Announcement

Collapse
No announcement yet.

LVI Attack Hits Intel SGX - Defeats Existing Mitigations, More Performance Hits

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Power is using SMT and speculative execution too, no?

    Comment


    • #32
      Does anyone know of any Blade servers with AMD EPYC Rome?

      Comment


      • #33
        With all those mitigations modern Intel cores perform worse than Netburst, lol.

        Comment


        • #34
          Originally posted by Xaero_Vincent View Post
          ARM64 is looking rather nice right about now. Just need a super fast x86-64 translator for Steam games and Wine.
          Sadly ARM64 doesn't really help all that much as the bigger cores have also found to be susceptible to these branch prediction attacks. If I'm not mistaken, when the first exploits were announced some of the bigger cores like the A72 were initially found to be worse than AMD's CPUs. It's probably also the tip of the iceberg too as most of the focus has been on x86 as that's where the biggest threats are anyway due to larger systems running almost exclusively on x86.

          The small A53 core is pretty safe, but only because it's branch prediction is so simple there's just not enough there to leverage for a meaningful exploit. You're obviously not going to be running Doom Eternal a CPU with those.
          "Why should I want to make anything up? Life's bad enough as it is without wanting to invent any more of it."

          Comment


          • #35
            Originally posted by Raka555 View Post
            So what is the fastest non-speculative CPU ? Cortex-A53 ?
            Maybe I should only do online banking on my RPI
            Intel Itanium (what irony right?) -- read about Poulson: 8 cores, 12-wide issue engine: https://en.wikipedia.org/wiki/Itanium

            Comment


            • #36
              Originally posted by Spam View Post
              Power is using SMT and speculative execution too, no?
              Yes, and very aggressively.

              Comment


              • #37
                Originally posted by TemplarGR View Post
                With all those mitigations modern Intel cores perform worse than Netburst, lol.
                Hmm, not so sure, have you benchmarked?

                Comment


                • #38
                  Originally posted by Qaridarium View Post

                  there is maybe some voodoo black magic mind control who let the people just shot them self in a suicide run...

                  any sane person with money in the pocket should just buy a IBM POWER CPU based system right now.
                  I wouldn't hold my breath, but POWER was vulnerable to Meltdown and as paper says principally it may be vulnerable to this issue too. The problem is limited resources of the research team testing various OoO CPUs. When they got to ARMv8 you can celebrate, otherwise they focus solely on Intel.

                  Comment


                  • #39
                    Look at all these clowns who think this is an x86 or even Intel-only problem.

                    Comment


                    • #40
                      Originally posted by Spam View Post
                      Power is using SMT and speculative execution too, no?
                      Of course it is. The main difference is that the processor is properly documented and has open firmware -- i.e., it should be possible for this type of research to be applied to POWER processors and obtain a proper yes/no answer as to whether it is affected, versus having to guess at internal architecture first like in the x86 world. Guessing means you can't really be sure if the processor is actually immune to the class of attack or whether you've just made a wrong guess about the internals, and a right guess would have shown the vulnerability.

                      Overall, IBM and AMD seem to have both been more careful about internal design decisions related to the core itself (with caveat following). My concerns with AMD continue to revolve around the black-box PSP, closed firmware, and NDA restricted documentation, none of which will help anyone trying to determine if shipping AMD CPUs are actually affected by these (or other) issues.

                      Comment

                      Working...
                      X