Announcement

Collapse
No announcement yet.

"CrossTalk" / SRBDS Is The Newest Side-Channel Vulnerability

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #21
    And for comparison, some Amlogic ARMs:

    Code:
    Odroid_C4> uname -r && cd /sys/devices/system/cpu/vulnerabilities && grep . *
5.7.0-dirty
itlb_multihit:Not affected
l1tf:Not affected
mds:Not affected
meltdown:Not affected
spec_store_bypass:Not affected
spectre_v1:[B]Mitigation[/B]: __user pointer sanitization
spectre_v2:Not affected
tsx_async_abort:Not affected

    Code:
    Odroid_N2> uname -r && cd /sys/devices/system/cpu/vulnerabilities/ && grep . *
5.4.42-dirty
itlb_multihit:Not affected
l1tf:Not affected
mds:Not affected
meltdown:Not affected
spec_store_bypass:[B]Vulnerable[/B]
spectre_v1:[B]Mitigation[/B]: __user pointer sanitization
spectre_v2:[B]Vulnerable[/B]
tsx_async_abort:Not affected
    I wish Amazon/Microsoft/Samsung sold non-speculative versions of their Graviton/SQ1/Snapdragon8cx hardware.

    Comment

    • #22
      Originally posted by mulenmar View Post
      I can't help but wonder where we'd be if, instead of Silicon Valley's "innovation is king!" attitude in a "make us money OR STARVE AND DIE" culture, we had a "get the job done RIGHT, and take the time, prototyping, and testing to GET IT RIGHT!" attitude in a "you get the bare minimum to survive, and free access to the best means to improve yourself" culture. Maybe we'd have less of this rush-out-to-meet-quarterly-earnings nonsense, and better engineering from a wider range of people. With enough time off for personal projects to avoid mistake-creating burn-out, and maybe have less ass-covering and Wall Of Silence nonsense to boot.

      You may say, I'm a dreamer...
      How dare you suggest a purely merit based system. That's RACIST.

      But seriously, what you describe is exactly how many startups worked, at least during the dot-com boom. They paid crap for salary, but gave you a pile of stock options. The options were worthless initially, but if the company became successful, the options would be worth a ton. Gives everyone the incentive to excel.
      Last edited by torsionbar28; 09 June 2020, 10:31 PM.
      • Likes 1

      Comment

      • #23
        Originally posted by Spooktra View Post
        Makes me wonder if someone is hell bent on tanking Intel's stock so they can buy it up cheaply and make some dough when it inevitably goes up.
        In contrast to AMD intel is more diversified, Im not sure if the impact is predictible. For AMD there are more or less only 2 major fields: CPU, GFX'S ...intel: CPU, (GFXs), Storage, AI, NIC, Software, Power Management IC's, FPGA

        Comment

        • #24
          Originally posted by mulenmar View Post

          Given that a) the costs of paying the researchers to find such obscure bugs would be extravagantly greater than the profit to be made IF the stock manages to recover, so no likely upper class tomfoolery, b) the loss of cyberwarfare advantage from publicizing the flaws so they can be mitigated, so no nation-state actors, and c) the ripple effects of uncontrolled discovery of similar flaws in the other major chipmakers' hardware (AMD, ARM), so unlikely to be paid for by said other chipmakers, I find this literally incredible.
          Well this researchers have to do a reverse engineering job. If you are at intel with all resources given, it is presumably easier to find the security leaks. Hence a proper QA should already find issues. Moreover in the design phase some of it might already pop up. At this point it is less expensive. Maybe it is already enough to hire some security driven engineers and let them be involved in the design of instructions.
          IMHO some of it was already found during design phase but I was trashed by higher management decisions to save costs or have a higher performance yield. Once it is established subsequent generations will inherit all this flaws and might get new ones. Besides nobody will remember the old ones in details. ...just piling up sh**

          • Likes 1

          Comment

          • #25
            Intel deserves only to fail.

            Comment

            • #26
              Originally posted by CochainComplex View Post
              In contrast to AMD intel is more diversified, Im not sure if the impact is predictible. For AMD there are more or less only 2 major fields: CPU, GFX'S ...intel: CPU, (GFXs), Storage, AI, NIC, Software, Power Management IC's, FPGA
              Not disputing that intel is more diversified, but you forgot consoles. AMD completely owns the console market, powering the current and next generation PlayStation & the current and next generation XBox.

              AMD used to make memory, NIC, IC, etc. but had to endure some lean years pre-Zen. Now that they're making money, I would expect them to start branching out again.

              Originally posted by Azrael5 View Post
              Intel deserves only to fail.
              That's a bit extreme, but I wouldn't mind seeing them knocked down a few notches from their near-monopoly status. After all, everyone wins with an even playing field and healthy competition in the market.
              Last edited by torsionbar28; 10 June 2020, 03:12 PM.

              Comment

              • #27
                Originally posted by elatllat View Post
                I wish Amazon/Microsoft/Samsung sold non-speculative versions of their Graviton/SQ1/Snapdragon8cx hardware.
                Speculation is extremely important for performance in out of order designs. No one who is in the market for a high performance system would buy a server/instance that uses in-order cores like the Odroid C4's A55 you posted.

                Comment

                • #28
                  Originally posted by Space Heater View Post
                  Speculation is extremely important for performance in out of order designs. No one who is in the market for a high performance system would buy a server/instance that uses in-order cores like the Odroid C4's A55 you posted.
                  I'd take 10 times the core count over speculation any day.

                  Comment

                  • #29
                    Originally posted by elatllat View Post
                    I'd take 10 times the core count over speculation any day.
                    That's not how it works. I don't think you understand speculation enough to have such a strong opinion on it either.
                    • Likes 1

                    Comment

                    • #30
                      Originally posted by Space Heater View Post
                      That's not how it works. I don't think you understand speculation enough to have such a strong opinion on it either.
                      In in the good old days when code executed in series, core count was no substitute for speed. With the kernel, systemd, and popular apps all getting more parallel support the core count is a good substitute for speed when mesuring throughput. Throughput is especially important on servers, but as an example for desktop use; gimp 2.10 is faster on a slow ARM Than gimp 2.8 on a fast X86 due to milticore support.
                      Last edited by elatllat; 10 June 2020, 06:13 PM.

                      Comment

                      Previous 1 2 3 4 template Next
                      Working...
                      X