[TPU] CacheOut is the Latest Speculative Execution Attack for Intel Processors - Page 2 - Overclock.net - An Overclocking Community
Forum Jump: 

[TPU] CacheOut is the Latest Speculative Execution Attack for Intel Processors

Reply
 
Thread Tools
post #11 of 41 (permalink) Old 01-29-2020, 09:25 AM
New to Overclock.net
 
EniGma1987's Avatar
 
Join Date: Sep 2011
Posts: 6,415
Rep: 342 (Unique: 252)
Quote: Originally Posted by Blameless View Post
They can't fix what they don't know about and they can't know about most of these vulnerabilities until they are discovered in the wild, long after products with them have entered service.

All they can do is try to foresee issues as best they can and patch vulnerabilities that are found as quickly as practical. As bad patches can be worse than no patches, sometimes disabling features is the only practical workaround for vulnerable parts.
The problem seems to be that when these are discovered, Intel refuses to do anything about them at all until people have created exploits that make use of a disclosed vulnerability.
Their internal team also does not seem to be actively investigating any vulnerabilities to foresee anything
Also they have put out quite a few bad patches on these bugs in the past 3 years. They straight rolled back one patch, and they released hotfixes for patches a couple of times and are on the 3rd patch for a Zombieload fix.

EniGma1987 is offline  
Sponsored Links
Advertisement
 
post #12 of 41 (permalink) Old 01-29-2020, 09:36 AM
New to Overclock.net
 
Liranan's Avatar
 
Join Date: Nov 2010
Location: Soviet China... Oh wait..
Posts: 8,770
Rep: 616 (Unique: 300)
Quote: Originally Posted by EniGma1987 View Post
The problem seems to be that when these are discovered, Intel refuses to do anything about them at all until people have created exploits that make use of a disclosed vulnerability.
Their internal team also does not seem to be actively investigating any vulnerabilities to foresee anything
Also they have put out quite a few bad patches on these bugs in the past 3 years. They straight rolled back one patch, and they released hotfixes for patches a couple of times and are on the 3rd patch for a Zombieload fix.
The NSA intercepted/intercets Cisco routers/switches and installs spyware on them. Intel are doing exactly what their masters have ordered them to do.

Quote:
Quote:
Originally Posted by faraz1729 go_quote.gif
Haha, Liranan, you creep.

Tacitus - The more corrupt the state, the more numerous the laws

Only when the last tree has died and the last river been poisoned and the last fish been caught will we realise we cannot eat money. - Cree Indian Proverb
Liranan is offline  
post #13 of 41 (permalink) Old 01-29-2020, 03:29 PM
New to Overclock.net
 
Nightingale's Avatar
 
Join Date: Jan 2010
Posts: 825
Rep: 38 (Unique: 31)
Quote: Originally Posted by Liranan View Post
The NSA intercepted/intercets Cisco routers/switches and installs spyware on them. Intel are doing exactly what their masters have ordered them to do.
While I agree 100% with you, you won't convince many. Common sense says that CIA and NSA have worked deals out with the tech companies to install backdoors for national defense(cover really for spying and having total control over the information highway) since the mid 90's

Nightingale is offline  
Sponsored Links
Advertisement
 
post #14 of 41 (permalink) Old 01-29-2020, 05:23 PM
New to Overclock.net
 
Join Date: Aug 2019
Location: Kentucky
Posts: 301
Rep: 13 (Unique: 12)
Quote: Originally Posted by Liranan View Post
The NSA intercepted/intercets Cisco routers/switches and installs spyware on them. Intel are doing exactly what their masters have ordered them to do.

So what just Cisco and Intel right, I save from Big Brother spying if I use AMD and TP Link


They ALL kowtow to the government overlords

Open Air Build
(13 items)
CPU
i9
Motherboard
ASUS ROG Strix Z390-H Gaming
GPU
MSI GEFORCE GTX1080 TI GAMING X 11G
RAM
Corsair Vengeance LPX DDR4 DRAM 3000MHz
Hard Drive
Samsung 970 EVO
Hard Drive
WD Blue
Power Supply
EVGA SuperNOVA
Cooling
All PrimoChill parts (Rad 360, Pumps D5, Fittings, and Acrylic Tubing), Byskey CPU&GPU Blocks
Case
Praxis Wet Bench
Operating System
Windows 10 Pro
Monitor
Asus Predrator
Other
Thermaltake Commander F6 Fan Controller
Other
DIY Sleeved Cables
▲ hide details ▲
smilinjohn is offline  
post #15 of 41 (permalink) Old 01-29-2020, 07:05 PM
High Clocker
 
bmgjet's Avatar
 
Join Date: Nov 2011
Posts: 3,203
Rep: 189 (Unique: 163)
Quote: Originally Posted by smilinjohn View Post
So what just Cisco and Intel right, I save from Big Brother spying if I use AMD and TP Link


They ALL kowtow to the government overlords
No you can just pick which big brother you want.
USA, China, Ect


SLI Voodoo 2 - > GeForce4 MX 420 -> GF 6600GT -> GF 6800GT -> GF 8800Ultra -> AMD 4870 -> AMD 4890 -> CF AMD 5820 -> CF AMD 6850 -> CF AMD 7970 -> SLI GF 680 -> SLI GF 780 -> CF AMD 290X -> GF 980ti -> SLI GF 980ti -> GF 1080ti -> SLI GF 1080ti -> <- RTX 2080ti (DOA/Refunded)
CPU
AMD 8120
CPU
FX 8350
GPU
7970 CFX
GPU
680 SLI
▲ hide details ▲


bmgjet is offline  
post #16 of 41 (permalink) Old 01-29-2020, 08:32 PM
LTSC Consiglieri
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 22,360
Rep: 651 (Unique: 349)
isn't it often times even lower level than that? Cisco is just saving them some time by leaving them a key to a door.

didn't the yahoo lady essentially claim they threatened to charge her with treason if she didn't allow them backdoor access?

