Jump to content
To encourage social distancing, you must leave two blank lines at the start and end of every post, and before and after every quote. Failure to comply may result in non-essential parts of the forum closing. Click for more details. ×
Search In
  • More options...
Find results that contain...
Find results in...
Flying Sausages

New 'CacheOut' attack targets Intel processors, with a fix arriving soon

Recommended Posts

Posted · Original PosterOP

https://www.pcworld.com/article/3516302/new-cacheout-attack-targets-intel-processors-with-a-fix-arriving-soon.html

Quote

Researchers have discovered and published information on what they’re calling CacheOut, a vulnerability in most Intel CPUs that allows an attacker to target more specific data, even stored within Intel’s secured SGX enclave.

Intel assigned what’s known as the CVE-2020-0549 vulnerability a threat level of “medium,” acknowledging the danger of a targeted attack. The company noted that CacheOut has never been used outside of a laboratory environment

Quote

Among the threats CacheOut poses is to cloud providers, and leaking data from hypervisors (virtual machine monitors) and the virtual machines running on them. Because the researchers disclosed the CacheOut vulnerability privately to Intel some time before making it public, those cloud providers have already deployed countermeasures against CacheOut

Quote

all Intel processors are potentially affected by CacheOut, save for processors released after the fourth quarter of 2019. AMD processors are not affected, according to details released on a dedicated CacheOut site

Another Intel vulnerability in the 1st month of 2020. Glad AMD is not affect by this. I keep seeing more Intel vulnerabilities than AMD. Are there any security experts work with Intel to produce secured processor? 

Link to post
Share on other sites

I have a very serious question: how the fuck does this keep happening to Intel and not AMD? As if their luck couldn't get any worse - what with AMD actually pumping out hella good CPU's. Hopefully next gen Intel will solve at least most of these.

Link to post
Share on other sites
2 hours ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD 

I'm curious to see how many security firms are looking into both companies products. It could be as simple as ryzeb being fairly new any therefore less people looking for vulnerabilities or they just haven't found them yet. 

Link to post
Share on other sites
Posted · Original PosterOP
4 minutes ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD? As if their luck couldn't get any worse - what with AMD actually pumping out hella good CPU's. Hopefully next gen Intel will solve at least most of these.

Maybe AMD secretly pay these security firms to make Intel bad in security? ?

Link to post
Share on other sites
1 minute ago, Arika S said:

I'm curious to see how many security firms are looking into both companies products. It could be as simple as ryzeb being fairly new any therefore less people looking for vulnerabilities or they just haven't found them yet. 

^^^ Intel's current arch can be traced back a really long ways, even before the OG 14nm (Broadwell). It's been a evolution and refinement over years, I don't think there's been massive arch changes for a good while. Whereas Zen is a much newer platform, less time for issues to come to light. You do notice that all these vulnerabilities came to light in the past couple years, they weren't even known about for the majority of the time affected CPUs have been out. Will be interesting to see if any issues come with Zen and it's evolutions in 5 years or so. 

 

Just now, Flying Sausages said:

Maybe AMD secretly pay these security firms to make Intel bad in security? ?

Press X to doubt. 


X58-X79-X99-X299 lads: Intel HEDT Xeon/i7 Megathread - Murica (But International) Parrot Gang

 

Big Rig (Done) - (Main Rig) - i7 5960X @ 4.7Ghz/3.7Ghz core/uncore - Custom Loop: 2x 360GTS with EK-ZMT/Stubbies and EK D5 pump/res combo - EVGA X99 Classified - 32GB (4x8GB) HyperX Predator DDR4 @ 3200MHz CL16 XMP - AMD Radeon VII (best TimeSpy so far: here) - 1TB 970 Evo - Corsair RM1000i - Phanteks Enthoo Evolv ATX TG - 6x iPPC NF-F12 2000 

X79 Rig (Done) - (Alt Rig 1)- i7 4930K @ 4.5GHz - EVGA CLC 280 w/NF-P14s fans - EVGA X79 Dark - 16GBGB (4x4GB) Corsair Vengeance DDR3 @ 1600Mhz CL9 XMP - EVGA GTX 1660 Ti XC Ultra - MX500 1TB - 2x Seagate Barracuda Compute 2TB - EVGA 1000W G3 w/CableMod PRO Carbon cables - Phanteks P400 (White) - NF-P12

 

X58 Rig (Done) - (Alt Rig 2) - Xeon X5675 @ 4.4/3.7 core/uncore- NH-D15S - EVGA X58 Classified SLI 4-Way - 24GB (3x8GB) HyperX Savage Red DDR3 @ 1750Mhz CL9-10-10-27 - 2x EVGA Classified 780s - 120GB HyperX SSD - EVGA 1600W T2 - Corsair 750D - 5x iPPC NF-A14 3000 PWM

