It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Horrific Security Flaw Affects Decade of Intel Processors

page: 3
20
<< 1  2    4  5 >>

log in

join
share:

posted on Jan, 4 2018 @ 12:43 AM
link   
a reply to: stormcell

Thanks!

I haven’t kept up on kernal or chip design since school (more of a curiosity on my part). Multithreading was just starting as I left so thanks for the links.

We got an “oh crap” email at work about this as I was leaving. I think I will let the IT Security guys (and gals) worry about this one. And the server admins too. Maybe a couple years from now it will be personal but then all cyber breaches are that way. Theory is good but most hackers are script kiddies who don’t know how it really works.

I have one more topic to read up on! And see if it is an everyday thing to be scared of. The Mac OS root password one was worse!



posted on Jan, 4 2018 @ 01:31 AM
link   
a reply to: MindBodySpiritComplex

-Jim stone has been talking about this on his blog for a couple of years.



posted on Jan, 4 2018 @ 08:11 AM
link   
a reply to: intrptr

I do. As with nearly every security flaw in technology, no one is actually hacking your crap. It's always found out by the manufacturer........ Then they figure out a patch to slow your tech down, add permissions and ad software.

It's security theater at its finest.



posted on Jan, 4 2018 @ 08:49 AM
link   
a reply to: Aazadan

Yes it now looks like AMD are in the same predicament as Intel and even ARM also from these new Meltdown and Spectre security flaws.

Then again there is absolutely no proof that said flaws have been exploited yet, not that there would be through i imagine if they have been.
edit on 4-1-2018 by andy06shake because: (no reason given)



posted on Jan, 4 2018 @ 09:29 AM
link   
a reply to: dothedew


I do. As with nearly every security flaw in technology, no one is actually hacking your crap. It's always found out by the manufacturer.....

I see your manufacturer, and raise you one Ed Snowden.

Hacks are usually responsible for breaches in security, maybe a whistler too. Covering up hacks (or back doors) is one way the Manufacturer can protect its reputation. Today, in the Sate of Secrets I expect it, I expect them to lie their ass off.

What huh, We haven't granted gubment exclusive access in violation of fourth amendment rights, because if we told you then lawsuits would break us. So we make up a press release, pretend we 'din no nuffin bout it' , for over a decade.

Oh. now you tell us.

Spying on the American public is always gone on , every which way possible, at the same time maintaining plausible deniability. Companies wouldn't be allowed to operate, otherwise.

Its in your / their contract. You signed it.

"We may share your personal information with third parties."




edit on 4-1-2018 by intrptr because: additional



posted on Jan, 4 2018 @ 09:30 AM
link   
a reply to: intrptr

Heh...

One could, were one of a mind to, imagine several scenarios which are more likely than such a serious threat going undetected for this long.

For example, the story goes:

Horrific Security Flaw Goes Undetected For a Decade

But you might prefer to read:

Intentional Intelligence Backdoor In Processors Finally Closed, As Intelligence Agencies Improve Forced Entry Methods



posted on Jan, 4 2018 @ 09:43 AM
link   
a reply to: TrueBrit


But you might prefer to read:

Intentional Intelligence Backdoor In Processors Finally Closed, As Intelligence Agencies Improve Forced Entry Methods


"Intentional Intelligence Backdoor In Processors Finally Closed, As Intelligence Agencies--" are finally granted de facto permission.

Patriot Act, Homeland Security, NSA.

Remember the apple phone thing in the mews about the gubment demanding permission to decrypt that phone belonging to a known 'terrorist'? It was such grand theatre, the press covered it all. The gubment begging, Apple holding out, then... silence.
edit on 4-1-2018 by intrptr because: clarity



posted on Jan, 4 2018 @ 10:50 AM
link   
a reply to: intrptr

The government had the Apple phone cracked from the beginning, they just wanted the illusion that Apple had to give in to them.



posted on Jan, 4 2018 @ 01:16 PM
link   

originally posted by: andy06shake
a reply to: Aazadan
Then again there is absolutely no proof that said flaws have been exploited yet, not that there would be through i imagine if they have been.
The whole idea of a successful surveillance is that the target is not supposed to know they are being spied on. If the target figures that out then they can react and then the spies don't get the intelligence they are after. And yes it's not like the NSA will be coming forward with proof they used their spying mechanism in Intel chips successfully, as they have no incentive to do that and lots of incentive to not do that.

