Horrific Security Flaw Affects Decade of Intel Processors

originally posted by: intrptr
Undetected for over a decade? Who believes that?

No one.


marc.info...

originally posted by: AMPTAH
If your PC is not connected to the internet, then there's no security issue here.
If your PC is connected to the internet, there' no perfect security possible anyway.
So, continue as you were.

Correct answer above, thanks!

I've spent this last day studying this flaw, and I think it is a bit overly dramatic to call this a "horrific" doomsday situation

The basic situation is as follows: using a complex and latent bug of Intel and AMC processors, a malicious program can access the memory of a process executing on your machine -- not really extraordinary news.

For example, it is very trivial to create a "keylogger" to steal passwords -- there are plenty of videos about how to do that. Also, there are multiple obscure and well known ways that performance monitoring programs can exfiltrate data (such as via WMI, SNMP, HTTP servers, Skype, etc.) There is an amazingly long list of ways to steal from and spy upon people.

If someone can compromise your machine by getting you to execute a program on your machine (through some sort of e-mail attachment, or some other vulnerability) YOU ARE IN TROUBLE. Rather than listening to out-of-band CPU cycles (as discussed in this particular vulnerability), a malicious program can just delete or encrypt your entire disk. That is imperative to remember. You have worse things to worry about than THIS particular vulnerability.

The secret to success in handling this vulnerability is to just install great access controls including good passwords, limit your access to the internet via firewalls, don't download and install random software or apps, be careful of every clicking on an e-mail attachment, and just be vigilant. If you do all that, you greatly reduce (but cannot ever eliminate) the risk of compromise.

None of these suggestions are probably listed as ways to mitigate this bug -- companies are going to want to sell you new hardware --but I would not take any remediation steps without implementing (or at least reviewing) all of the above items, please.

a reply to: Cauliflower

I was thinking a secure front end something like the old 12 channel MUX might resolve the cloud cache security problems.

I worked on that product at Zilog.

originally posted by: greyhat

originally posted by: intrptr
Undetected for over a decade? Who believes that?

No one.

marc.info...

Thankks.

Basically the MMU simply does not operate as specified/implimented
in previous generations of x86 hardware. It is not just buggy, but
Intel has gone further and defined "new ways to handle page tables"
(see page 58).
- Some of these bugs are along the lines of "buffer overflow"; where
a write-protect or non-execute bit for a page table entry is ignored.
Others are floating point instruction non-coherencies, or memory
corruptions -- outside of the range of permitted writing for the
process -- running common instruction sequences.

Remember that, they had over heating issues as well, especially the Pentium.

Good gold scrap though.

I see there are two separate issues, Meltdown and Spectre....one that targets Intel, the other is an issue for all processors:
hothardware.com...

This is definitely the nastier of the two exploits and affects all modern processors (Intel, AMD, ARM, etc.) and operating systems that we know of. Spectre in effect tricks "error-free" applications that follow "best practices" to provide access to arbitrary locations in their memory. Spectre, like Meltdown, breaks down the barriers between applications, but researchers indicate that "the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre."

looks like to be totally safe, you need to get a firmware update as well:
support.microsoft.com...

Note: Customers who only install the January 2018 security updates from Microsoft will not be fully protected against the vulnerabilities. You will also need to install firmware updates from your device manufacturer. Antivirus software updates should be installed first. Operating system and firmware updates can be installed in either order.

see next post, god damn kboard

a reply to: TEOTWAWKIAIFF
i spilled stuff on my kboard, so until next week i have to use onscreenboard. plz lookup term predictive execution AMD never used this technique, they always had a completely different mindsets than intel regarding the workflow of the cpu cycles, sorry writting with the mouse is terrible slow....

e: not saying one is better, it depends on what you need, big caches and or fast cycles, mobile et cetera

e: this thread was about this bug, I was still unaware of the other one, thank you for the headsup

originally posted by: intrptr
Undetected for over a decade? Who believes that?

This

originally posted by: AMPTAH

originally posted by: SR1TX

What if this is how the DNC was hacked from the inside? By one of our own?

What if they just found out that it was the Russians who recently discovered the bug, and used it to hack the DNC and RNC, and so now they have to admit there's a bug, and patch the thing before the Russians get more intel this way?

What if it records what you do especially with encryption and then sends that data somewhere else periodically. I don't think it's a coincidence it's 10 years old, that's about how long bitcoin and other cryptos have been in the worx.

