security New details about the newly discovered CPU vulnerabilities namely Spectre 1.1 and 1.2

[captain_to_fire]

21 minutes ago, NMS said:

Still hoping for Nvidia to drop out of nowhere the news on entering the CPU market. Maybe their architecture would have no security vulnerabilities.

Because while this was scary at first, especially if you owned Intel, at this point does anyone even gives a f*ck? I mean, it's not like you can just stop using Intel or AMD CPU's.

That would happen if either AMD, Intel or VIA will license x86 to NVIDIA.

27 minutes ago, leadeater said:

Hmm? That's an excellent point, why has no one though of it before. Pfff, security experts can't even figure out such a basic solution as this .

That's the goal but that ain't happening when speed is prioritized over security

[NMS]

4 minutes ago, captain_to_fire said:

That would happen if either AMD, Intel or VIA will license x86 to NVIDIA.

That's the goal but that ain't happening when speed is prioritized over security

Oh I'm aware of the patents which companies hold, but I'm sure a deal could be done.

[captain_to_fire]

1 minute ago, NMS said:

Oh I'm aware of the patents which companies hold, but I'm sure a deal could be done.

I'm not sure if Jensen Huang even considers entering x86 CPUs at the moment. It would be great if they do so that it desktop CPUs aren't just AMD or Intel. 

[Stefan Payne]

5 hours ago, captain_to_fire said:

. I don't really get as to why AMD is not listed when all of their CPUs including Ryzen are vulnerable to Spectre 1&2 and the newly published ones uses a similar attack technique. 

Because they are not affected because there is some kind of safety checks in the CPU, so its way harder to exploit it.

 

So that is again wishful thinking because its something that applies to intel, therefore it must also be true for AMD. But it is not. Deal with it that the Spectre/Meltdown things are mostly something that is is happening on Intel CPUs, not AMD (and Samsung Exynos AFAIR)

 

And another thing:

TLbleed is still coming!

So wait for that!

That's the same problem, different angle. In this case, attack from a second thread in the CPU.

[Stefan Payne]

5 hours ago, Christophe Corazza said:

 

Intel ship the most $ worth of CPUs by a very wide margin, so they will naturally attract the most attention. The fact is SPARC, MIPS, ARM and even POWER have been reported as having SPECTRE vulns - so it's not just poor likkle old Intel.

Yes, because they also use speculative excecution and are rather old chips without any internal access checks.

1 hour ago, NMS said:

Still hoping for Nvidia to drop out of nowhere the news on entering the CPU market. Maybe their architecture would have no security vulnerabilities.

When pigs start to fly?!
Or so that they can implement some shit so that Geforce Graphics Cards only work best with their CPUs?? nVidia is worse than Apple in that regard.

And why should they have no security issue?!
Every CPU with speculative Excecution has some form of it, especially of you don't do internal checks...

 

1 hour ago, NMS said:

Because while this was scary at first, especially if you owned Intel, at this point does anyone even gives a f*ck? I mean, it's not like you can just stop using Intel or AMD CPU's.

You can stop using INtel Chips wich are the worst in case of vulnerabilitys and switch to AMD wich are safe for at least some kind of those exploits due to architectural differences...

[Arika]

25 minutes ago, Stefan Payne said:

-snip-

 

19 minutes ago, Stefan Payne said:

-SNIP-

Goddamn, you really need to curb your AMD obsession

[captain_to_fire]

1 hour ago, Stefan Payne said:

Because they are not affected because there is some kind of safety checks in the CPU, so its way harder to exploit it.

 

So that is again wishful thinking because its something that applies to intel, therefore it must also be true for AMD. But it is not. Deal with it that the Spectre/Meltdown things are mostly something that is is happening on Intel CPUs, not AMD (and Samsung Exynos AFAIR)

That's quite disingenuous to say that Spectre and Meltdown is only an Intel thing. While AMD is not vulnerable to variant 3, it's vulnerable to variant 1, 2 and 3a and it's thoroughly documented. I hope you're not shilling. 

 

 

[Stefan Payne]

Please show Proof of Concept on AMD.

The ones I've seen were always done on Intel.

 

And from what I've heard about TLBleed it seems that the probability on newer Intel Processors is higher than on older ones.

 

 

And its not disingenuous because the table you likned already has some parts where AMD is missing, like Meltdown. 

 

While AMD is not vulnerable to varian 3

Exactly!

That's what I'm saying.

 

So it would be nice to stop implying that AMD has to be vulnerable to this as well, when they already aren't vulnerable to a couple other of those...

[LAwLz]

1 hour ago, Stefan Payne said:

You can stop using INtel Chips wich are the worst in case of vulnerabilitys and switch to AMD wich are safe for at least some kind of those exploits due to architectural differences...

