Octopus Overlords

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

Isgrimnur wrote: ↑Wed Jan 03, 2018 12:20 pm I guess I'll start looking at the Ryzens for my new rig upgrade, which I will probably shop for over the next few days once this chest cold settles in and makes it to the point where I don't want to move.

There isn’t any concrete data yet, but speculation is that the bug affects all Intel x86 CPUs produced over the past 10 years, regardless of the OS you’re running or whether you have a desktop or laptop. There are some reports that say newer Intel CPUs are less impacted than older ones, but the full extent is unclear.
...
In a message to the Linux Kernel Mailing List, AMD’s Tom Lendacky asked for Linux’s “Kernel Page Table Isolation” (KPTI) fix to not apply to Team Red’s processors.

“AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” he wrote. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.”

AMD CPUs could potentially wind up suffering a performance hit as collateral damage, though. It depends on how the final patches for the Intel CPU kernel bug vulnerability are implemented. Operating system makers could code in exceptions for AMD processors to keep them at full speed, as Lendacky requested for the Linux kernel. But operating system vendors may also take a salted earth approach and force the fix onto all x86 processors just to be safe.

Zarathud wrote: ↑Wed Jan 03, 2018 4:50 pm AMD never had the performance benefit so, at best, it stays the same.

AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.

• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5753 (Variant 1: bounds check bypass) [Intel, AMD, ARM]
• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5715 (Variant 2: branch target injection) [Intel, AMD]
• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5754 (Variant 3: rogue data cache load) [Intel]

On affected systems, Meltdown enables an adversary to read memory of other processes or virtual machines in the cloud without any permissions or privileges, affecting millions of customers and virtually every user of a personal computer. We show that the KAISER defense mechanism for KASLR [8] has the important (but inadvertent) side effect of impeding Meltdown. We stress that KAISER must be deployed immediately to prevent large-scale exploitation of this severe information leakage

6.4 Limitations on ARM and AMD
We also tried to reproduce the Meltdown bug on several ARM and AMD CPUs. However, we did not manage to successfully leak kernel memory with the attack described in Section 5, neither on ARM nor on AMD. The reasons for this can be manifold. First of all, our implementation might simply be too slow and a more optimized version might succeed. For instance, a more shallow out-of-order execution pipeline could tip the race condition towards against the data leakage. Similarly, if the processor lacks certain features, e.g., no re-order buffer, our current implementation might not be able to leak data. However, for both ARM and AMD, the toy example as described in Section 3 works reliably, indicating that out-of-order execution generally occurs and instructions past illegal memory accesses are also performed.

xwraith wrote: ↑Wed Jan 03, 2018 6:32 pm Google has announced their mitigations:

https://support.google.com/faqs/answer/7622138
https://googleprojectzero.blogspot.com/ ... -side.html

These seem to be the CVEs associated with the issues (nothing there yet, but I imagine in the next 24 hours the information will be there)

• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5753 (Variant 1: bounds check bypass) [Intel, AMD, ARM]
• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5715 (Variant 2: branch target injection) [Intel]
• http://cve.mitre.org/cgi-bin/cvename.cg ... -2017-5754 (Variant 3: rogue data cache load) [Intel]

I'll speculate now that Variant 3 is what caught my eye this morning.

Edit: Added CVEs, and link to Project Zero, updated what CVEs mean, and who it appears to affect.

Intel CEO Brian Krzanich sold off a large portion of his stake in the company months after Google had informed the chipmaker of a significant security vulnerability in its flagship PC processors - but before the problem was publicly known.


...
The stock sale raised eyebrows when it was disclosed, primarily because it left Krzanich with just 250,000 shares of Intel stock - the minimum the company requires him to hold under his employment agreement.

...

Intel says the sale was preplanned - but that plan was put in place months after it learned of the chip vulnerability
In the statement, the Intel representative said Krzanich's sale had nothing to do with the newly disclosed chip vulnerability and was done as part of a standard stock-sale plan.
...
But Krzanich put that plan in place only October 30, according to the filing. His decision to set up that plan was "unrelated" to information about the security vulnerability, the representative said.

Still, the timeline raises questions: Krzanich's plan was created October 30, and the company learned of the chip vulnerability in June.

Blackhawk wrote: ↑Mon Jan 08, 2018 1:25 am I can't for the life of my figure out why I'm not getting the Win10 update that fixes this. My last installed update shows 12/17/2017, and 'Check for Updates' shows that I'm up to date.

Blackhawk wrote: ↑Mon Jan 08, 2018 1:36 pm I'd already seen that. Windows Defender on the PCs in question, so it isn't that.

It also poisons the search, such that I can't find answers to the problem that don't refer to that issue.

Blackhawk wrote: ↑Mon Jan 08, 2018 8:06 pm I ran a powershell script that was supposed to tell you if you still have the vulnerability, but I had no idea how to read the results beyond the site's instruction that 'false means still vulnerable.'

LawBeefaroni wrote: ↑Mon Jan 08, 2018 1:55 pm Flashback to WinXP. Have been installing update, it's at 10% and has been going for 35 minutes.

This is a big one.

stessier wrote: ↑Tue Jan 09, 2018 7:24 pm I'm trying to confirm I got the patch. My powershell says I can't run the import-module because of the execution policy. Is it safe to set the execution policy to bypass? Is there a safer way?