Reply 20 of 151, by Baoran
Looks like I am going to have to go get my old core 2 duo from the storage. Should be good enough for web browsing.
Looks like I am going to have to go get my old core 2 duo from the storage. Should be good enough for web browsing.
My thoughts on this vulnerability:i really don't care too much,it is like the wifi exploit that was revealed not too long ago, for me it is just a threat to servers and corporate environment.
about cloud services, oh well if you use it, you are giving up all your privacy.
The right thing that intel could do is fix the bug and recall the current gen Xeon cpu and provide a discount to last gen consumer cpu to upgrade to a new bugfree generation.
Passwords are one thing I might be worried about. There are people who actually pay decent amount for password lists that have been created using malware infected home pcs. If they get access to your e-mail account, they pretty much get access to all the accounts that you used the e-mail account with.
wrote:Intel put up a list of affected CPUs here: https://security-center.intel.com/advisory.as … anguageid=en-fr
Apparently anything up to and including the Core2 is unaffected. Things seem to have been introduced with the first Core i7.
I figure that is because they did not bother to list older CPUs.
The way intel writes responses to this issue, it is like a press commentary: deny it is intel's fault, deny the full scope of problems, emphasize that intel is fully comitted to ensure security.
--> ISA Soundcard Overview // Doom MBF 2.04 // SetMul
This is the dumbest thread in the history of the universe.
A bunch of people with no clue and no ability to grasp the technical details compete with each other on who will spread more FUD garbage. And the few folks, who actually can understand the details, tag along for the fun of it.
https://cloakedthargoid.wordpress.com/ - Random content on hardware, software, games and toys
wrote:This is the dumbest thread in the history of the universe.
A bunch of people with no clue and no ability to grasp the technical details compete with each other on who will spread more FUD garbage. And the few folks, who actually can understand the details, tag along for the fun of it.
You just described life in general..
asus tx97-e, 233mmx, voodoo1, s3 virge ,sb16
asus p5a, k6-3+ @ 550mhz, voodoo2 12mb sli, gf2 gts, awe32
asus p3b-f, p3-700, voodoo3 3500TV agp, awe64
asus tusl2-c, p3-S 1,4ghz, voodoo5 5500, live!
asus a7n8x DL, barton cpu, 6800ultra, Voodoo3 pci, audigy1
Hmm... It's 1-0 to you, I guess. 🤣
https://cloakedthargoid.wordpress.com/ - Random content on hardware, software, games and toys
I figure that is because they did not bother to list older CPUs.
A Powershell script is available that can help to determine what CPUs are affected according to MS.
http://mikefrobbins.com/2018/01/04/using-powe … 7-5715-spectre/
The most relevant line considering the meltdown vulnerability is:
Hardware requires kernel VA shadowing: xxx
On a patched affected Intel system the result is:
PS C:\WINDOWS\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID optimization is enabled: True
BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True
On a non-patched (meltdown) unaffected AMD system the result is:
PS C:\Windows\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is enabled: False
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False
Suggested actions
* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
* Install the latest available updates for Windows with support for speculation control mitigations.
BTIHardwarePresent : False
BTIWindowsSupportPresent : False
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : False
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
The facts are:
- Meltdown is a vulnerability allowing ordinary programs to read kernel memory, something that the CPU is supposed to protect against. It's Intel's fault, not OS developers'.
- Intel released a list that basically says "everything since the first i3/5/7 is affected". The list does not include Core 2 and earlier processors. This may mean that they are not affected or that Intel just didn't bother to include older chips on their list.
- AMD is convinced their CPUs are not affected.
- There are already security patches for Windows 10 and Linux.
- At least on Linux, this patch has a significant performance cost. On Core 2 and earlier chips that penalty is even higher (because of lack of PCID support). This should be true for Windows too, theoretically.
- As of today, the Linux patch (with its performance cost) enables itself automatically on all non-AMD x86/x64 CPUs. It can be force disabled.
I don't know if the Windows patch checks the CPU for vulnerability or is just permanently enabled.
I wouldn't worry about the vulnerability itself. It is already fixed, and sooner or later the fixes will become non-optional in their respective OSes.
For old OSes - who cares.
I worry about sudden slowdown of most of PCs in existence, especially older ones, some of which perhaps unnecessarily.
wrote:- Meltdown is a vulnerability allowing ordinary programs to read kernel memory, something that the CPU is supposed to protect against. It's Intel's fault, not OS developers'.
That is a bit too generalized, and sounds like there is a bug in the CPU in the protection, and programs can actually read kernel memory via the CPU.
That is not correct.
What happens is that because we know that Intel CPUs perform speculative execution in a way that caches data before the access to that data is determined, a side-channel opens up: We can time access to a certain memory location, to see if it was cached or not.
With carefully crafted code, you can time access to pieces of memory, so that you can see whether it was cached or not.
You can't actually access the data, but the timing will tell you whether it was cached or not.
You can take this further by doing bitwise comparisons...
if (x & 1)
a();
else
b();
By timing this, you can infer individual bits in the variable, reconstructing the entire data.
The original paper claims they can read memory at about 503 KB/s: https://meltdownattack.com/meltdown.pdf
So it's not really the protection failing. It's a side-channel, which is also why it exists on so many CPUs, also ARM and POWER for example. Not because they all happen to have the exact same 'bug', but because they all have similar performance optimizations deep inside the core, and someone figured out that you can use this as a side-channel. Intel and other vendors can however modify future CPUs to remove the side-channel.
wrote:That is a bit too generalized, and sounds like there is a bug in the CPU in the protection, and programs can actually read kerne […]
wrote:- Meltdown is a vulnerability allowing ordinary programs to read kernel memory, something that the CPU is supposed to protect against. It's Intel's fault, not OS developers'.
