Announcement

Collapse
No announcement yet.

A Global Switch To Kill Linux's CPU Spectre/Meltdown Workarounds?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by mmstick View Post

    Actually, most games are limited by the CPU, and usually because the game does not take advantage of as many threads as it could.
    But they are usually busy doing game logic and not performing context switches for e.g IO which is where many of these mitigations are causing performance penalties.

    Comment


    • #22
      Originally posted by F.Ultra View Post

      Well that works I guess until you discover just how many mods your kids are using in Terraria/Minecraft/whatever at which point you realise just how much untrusted code that really runs on your system.
      dualboot?
      my kids dont have access to my data. way to dangerous...
      (and you should make backups anyway)

      as he said: if spectre is a security hole for you, you have way bigger holes to fix (well except for cloud provider ofc)

      Comment


      • #23
        I would never do that. This is really risky and stuff, I am very sure that these people are mostly not what they claim. I read very often of young gamers who like to deactivate mitigations and their computer is exposed to the internet.

        I have disabled SMT and will buy a 16 core Zen 2 once they get released. For some machines I wouldn't consider a CPU with out of order execution or the need of firmware blobs anymore - performance is nice to have, but security is always worth much more than this. I only use closed software for machines that need to run games.

        There is a performance hit for making processors secure, but it isn't that unbearable. The world still turns, but a little slower. And for SMT/HT I still see a valid chance that it can be made completely secure without big effort. But out of order execution seems to be too complex to have a 100% secure processor implementing it within reasonable time.

        Comment


        • #24
          Keep in mind, if you go online and don't use NoScript or Ublock Matrix, or if you EVER allow ad networks to access your machine, you are allowing a set of users known to include proven malicious users to run arbitrary code on your box. Ad networks are a major source of malicious javascript, and javascript is a sufficiently capable language that both gnome-shell and Cinnamon are written in it! Any language capable of being used to write a whole DE is also capable of being used to break out of sandboxes, run privilige-escalation exploits, and having done so can steal your passphrases, delete your data, run ransomware, the works. If you ever allow ads, you need the strongest possible security. Same if you don't trust yourself to win a hacking war against ad networks, Facebook, Google, etc.

          EDIT: I draw the line at disabling hyperthreading, but it would be nice to be able to force known dangerous processes like browser threads to each use one side of a core and exclude other processes while running. Ona big CPU you could easily get away with forcing Firefox to use one side of a single core only, and exclude all other users from that core while firefox is running. To use all 8 threads for a video render job you would close the browser.
          Luke
          Senior Member
          Last edited by Luke; 25 August 2018, 09:45 PM.

          Comment


          • #25
            More on a way to deal with hyperthreading as a vulnerability without entirely disabling it. You might have programs specified as "sensitive" such as all browser threads and all cipher processes restricted to using only one side of a core, and only using a core which does not have another sensitive thread already running on it. On a 4-core 8 thread it would be OK to have three ff threads each on one side of each of three cores, while the ssl stuff runs on one side of one core. This way no two sensitive threads would run alongside oneanother on the same core with the same cache.

            To say, open an encrypted flash drive, the machine would evict a Firefox thread from one core and queue it up behind another on the same side of one of the other cores. Thus, sensitive processes would act as though the CPU was not hyperthreaded while things like render jobs would have full access to all threads. If the render job is sensitive too, put the machine offline until it is done.

            Comment


            • #26
              Originally posted by cybertraveler View Post

              Typical home users and gamers should absolutely not disable these spectre and meltdown mitigations. Without them a custom map for a game, a website running javascript or malicious code running in a virtual machine could either take control of the system or gain access to sensitive data.

              This is not to even mention that meltdown can enable privilege escalation. This means that a user process or even a security sandboxed user process which is compromised by an attacker could gain access to kernel memory and essentially gain full control over the PC.

              The vast majority of computer users should leave all these mitigations enabled.
              This is pure BS. Both Firefox and Chrome made Spectre/Meltdown attacks via JS impossible quite a long time ago and how often home users run untrusted code in VMs? You're way over your head with useless defenses which slow down everything. If you are a typical Linux user and you only run packages from your distro repository without using VMs or running any 3d party applications in VM, all these vulnerabilities are impossible to exploit.

              And that message in LKML is mine (actually I've sent it twice) and I'm sorry to draw attention to this but no one has bothered to reply to it which shows how the kernel hackers actually care about users. They couldn't care less, "eat our patches or go f*ck off".

