Netduma R2 router review
TerraMaster F5-422 NAS Review
Radeon RX 6600 (Sapphire Pulse) review
Radeon RX 6600 (Gigabyte Eagle 8G) review
PowerColor Radeon RX 6900 XT Red Devil review
Corsair Sabre RGB Pro Wireless mouse review
Far Cry 6: PC graphics performance benchmark review
Colorful GeForce RTX 3060 Bilibili 12G review
ACER Predator GM7000 2TB NVMe PCIe 4.0 SSD review
be quiet! Shadow Rock SLIM 2 review
New CacheOut Speculative Execution Vulnerability Hits Intel Processors
Intel is not spared when it comes to the number of vulnerabilities that keep hitting their processors. The latest one is CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. All processors up-to-the recent Coffee lake refresh are effected.
Despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data. Unlike previous MDS issues, the researchers show in their work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available.
They then demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves. CacheOut can bypass software fixes. Making it possible to extract data from both the kernel of the OS and from virtual machines, and also from something that Intel calls 'software guard extensions' (SGX) that normally is stored securely.
Researchers from the University of Michigan and the University of Adelaide have found this new bug, and posted a paper on it. Read the paper. It seems that once again only Intel processors are affected including Core, Xeon and Atom models. AMD is save from this vulnerability.
schoolofmonkey
Senior Member
Posts: 240
Joined: 2014-03-30
Senior Member
Posts: 240
Joined: 2014-03-30
#5755255 Posted on: 01/29/2020 02:04 AM
Yes they do need a architecture change, but this doesn't make a new architecture invulnerable, it just means it's too new to find the appropriate exploits.
There will be some exploits that AMD have overlooked, but given how new their architecture is it will take time to fined it, same if Intel change theirs.
Personally I applaud Intel/AMD for getting one board with the researches, it shows they are willing to learn from their mistakes and innovate, everything takes time, everything is exploitable given the right circumstances.
Intel's vulnerability list in the CPUs it's shipped in just the past five years seems a clear warning on the perils of milking architectures. Intel is going to have to do what AMD has already done: design an entirely new x86 CPU architecture from the ground up. I cannot see a logical rationale for anyone buying Intel's CPUs at the present time.
Yes they do need a architecture change, but this doesn't make a new architecture invulnerable, it just means it's too new to find the appropriate exploits.
There will be some exploits that AMD have overlooked, but given how new their architecture is it will take time to fined it, same if Intel change theirs.
Personally I applaud Intel/AMD for getting one board with the researches, it shows they are willing to learn from their mistakes and innovate, everything takes time, everything is exploitable given the right circumstances.
tsunami231
Senior Member
Posts: 12179
Joined: 2003-05-24
Senior Member
Posts: 12179
Joined: 2003-05-24
#5755257 Posted on: 01/29/2020 02:19 AM
eh what ever at this point I dont care, I use my pc to game and visit a handfull of websites, that it
The whole meltdown/spectre flaw open the gates and since then they all looking for security issue to out, and cause panic just to have there time in the news. Should flaws and security issue be fix yes, should they be outed to the public so everyone knows? no it shouldnt it just causing panic and witch hunts.
Even then most flaws arnt even know to majoirty of people nor do they care.
eh what ever at this point I dont care, I use my pc to game and visit a handfull of websites, that it
The whole meltdown/spectre flaw open the gates and since then they all looking for security issue to out, and cause panic just to have there time in the news. Should flaws and security issue be fix yes, should they be outed to the public so everyone knows? no it shouldnt it just causing panic and witch hunts.
Even then most flaws arnt even know to majoirty of people nor do they care.
deusex
Senior Member
Posts: 645
Joined: 2003-11-19
Senior Member
Posts: 645
Joined: 2003-11-19
#5755262 Posted on: 01/29/2020 02:34 AM
Just another reason to like my 3950X.
Just another reason to like my 3950X.
user1
Senior Member
Posts: 1733
Joined: 2016-01-29
Senior Member
Posts: 1733
Joined: 2016-01-29
#5755264 Posted on: 01/29/2020 02:39 AM
just an fyi i have not suffered this problem on linux, performance is largely the same maybe 10% loss max. using a penryn quad.
Yup, and this includes the Core2 line as well, so ye olde Q6600 as an example... Heck when the Spectre and Meltdown software mitigations were released, it tanked performance on the Q6600 tremendously... So much so that a 3.5GHz overclock was necessary to maintain 2.4GHz stock performance, it really did cut performance by about 40%.
just an fyi i have not suffered this problem on linux, performance is largely the same maybe 10% loss max. using a penryn quad.
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 1334
Joined: 2014-07-22
Intel's vulnerability list in the CPUs it's shipped in just the past five years seems a clear warning on the perils of milking architectures. Intel is going to have to do what AMD has already done: design an entirely new x86 CPU architecture from the ground up. I cannot see a logical rationale for anyone buying Intel's CPUs at the present time.