Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Intel process security bug

  1. #1
    Senior Member
    Join Date
    Jan 2014
    Posts
    5,991

    Intel processor security bug

    https://www.theregister.co.uk/2018/0...u_design_flaw/

    TLDR version: Massive security bug can't be patched in-processor, Windows, Linux (hence also MacOS) etc. speeds will all need to be patched which will result in double-digit % speed hits to all processors from the last decade.

    FFFFFFFUUUUUUUUUUUUUU and I smell class-action lawsuit.

    With that said, at least we got this out of it:

    The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
    Last edited by Yw-slayer; January 3rd, 2018 at 05:45 AM.

  2. #2
    Junior Potato
    Join Date
    Jan 2014
    Posts
    9,597
    Shhheeeeeit.

    Has Intel been using German-brand diesel-fuelled People's Processors or something?

    Metal-level security flaws? A lot of people will jump ship to AMD in the short term. I wasn't too keen on Ryzen but who knows now? Could take Intel years to fix this one.

  3. #3
    Jedi Cam's Avatar
    Join Date
    Jan 2014
    Location
    Alexandria, VA
    Posts
    5,615
    I'm not really a techie, but even I can tell that is a major eff-up.

    Not the first time Intel has faced a shitstorm. Remember back in the '90s when some scientists realized Intel processors did math wrong? Intel's response was basically, "We did not think anyone would notice."
    Last edited by Cam; January 3rd, 2018 at 09:38 AM.

  4. #4
    Administrator dodint's Avatar
    Join Date
    Jun 2016
    Location
    'Trep
    Posts
    5,619
    This kind of reminds me of Superfish, but a lot worse.

  5. #5
    Senior Member
    Join Date
    Jan 2014
    Posts
    5,991
    http://fortune.com/2018/01/03/intel-...rity-flaw-amd/

    Apparently amd and arm are also affected, but to a different degree.

  6. #6
    As stated here: https://www.infosecurity-magazine.co...aws-confirmed/

    The National Cyber Security Centre (NCSC) claimed in a statement that it had seen “no evidence of any malicious exploitation” and advised users and IT admins to install patches as soon as they are made available.
    Last edited by Jacee; January 8th, 2018 at 07:29 PM.
    MS MVP Consumer Security 2006~2016

  7. #7
    Administrator dodint's Avatar
    Join Date
    Jun 2016
    Location
    'Trep
    Posts
    5,619
    Yeah. This is going to be a headache for me. At least Tenable already has plugins for it.

  8. #8
    Junior Potato
    Join Date
    Jan 2014
    Posts
    9,597
    Updates are rolling in for a bunch of devices. iOS 11.2.2 came in for my iPhone and iPad today. Apparently Microsoft was real quick with the Win 10 update as soon as this all leaked, but I’m not seeing any mention of it in the update notes for one that I received on the 6th.

    I’m getting mixed info from the (few) sites that I’ve checked, however. I’m still up in the air about whether I have to update the processor itself, as well as the OS. I’ve read some scary phrases such as BIOS update as well. This is all very confusing.

  9. #9
    Junior Potato
    Join Date
    Jan 2014
    Posts
    9,597
    Benchmarks from Digital Foundry:

    http://www.eurogamer.net/articles/di...ng-performance

    Overall there’s not much to worry about performance-wise if you’re a home user, and gaming performance only loses 1-5%; the worst of the games they tested being The Witcher III which is very CPU intensive in its heavily NPC populated areas.

    The main effects will be felt by workstation users and in data centres, where threads and cores take center stage far more than that sort of workload is seen on the average desktop.

  10. #10
    Administrator
    Join Date
    Jan 2014
    Posts
    8,832
    Judging by my searches yesterday, it looks like I'm not the only one that just cannot get the OSX update to install.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •