Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[sevenlayermuddle]

Regarding timeframes, I’ve seen several respectable sources quoting Google as saying they informed others about it in June/July last year.

https://www.theguardian.com/technology/2018/jan/04/meltdown-spectre-worst-cpu-bugs-ever-found-affect-computers-intel-processors-security-flaw

Google said it informed the affected companies about the Spectre flaw on 1 June 2017 and later reported the Meltdown flaw before 28 July 2017. Both Intel and Google said they were planning to release details of the flaws on 9 January, when they said more fixes would be available, but that their hand had been forced after early reports led to Intel stock falling by 3.4% on Wednesday.

Everybody concerned seems to have been well prepared, with carefully coordinated statements ready for publication on 9th Jan.  No panic, just a coordinated response, showing the whole industry working well together.    Unfortunately, that seems to have been scuppered by early reporting, making things look worse than they were.

I do hope the motive for early release does not turn out to be profiteering from the movement in Intel’s share price.   But I would imagine that is something the US financial regulators might be looking in to.

[Weaver]

I agree with Kitz about how it should be fixed in hardware, but not only if it doesn't kill performance which is very hard-won and increasingly in short supply. Processors aren't making the strides they used to in terms of straight clock speed and cycle count performance. Multi-instruction parallelism isn't going to extend much beyond the four to six instructions that Intel has often been able to achieve as some code just cannot be rearranged to support instruction-level parallelism easily or at all. I was trying for ages to speed up the machine code (AMD64 code) for a few of very intensive small routines, among them one to do execute the PEXT instruction in software, one to do Bresenham’s straight line algorithm, and I simply couldn't find any way to get more parallelism - even if a Haswell or Skylake or whatever could handle more ILP, it isn't there to be exploited.

It might be that it is not too hard to modify processors to disrupt the attacks and make them impractical.

Kitz is absolutely right about hardware in another respect too though. It's not just operating systems that will need software changes if processors remain unfixed and security is a real practical issue (that is if you are unwise enough to allow evil code into your world at all in the first place). Web browsers are mentioned as a target for software mitigations in the Spectre paper Kitz references. There might be other classes of software that also need to be scrutinised, and fixing an o/s while ignoring other bits of software such as your web browser or <who_knows_what> app isn't good enough, you can't say that the job is done.

It's amusing to note that the researchers in the Spectre paper made monkeys out of the Chrome Javascript engine’s designers who thought they had put in a ‘security’ hack by intentionally mucking up the quality of the results from a high res timer routine in order to supposedly frustrate would be malefactors but the researchers simply bypassed this and made it irrelevant by writing their own high-res timer routine. Total stupidity just making life more difficult for the vast majority who are non-malicious and now the bad guys know exactly what to do to get ultra-high-res timing anyway. When will these people learn?

[kitz]

I do hope the motive for early release does not turn out to be profiteering from the movement in Intel’s share price.   But I would imagine that is something the US financial regulators might be looking in to.

So who would gain?  Thats what's puzzling me.   
The El reg release seemed to completely gloss over Spectre, which by all accounts is the larger and more difficult problem.
Obviously the CEO or whoever of Intel selling a large portion of his shares prior to the muck hitting the fan looks suspicious, but then again it doesnt take a genius to work out that there's a good chance the value of Intel would take a dive the way it was released.
Why did El reg publish when others were keeping stum ahead of the scheduled release date.   It was also El reg that released the 30% slow down figures, yet now patches have been released and its undeniable that some processors have taken a performance hit, it does not appear to be anything like the 30% headline figure quoted.

Has that article been amended?   
Publication of article is 2 Jan 2018 at 19:29 GMT.. yet the linked to reference is 11:58 PM - Jan 2, 2018 UTC 
It does say at the end final update and that their report was on Meltdown and not Spectre.

[Chrysalis]

based on this el reg seems to have overhyped it somewhat.

https://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html

[sevenlayermuddle]

So who would gain?  Thats what's puzzling me.   

From my limited understanding, simple short selling, surely?

https://www.investopedia.com/terms/s/shortselling.asp

My understanding is that any trading based on inside knowledge is illegal and short selling coincident with big news events like this, would automatically attract attention from regulators.  But if the traders turn out to be beyond US jurisdiction, not sure what they’d be able to do.

[sevenlayermuddle]

based on this el reg seems to have overhyped it somewhat.

https://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html

I suspect we will see more like this.

El reg is a good read, always entertaining, but I long since ceased to regard it as a source of facts.

[parkdale]

I see AVM have a security list for these exploits. To compromise a Modem/Router, the attacker will have to have physical access to the hardware.

https://en.avm.de/service/current-security-notifications/

[Weaver]

@sevenlayermuddle - I was of the opinion that in the UK at least it's basically fairly difficult to be an 'inside trader', you have to have privileged information from the company itself and have to be an employee or someone who is conspiracy with one such. Info about CPU microarchitectures in this case was all publicly available, as members of the general public, not employees of say Intel, were the ones who did that research. So having an opinion that a cpu design is rubbish and therefore it might be a good idea to sell your shares can't be illegal, because anyone out there could come to the same opinion given a sufficiently large supply of clue, not secret information. But then I am no lawyer nor an american so what on earth do I know.

Mind you, if you worked for say el reg and wrote up an article that was contained a certain quantity of bull, like numbers of 30% say, and then went off to do some short selling of say intel stock then there might be trouble, but I'm not at all sure on what legal grounds, although it is clearly unethical market manipulation.

[Chrysalis]

I suspect we will see more like this.

El reg is a good read, always entertaining, but I long since ceased to regard it as a source of facts.

Pretty much cane be said for almost all the press sadly

sensationalism over accuracy.

[burakkucat]

El reg is a good read, always entertaining, but I long since ceased to regard it as a source of facts.

I regard its output in the same way as that published in the satirical magazine Private Eye.

[burakkucat]

For a Linux kernel orientated view there is the Wikipedia entry, Kernel Page-Table Isolation, currently with twenty nine references.

[kitz]

I agree with Kitz about how it should be fixed in hardware, but not only if it doesn't kill performance which is very hard-won and increasingly in short supply.

Just noticed the last bit.   Going back to something I said earlier in the Class action thread, if they didn't apply a patch then it would be negligence.   

Whilst the bug may have been there 10+ years, now that it has been discovered and made public then some sort of fix has to be applied to protect the public.   Since the news broke, you can bet your bottom dollar that script kiddies around the globe are now dabbling with code in an attempt to exploit this.
Due to the nature of Meltdown, the exploit is capable of reading passwords or any other stored information on the PC and because of the way it attacks its unlikely to be detected as malware by AVs.

I don't think anyone is going to be impressed at taking a hit in performance, but the alternative of taking no action is just far too risky.
Until (if) Intel come up with a fix at the hardware level, then I guess there is no alternative but for the likes of Miscrosoft/Apple/Linux etc to put an end to the way the OS shares memory between programs and the kernel

[adrianw]

I regard its output in the same was as that published in the satirical magazine Private Eye.

Private Eye has a good reputation for uncovering things that TPTB would like hidden. They do sometimes get it expensively wrong.

I admit that El Reg is sensationalist, but informative.

[banger]

From the MS Script I ran here are the results for my MSI P35 Neo F V1 motherboard with Core 2 Duo E8400 CPU.

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: False [not required for security]

Suggested actions

 * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.


BTIHardwarePresent             : False
BTIWindowsSupportPresent       : True
BTIWindowsSupportEnabled       : False
BTIDisabledBySystemPolicy      : False
BTIDisabledByNoHardwareSupport : True
KVAShadowRequired              : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled           : False

So from these results I gather I also need a BIOS update for the motherboard as the MS Windows patch is not enough to protect against meltdown on its own. My board is from 2008 and I have contacted MSI but as for them updating the BIOS/Microcode I shall have to wait and see although doubt it very much.

[kitz]

From the MS Script I ran here are the results for my MSI P35 Neo F V1 motherboard with Core 2 Duo E8400 CPU.

What MS Script is that?  Is there a link please?