It's very hard to quantify security. In the case of Intel vs AMD I don't think you can either one is more secure than the other. Sure, there are some vulnerabilities like Meltdown which AMD aren't affected by, but at the same time AMD also has some unique security issues like those uncovered by AMDFlaws. 

 

Like the article says:

Quote

Intel and ARM have publicly acknowledged that some of their CPUs are vulnerable to Spectre 1.1. AMD has not published a statement, but AMD has been historically slow at reviewing security issues. Since all Spectre attacks affected AMD CPUs, it is safe to assume that these new ones also affect AMD's portfolio as well.

 

[captain_to_fire]

34 minutes ago, Stefan Payne said:

Please show Proof of Concept on AMD

Ever heard of Ryzenfall, Chimera, Masterkey, and Fallout?

 

Edited July 12, 2018 by captain_to_fire

[leadeater]

1 hour ago, Stefan Payne said:

Yes, because they also use speculative excecution and are rather old chips without any internal access checks.

Old chips? Power9 is about as new as you can get...

 

1 hour ago, Stefan Payne said:

You can stop using INtel Chips wich are the worst in case of vulnerabilitys and switch to AMD wich are safe for at least some kind of those exploits due to architectural differences...

Or apply the microcode updates to the CPU so it's just as secure as any other CPU on the market with microcode protections for Spectre that are currently possible, you know those microcode updates Microsoft decided to include in one of the Windows Updates.

[leadeater]

38 minutes ago, Stefan Payne said:

And its not disingenuous because the table you likned already has some parts where AMD is missing, like Meltdown.

Meltdown only ever applied to Intel and was very easily mitigated, it was never an issue IF you kept your OS updated.

[LAwLz]

1 minute ago, captain_to_fire said:

Ever heard of Ryzenfall, Chimera, Masterkey, and Fallout?

 

Those are other some other issues with AMD processors, not Spectre. 

I don't get why Stefan wants POC code for Ryzen though. AMD themselves have come out and said they are vulnerable to Spectre 1 and 2. Why would they lie about being vulnerable if they aren't? 

[captain_to_fire]

2 minutes ago, LAwLz said:

I don't get why Stefan wants POC code for Ryzen though

He probably thinks that because most of the published CPU vulnerabilities are using Intel chips as subjects, AMD must not be susceptible to it.

[leadeater]

1 minute ago, LAwLz said:

I don't get why Stefan wants POC code for Ryzen though. AMD themselves have come out and said they are vulnerable to Spectre 1 and 2. Why would they lie about being vulnerable if they aren't? 

I'm pretty sure the original research publication by the authors who discovered the vulnerabilities did test it on Ryzen processors and old AMD processors too, not that it matters. If it's not possible, like truly known, why would AMD officially state it does apply to their processors. Who the hell would incorrectly attribute a serious security flaw to their products if it's not true??!?

[Taf the Ghost]

2 minutes ago, leadeater said:

I'm pretty sure the original research publication by the authors who discovered the vulnerabilities did test it on Ryzen processors and old AMD processors too, not that it matters. If it's not possible, like truly known, why would AMD officially state it does apply to their processors. Who the hell would incorrectly attribute a serious security flaw to their products if it's not true??!?

Pretty sure it was that Spectre v2 is functionally impossible to execute on Zen, much in the way the whole "Ryzenfall" stuff required so much access to use as an attack vector that you'd never bother. Was still patched, though. Meltdown was Intel only.

[leadeater]

5 minutes ago, Taf the Ghost said:

Pretty sure it was that Spectre v2 is functionally impossible to execute on Zen, much in the way the whole "Ryzenfall" stuff required so much access to use as an attack vector that you'd never bother. Was still patched, though. Meltdown was Intel only.

Yea only one was a well defined threat but it hardly matters much now, it's either fixed for both AMD and Intel, mitigated by the OS or like these new ones still under analysis of the scope to the actual problem. Repeat process as patches are created and applied, to find flaws in those fixes.

 

There is equal likelihood that tomorrow another big Spectre like or variant of comes out that applies to AMD, Intel or both. 

 

Zen isn't some ultimate security master stroke, it has one thing that made it a bit more secure but who knows, that one thing could be defeated.

[captain_to_fire]

7 minutes ago, leadeater said:

Zen isn't some ultimate security master stroke, it has one thing that made it a bit more secure but who knows, that one thing could be defeated.

Speaking of defeating security, some researchers have found a way to defeat browser based Spectre/Meltdown mitigations 

https://www.bleepingcomputer.com/news/security/some-spectre-in-browser-mitigations-can-be-defeated/

https://threatpost.com/webassembly-changes-could-ruin-meltdown-and-spectre-browser-patches/133657/

[Stefan Payne]

13 hours ago, captain_to_fire said:

Ever heard of Ryzenfall, Chimera, Masterkey, and Fallout?