              Damn.

              Comment


              • #27
                I have a box that is only for videogames. I don't care about vulnerabilities on it, I'd like a single option to disable these if they impact performance.

                Comment


                • #28
                  Originally posted by birdie View Post

                  This is pure BS. Both Firefox and Chrome made Spectre/Meltdown attacks via JS impossible quite a long time ago and how often home users run untrusted code in VMs? You're way over your head with useless defenses which slow down everything. If you are a typical Linux user and you only run packages from your distro repository without using VMs or running any 3d party applications in VM, all these vulnerabilities are impossible to exploit.

                  And that message in LKML is mine (actually I've sent it twice) and I'm sorry to draw attention to this but no one has bothered to reply to it which shows how the kernel hackers actually care about users. They couldn't care less, "eat our patches or go f*ck off".

                  Damn.
                  1) Why do you assume the user is using Chrome or Firefox? This is an unreasonable thing to assume, because there will be lots of users who don't use them. There are probably also lots of users that use an old version of Chrome or Firefox because some addon they like only works with it or simply because "the updates were annoying".

                  2) There have been a constant stream of new avenues of attack recently. Even if the user is using Chrome or Firefox are you sure that their browser is patched against the latest exploitable CPU bugs?

                  3) I noticed you completely ignore my game map example. Tons of people run mods these days. If you play CS:GO, then there's a good chance you've run a community map before. Maps and mods contain code and it's possible that this code in some engines can be used to exploit these CPU vulnerabilities.

                  I also noticed that you started re-framing the conversation from "typical home user and gamer" to "typical Linux user" and you also added specifics about what activities are safe. You are giving out very bad advice if you are suggesting typical home users and gamers disable OS spectre & meltdown mitigations. You likely have no idea what applications they will install and use on their PC over time.

                  Also: VMs can creep onto the average person's PC quite easily these days without them even fully understanding that they are using a VM. This can come in the form of a modern game console emulator. It could come in the form of an Android emulator (there are a number of them on the market now aimed at allowing users to play Android games and use other popular Android apps on their x86 PC).

                  The typical home user and gamer does not have the knowledge and OPSEC to be able to make a well informed decision on whether it is safe for them to disable these mitigations or not.

                  I stand by my claim. Typical home users and gamers should absolutely not disable these spectre and meltdown mitigations.

                  Comment


                  • #29
                    Originally posted by cybertraveler View Post

                    1) Why do you assume the user is using Chrome or Firefox? This is an unreasonable thing to assume, because there will be lots of users who don't use them. There are probably also lots of users that use an old version of Chrome or Firefox because some addon they like only works with it or simply because "the updates were annoying".

                    2) There have been a constant stream of new avenues of attack recently. Even if the user is using Chrome or Firefox are you sure that their browser is patched against the latest exploitable CPU bugs?

                    3) I noticed you completely ignore my game map example. Tons of people run mods these days. If you play CS:GO, then there's a good chance you've run a community map before. Maps and mods contain code and it's possible that this code in some engines can be used to exploit these CPU vulnerabilities.

                    I also noticed that you started re-framing the conversation from "typical home user and gamer" to "typical Linux user" and you also added specifics about what activities are safe. You are giving out very bad advice if you are suggesting typical home users and gamers disable OS spectre & meltdown mitigations. You likely have no idea what applications they will install and use on their PC over time.

                    Also: VMs can creep onto the average person's PC quite easily these days without them even fully understanding that they are using a VM. This can come in the form of a modern game console emulator. It could come in the form of an Android emulator (there are a number of them on the market now aimed at allowing users to play Android games and use other popular Android apps on their x86 PC).

                    The typical home user and gamer does not have the knowledge and OPSEC to be able to make a well informed decision on whether it is safe for them to disable these mitigations or not.

                    I stand by my claim. Typical home users and gamers should absolutely not disable these spectre and meltdown mitigations.
                    BS on top of BS.

                    1) Chrome/Chromium and Firefox are used by > 98% of Linux users out there. There are practically no other popular browser engines in Linux other than these two. Exploiting Meltdown and Spectre via JS is a very expensive ($$$) and tedious attack - you have to leave your browser window open for ages for the attacker to able to do anything. JS is still a lot slower than native code.

                    2) I'm pretty sure about that because I trust Firefox/Google developers a lot more than I trust your opinion. After all it's Google developers who discovered those vulnerabilities in the first place.

