SoylentNews is people
SoylentNews
from the hackers-may-violate-your-ring dept.
Intel has backtracked on the license for its latest microcode update that mitigates security vulnerabilities in its processors – after the previous wording outlawed public benchmarking of the chips.
With the Linux 4.19 kernel that just kicked off development this month has been continued churn in the Spectre/Meltdown space, just not for x86_64 but also for POWER/s390/ARM where applicable. For getting an overall look at the performance impact of these mitigation techniques I tested three Intel Xeon systems and two AMD EPYC systems as well as a virtual machine on each side for seeing how the default Linux 4.19 kernel performance -- with relevant mitigations applied -- to that of an unmitigated kernel.
At the BlackHat conference last month, Christopher Domas demonstrated an attack against an x86 CPU using MSR's and an embedded RISC core to bypass ring protections. The full presentation "GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs" is viewable on YouTube. Is it time for CPU vendors to rethink security?
(Score: 4, Interesting) by jmorris on Monday September 03 2018, @05:17AM (1 child)
These are two entirely different animals. The Spectre related flaws are simply a result of complexity and failure to account for every possible side effect of speculative execution. Most efforts to push Instructions Per Clock severely over 1 along with aggressive caching is likely to run into some of these problems. Virtualization means most will be exploitable to cross the barrier to the bare metal and/or into other virtual machines. They will occur over and over, like Flash Player bugs, until we give up on some these ideas. Massively parallel simpler computing cores will be the future and probably spell the end of x86.
The second one is by far the more dangerous. Mr. Domas might say, on advice of counsel, that the feature was installed for customers but since it was never documented it is hard to see who ever used it, at least legit. If somebody at Via hadn't screwed up and filed a patent nobody would have ever known it existed. Every one of those machines would have quietly been recycled with none the wiser. Via is NOT a company with vast resources to waste on designing an entire new never seen before or since processor arch, embedding it into a chip designed with low power as a key selling feature and then forgetting about it. Somebody needs to be demanding some answers, right f*cking now. We need to be told what this damned thing was intended to do, what are the, if any, limits on what it can do and exactly which products have this thing in it. Then we need to look at Intel, AMD and every ARM licensee and ask what deviltry THEY have been jamming into their chips on whose orders.
No more damned secrets. It is time to demand that at least ONE manufacturer of processors and chipsets more complicated than a microcontroller come clean and document -everything- in their products. Although not even microcontrollers are immune to the secret sauce problem these days. If it can't be secured with everyone knowing the inner secrets then it isn't secure. The exact private keys obviously excepted, but it should be possible for researchers and the security conscious to buy unkeyed chips and install their own.
(Score: 2) by pvanhoof on Monday September 03 2018, @03:17PM
Maybe this Deeply Embedded Core is used by other systems too? Then perhaps, using the DEIS that the guy assembled together with fuzzing, we can write a compiler backend for it and then start utilizing it as a nice co processor..