That is a bit too generalized, and sounds like there is a bug in the CPU in the protection, and programs can actually read kernel memory via the CPU.
That is not correct.
What happens is that because we know that Intel CPUs perform speculative execution in a way that caches data before the access to that data is determined, a side-channel opens up: We can time access to a certain memory location, to see if it was cached or not.
With carefully crafted code, you can time access to pieces of memory, so that you can see whether it was cached or not.
You can't actually access the data, but the timing will tell you whether it was cached or not.
You can take this further by doing bitwise comparisons...if (x & 1)
a();
else
b();
By timing this, you can infer individual bits in the variable, reconstructing the entire data.
The original paper claims they can read memory at about 503 KB/s: https://meltdownattack.com/meltdown.pdfSo it's not really the protection failing. It's a side-channel, which is also why it exists on so many CPUs, also ARM and POWER for example. Not because they all happen to have the exact same 'bug', but because they all have similar performance optimizations deep inside the core, and someone figured out that you can use this as a side-channel. Intel and other vendors can however modify future CPUs to remove the side-channel.
Pretty fascinating.
There are patches to other windows versions too and not just windows 10. I still use windows 7 in my main pc and I downloaded KB4056894 security patch that is suppose to do similar fixes to windows 7. It might mess up your antivirus software if your antivirus software hasn't been patched to be compatible with it.
wrote:The facts are: […]
The facts are:
- Meltdown is a vulnerability allowing ordinary programs to read kernel memory, something that the CPU is supposed to protect against. It's Intel's fault, not OS developers'.
- Intel released a list that basically says "everything since the first i3/5/7 is affected". The list does not include Core 2 and earlier processors. This may mean that they are not affected or that Intel just didn't bother to include older chips on their list.
- AMD is convinced their CPUs are not affected.
- There are already security patches for Windows 10 and Linux.
- At least on Linux, this patch has a significant performance cost. On Core 2 and earlier chips that penalty is even higher (because of lack of PCID support). This should be true for Windows too, theoretically.
- As of today, the Linux patch (with its performance cost) enables itself automatically on all non-AMD x86/x64 CPUs. It can be force disabled.I don't know if the Windows patch checks the CPU for vulnerability or is just permanently enabled.
I wouldn't worry about the vulnerability itself. It is already fixed, and sooner or later the fixes will become non-optional in their respective OSes.
For old OSes - who cares.I worry about sudden slowdown of most of PCs in existence, especially older ones, some of which perhaps unnecessarily.
wrote:Passwords are one thing I might be worried about. There are people who actually pay decent amount for password lists that have been created using malware infected home pcs. If they get access to your e-mail account, they pretty much get access to all the accounts that you used the e-mail account with.
Well it is 2018, everyone should be using two factor authentication on relevant services, my relevant email accounts, my bank account and my steam account uses 2 factor authentication, nowadays most of the time getting just the password isn't a big deal.
wrote:By timing this, you can infer individual bits in the variable, reconstructing the entire data.
The original paper claims they can read memory at about 503 KB/s: https://meltdownattack.com/meltdown.pdfSo it's not really the protection failing. It's a side-channel, which is also why it exists on so many CPUs, also ARM and POWER for example. Not because they all happen to have the exact same 'bug', but because they all have similar performance optimizations
Quoting for good high level
wrote:in the history of the universe
That huge!? I expect royalties from the book and film deals to ensue.
wrote:Time to put 486's into production again, I am sure die shrinks and such can up the speed on those quite a lot 😁 and new 486 mobs! woooo
Intel's Quark SoC is based on the 486 with some additions from Pentium, but no branch prediction, superscalar execution etc.
Should be safe from these bugs.
wrote:A Powershell script is available that can help to determine what CPUs are affected according to MS. http://mikefrobbins.com/2018 […]
A Powershell script is available that can help to determine what CPUs are affected according to MS.
http://mikefrobbins.com/2018/01/04/using-powe … 7-5715-spectre/The most relevant line considering the meltdown vulnerability is:
Hardware requires kernel VA shadowing: xxx
Has anyone tried this on a Core 2 or earlier PC?
No wonder my Packard Bell Pack-Mate 28 Plus is faster than my laptops that have the Pentium 4 or higher.
Discord: https://discord.gg/U5dJw7x
Systems from the Compaq Portable 1 to Ryzen 9 5950X
Twitch: https://twitch.tv/retropcuser
The script itself requires PowerShell 3.0, which means Windows 7 or higher is required to run it.
I've just tested two semi-old PCs (will add more if I have opportunity):
Hardware requires kernel VA shadowing:
— Atom N570, 1.66 GHz: False
— Pentium Dual-Core T4200, 2.0 GHz: True
I just ran the script on my unpatched Win7 Pro machine with a Phenom II X2 560 BE.
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is enabled: False
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False
Suggested actions
* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
* Install the latest available updates for Windows with support for speculation control mitigations.
BTIHardwarePresent : False
BTIWindowsSupportPresent : False
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : False
KVAShadowWindowsSupportPresent : False
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
I was curious about reports that Core 2 Duos are safe to use, so I threw Win10 on a PC with an E8600 just to see what came up. Here's what I got:
Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is enabled: False
Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: False
Windows OS support for kernel VA shadow is enabled: False
Suggested actions
* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.
* Install the latest available updates for Windows with support for speculation control mitigations.
* Follow the guidance for enabling Windows Client support for speculation control mitigations described in https://support.microsoft.com/help/4073119
BTIHardwarePresent : False
BTIWindowsSupportPresent : False
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : False
KVAShadowWindowsSupportEnabled : False
KVAShadowPcidEnabled : False
Based on that, it looks like Core 2 CPUs are not safe to use unpatched.