Announcement

Collapse
No announcement yet.

Intel CPUs Reportedly Vulnerable To New "SPOILER" Speculative Attack

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intel CPUs Reportedly Vulnerable To New "SPOILER" Speculative Attack

    Phoronix: Intel CPUs Reportedly Vulnerable To New "SPOILER" Speculative Attack

    SPOILER is the newest speculative attack affecting Intel's micro-architecture...

    http://www.phoronix.com/scan.php?pag...SPOILER-Attack

  • #2
    Is there a list of which CPUs are affected by this?
    And if future CPUs have it fixed?

    Comment


    • #3
      Using an Intel CPU is like using a Ferrari with the handbrake active
      It is embarassing how slow they become with the mitigations enabled compared to stock: https://www.phoronix.com/scan.php?pa...meltdown&num=1
      What's even more interesting is that mitigations have a *very* small effect on AMD CPUs compared to Intel and the gap is going to widen while more speculative attacks get discovered.
      ## VGA ##
      AMD: X1950XTX, HD3870, HD5870
      Intel: GMA45, HD3000 (Core i5 2500K)

      Comment


      • #4
        Intel's CPUs and memory controller architecture has historically been much more vulnerable to Rowhammer than AMD even in the DDR4 era which has brought some mitigations to it. For example, my desktop has a Ryzen 5 CPU with TeamGroup DDR4 RAM and hours of Rowhammer testing showed highly resistant - no bitflips in 3 hours of a test run. In contrast, I've seen reports of Intel's setup still vulnerable to Rowhammer up to fairly recent generations with much larger numbers of flips than AMD using the same vulnerable RAM.

        Intel has some serious hubris going on here. Remote Rowhammer attacks that are 100% reliable on Intel hardware with no known mitigations and perhaps not even possible to mitigate them without entirely new hardware? That's a nightmare scenario right there.

        Comment


        • #5
          The companies running server farms or whatever form of countless Intel boxes, won't like to hear this.
          Since each software patch trying to compensate Intel's low-quality CPUs, if it's possible at all per software, makes the CPU slower.

          I too regret to have an Intel CPU and will never buy one again. AMD or even better ARM is the future. Clearly. Intel helps this evolution.

          Comment


          • #6
            Two highlights from the article:

            " even from sandboxed environments like JavaScript " and " Rowhammer attack with normal user’s privilege "

            What's worrying, is the mentality of the industry which intentionally sacrificed security for performance, has passed to end users.

            Just read the comments of this article: https://www.phoronix.com/scan.php?pa...meltdown&num=1

            Comment


            • #7
              Originally posted by Konstantin A. View Post
              Two highlights from the article:

              " even from sandboxed environments like JavaScript " and " Rowhammer attack with normal user’s privilege "

              What's worrying, is the mentality of the industry which intentionally sacrificed security for performance, has passed to end users.

              Just read the comments of this article: https://www.phoronix.com/scan.php?pa...meltdown&num=1
              To be reluctantly fair, most users don't want to pay for safety/security so it's not entirely Intel's fault. It's as much the fault of their customers as Intel's (including myself on some ocassions). Intel has largely delivered what their customers wanted. Cheap computing with a very strong backwards compatibility ethic. Only now we're getting the "past due" notice on the technical debt that was already in the mail over 20 years ago.

              Adding after a moment thought: I wonder if or how much Itanium is vulnerable to speculative architecture attacks. I know POWER and ARM both have such vulnerabilities in their implementation.
              Last edited by stormcrow; 03-05-2019, 11:25 AM.

              Comment


              • #8
                I can't help but think that all these "exploits" are little more than making a mountain out of a molehill. Let's assume that every that has ever been said about all of these "exploits" is true, so what? Show me a real world example where Spectre, Meltdown, Rowhammer, Spoiler, et al, actually resulted in a system being compromised, data being stolen or any real negative consequence.

                It almost seems to me like a anti-Intel propaganda campaign, even with an un-patched system there is little chance for any real damage to the average user.

                Comment


                • #9
                  So if intel, disable hyperthreading and overclock to make up the difference. Seems to be where their new desktop models are headed.

                  Comment


                  • #10
                    This is getting ridiculous...soon our PCs will be as fast as a 386.

                    Comment

                    Working...
                    X