removes the previous microcode correction only for Specter’s second variant and prevents the issues mentioned by Intel.

    As a new option, Microsoft Update will enable advanced users to enable or disable the Specre fix by changing the registry key. For more detailed instructions on how to make the setting, see the Microsoft Support Web site .

    Source: https://www.tivi.fi/Kaikki_uutiset/microsoft-julkisti-hatapaikkauksen-viikonloppuna-korjaa-intelin-kaatuilua-ja-datanmenetysta-aiheuttavan-mokan-6698596

    Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
    https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

    Microsoft is aware of a new publicly disclosed class of vulnerabilities that are called “speculative execution side-channel attacks” that affect many modern processors and operating systems, including Intel, AMD, and ARM.

    Recommended actions

    Customers must take the following actions to help protect against the vulnerabilities:

    Verify that you are running a supported antivirus application before you install operating system or firmware updates. Contact the antivirus software vendor for compatibility information.
    Apply all available Windows operating system updates, including the January 2018 Windows security updates.
    Apply the applicable firmware update that is provided by the device manufacturer.

    Reply
  35. Tomi Engdahl says:

    Intel told Chinese firms of Meltdown flaws before the US government
    It raises concerns that China could have exploited the security holes.
    https://www.engadget.com/2018/01/28/intel-told-chinese-firms-of-meltdown-flaws-before-us/

    Intel may have been working with many tech industry players to address the Meltdown and Spectre flaws, but who it contacted and when might have been problematic. Wall Street Journal sources have claimed that Intel initially told a handful of customers about the processor vulnerabilities, including Chinese tech companies like Alibaba and Lenovo, but not the US government. While the chip giant does have to talk to those companies to coordinate fixes, the Chinese government routinely monitors conversations like this — it could have theoretically exploited the holes to intercept data before patches were available.

    An Intel spokesman wouldn’t detail who the company had informed, but said that the company couldn’t notify everyone (including US officials) in time because Meltdown and Spectre had been revealed early.

    There’s no immediate evidence to suggest that China has taken advantage of the flaws, but that’s not the point — it’s that the US government could have helped coordinate disclosures to ensure that enough companies had fixes in place. Big names like Apple, Amazon, Google and Microsoft were ready relatively quickly, but most everyone else was left racing to fix or mitigate the flaws. That could have led to attacks on vendors that weren’t in the early list, but were still running critical systems.

    Intel Warned Chinese Companies of Chip Flaws Before U.S. Government
    https://www.wsj.com/articles/intel-warned-chinese-companies-of-chip-flaws-before-u-s-government-1517157430

    Decision to disclose issue to select few customers, including Lenovo and Alibaba, has ripple effects through security and tech industries

    Reply
  36. Tomi Engdahl says:

    Microsoft works weekends to kill Intel’s shoddy Spectre patch
    Out-of-band patch may assuage user anger over Intel crudware, closed-club disclosure process
    https://www.theregister.co.uk/2018/01/29/microsoft_out_of_band_patch_to_remove_spectre_patches/

    Microsoft has implemented Intel’s advice to reverse the Spectre variant 2 microcode patches.

    Redmond issued a rare weekend out-of-cycle advisory on Saturday here, to make the unwind possible.

    Intel’s first patch was so bad, it made many computers less stable, sending Linus Torvalds into a justifiable meltdown last week.

    Chipzilla later withdrew the patch, but it had made its way into a Microsoft fix, which the company pulled on Saturday.

    “Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote, adding “We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.”

    Reply
  37. Tomi Engdahl says:

    Intel Working on CPUs With Meltdown, Spectre Protections
    http://www.securityweek.com/intel-working-cpus-meltdown-spectre-protections

    Intel is working on CPUs that will include built-in protections against the notorious Meltdown and Spectre attacks, CEO Brian Krzanich revealed on Thursday during a conference call discussing the company’s latest earnings report.

    Intel has released some microcode updates to address the vulnerabilities, but the patches have caused serious problems for many users, which has led to Intel and other vendors halting updates.

    “Our near term focus is on delivering high quality mitigations to protect our customers’ infrastructure from these exploits. We’re working to incorporate silicon-based changes to future products that will directly address the Spectre and Meltdown threats in hardware. And those products will begin appearing later this year,” Krzanich said.

    “However, these circumstances are highly dynamic and we updated our risk factors to reflect both the evolving nature of these specific threats and litigation, as well as the security challenge, more broadly,” he added.

    The latest financial report shows that the company had a great 2017, with a record fourth-quarter revenue of $17.1 billion and a record full-year revenue of $62.8 billion. Despite its reputation taking a hit due to the Meltdown and Spectre vulnerabilities, the company expects 2018 to also be a record year.