 

You mean that bullshit where you need ADMIN RIGHTS to do some shady stuff?

You know that its the same on _ALL_ Things that use FLASH-ROM???

And that you could also use other things to exploit??

 

 

And do you know what: A printed piece of paper is insecure. Because if you can get a look at what is on the piece of paper, you know what's on there!!

Nevermind the way to get there...

Ryzenfall is just propaganda bullshit, that happen to come to the right time so that some people are able to point fingers at AMD and can shout that AMD is worse than Intel because you can exploit the Hardware, when you:
a) have access to the Hardware  

or

b) have remote access with admin rights.

 

Nevermind that you have to have an exploit that is specific to the Motherboard in use!

 

 

If I already have ADMIN Rights WHY would I flash a BIOS when I can do other stuff that is far more interesting?!

 

That is as serious as a storm in a waterbottle. Not that it does matter, but on a priority list from there is something that can be used to WE'RE GONA DIE!!111

Its more on the lower end of the seriousness..

 

And I ask for a proof of concept because some people claim that there has to be an issue, but nobody has proven it!
All the proof we have are made on Intel Systems!

 

So show the Proof of Concept that the Exploit also works on AMD or stop saying that AMD is also affected!

You might say that AMD might eventually be affected or is probably also affected but without a proof of concept that is too theoretical.

 

An exploit that might eventually be there but nobody knows how to use it, isn't a real exploit. An exploit that is there and people know how to use is however.

Because with that argumentation, everything is an exploit!

You just need to take a look at the Errata Lists from the Processor manufacturers. There is a shit ton of information you could use for exploits, in theory.

But in reality its not soo easy or most of those don't really matter....

[Stefan Payne]

13 hours ago, leadeater said:

Zen isn't some ultimate security master stroke, it has one thing that made it a bit more secure but who knows, that one thing could be defeated.

Exactly that is the point!

Zen is better than Intel at the moment. 

 

 

Why are people still try to claim otherwise??

And come with that Ryzenfall Bullshit (great name, isn't it?? Makes you wonder if it wasn't paid opposition)...

 

And with the companys involved in Ryzenfall and other stuff, the probability of Stock Manipulation is very much on the table...

And I could do the same on a Playstation 4 or XBox 1. All I need is the tools, maybe Access to the Flashrom and the knowledge of it. But it is possible.

That its more likely that the Dinosaurs get ressurrected, well, that might be a slight annoyance...

 

Especially if you need the capability to modify something on a hardware level...

On a good server enviroment, there should be a dozen eMails going around with "WARNING: ACCESS TO HARDWARE DETECTED". Well, don't know if that is implemented (yet)...

[Stefan Payne]

13 hours ago, LAwLz said:

Those are other some other issues with AMD processors, not Spectre. 

Those aren't really issues because you need too much access.

And in a perfect Server Enviroment, everyone responsible would get an email because someone tries to access the Hardware.

 

 

And if you looked more into the involved partys of Ryzenfall you find that one of the partys was involved and AFAIR convicted of Stock Manipulation. 

 

And that is what it looks like. There isn't really a Proof of concept, just some mumbling about that there must be something...

 

But you have to have either access to the Hardware. And physically stand in front of the Server or remote access to do something similar. 

 

 

 

13 hours ago, LAwLz said:

I don't get why Stefan wants POC code for Ryzen though.

Because YOU claim that AMD is as bad as Intel in this Spectre/Meltdown debacle, when you don't even have proof of that.

 

And it is known that AMD has some kind of access protection already involved that makes it harder to exploit this stuff.

 

13 hours ago, LAwLz said:

AMD themselves have come out and said they are vulnerable to Spectre 1 and 2. Why would they lie about being vulnerable if they aren't? 

Yeah and how did they phrase it?!

Isn't it the case that they said something like a strong denial with a tiny possibility that they might be affected by spectre 2??

 

And that is why I ask for a proof of concept that nobody could provide. Because you don't know if AMD is affected at all or if it is even possible or how high/low the chances are!

 

Just look at this:

https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/

 

99.8% Sucess rate on Skylake and 98.2% on a Broadwell E seems like a good attack.

 

 

So that is the next thing you don't think about. The probability of a successful attack. If the successrate is too low, this exploit is pretty much worthless. And nobody had any information about this yet.

All I hear is people claiming that it must be there and as bad as Intel. Prove your claim!

If you claim something, you are the one to prove it, not me!

But you can't. Nobody can. Because there isn't any.