 

2019 13" rMBP (i5/8GB/256GB) {work} - 2012 13" MBP (i5/16GB/525GB) {mine} - iPhone 11 Pro Max + Apple Watch S3 42mm - iPod Classic 6G 80GB running Rockbox + iPod Classic 5.5G Enhanced 30GB also on Rockbox - iPhone X - iPhone 4S on iOS 6.1.3

 

whip and nae nae

Link to post
Share on other sites
4 minutes ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD? As if their luck couldn't get any worse - what with AMD actually pumping out hella good CPU's. Hopefully next gen Intel will solve at least most of these.

All theory, i know very little about how CPU's are designed at this level:

 

I would imagine that its because these researchers have been having so much time researching the manufacturing process, which architecturally hasn't changed much since 2013. Meanwhile, AMD has continued to change its process with every generation (save for FX 9000 series, but we dont discuss that).


Brands I wholeheartedly reccomend (though do have flawed products): Apple, Razer, Corsair, Asus, Gigabyte, bequiet!, Noctua, CoolerMaster, GSkill (RAM only)

Wall Of Fame (Informative people/People I like): @Glenwing @DrMacintosh @Schnoz @TempestCatto @LogicalDrm @Dan Castellaneta

Useful threads: 

How To Make Your Own Cloud Storage

Spoiler

 

Guide to Display Cables/Adapters

Spoiler

 

PSU Tier List (Latest)-

Spoiler

 

 

Main PC: See spoiler tag

Laptop: Thinkpad T430. Specs to come, too lazy atm

Spoiler

CPU: Intel Core i5-8600K 3.6 GHz 6-Core OEM/Tray Processor  (Purchased For $200.00) 
CPU Cooler: Corsair H50 57 CFM Liquid CPU Cooler  (Purchased For $0.00) 
Motherboard: MSI Z370M GAMING PRO AC Micro ATX LGA1151 Motherboard  (Purchased For $120.00) 
Memory: G.Skill Trident Z RGB 32 GB (2 x 16 GB) DDR4-3000 Memory  (Purchased For $130.00) 
Storage: Kingston Predator 240 GB M.2-2280 NVME Solid State Drive  (Purchased For $40.00) 
Storage: Crucial MX300 1.05 TB 2.5" Solid State Drive  (Purchased For $100.00) 
Storage: Western Digital Red 8 TB 3.5" 5400RPM Internal Hard Drive  (Purchased For $180.00) 
Video Card: Gigabyte GeForce RTX 2070 8 GB WINDFORCE Video Card  (Purchased For $370.00) 
Power Supply: Corsair RMi 1000 W 80+ Gold Certified Fully Modular ATX Power Supply  (Purchased For $120.00) 
Optical Drive: Asus BW-12B1ST/BLK/G/AS Blu-Ray/DVD/CD Writer  (Purchased For $75.00) 
Monitor: Dell U2417H 24.0" 1920x1080 60 Hz Monitor  (Purchased For $0.00) 
Monitor: LG 34UM69G-B 34.0" 2560x1080 75 Hz Monitor  (Purchased For $0.00) 
Custom: Cooler Master Stacker 830 Evolution Nvidia Edition  (Purchased For $60.00)
Total: $1395.00

身のなわたしはる果てぞ  悲しわたしはかりけるわたしは

Link to post
Share on other sites
3 minutes ago, SenKa said:

Meanwhile, AMD has continued to change its process with every generation

Which doesn't necessarily mean that its more secure, just means the same vulnerability most likely won't carry between generations, each generation could come with its own set of vulnerabilities

Link to post
Share on other sites
5 minutes ago, Arika S said:

Which doesn't necessarily mean that its more secure, just means the same vulnerability most likely won't carry between generations, each generation could come with its own set of vulnerabilities

Of course, yeah, but most of these intel vulnerabilities are coming out recently as Intel's 14nm architecture ages.


