New 'CacheOut' attack targets Intel processors, with a fix arriving soon
Researchers have discovered and published information on what they're calling CacheOut, a vulnerability in most Intel CPUs that allows an attacker to target more specific data, even stored within Intel's secured SGX enclave.
Intel assigned what's known as the CVE-2020-0549 vulnerability a threat level of "medium," acknowledging the danger of a targeted attack. The company noted that CacheOut has never been used outside of a laboratory environment.
Among the threats CacheOut poses is to cloud providers, and leaking data from hypervisors (virtual machine monitors) and the virtual machines running on them. Because the researchers disclosed the CacheOut vulnerability privately to Intel some time before making it public, those cloud providers have already deployed countermeasures against CacheOut.
Intel said that it plans to release mitigations to address the issue in the near future. These normally are sent to users in the form of BIOS or driver updates.
Virtually all Intel processors are potentially affected by CacheOut, save for processors released after the fourth quarter of 2019. AMD processors are not affected, according to details released on a dedicated CacheOut site. Processors made by IBM and ARM may be affected, but have not been confirmed. The paper, by lead author researcher Stephan van Schaik of the University of Michigan and colleagues, has also been made public.
(Score: 0) by Anonymous Coward on Wednesday January 29 2020, @11:40PM (1 child)
This was definitely on other sites days ago, has it not been published here until now?
Key detail: The fix requires both microcode AND operating system mitigations in place to limit/mitigate its scope, and even then who knows what other ill effects it will have on system operation given what the kludge to 'fix' it involves.
(Score: 1, Touché) by Anonymous Coward on Wednesday January 29 2020, @11:44PM
Nobody cares about Shintel anymore.
(Score: 2, Interesting) by Anonymous Coward on Thursday January 30 2020, @12:37AM
finally the L1 exploits are starting to come out. The linked paper is very clear (if you're into this kinda thing) and sure enough it's straight up cache flush sequencing.
Bonus - they can leak stack canaries!
(Score: 2) by Subsentient on Thursday January 30 2020, @01:17AM (2 children)
If nobody but the 3 letter agencies knows about them, then they aren't really that much of a threat, and performance of Intel chips can continue blissfully unaware while Intel quietly patches the hole in new silicon. As it stands, Intel chips are literally getting slower as a result of these mitigations. I prefer AMD, but I'm typing this on a $120 Celeron laptop running Fedora. This thing has enough trouble keeping up, it doesn't need several more "1-3% performance hit" patches.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 0) by Anonymous Coward on Thursday January 30 2020, @10:02AM
You can search Soylent. A couple of us specifically mentioned this domain (cache flushing bugs relying on sequencing or timing) when the earlier speculation bugs came out. It's been a known fertile area the whole time, just nobody had monetized it in the wild.
If Soylentils knew you can be sure others have also stumbled upon, fuzzed, or analyzed for similar.
(Score: 2) by Unixnut on Friday January 31 2020, @08:09PM
You can turn off the mitigations. They are not hard coded in, they are just enabled by default as its better to default to safety and let people who want performance over safety specify so.
I disabled them on some machines which are performance orientated and single user on Linux with "pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier" on the kernel command line. A quick online search should tell you all you need to know for whatever OS you use.
(Score: -1, Flamebait) by Anonymous Coward on Thursday January 30 2020, @01:21AM (3 children)
Intel has been disproportionately affected by vulnerabilities like CacheOut and Meltdown. Although chips from other manufacturers do have some vulnerability to variants of Spectre, this is mostly an Intel problem. This raises the high probability that these flaws aren't accidental, but are from espionage targeting the world's largest chip maker. Speculative execution is deeply flawed, but Intel's implementation is especially vulnerable. We need to consider the possibility that these vulnerabilities were intentionally introduced over the years.
With that in mind, we need to consider who would actually want to target Intel and who could be capable of such an attack. This is far more sophisticated than the NSA's method of maintaining a cache of vulnerabilities that can be exploited. That requires technical skill, but this attack is still at a higher level. Not only does the attacker need to possess significant expertise, but they also need the willingness to play the long game. These vulnerabilities have clearly been introduced over the course of decades, dating back at least to the 1990s.
Intel is an American company, providing vast amounts of chips to virtually all western countries. We must consider who would want to target an American company and embed vulnerabilities deep throughout the western world. That alone can allow us to be confident that this is the work of darkies, who are notorious for their extreme hatred of America and their constant efforts to undermine our civilized society since it was formed. However, we need to be more specific and identify which types of darkies were likely responsible for this. I think that we can all agree to assign blame to the kikes running Intel for being cheap and eschewing proper quality control to remove flaws like these before shipping their processors. However, we also need to determine which group of darkies actually introduced these vulnerabilities into Intel's processor designs.
1) Niggers: Like other speculative execution vulnerabilities, CacheOut allows for data to be stolen. This broadly fits with the modus operandi of niggers. However, the intelligence required to carry out such an attack is far beyond the capability of any nigger that has ever lived.