 

 

13 hours ago, captain_to_fire said:

He probably thinks that because most of the published CPU vulnerabilities are using Intel chips as subjects, AMD must not be susceptible to it.

You are the one to claim that AMD is as bad as Intel, yet you didn't prove your claim.

Because you don't know if this vulnerability is a thing in AMD Processors, if it can be exploited at all and how high the sucessrate will be. With Intel we know that its possible and the successrate is high enough for it to be a viable exploit. But exactly that is not the case with AMD. 

 

We don't know if it can be exploited, we don't know if the probability of a sucessful exploit is high enough to be a viable exploit!

 

A Proof Of Concept would prove both of these claims. But there isn't any because its not that easy to exploit AMD processors.

 

Conclusion: You are wrong and your statements about AMD and Spectre/Meltdown are wrong. Because nobody could prove that it applys to AMD as well. 

And AMD also denied that as best as they legally could!

 

Just read the statement from AMD. 

 

But there is something I can tell:

On August 9th it will get really interesting:

 

 

https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149

 

[leadeater]

27 minutes ago, Stefan Payne said:

Zen is better than Intel at the moment.

Not if you have applied the updated Intel microcode. Those affected product spreadsheets only apply at the time of discovery, they do not show anything other than that so it's not current state.

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf

 

But let me pose you this question, once security researchers finish focusing on Intel who hold the largest install base of products by the biggest margin possible to think of (yea it is that much different) they will start to focus more on AMD. So what happens then? You start proclaiming Intel is more secure because their products don't share those specific flaws and have not been patched?

 

You're riding a bit too close to the security by obscurity mantra, or if it's not know then it's not a problem mantra. You are actually more secure in knowing the limitations of a product than not knowing.

[spartaman64]

21 hours ago, Jurrunio said:

I remember a few of these cpu vulnerabilities also affect Ryzen. Does that mean AMD's FX is the safest because no one bother targeting it?

from what i understand the vulnerabilities that affect ryzen either require the system to be completely compromised already or require physical access

[captain_to_fire]

26 minutes ago, Stefan Payne said:

Those aren't really issues because you need too much access.

And in a perfect Server Enviroment, everyone responsible would get an email because someone tries to access the Hardware.

 

 

And if you looked more into the involved partys of Ryzenfall you find that one of the partys was involved and AFAIR convicted of Stock Manipulation. 

 

And that is what it looks like. There isn't really a Proof of concept, just some mumbling about that there must be something...

 

But you have to have either access to the Hardware. And physically stand in front of the Server or remote access to do something similar. 

 

 

 

Because YOU claim that AMD is as bad as Intel in this Spectre/Meltdown debacle, when you don't even have proof of that.

 

And it is known that AMD has some kind of access protection already involved that makes it harder to exploit this stuff.

 

Yeah and how did they phrase it?!

Isn't it the case that they said something like a strong denial with a tiny possibility that they might be affected by spectre 2??

 

And that is why I ask for a proof of concept that nobody could provide. Because you don't know if AMD is affected at all or if it is even possible or how high/low the chances are!

 

Just look at this:

https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/

 

99.8% Sucess rate on Skylake and 98.2% on a Broadwell E seems like a good attack.

 

 

So that is the next thing you don't think about. The probability of a successful attack. If the successrate is too low, this exploit is pretty much worthless. And nobody had any information about this yet.

All I hear is people claiming that it must be there and as bad as Intel. Prove your claim!

If you claim something, you are the one to prove it, not me!

But you can't. Nobody can. Because there isn't any.

 

 

You are the one to claim that AMD is as bad as Intel, yet you didn't prove your claim.

Because you don't know if this vulnerability is a thing in AMD Processors, if it can be exploited at all and how high the sucessrate will be. With Intel we know that its possible and the successrate is high enough for it to be a viable exploit. But exactly that is not the case with AMD. 

 

We don't know if it can be exploited, we don't know if the probability of a sucessful exploit is high enough to be a viable exploit!

 

A Proof Of Concept would prove both of these claims. But there isn't any because its not that easy to exploit AMD processors.

 

Conclusion: You are wrong and your statements about AMD and Spectre/Meltdown are wrong. Because nobody could prove that it applys to AMD as well. 

And AMD also denied that as best as they legally could!

 

Just read the statement from AMD. 

 

But there is something I can tell:

On August 9th it will get really interesting:

 

 

https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149

 

If I were you, I’d stop putting words in my mouth since all you’re doing is raising strawman arguments and moving goalposts. You remind me a lot of zMeul but the AMD version. 

[Starelementpoke]

21 hours ago, Jurrunio said:

I remember a few of these cpu vulnerabilities also affect Ryzen. Does that mean AMD's FX is the safest because no one bother targeting it?

The exact same reason why Linux is safe too.