Brands I wholeheartedly reccomend (though do have flawed products): Apple, Razer, Corsair, Asus, Gigabyte, bequiet!, Noctua, CoolerMaster, GSkill (RAM only)

Wall Of Fame (Informative people/People I like): @Glenwing @DrMacintosh @Schnoz @TempestCatto @LogicalDrm @Dan Castellaneta

Useful threads: 

How To Make Your Own Cloud Storage

Spoiler

 

Guide to Display Cables/Adapters

Spoiler

 

PSU Tier List (Latest)-

Spoiler

 

 

Main PC: See spoiler tag

Laptop: Thinkpad T430. Specs to come, too lazy atm

Spoiler

CPU: Intel Core i5-8600K 3.6 GHz 6-Core OEM/Tray Processor  (Purchased For $200.00) 
CPU Cooler: Corsair H50 57 CFM Liquid CPU Cooler  (Purchased For $0.00) 
Motherboard: MSI Z370M GAMING PRO AC Micro ATX LGA1151 Motherboard  (Purchased For $120.00) 
Memory: G.Skill Trident Z RGB 32 GB (2 x 16 GB) DDR4-3000 Memory  (Purchased For $130.00) 
Storage: Kingston Predator 240 GB M.2-2280 NVME Solid State Drive  (Purchased For $40.00) 
Storage: Crucial MX300 1.05 TB 2.5" Solid State Drive  (Purchased For $100.00) 
Storage: Western Digital Red 8 TB 3.5" 5400RPM Internal Hard Drive  (Purchased For $180.00) 
Video Card: Gigabyte GeForce RTX 2070 8 GB WINDFORCE Video Card  (Purchased For $370.00) 
Power Supply: Corsair RMi 1000 W 80+ Gold Certified Fully Modular ATX Power Supply  (Purchased For $120.00) 
Optical Drive: Asus BW-12B1ST/BLK/G/AS Blu-Ray/DVD/CD Writer  (Purchased For $75.00) 
Monitor: Dell U2417H 24.0" 1920x1080 60 Hz Monitor  (Purchased For $0.00) 
Monitor: LG 34UM69G-B 34.0" 2560x1080 75 Hz Monitor  (Purchased For $0.00) 
Custom: Cooler Master Stacker 830 Evolution Nvidia Edition  (Purchased For $60.00)
Total: $1395.00

身のなわたしはる果てぞ  悲しわたしはかりけるわたしは

Link to post
Share on other sites
3 minutes ago, SenKa said:

Of course, yeah, but most of these intel vulnerabilities are coming out recently as Intel's 14nm architecture ages.

correct. they have been around a lot longer and therefore more time has been put into finding such vulnerabilities. 

 

the thing about vulnerabilities is that they exist even before they are found. the current CPUs are exactly as "secure" as they always have been, in fact even more so since a lot of these vulnerabilities have been patched or fixed in the hardware in later generations. and this is on both sides, not just intel.

Link to post
Share on other sites
41 minutes ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD?

Remember that AMD is also less targeted, because it is less-widely used.


CPU: AMD Ryzen 7 3700X GPU: MSI GTX 1080 Ti GAMING X TRIO 11GB GDDR5X Motherboard: ASUS ROG CROSSHAIR VI EXTREME
CPU Cooler: Corsair H100i V2 RAM: Corsair Vengeance LED 16GB DDR4 3333MHz Case: Lian Li PC-O11 Dynamic PSU: Corsair RM850x White
Displays: AORUS AD27QD, DELL UltraSharp U2711 Storage: Samsung 850 EVO 120GB, ADATA SP550 240GB M.2, Kingston UV400 240GB, WD Red 2TB & 1TB
Laptop: Acer Nitro 5 CPU: AMD Ryzen 5 2500U GPU: AMD Radeon RX 560X 4GB RAM: 16GB Storage: 240GB M.2 SSD, 1TB HDD Display: 15.6" IPS

Link to post
Share on other sites
6 minutes ago, Morgan MLGman said:

Remember that AMD is also less targeted, because it is less-widely used.

Idk if that's an excuse anymore with the large amount of market share amd carved out. I think Intel just cut a lot of corners to get more performance 

Link to post
Share on other sites
4 minutes ago, spartaman64 said:

Idk if that's an excuse anymore with the large amount of market share amd carved out. I think Intel just cut a lot of corners to get more performance 

Oh I didn't mean less widely used by PC builders like us - pretty much every institution or business you know is running Intel CPUs, whether it's in workstations, laptops or their server room. This is the main issue I think.


CPU: AMD Ryzen 7 3700X GPU: MSI GTX 1080 Ti GAMING X TRIO 11GB GDDR5X Motherboard: ASUS ROG CROSSHAIR VI EXTREME
CPU Cooler: Corsair H100i V2 RAM: Corsair Vengeance LED 16GB DDR4 3333MHz Case: Lian Li PC-O11 Dynamic PSU: Corsair RM850x White
Displays: AORUS AD27QD, DELL UltraSharp U2711 Storage: Samsung 850 EVO 120GB, ADATA SP550 240GB M.2, Kingston UV400 240GB, WD Red 2TB & 1TB
Laptop: Acer Nitro 5 CPU: AMD Ryzen 5 2500U GPU: AMD Radeon RX 560X 4GB RAM: 16GB Storage: 240GB M.2 SSD, 1TB HDD Display: 15.6" IPS

Link to post
Share on other sites
1 minute ago, spartaman64 said:

Idk if that's an excuse anymore with the large amount of market share amd carved out. I think Intel just cut a lot of corners to get more performance 

They've been doing that for over a decade now then? Because some of these vulnerabilities effect back to Westmere-EP (32nm from 2010-2011) or maybe even before... Seems more like just exhausting every other attack process and by a process of slow elimination, finding ones nobody noticed so far. 