2) Wetbacks: We can generally rule out wetbacks, partly because they are less interested in theft, except when it involves wetback scabs stealing American jobs. However, wetbacks generally prefer smuggling or selling drugs. This also requires significant effort to embed the flaws in Intel's designs, whereas wetbacks are known to be lazy. While wetbacks are generally more intelligent than niggers, this remains beyond their intellectual capacity.
3) Gooks: The overall lack of intelligence, though being slightly above that of wetbacks, means that gooks are unlikely to be responsible for sneaking these flaws into American-made hardware.
4) Sand niggers and other ragheads: We can conclude that sand niggers are more likely candidates than either gooks, niggers, or wetbacks. Sand niggers possess a greater degree of intelligence, though they are stupid enough to worship an evil deity. Sand niggers are known to play the long game, which is evident by their willingness to embed terror cells in western countries that remain dormant for long periods of time. However, the objective of sand niggers is typically to kill as many westerners as possible instead of just stealing their data. Similarly, the ragheads in countries like Iran are mostly interested in offensive capabilities to carry out cyberattacks. This could be useful for stealing passwords that could be used for obtaining unauthorized access to systems. Overall, it seems relatively improbable that sand niggers and ragheads would be behind these vulnerabilities.
5) Pakis: The probability of pakis being responsible is similar to that of sand niggers and ragheads. They worship Allah, an evil deity, and are driven by many of the same motivations. It is possible that these exploits could be used to steal passwords and nuclear launch codes from the curry niggers in India. However, Intel's dominance is more prominent in the western world, so this may be of limited value in espionage against curry niggers. It is unlikely that pakis are responsible.
6) Curry niggers: The infiltration of American companies by H-1B curry niggers certainly affords them great opportunity to stealthily embed vulnerabilities in virtually any American-made technology, whether software or hardware. However, curry niggers are generally incompetent in their technical ability. The kikes running virtually all American companies certainly get what they pay for when importing curry niggers to fill jobs. Curry niggers generally lack the technical skills needed for introducing these flaws.
7) Japs: It is significantly more likely that Japs would be responsible for the flaws in Intel's processors. Unlike most of the aforementioned darkies, they possess both the technical knowledge and the willingness to conduct such attacks. Because of their horrendously stagnant economy, Japs would benefit from attacking American corporations and driving customers to Jap alternatives. This is plausible, though a bit outside the typical Jap economic warfare waged against western nations.
8) Kikes: The motivation for kikes is quite a bit different because they are generally not interested in carrying out high profile attacks like most darkies are. They also generally lack the technical knowledge that Japs do. However, it fits the profile of kikes that they would like to embed vulnerabilities that allow them to steal data from unsuspecting businesses. Their motivation appears stronger than that of the Japs. The kike control of nearly all American corporations gives them more than enough access to insert these design flaws.
9) Chinks: Here is the most likely culprit. Chinks have infiltrated the technical side of American companies in much the same way that kikes dominate American boardrooms. Chinks are notorious for espionage and clearly possess the intellect to embed vulnerabilities in both hardware and software. Conducting espionage like this to collect secrets that can be exploited far larger scale attacks absolutely fits the profile of typical chink behavior. The stealthiness and patience to play the long game are consistent with what can be expected from chinks. Of all the common varieties of darkies, chinks are most likely to be responsible for directly embedding these vulnerabilities in Intel's processor designs.
These conclusions are based on demonstrable facts. It is well known that darkies are constantly attacking America using the varied methods described above. After enduring constant attacks from darkies for centuries, it is not racist at all for Americans to hate darkies. Niggers, kikes, wetbacks, towelheads, pakis, japs, chinks, gooks, dune coons, curry niggers, and all other darkies have an extreme hatred of the United States and all Americans. It is only because darkies hate us and are constantly attacking us that I hate them. My hate is strong and I'm damned proud of it. In fact, my hate is getting stronger as I talk to you people. However, I'm not racist, and there's nothing racist about my comment.
Every single one of my assertions is based on irrefutable facts. Because the left is absolutely incapable of rebutting or raising even a remotely plausible objection against what I've said, they will turn to ad hominem attacks and label me a racist. Fortunately, the truth is on my side. I've carefully laid out my case in the above comment. You can be quite confident that the left will respond by censoring my comment to -1 and posting one or two line personal attacks. The truth is on my side. Kikes in Intel's boardroom looked the other way while chinks carefully embedded flaws deep within Intel's processors.
(Score: 4, Interesting) by HiThere on Thursday January 30 2020, @01:27AM
You left out "Intel sabotaging their customers to look faster and gain market share".
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 0) by Anonymous Coward on Thursday January 30 2020, @01:34AM (1 child)
Do you practise daily to be that stupid or does it come naturally to you?
(Score: 2) by sjames on Thursday January 30 2020, @05:24AM
Looks like Tay had another cache corruption.