                    3) Among the people who I know no one uses any game mods and I'm talking about at least a hundred of people. Over 95% of them never play any games aside the ones which are built into the OS they are running (solitaire and such). You have to be insane to believe that someone is going to waste literally hundreds of thousands of dollars to implement and embed a Spectre/Meltdown-like exploit in a game mod. Such vulnerabilities are usually used against very high profile targets.

                    You may stand by whatever BS you don't really understand but that doesn't make your stance any more valuable. I'm also sure you have never written a single line of code in C or assembler which further invalidates everything you're saying. I'm also pretty sure you understand nothing about CPU/RAM architectures. You've heard about these vulnerabilities yet you understand shat about what they really are and how they can be exploited yet you have the guts to incite people to follow your advice.

                    To this date, and those vulnerabilities are now eight months old, there hasn't been a single virus detected or an intrusion incident occured which involved them yet kernel developers have slowed down our PCs without giving an option to have the lost performance back.
                    birdie
                    Senior Member
                    Last edited by birdie; 25 August 2018, 06:25 PM.

                    Comment


                    • #30
                      Originally posted by cybertraveler View Post

                      1) Why do you assume the user is using Chrome or Firefox? This is an unreasonable thing to assume, because there will be lots of users who don't use them. There are probably also lots of users that use an old version of Chrome or Firefox because some addon they like only works with it or simply because "the updates were annoying".

                      2) There have been a constant stream of new avenues of attack recently. Even if the user is using Chrome or Firefox are you sure that their browser is patched against the latest exploitable CPU bugs?

                      3) I noticed you completely ignore my game map example. Tons of people run mods these days. If you play CS:GO, then there's a good chance you've run a community map before. Maps and mods contain code and it's possible that this code in some engines can be used to exploit these CPU vulnerabilities.

                      I also noticed that you started re-framing the conversation from "typical home user and gamer" to "typical Linux user" and you also added specifics about what activities are safe. You are giving out very bad advice if you are suggesting typical home users and gamers disable OS spectre & meltdown mitigations. You likely have no idea what applications they will install and use on their PC over time.

                      Also: VMs can creep onto the average person's PC quite easily these days without them even fully understanding that they are using a VM. This can come in the form of a modern game console emulator. It could come in the form of an Android emulator (there are a number of them on the market now aimed at allowing users to play Android games and use other popular Android apps on their x86 PC).

                      The typical home user and gamer does not have the knowledge and OPSEC to be able to make a well informed decision on whether it is safe for them to disable these mitigations or not.

                      I stand by my claim. Typical home users and gamers should absolutely not disable these spectre and meltdown mitigations.
                      1) That is pure m00t. An attack via the browser will not happen through CPU bugs. You really have no clue how much data goes through your CPU, do you? An attacker will have to go through your data and do you know how many instructions merely opening a browser it takes to merely open a browser? Many many many billions, perhaps even trillions. And that is only the the starting of a single applications! There are way more processes running which adds trillions of instructions per second spread over your cpu. And even then the attacker needs to attack _very_ targeted at specific instructions (close to impossible, but not impossible) to get those passwords of yours. There are WAY easier and faster ways to get there.

                      2) See 1. Any browser based attack is near impossible. I searched just a moment ago, i can't find articles about the browser bugs being actively used.

                      3) Are you paranoid? How the **** can a game map be an attack point? As far as i know maps don't install services that run in the background or talk to the creator. If you think this is a serious issue then you're better off just throwing away your computer and start playing board games.

                      Regarding VM's. You obviously go with the hype train here. Even if you locally run a vm, there is nothing attacking you. Unless you attack yourself. There is only a 0.00000000000000000000000000000000000000000001% chance of being attacked if you would be a cloud provider and you host a user that is indeed attacking your infrastructure to become root and do whatever the attacker wants. There is absolutely no risk in being more vulnerable if you locally run a vm instance.

                      Everything you said proves me you know nothing about it. You go with the hypes that say "ohh, help, my private keys can be stolen. I must secure against that!"... It's not as black and white as the "security researchers" make it look like.

                      I claim that every user should disable those cpu "fixes". They have been here for a decade or so and never be an issue. The pesky effect is that linux (and i understand that for the public appearance and server market it serves) just patches the hell out of it's kernel to make it secure. That's fine. But for desktop users, there is no threat when not applying the patches. Unless you prove me wrong? You can't.

                      Comment

                      Working...
                      X