X58-X79-X99-X299 lads: Intel HEDT Xeon/i7 Megathread - Murica (But International) Parrot Gang

 

Big Rig (Done) - (Main Rig) - i7 5960X @ 4.7Ghz/3.7Ghz core/uncore - Custom Loop: 2x 360GTS with EK-ZMT/Stubbies and EK D5 pump/res combo - EVGA X99 Classified - 32GB (4x8GB) HyperX Predator DDR4 @ 3200MHz CL16 XMP - AMD Radeon VII (best TimeSpy so far: here) - 1TB 970 Evo - Corsair RM1000i - Phanteks Enthoo Evolv ATX TG - 6x iPPC NF-F12 2000 

X79 Rig (Done) - (Alt Rig 1)- i7 4930K @ 4.5GHz - EVGA CLC 280 w/NF-P14s fans - EVGA X79 Dark - 16GBGB (4x4GB) Corsair Vengeance DDR3 @ 1600Mhz CL9 XMP - EVGA GTX 1660 Ti XC Ultra - MX500 1TB - 2x Seagate Barracuda Compute 2TB - EVGA 1000W G3 w/CableMod PRO Carbon cables - Phanteks P400 (White) - NF-P12

 

X58 Rig (Done) - (Alt Rig 2) - Xeon X5675 @ 4.4/3.7 core/uncore- NH-D15S - EVGA X58 Classified SLI 4-Way - 24GB (3x8GB) HyperX Savage Red DDR3 @ 1750Mhz CL9-10-10-27 - 2x EVGA Classified 780s - 120GB HyperX SSD - EVGA 1600W T2 - Corsair 750D - 5x iPPC NF-A14 3000 PWM

 

2019 13" rMBP (i5/8GB/256GB) {work} - 2012 13" MBP (i5/16GB/525GB) {mine} - iPhone 11 Pro Max + Apple Watch S3 42mm - iPod Classic 6G 80GB running Rockbox + iPod Classic 5.5G Enhanced 30GB also on Rockbox - iPhone X - iPhone 4S on iOS 6.1.3

 

whip and nae nae

Link to post
Share on other sites

Cache me Outside


PLEASE QUOTE ME IF YOU ARE REPLYING TO ME
LinusWare Dev | NotCPUCores Dev

Desktop Build: Ryzen 7 1800X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 32GB Corsair DDR4 @ 3000MHz, RX480 8GB OC, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to post
Share on other sites
1 hour ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD? As if their luck couldn't get any worse - what with AMD actually pumping out hella good CPU's. Hopefully next gen Intel will solve at least most of these.

 

Most likely because Intel's topology goes right back 20 plus years in some of it's products,  and it has taken the better part of a decade to find most of the vulnerabilities.  AMD had a 5 year absence form the market which effectively means noone is looking at their older stuff and Ryzen hasn't been around long enough to have anywhere near the same time span or product updates to work through.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites
1 hour ago, Arika S said:

I'm curious to see how many security firms are looking into both companies products. It could be as simple as ryzeb being fairly new any therefore less people looking for vulnerabilities or they just haven't found them yet. 

Simply because Ryzeb doesn't exist.


Bloodshed and the Fenris-Wolf:

