[TPU] CacheOut is the Latest Speculative Execution Attack for Intel Processors - Page 3 - Overclock.net - An Overclocking Community
Forum Jump: 

[TPU] CacheOut is the Latest Speculative Execution Attack for Intel Processors

Reply
 
Thread Tools
post #21 of 41 (permalink) Old 01-30-2020, 12:34 PM
Retired Staff
 
JedixJarf's Avatar
 
Join Date: Dec 2010
Location: Coruscant
Posts: 9,456
Rep: 305 (Unique: 244)
Quote: Originally Posted by skupples View Post
and this is why ~15 months ago we decided that all new hardware would be AMD based. End user, and infrastructure alike.
Did the same, battery life takes a bit of a hit on the laptops but at least I'm not worrying about exploits like this.


JedixJarf is offline  
Sponsored Links
Advertisement
 
post #22 of 41 (permalink) Old 01-31-2020, 01:25 PM
New to Overclock.net
 
Kaltenbrunner's Avatar
 
Join Date: Dec 2011
Posts: 2,408
Rep: 17 (Unique: 16)
I wish I knew how cpu's really really work, sound's interesting

Kaltenbrunner is offline  
post #23 of 41 (permalink) Old 01-31-2020, 01:30 PM
LTSC Consiglieri
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 22,360
Rep: 651 (Unique: 349)
Quote: Originally Posted by JedixJarf View Post
Did the same, battery life takes a bit of a hit on the laptops but at least I'm not worrying about exploits like this.
for sure. I still use my i3 HP360, but that's because we haven't phased out intel on that tier yet.

it was the only way to effect change, since our infrastructure department can't keep PCs up to date, and we're not allowed to save their asses. (IE: I can't spin up a SUS server, even though I'm capable, n have the accesses)

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
Best R0ach Quote of all time : TLDR: Haswell might be the last legit gaming platform unless mice get their own non-USB interface on some newer architecture.
skupples is offline  
Sponsored Links
Advertisement
 
post #24 of 41 (permalink) Old 01-31-2020, 11:47 PM
New to Overclock.net
 
umeng2002's Avatar
 
Join Date: Jul 2010
Location: Florida
Posts: 3,259
Rep: 175 (Unique: 111)
I have a feeling all these exploits are being "found" since the wrong governments found out about them... ie. non-five eyes governments.

Christ, imagine being an admin with nothing but Intel CPUs, Cisco routers, connected to the web thru AT&T...

Notice how governments only really care about stopping device encryption/ end to end encryption... because they can already spy on everything in between.

It wouldn't surprise me one bit if the NSA paid Intel CPU designers to weaken their chips or entered into a secret agreement with Intel itself to "not fix" security issues found early in the design phase.

The legal ramifications of the NSA paying Intel designers to weaken chips without Intel officially knowing would be a huge legal issue for the NSA, imho. But what are you going to do? They are above the law. Congress is spineless to adequately oversee intelligence agencies, and if you go against them... you'll be branded a terrorist-pedo... or suddenly develop a heart problem... or get involved in a "random" mugging that goes bad.

CPU
AMD Ryzen 2700X
Motherboard
Asus Prime X470-Pro
GPU
EVGA GeForce RTX 2070 XC Ultra
RAM
TeamGroup T-Force 16 GB (2x8) Pro Dark (B-die TDPGD416G3200HC14ADC01)
Hard Drive
ADATA XPG SX8200 Pro 512GB NVMe
Power Supply
Seasonic Focus Plus Platinum SSR-750PX
Cooling
Corsair H80i (not V2 or GT)
Monitor
LG 34UC80-B
Keyboard
Logitech G413
Mouse
Logitech G503 RGB
Audio
Creative SoundBlaster Z (OEM)
▲ hide details ▲

Last edited by umeng2002; 01-31-2020 at 11:55 PM.
umeng2002 is offline  
post #25 of 41 (permalink) Old 02-01-2020, 03:15 AM
Iconoclast
 
Blameless's Avatar
 
Join Date: Feb 2008
Posts: 30,139
Rep: 3140 (Unique: 1873)
Quote: Originally Posted by JedixJarf View Post
Did the same, battery life takes a bit of a hit on the laptops but at least I'm not worrying about exploits like this.
The Zen 2/4000 series mobile parts are proving to be pretty competitive in this regard and for the first time in a very long time I think my next new laptop will be AMD based.

That said, once AMD's market share really takes off, I expect to see a fair number of exploits being discovered for their parts.

...rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law,' because law is often but the tyrant's will, and always so when it violates the right of an individual. -- Thomas Jefferson
Blameless is offline  
post #26 of 41 (permalink) Old 02-01-2020, 06:04 AM
New to Overclock.net
 
Join Date: Aug 2019
Location: Kentucky
Posts: 301
Rep: 13 (Unique: 12)
Quote: Originally Posted by Blameless View Post
That said, once AMD's market share really takes off, I expect to see a fair number of exploits being discovered for their parts.

That's my prediction too.

Open Air Build
(13 items)
CPU
i9
Motherboard
ASUS ROG Strix Z390-H Gaming
GPU
MSI GEFORCE GTX1080 TI GAMING X 11G
RAM
Corsair Vengeance LPX DDR4 DRAM 3000MHz
Hard Drive
Samsung 970 EVO
Hard Drive
WD Blue
Power Supply
EVGA SuperNOVA
Cooling
All PrimoChill parts (Rad 360, Pumps D5, Fittings, and Acrylic Tubing), Byskey CPU&GPU Blocks
Case
Praxis Wet Bench
Operating System
Windows 10 Pro
Monitor
Asus Predrator
Other
Thermaltake Commander F6 Fan Controller
Other
DIY Sleeved Cables
▲ hide details ▲
smilinjohn is offline  
post #27 of 41 (permalink) Old 02-01-2020, 11:51 AM
New to Overclock.net
 
rdr09's Avatar
 
Join Date: Mar 2011
Location: From the US but lives in Africa
Posts: 19,125
Rep: 874 (Unique: 637)
Quote: Originally Posted by Blameless View Post
The Zen 2/4000 series mobile parts are proving to be pretty competitive in this regard and for the first time in a very long time I think my next new laptop will be AMD based.