Please don't ban me for saying that everyone else has.

originally posted by: Arbitrageur
a reply to: Cauliflower

As I already said on page 2, the link eisegesis posted on page 2 describes a far worse problem with the Intel processors, the computer inside your computer with its own webserver, that you have no control over. The Google engineer who found the problem said if you aren't scared, then maybe he didn't explain the problem well enough, because he's scared.

No, at worst it means the hole could be abused to read hypervisor data, including encryption keys from other user's workspaces, since the Hypervisor by definition must be able to map all the guest address spaces.

In other words all cloud computing environments are insecure.

What's worse it looks like the root cause of this is that Intel cheated. In other words their processors speculatively execute code in such a fashion that the actual access takes place before the privilege check is done. This is good for performance but horrible for security in that it apparently can be leveraged to allow the reading of anything accessible from the hypervisor -- in other words, any other client's data.

This is a really big deal folks. I've heard rumblings of a severe Xen problem (a common hypervisor) for a while now -- several months of relatively loud rumbling, starting with some little chirping about a year ago and change. If this is the issue and is embedded in the architecture of the CPUs involved in modern systems then any cloud-based system will be forced to use the mitigation code which will slow it down dramatically.

market-ticker.org...

There's no fix for Spectre either, they have a fix for meltdown which will slow processing down 30%. I wonder if the HFTs will be affected? A 30% slowdown in trading could cause some problems lulz.

a reply to: SkeptiSchism

5-30%. it´s a common rule to have 30% reserve in a growing environment such as finance, "cloud"/server farms and such. other stuff too, like cable trusses or holes normally do have a third of the needed space on top for reserve.

30% is the determined worst case, there should be plenty of time and reserve to guarantee a smooth transit, although it will hurt on the financial side.

FWIW, more info on Spectre and Meltdown are here
www.abovetopsecret.com...

A little AMD action as well

AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor.
...
The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

hardware.slashdot.org...

a reply to: MindBodySpiritComplex

...Execute ... Order 66....

How do some people live with themselves?
Guy belongs in jail.....
"It Doesn’t Look Good": Intel CEO In Jeopardy For Selling Stock After Learning Of "Staggering" Flaw

Six months after Intel was informed about unprecedented vulnerabilities in its chips that could enable hackers to access user data, and which has since emerged as the most "staggering" bug to affect the global semiconductor industry, company CEO Brian Krzanich was quietly selling shares and exercising stock options worth a total of $39 million, netting him nearly $25 million, according to regulatory filings.

The trade, which took place on Nov. 29, has been called "a highly unusual move" that risked attracting regulatory scrutiny, according to lawyers and analysts who spoke to the WSJ. The timing of Krzanich’s sale “is really odd,” said Dan O’Connor, a Ropes & Gray attorney specializing in securities law. "The timing, the size, the unusual nature compared to prior sales—that’s going to get this a lot of scrutiny."

While the trade took place under an SEC rule that allows officers and directors to prearrange sales of specific numbers of shares at particular times, the experts note that the rule prohibits insiders from setting up such transactions while possessing undisclosed information that might affect the stock price.[/url]

I wonder if there is no bug and the real back door is going to be installed by the patch...

"Undetected for over a decade? Who believes that?"

Sorry, for being bad at the Internet, and not knowing how to properly quote.

Anyways, coincidence this thread is right below one about the China sea?

This security exploit is another Chinese weapon. Same as BTC. Same as the earthquake machine.

The war with China is plainly visible as well. Twin towers come down so US doesn't have to give China their gold.
Nobody thinks there was anything strange with the 2004 Tsunami a couple years later? Underwater nukes possibly?
Then the very next year 2005 one of the fishiest record breaking hurricane seasons.
CPU security exploits for a decade - so 2008 this weapon was deployed.
BTC weapon deployed a year later 2009.
Still working on a date for when hurricane machine came online. May 2015 - Papa New Guinea is the earliest I've found.
Perfect warm up target to see if their next attack on Taiwan (2016) will affect the mainland (the match in physical proximity of Australia/New Guinea - China/Taiwan). Ecuador 2016 another big one.


I'm the only one seeing this?

looking back over what i wrote it's easy to see why no one is calling it a "war"
US is straight getting their ass kicked - not even a fight much less a 'war'

"boxing day tsunami" ahaha yeah right