| CPU:  Ryzen 5 3600(buying a 3900x in August for it) | CPU Cooler:  Dark Rock Pro 4 | Paste:  Kryonaut | Motherboard:  ASRock x470 Taichi | RAM:  G.Skill Ripjaws V Series 48 GB (2 x 16 GB + 2 x 8 GB) DDR4-3200 | Boot Drives:  Crucial MX500 500 GB M.2-2280+Crucial BX500 120 GB 2.5" SSD | Storage Drives:  Toshiba X300 4 TB 128 MB Cache 3.5" HDD+PNY CS900 240 GB | GPU:  Sapphire Radeon VII 16 GB HBM2 Video Card | Case:  Cooler Master MasterBox MB511 RGB | PSU:  EVGA SuperNOVA G2 750 W 80+ Gold Certified Fully Modular ATX Power Supply w/CableMod E-Series Cable Kit (Black/Red) | Case Fans:  2 Corsair SP140 49.49 CFM 140 mm Fans | Displays:  AOC U2879VF 28.0" 3840x2160 60 Hz Monitor (Replacing with an LG 4k IPS display for game art)+AOC G2460PQU 24.0" 1920x1080 144 Hz Monitor | Mouse:  Corsair M65 Pro RGB | Keyboard:  Ducky Shine 7 Blackout - MK Exclusive First Release - RGB LED Double Shot PBT Mechanical Keyboard with Silent Red Switches | Mousepad:  Gaya Entertainment Oversized Gaming Mousepad Doom | Audio:  Massdrop x AKG K7XX Audiophile Open-back Headphones+Audio-Technica ATR2500-USB Cardioid Condenser USB Microphone+Kingston HyperX Cloud II 7.1 Channel Headset+iBasso IT01 Dynamic Driver Audiophile In-Ear Monitors/Earbuds (Black)+Pair of Mackie MR624s(came with stands+isolation pads) | OSes:  Windows 10 Pro+openSUSE Tumbleweed |



VashTheStampede(ROG Zephyrus M GU502):

| CPU:  i7-9750h | RAM:  32GB Dual Channel 2666mhz CL 19(Stock+Samsung 16GB DDR4 PC4-21300, 2666MHZ, 260 PIN SODIMM, 1.2V, CL 19 ) | Storage:  1TB SSD with Optane | GPU:  Nvidia RTX 2060 | Display:  144hz 3ms | Mouse:  Corsair M65 Pro |

Link to post
Share on other sites
2 hours ago, TempestCatto said:

I have a very serious question: how the fuck does this keep happening to Intel and not AMD? As if their luck couldn't get any worse - what with AMD actually pumping out hella good CPU's. Hopefully next gen Intel will solve at least most of these.

Zen is a relatively new microarchitecture on the floor to poke at, and few companies are using AMD's older processors in any serious capacity any more so there's no real point in poking at them. It may be nice to poke at once you found something in a newer product, but that's about it. Intel, IBM, and ARM have likely been building on top of their older designs and the mantra of "if it ain't broke, don't fix it" applies. AMD built Zen pretty much from the ground up. Plus innocuous things may not look like a problem or may be glanced over. Heartbleed was in the OpenSSL code for two years before someone finally pointed it out. Two years, and it's open source software.

Link to post
Share on other sites

There are a few things going on as to why Intel sees more of these, but the basic ones to make it easy are this.

1) Intel CPUs are iterations in process and design based on old architectures from before localized security was much considered.  If you could run on it, everything was considered owned already.  So security stuff in their current designs are more of an add on than a fundamental in most cases.  Cloud computing is the most obvious example of how this game of where the security boundary needs to be has changed.

2) When the question got asked if Intel engineers should speed it up or make it more secure, the directive was to just make it faster for a very long time.

3) It takes generations of re-designing to fix some of these things at fab level instead of just mitigate with microcode, which is why they affect so many products, even if they've been known for quite a while.  This is why several security issues aren't in their 10nm products, but are still in the iterative 14nm++++++++++++ based products.  Being stuck on process node for so long has hurt a lot here, since they've been holding back the redesign architecture process that would help a lot of these.

4) Contrast that with AMD who has pushed scale (cores) instead of speed as their goal, and most of the time answered the question in 2 with "try to speed it up as much as you can while not adding obviously big security risks".  Similar, but different from a development standpoint.  They've also been updating architecture with process fairly aggressively since Zen, and security has been a serious thing since even before Zen was in development.  So, this gives AMD an edge here for the time being.

 

This is why some of these sorts of things have affected AMD as well, but not nearly as many.  It is also why Intel will probably be fine and have most all of this fixed once they actually get to 10nm or beyond.  But until then, expect random blurbs like this to show up every so often.

Link to post
Share on other sites
2 hours ago, Arika S said:

image.jpeg.686b227ab8a753f904b3774c98ed1287.jpeg

image.png.b5ed5c7a850350e6d64bc74e8b0f2f77.png

 

I also have a question: can this attack be done remotely, or does the attacker have to be at the physical system?

Link to post
Share on other sites
2 minutes ago, Crunchy Dragon said:

I also have a question: can this attack be done remotely, or does the attacker have to be at the physical system?

Needs to have local access

 

Quote

may allow an authenticated user to potentially enable information disclosure via local access.

 

Link to post
Share on other sites
Just now, Arika S said:

Needs to have local access

Well that's certainly a small relief.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Announcements

  • April fools topics should be posted in Off Topic

×