That said, once AMD's market share really takes off, I expect to see a fair number of exploits being discovered for their parts.
Based on what i've been reading, these discoveries were not based on how popular the processors are or how much market share the company owns but rather based on their design. The Speculative Execution making the cpus faster at the expense of protection.

[email protected] 6 http://valid.canardpc.com/show_oc.php?id=2211392 4.6 @ 4 http://valid.canardpc.com/show_oc.php?id=2216580
5.0 @ 8 http://valid.canardpc.com/show_oc.php?id=2511322
2nd AMD Build
(10 items)
CPU
2700
Motherboard
X470
GPU
290
RAM
3200 CL14
Hard Drive
1000
Power Supply
700
Case
212
Operating System
10/64
Monitor
40 1080
Keyboard
M100
▲ hide details ▲
rdr09 is offline  
post #28 of 41 (permalink) Old 02-01-2020, 02:04 PM
Iconoclast
 
Blameless's Avatar
 
Join Date: Feb 2008
Posts: 30,139
Rep: 3140 (Unique: 1873)
Quote: Originally Posted by rdr09 View Post
Based on what i've been reading, these discoveries were not based on how popular the processors are or how much market share the company owns but rather based on their design. The Speculative Execution making the cpus faster at the expense of protection.
Speculative execution is omnipresent outside of CPUs for very niche uses and has been since the mid-1990s. AMD hasn't had an x86 CPU without speculative execution since the Am5x86.

It's entirely impractical to build high-performance general purpose CPUs without speculative execution. The last in-order x86 holdout that was at all mainstream was Intel's 'Bonnel' architecture, used in pre-2013 Atoms.

Intel's architectures may or may not have more intrinsic vulnerabilities than AMDs, but their market dominance has certainly prompted more attention when it comes to finding exploits. More general vulnerabilities (Spectre) have applied to nearly every out-of-order architecture to some degree and when AMD's market share is on more even footing, they'll be attracting the same sort of attention, at which point I will not be remotely surprised to see the rate of AMD specific exploits skyrocket.

...rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law,' because law is often but the tyrant's will, and always so when it violates the right of an individual. -- Thomas Jefferson
Blameless is offline  
post #29 of 41 (permalink) Old 02-01-2020, 02:47 PM
New to Overclock.net
 
rdr09's Avatar
 
Join Date: Mar 2011
Location: From the US but lives in Africa
Posts: 19,125
Rep: 874 (Unique: 637)
Quote: Originally Posted by Blameless View Post
Speculative execution is omnipresent outside of CPUs for very niche uses and has been since the mid-1990s. AMD hasn't had an x86 CPU without speculative execution since the Am5x86.

It's entirely impractical to build high-performance general purpose CPUs without speculative execution. The last in-order x86 holdout that was at all mainstream was Intel's 'Bonnel' architecture, used in pre-2013 Atoms.

Intel's architectures may or may not have more intrinsic vulnerabilities than AMDs, but their market dominance has certainly prompted more attention when it comes to finding exploits. More general vulnerabilities (Spectre) have applied to nearly every out-of-order architecture to some degree and when AMD's market share is on more even footing, they'll be attracting the same sort of attention, at which point I will not be remotely surprised to see the rate of AMD specific exploits skyrocket.
All the brands go through the same processes of testings. It is not like they are profiling intel cpus. AMD cpus are vulnerable to about a dozen of these attacks while intel has over 200. It is not the popularity of intel nor its market share - it is its architecture, like you mentioned.

[email protected] 6 http://valid.canardpc.com/show_oc.php?id=2211392 4.6 @ 4 http://valid.canardpc.com/show_oc.php?id=2216580
5.0 @ 8 http://valid.canardpc.com/show_oc.php?id=2511322
2nd AMD Build
(10 items)
CPU
2700
Motherboard
X470
GPU
290
RAM
3200 CL14
Hard Drive
1000
Power Supply
700
Case
212
Operating System
10/64
Monitor
40 1080
Keyboard
M100
▲ hide details ▲
rdr09 is offline  
post #30 of 41 (permalink) Old 02-01-2020, 04:36 PM
Iconoclast
 
Blameless's Avatar
 
Join Date: Feb 2008
Posts: 30,139
Rep: 3140 (Unique: 1873)
The current number of known attacks is not a clear indicator of total vulnerabilities. After all, three years ago there were zero confirmed exploits targeting speculative execution. Intel's architectures have proven more vulnerable, thus far, but to assume something is secure until it's not is totally backwards. At best we can assume that attack variants that a prerequisite on vectors that are categorically absent cannot work, but that doesn't mean other vulnerabilities will not be discovered.

Market share does matter. The more popular something is, the more people are looking at it and the faster flaws will be discovered. 'They', being the sum total of those capable of stumbling upon a vulnerability, is a figure directly related to the number of parts in use and they are, perforce, profiling what is used at the rate it is used. Right now everyone is still running down the low hanging fruit of vulnerabilities related to the same branches of TLB related side-channel vulnerabilities that Intel architectures have proven to be particularly vulnerable to.

...rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law,' because law is often but the tyrant's will, and always so when it violates the right of an individual. -- Thomas Jefferson
Blameless is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off