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
Best R0ach Quote of all time : TLDR: Haswell might be the last legit gaming platform unless mice get their own non-USB interface on some newer architecture.
skupples is offline  
post #17 of 41 (permalink) Old 01-30-2020, 03:06 AM
Fantastic Mr Fox
 
randomizer's Avatar
 
Join Date: Apr 2009
Posts: 5,829
Rep: 175 (Unique: 120)
My CPU is too old to be vulnerable. For once it pays to not keep up to date!

CPU
i7 920 D0
Motherboard
MSI X58 Pro-E
GPU
Gigabyte GTX 970 (GV-N970IX-4GD)
RAM
3x2GB G.Skill DDR3-1333 9-9-9-24
Hard Drive
840 Pro
Hard Drive
Caviar Black
Optical Drive
LG BD-ROM
Power Supply
Corsair HX-520
Case
CM690
Operating System
Windows 8.1 Pro x64
Monitor
Dell U2713HM
Monitor
Dell U2311H
Keyboard
Turbo-Trak (Google it :D)
Mouse
Mionix Avior 7000
Mouse
Everglide Titan
Audio
AKG K 242 HD
▲ hide details ▲
randomizer is offline  
post #18 of 41 (permalink) Old 01-30-2020, 03:14 AM
New to Overclock.net
 
rdr09's Avatar
 
Join Date: Mar 2011
Location: From the US but lives in Africa
Posts: 19,125
Rep: 874 (Unique: 637)
Quote: Originally Posted by randomizer View Post
My CPU is too old to be vulnerable. For once it pays to not keep up to date!
If only you can avoid all them. The patches seem to be worst than the vulnerabilities.

[email protected] 6 http://valid.canardpc.com/show_oc.php?id=2211392 4.6 @ 4 http://valid.canardpc.com/show_oc.php?id=2216580
5.0 @ 8 http://valid.canardpc.com/show_oc.php?id=2511322
2nd AMD Build
(10 items)
CPU
2700
Motherboard
X470
GPU
290
RAM
3200 CL14
Hard Drive
1000
Power Supply
700
Case
212
Operating System
10/64
Monitor
40 1080
Keyboard
M100
▲ hide details ▲
rdr09 is offline  
post #19 of 41 (permalink) Old 01-30-2020, 03:22 AM
Fantastic Mr Fox
 
randomizer's Avatar
 
Join Date: Apr 2009
Posts: 5,829
Rep: 175 (Unique: 120)
Quote: Originally Posted by rdr09 View Post
If only you can avoid all them. The patches seem to be worst than the vulnerabilities.
Fortunately (?) the only patches I can get are for Meltdown.

CPU
i7 920 D0
Motherboard
MSI X58 Pro-E
GPU
Gigabyte GTX 970 (GV-N970IX-4GD)
RAM
3x2GB G.Skill DDR3-1333 9-9-9-24
Hard Drive
840 Pro
Hard Drive
Caviar Black
Optical Drive
LG BD-ROM
Power Supply
Corsair HX-520
Case
CM690
Operating System
Windows 8.1 Pro x64
Monitor
Dell U2713HM
Monitor
Dell U2311H
Keyboard
Turbo-Trak (Google it :D)
Mouse
Mionix Avior 7000
Mouse
Everglide Titan
Audio
AKG K 242 HD
▲ hide details ▲
randomizer is offline  
post #20 of 41 (permalink) Old 01-30-2020, 10:46 AM
Iconoclast
 
Blameless's Avatar
 
Join Date: Feb 2008
Posts: 30,139
Rep: 3140 (Unique: 1873)
Quote: Originally Posted by EniGma1987 View Post
The problem seems to be that when these are discovered, Intel refuses to do anything about them at all until people have created exploits that make use of a disclosed vulnerability.
Their internal team also does not seem to be actively investigating any vulnerabilities to foresee anything
Misjudging the severity of a vulnerability (as with some of the MDS related exploits) and opting for softer mitigations, until the true severity of the issue becomes apparent, is not the same as refusing to do anything.

I'm also quite sure that Intel is actively searching for and mitigating vulnerabilities internally, but it should be no surprise that independent researchers and security firms find some that Intel misses, or publicly documents some than Intel would not want to reveal until they have a patch ready.

They could certainly be doing more and doing it faster, but it's not in their best interests to ignore problems and, in general, they aren't.

Quote: Originally Posted by EniGma1987 View Post
Also they have put out quite a few bad patches on these bugs in the past 3 years. They straight rolled back one patch, and they released hotfixes for patches a couple of times and are on the 3rd patch for a Zombieload fix.
Yes.

Quote: Originally Posted by rdr09 View Post
The patches seem to be worst than the vulnerabilities.
Depends on what you're doing.

I have fully patched Haswell and Broadwell systems, some of which are running OSes that can't take advantage of retpoline. I haven't noticed any real world performance degradation, though I can certainly bench the difference in some tasks.

One exception is my Ivy Bridge ThinkPad, which just lost almost half it's IGP performance to the mitigation patch for CVE-2019-14615.

...rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law,' because law is often but the tyrant's will, and always so when it violates the right of an individual. -- Thomas Jefferson
Blameless is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off