    It’s worth noting, however, that one of the factors that could cause results to differ from the company’s expectations are vulnerabilities in Intel processors and other products. In addition to the security flaws themselves, Intel is concerned about the adverse performance and system instability introduced by mitigations, associated lawsuits, the negative publicity they generate, and the impact they may have on customer relationships and reputation, the company said.

    Reply
  38. Tomi Engdahl says:

    Intel Promises More Secure Chips This Year
    https://www.eetimes.com/document.asp?doc_id=1332900

    Continuing with what has been a reoccuring theme in recent years, he emphasized Intel’s progress in transforming itself from a PC-centric chip supplier to a “data-centric” chip supplier, reflecting the broader role of semiconductors in society amid continual decline in PC sales. Intel’s non-PC revenue grew by 21 percent in 2017 to reach 47 percent of the company’s total sales.

    Firmware patches and other software mitigation issues that have been available since shortly after the vulnerabilities were disclosed have a negative impact on system performance depending on the workload, and Intel said recently that the patches can cause systems to reboot prematurely and recommended that users stop implementing them until revised versions are available next week.

    “While we’ve made progress, I’m acutely aware that we have more to do,” Krzanich told analysts. “We’ve committed to being transparent keeping our customers and owners appraised of our progress and through our actions, building trust.”

    Reply
  39. Tomi Engdahl says:

    Windows emergency patch: Microsoft’s new update kills off Intel’s Spectre fix
    http://www.zdnet.com/article/windows-emergency-patch-microsofts-new-update-kills-off-intels-spectre-fix/

    Out-of-band update disables Intel’s mitigation for Spectre Variant 2 attack, which Microsoft says can cause data loss on top of unexpected reboots.

    Microsoft has released an emergency Windows update to disable Intel’s troublesome microcode fix for the Spectre Variant 2 attack.

    Reply
  40. Tomi Engdahl says:

    “Insane Garbage” Patches Disrupt Devices
    https://www.cloudmanagementsuite.com/intel-meltdown-patches

    Intel Warns of Faulty Meltdown and Spectre Patches
    If you thought the Meltdown and Spectre threat had passed, Intel has some bad news: don’t install their updates!

    Reply
  41. Tomi Engdahl says:

    Risks to ICS Environments From Spectre and Meltdown Attacks
    http://www.securityweek.com/risks-ics-environments-spectre-and-meltdown-attacks

    The recently disclosed Spectre and Meltdown vulnerabilities, which affect hardware running in the majority of the world’s computing devices have made headlines recently. The list of at risk equipment includes workstations, servers, phones, tablets, as well as Microsoft Windows, Linux, Android, Google ChromeOS, Apple macOS on most Intel chips manufactured after 2010. Many AMD, ARM and other chipsets are also affected.

    Which devices are at risk?

    Whether or not a specific device is at risk depends on multiple factors, such as chipset, firmware level, etc. Needless to say, we can expect substantial research and patching in the near future.

    Many HMIs, panels, and displays utilize the affected chips. Some PLC manufacturers are still assessing the threat.

    Many systems that support industrial controllers such as automation systems, batch control systems, production control servers, printers, OPC Systems, SCADA systems, peripheral devices, and IIoT devices including cameras, sensors, etc., are likely vulnerable. However, Spectre and Meltdown vulnerabilities in these systems does not necessarily mean industrial control devices are at risk.

    What is the impact to industrial control devices and systems?

    The Spectre and Meltdown vulnerabilities can be used to compromise a device, allowing an attacker to access privileged data in the system. The vulnerabilities do not grant access to the system, they only enable attackers to read data that should otherwise be restricted. In other words, an attacker still needs to break into the system to execute the attack.

    While this is a serious threat in systems with multiple users, like a cloud solution for example, it doesn’t pose a high level of risk in single-user systems.

    To use an analogy, these vulnerabilities essentially enable you to read people’s minds — as long as you’re in the same room with them.

    They’re effective in a multi-tenant environments where one user’s secrets must be kept private from other users.

    Since ICS environments are not multi-tenant, these vulnerabilities do not enable access to any data not already available to anyone with system access.

    What can be done to mitigate the risk?

    First and foremost, being aware of what exists in the ICS environment is critical, since undocumented devices can’t be secured. Therefore, automated asset inventory tools are essential to understanding what equipment is at risk and requires attention.

    Next, having in-depth visibility into asset inventory is vital. Without this, you’re left with a list of industrial devices that must be manually examined to determine whether their specific hardware module is affected.

