Announcement

Collapse
No announcement yet.

Looking At The LVI Mitigation Impact On Intel Cascade Lake Refresh

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Looking At The LVI Mitigation Impact On Intel Cascade Lake Refresh

    Phoronix: Looking At The LVI Mitigation Impact On Intel Cascade Lake Refresh

    On Friday I posted some initial numbers looking at the LVI mitigation impact when using the LLVM Clang compiler with that open-source, multi-platform compiler having landed its mitigation this week for Intel's Load Value Injection (LVI) vulnerability that was disclosed in March. Through the weekend I have been running some additional tests of this compiler-based mitigation and in this article are some numbers off Cascade Lake Refresh, which while recently released is reported by Intel to still be vulnerable to this new disclosure.

    http://www.phoronix.com/vr.php?view=29043

  • #2
    Typo on the last page: "Intel has publicly said they believe LVI to be mostly a hyptothetical attack."

    Comment


    • #3
      Intel has publicly said they believe LVI to be mostly a hyptothetical attack.
      AMD said pretty much the same thing about Spectre v2, but still recommended mitigating it. Intel discouraging mitigation for this vulnerability is extremely irresponsible.

      Comment


      • #4
        Originally posted by hotaru View Post

        AMD said pretty much the same thing about Spectre v2, but still recommended mitigating it. Intel discouraging mitigation for this vulnerability is extremely irresponsible.
        You had the chance to catch a ty- never mind :l

        Comment


        • #5
          Originally posted by tildearrow View Post

          You had the chance to catch a ty- never mind :l
          And he did.

          Comment


          • #6
            Originally posted by hotaru View Post

            AMD said pretty much the same thing about Spectre v2, but still recommended mitigating it. Intel discouraging mitigation for this vulnerability is extremely irresponsible.
            Not really. Those that need to be so paranoid so as to lose on average 20% of their performance on top of the rest of the Intel specific performance hits already know if they need that level of mitigation till they can bring in new hardware that's not vulnerable. Those that don't, don't have to worry much as it's not activated by default. Those that might need this level of paranoia are organizations and individuals being targeted by nation states. For the rest of us, there's already plenty of easily picked low hanging fruit at the software level or social level that doesn't require specific hardware version vulnerabilities to successfully attack.

            I'm wondering if organizations with sufficiently deep pockets are starting to look at migrating to either AMD or POWER 9 servers and workstations when playing defense.

            Ultimately the security of data in one's possession is a trade off on performance, convenience versus who you're protecting against. Very few sane people need to worry about TLAs as a threat actor.

            Comment


            • #7
              Originally posted by stormcrow View Post
              Not really. Those that need to be so paranoid so as to lose on average 20% of their performance on top of the rest of the Intel specific performance hits already know if they need that level of mitigation till they can bring in new hardware that's not vulnerable. Those that don't, don't have to worry much as it's not activated by default. Those that might need this level of paranoia are organizations and individuals being targeted by nation states. For the rest of us, there's already plenty of easily picked low hanging fruit at the software level or social level that doesn't require specific hardware version vulnerabilities to successfully attack.
              all of my own systems are not vulnerable to LVI, mostly due to luck. but a lot of cloud providers are using vulnerable hardware, and those providers are very desirable targets.

              Originally posted by stormcrow View Post
              I'm wondering if organizations with sufficiently deep pockets are starting to look at migrating to either AMD or POWER 9 servers and workstations when playing defense.
              a lot of them are:

              Comment


              • #8
                So Bulldozer Opterons are faster and more secure at this point.

                Comment


                • #9
                  There's a part of me that says: "Ok Intel... stop sucking now and start lowering prices. We need competition in the market"
                  Then another vulnerability comes in, and they don't lower the prices for their garbage products, nor fix older vulnerabilities in their hardware... They just bump the clockrate ¯\_(ツ)_/¯

                  So I mostly want to see Intel go kaput these days... At least they would leave room for better competitors like ARM, POWER, RISCVy (the meme ABI ), etc...



                  Comment


                  • #10
                    Originally posted by Cape View Post
                    There's a part of me that says: "Ok Intel... stop sucking now and start lowering prices. We need competition in the market"
                    Then another vulnerability comes in, and they don't lower the prices for their garbage products, nor fix older vulnerabilities in their hardware... They just bump the clockrate ¯\_(ツ)_/¯

                    So I mostly want to see Intel go kaput these days... At least they would leave room for better competitors like ARM, POWER, RISCVy (the meme ABI ), etc...


                    Apple doing transition to ARM cpus, seem to be a sane choice on long term.
                    Last edited by onicsis; 04-06-2020, 08:30 AM.

                    Comment

                    Working...
                    X