Intel CPUs plagued by security vulnerabilities side-channel attack - PLATYPUS
Click here to post a comment for Intel CPUs plagued by security vulnerabilities side-channel attack - PLATYPUS on our message forum
Plavn Walaz
If anyone is interested in trade I have ultra-super-mega-quazi-turbo - I7 7700K + ASRock Extreme 4 270Z board tradeing for Amd 2700 + Decent amd board 😀 😀 😀 ... i mean you'll get really really "gooooooood" Intel 😀
Dear oh dear, Intel is so bad.
Ghosty
The average person isn't going to be effected by these 'security flaws', so take it with a pinch of salt.
0blivious
FFS Intel. This isn't a good look:
losing in workloads
losing in gaming
losing in security
Kaarme
Intel inside, security outside.
fantaskarsef
AMD CPUs potentially also vulvernable since Zen architecture, but requires "kernel privileges". Then you even have per core access according to their paper. Just saying.
For the full paper read here: https://platypusattack.com/platypus.pdf
And when my Gen 5 Intel CPU is too old to be vulvernable:
https://cbsnews1.cbsistatic.com/hub/i/2016/12/14/4b7e3037-b62b-4f21-9e5c-1c181da45a6a/screen-shot-2016-12-14-at-4-25-12-pm.png
Francesco
I certainly don't want to defend Intel, which is indefensible at this point (and honestly they deserve all the shit they are getting), but I would be very surprised if, now that AMD is at the top, security holes will not start to emerge in Ryzens too a few months from now.
Ghosty
A quick Google search says yes. Flaws going back to Bulldozer.
https://www.extremetech.com/computing/307317-security-flaw-detected-in-amd-cpus-going-back-to-2011
Webhiker
I think the research is very unclear regarding Zen. It only mentions the RAPL interface provided via Linux kernel 5.8 limited to AMD Rome CPUs and nothing else.
They don't even say if it's vulnerable or not only that RASPL is accessible through the Linux powercap framework. On Intel system you can install the Intel Power Gadget on windows and gains access that way.
Ghosty
I suppose the biggest question is, can these flaws/vulnerabilities be patched or fixed in later CPU iterations?
fantaskarsef
True, but it does not specifically point out that AMD is not vulnerable. And even hints at a general weakness, even when using ARM or Nvidia CPUs. As such, I thought I'd try to point that out, since the OP's article reads as if only Intel was vulnerable to attacks on t he RASPL exploit.
TheDeeGee
How come AMD is never in the news?
Well they are, but only positive news 😛
Kool64
good thing no one cares about security when you're "the fastest"......
nosirrahx
Yes and no. Exploits are one of the better ways to gain initial access to a device and exploits do not exist in a vacuum.
Exploits are bundled together into kits. Think of these exploits expanding the tool set of lock pick.
The scenario where a regular user might be impacted goes like this:
Criminal exploits their wait into a server hosting what should be a group of "safe" sites.
Exploits are installed on these sites.
Unpatched users visiting these sites become compromised.
The worst case I have ever seen of a "safe" site infecting people was when an ISP had exploits on their webmail page.
schmidtbag
Well, it's not really so much a matter of AMD not having a lot of security vulnerabilities, it's more that most of Intel's are fundamentally related to the same few things, yet everyone acts like they're totally novel.
Think of it like someone who eats cheeseburgers every day, and what a surprise, they get a heart attack. Then they get a stroke. Then they discover they have gallstones. They they discover the have colon cancer. Then they discover they have various immunodeficiencies. The list goes on and on. It's not that the health issues aren't real, but they're all because of the same thing: a poor diet.
So when it comes to Intel's vulnerabilities, they're basically just slightly different approaches to the same underlying problems (which to my understanding, is primarily tied to speculative execution and HT). The number of issues makes Intel seem incompetent, but really, it's only a small set of really big mistakes.
alanm
As if anybody needed further reason to avoid Intel at this point in time.
asturur
I mean there is a patch, the patch can be without loss of performance. Then where is the problem?
Eventually they'll patch SGX or this power logging
sam640
Every patch they made to fix some security issue, performance gets decreased a little. these build up.
JamesSneed
This probably wont matter outside of the server farms but damn I must say all the extra time and money patching has got to be driving customers mad. When AMD has the latest EPYC chips out I do wonder if this generation is where AMD gets picked up en mass by the big data center players?
schmidtbag
Might take another couple years for that to happen. AMD is making a big dent in large-scale servers but they still have a long way to go.
Borys
Poor Intel... beyond the obsolete and expensive CPUs they even can go out of this securities problems...
