I would say Pentium onwards - it was the first superscalar x86 processor with branch prediction. It gets worse with later CPUs that have speculative execution as well.

If you are running a [234]86 you will be just fine 😀

squiggly wrote:

I would say Pentium onwards - it was the first superscalar x86 processor with branch prediction. It gets worse with later CPUs that have speculative execution as well.

If you are running a [234]86 you will be just fine 😀

That would be in line with what the Google guy was saying, 1995 would have been right about when Pentiums were starting to make their way into people's computers.

I think it is a funny story...

we all come at places where it's full of camera's these days, we all have mobile phones that have providers that can literally see us move and see where we are exactly, do more and more bank transactions wireless, install apps on the phones that want to have acces to EVERYTHING on there, use computers/laptops/ipads that also have acces to everything (and so does Apple and Microsoft) but we still think we have some privacy ? 🤣

People really thought that throwing everything in the cloud was a good thing??? 🤣 🤣 🤣

Sure, for corporations/banks this is not funny but hey, they too use computers that can be hacked nomatter what..

Perhaps we needed a new bubble so everyone can go and run to the stores in a couple of months to buy the '' new and safe '' Intel based gadgets! 😎

Every CPU with out-of-order execution is affected (early Atoms for example not, so "any Intel CPU made after 1995" is plain wrong). However, this is something again made up by the media. A CPU per se can not be safe or unsafe, that task is up to the OS. In this case, the OS relies to much on hardware functions (see the Infinion TPM debacle not long ago - same story but already forgotten) instead of doing things right. Also, just like any other vulnerability, you need a way to execute code on the affected machine. But once you can do that, you have full control anyway.

Here is the same topic but not restricted to older Hardware:
Vogons - Milliways: Intel CPU design flaw - Kernel-memory-leaking

Because I saw this coming some years ago, I developed SetMul to turn off branch prediction in Pentium and Pentium MMX processors. That way Vogons enthousiasts will be the last humans to browse the internets with immunity.

That is just me being silly, but seriously: does it actually work that way? Does the bug require branch prediction to be active?

Also, just like any other vulnerability, you need a way to execute code on the affected machine. But once you can do that, you have full control anyway.

Sounds like Browsing with javascript enabled.

I have not yet delved into the technical depths of these exploits/flaws, but I do recall briefly seeing one article that said (paraphrasing here) "every Intel processor made since the Pentium Pro" plus another article that said Itanium and Atom are NOT affected. Don't quote me as passing along definite truths though, that's just what I read during the developing hours right after these exploits were first publicized.

The original pentium was made in 1993, so this may mean that problem appeared on the Pentium Pro (which was made in ... 1995 !) and NOT the original Pentium. If somebody ever designs some way to check this, comparing Pentium Pros with regular pentiums could give interesting results.

Pentium Pro was rumored using stolen tech particulary related to out-of-order execution from Cyrix.
Cyrix however has been 'subtly' casted as the bad guy/bad tech in few fictional works, i wonder if they knew something.

Atom D's and N's aren't affected, so 10 year old netbooks are ok.

gerwin wrote:

Here is the same topic but not restricted to older Hardware: Vogons - Milliways: Intel CPU design flaw - Kernel-memory-leaking […]
Show full quote

Here is the same topic but not restricted to older Hardware:
Vogons - Milliways: Intel CPU design flaw - Kernel-memory-leaking

Because I saw this coming some years ago, I developed SetMul to turn off branch prediction in Pentium and Pentium MMX processors. That way Vogons enthousiasts will be the last humans to browse the internets with immunity.

That is just me being silly, but seriously: does it actually work that way? Does the bug require branch prediction to be active?

Branch prediction triggers preemptive loads of potentially privileged addresses, it is the first chink in the armour. Other bugs have to do with out of order and speculative execution, which apparently can result in something horrendous lije triggering arbitrary code execution in the context of another process. It's all bad karma which is why I have gone back to trusty DOS on my 486dx2.

Makes sense.
But do you mean browsing the internet with a 486DX2? One can just stay offline, or use a very restricted browser that basically behaves as a remote document viewer without remote interactivity (Active-X, JavaScript, Flash and other questionable technologies).

gerwin wrote:

Makes sense.
But do you mean browsing the internet with a 486DX2? One can just stay offline, or use a very restricted browser that basically behaves as a remote document viewer without remote interactivity (Active-X, JavaScript, Flash and other questionable technologies).

Internet? Is that like a BBS?

Sorry for confusing you, Yeah I was told it is this new BBS-like connection thing. But it will probably get out of fashion soon, so no need to worry about it.

derSammler wrote:

Every CPU with out-of-order execution is affected (early Atoms for example not, so "any Intel CPU made after 1995" is plain wrong). However, this is something again made up by the media. A CPU per se can not be safe or unsafe, that task is up to the OS. In this case, the OS relies to much on hardware functions (see the Infinion TPM debacle not long ago - same story but already forgotten) instead of doing things right. Also, just like any other vulnerability, you need a way to execute code on the affected machine. But once you can do that, you have full control anyway.

I totally disagree with this, and you really should read Linus Torvalds's response to Intel's excuse of a statement to hear why in much better words than I could personally explain it: https://lkml.org/lkml/2018/1/3/797

Yes you can have an unsafe CPU, as all Intel CPUs virtually are now, by designing the CPU to completely disregard security checks that the OS assumes are in place because the designer falsely claims they are.

Basicly it is like this:

Intel made the Pentium 60 and it had a bug. Ever since that one they made cpu's with bugs and now they found out about it.

Damn.... the 486 is not affected? Prices go up again! 🤣

Just thinking of how the concept of CPUs facilitating Operating System privilege accounting was present on the 286 already, with things like this: https://en.wikipedia.org/wiki/Global_Descriptor_Table
In DOS and Windows up to and including 98/ME the GDT+LDT can be modified reliably by a user mode program. IIRC this is called a "callgate" trick. SetMul does just this to run privileged instructions without OS permission (based on an idea by Rayer).
It seems to me intel+microsoft messed up in a similar fashion again, though this time it is not about modifying privileges (the worst), but about programs being able to peek in data that is not part of the sandbox assigned to them (still bad).

Time to put 486's into production again, I am sure die shrinks and such can up the speed on those quite a lot 😁 and new 486 mobs! woooo

PowerPC processors (e.g. Macs with a IBM PowerPC G3/G4/G5 processor) are vulnerable to SPECTRE, but due to being fairly obscure and lacking the appropriate software for attack vectors it may be a bit more resistant to the actual implementation:

http://tenfourfox.blogspot.com/

Intel put up a list of affected CPUs here: https://security-center.intel.com/advisory.as … anguageid=en-fr
Apparently anything up to and including the Core2 is unaffected. Things seem to have been introduced with the first Core i7.