    Finally, in order to exploit these vulnerabilities, an attacker needs access to the network. This emphasizes the importance of having a network monitoring system, which can identify anyone connecting into the network, as well as communicating with or modifying key assets.

    Reply
  42. Tomi Engdahl says:

    Linux 4.15 Kernel, GCC, LinuxBoot Project and More Cryptojacking
    http://www.linuxjournal.com/content/linux-415-kernel-gcc-linxboot-project-and-more-cryptojacking?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+linuxjournalcom+%28Linux+Journal+-+The+Original+Magazine+of+the+Linux+Community%29

    The good: the Linux 4.15 kernel officially has been released. View the diff here, and also see the Linux Kernel Archives for more info.

    The bad: more work needs to be done to handle Spectre/Meltdown security vulnerabilities. Linus makes it clear that compiler updates will need to work alongside the kernel ones to help mitigate these issues.

    The ugly: unless you are running GCC 7.3 or later, you are still not in the clear.

    Reply
  43. Tomi Engdahl says:

    New AMD Processors to Include Protections for Spectre-like Exploits
    http://www.securityweek.com/new-amd-processors-include-protections-spectre-exploits

    AMD’s new Zen 2 and future processors will include protections against Spectre and other similar exploits, the tech giant revealed on Tuesday as it announced its earnings for 2017.

    AMD CEO Lisa Su reiterated that the company’s CPUs are not vulnerable to Meltdown attacks and one variant of the Spectre attack is difficult to carry out against its products.

    “For Spectre Variant 1, we continue actively working with our ecosystem partners on mitigations, including operating system patches that have begun to roll out. We continue to believe that Variant 2 of Spectre is difficult to exploit on AMD processors, however we are deploying CPU microcode patches – in combination with OS updates – to provide additional mitigation steps,” Su explained.

    The CEO highlighted that in the long-term the company plans on including protections for Specter-like exploits into all future processor cores. These protections have already been implemented into the design of recently unveiled Zen 2 CPUs, which are expected to become available next year.

    AMD reported revenue of $5.33 billion for 2017, which it says represents a 25 percent increase compared to the previous year. However, the company warned that the Spectre and Meltdown exploits could have a negative impact on the company’s revenue, including as a result of lawsuits, which have already been filed against the organization.

    Reply
  44. Tomi Engdahl says:

    Malware Exploiting Spectre, Meltdown Flaws Emerges
    http://www.securityweek.com/malware-exploiting-spectre-meltdown-flaws-emerges

    Researchers have discovered more than 130 malware samples designed to exploit the recently disclosed Spectre and Meltdown CPU vulnerabilities. While a majority of the samples appear to be in the testing phase, we could soon start seeing attacks.

    The Meltdown and Spectre attack methods allow malicious applications to bypass memory isolation mechanisms and access passwords, photos, documents, emails, and other sensitive data. Shortly after Spectre and Meltdown were disclosed on January 3, experts warned that we could soon see remote attacks, especially since a JavaScript-based proof-of-concept (PoC) exploit for Spectre had been made available.

    On January 17, antivirus testing firm AV-TEST reported that it had seen 77 malware samples apparently related to the CPU vulnerabilities, and the number had increased to 119 by January 23.

    “Most appear to be recompiled/extended versions of the PoCs – interestingly, for various platforms like Windows, Linux and MacOS,” Andreas Marx, CEO of AV-TEST, told SecurityWeek. “We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.”

    Fortinet, which also analyzed many of the samples, confirmed that a majority of them were based on available PoC code.

    Marx believes different groups are working on the PoC exploits to determine if they can be used for some purpose. “Most likely, malicious purposes at some point,” he said.

    The expert believes the current malware samples are still in the “research phase” and attackers are most likely looking for ways to extract information from computers, particularly from web browsers. He would not be surprised if we started seeing targeted and even widespread attacks in the future.

    Reply
  45. Tomi Engdahl says:

    January 30, 2018 / 3:47 AM / in 2 days
    Microsoft issues update to disable Intel’s buggy Spectre patch
    https://www.reuters.com/article/us-cyber-intel-microsoft/microsoft-issues-update-to-disable-intels-buggy-spectre-patch-idUSKBN1FJ0CU

    Microsoft Corp issued an emergency security update on Monday to plug Intel Corp’s buggy Spectre firmware patch after the chipmaker’s fix caused computers to reboot more often than normal.

    Microsoft said it was rolling out an out-of-band update that specifically disables Intel’s Spectre variant 2 patch.

    Microsoft said its latest update prevented computers to reboot unexpectedly and urged affected customers to manually download it from the Microsoft Update Catalog website.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*