The biggest risk as we've seen with other NSA tricks is of them falling into the hands of hackers with even more evil purposes than the NSA.

Leaked NSA Hacking Tools Being Used to Hack Thousands of Vulnerable Windows PCs

In this case there is some security through obscurity as the hidden operating system source code is unknown, so that probably makes it hard to figure out how to use it for those who lack the knowledge.

edit on 201814 by Arbitrageur because: clarification



posted on Jan, 4 2018 @ 01:57 PM
link   
a reply to: Arbitrageur

Well our respective alphabet agencies may be many things but their knowledge base and how they utilize information for nefarious purpose and endeavor is second to none.

Knowledge is one commodity that they have in spades, which does not exactly bode well regarding these unknown exploits, nor the 10 years they have gone alleged undetected.

edit on 4-1-2018 by andy06shake because: (no reason given)



posted on Jan, 4 2018 @ 02:49 PM
link   

originally posted by: intrptr
a reply to: AMPTAH

"Back doors" have been around since before this flick came out in 1983. I know, I was there.


WPI and MIT along with PARC Xerox called all the shots in the early days of personal computing.

Looks like someone pulled the media trigger on an old issue?
I thought timing attacks needed exotic stable clcking that isn't easily available to street hackers?
eprint.iacr.org...



posted on Jan, 4 2018 @ 03:34 PM
link   

originally posted by: Aazadan
a reply to: intrptr

The government had the Apple phone cracked from the beginning, they just wanted the illusion that Apple had to give in to them.

I thought I sad that, Sorry if i wasn't more clear.



posted on Jan, 4 2018 @ 03:35 PM
link   
a reply to: Cauliflower

As I already said on page 2, the link eisegesis posted on page 2 describes a far worse problem with the Intel processors, the computer inside your computer with its own webserver, that you have no control over. The Google engineer who found the problem said if you aren't scared, then maybe he didn't explain the problem well enough, because he's scared.



posted on Jan, 4 2018 @ 03:40 PM
link   

originally posted by: dothedew
And just like most other security exploits, nobody probably even knew about it until the Intel Team found it, and articles started popping up about it..........

Good thing my laptop doesn't have an Intel Processor


I had a few intel powered computers leading up to the year 2005, and I was pretty much done with them after that point. Couldn't pay me to own one anymore.


Would not be so cocky. I am sure these are delibrate and that other processors have them too. Thank the NSA.




posted on Jan, 4 2018 @ 03:41 PM
link   

originally posted by: Cauliflower

originally posted by: intrptr
a reply to: AMPTAH

"Back doors" have been around since before this flick came out in 1983. I know, I was there.


WPI and MIT along with PARC Xerox called all the shots in the early days of personal computing.

Looks like someone pulled the media trigger on an old issue?
I thought timing attacks needed exotic stable clcking that isn't easily available to street hackers?
eprint.iacr.org...


I read a book once, I 'stole it' from my room mate, he was a branch manager at Bank of America, waaay back in the early 80s. The book was 'eyes only' for managers , discussed in detail the kind of hacks B of A was dealing with. Trojan Horse, Time bombs, Virus stuff, I was in computers back then, when I saw he left it out I snagged it up, read it in one day and put it back when I was done.

Fascinating stuff. We used to discuss this kind of thing it was more open 'amongst us in tech' at that time, the movie War Games is scratching the surface.

by the by: I worked at Zilog in the early days, direct competition with Intel for the early microprocessor.

Intel had the 8080, Zilog developed the Z80. This was before Zerox was worshipped as the be all company.
edit on 4-1-2018 by intrptr because: by the by:



posted on Jan, 5 2018 @ 05:29 AM
link   
Intel CEO sold $39 million in company shares prior to disclosure of CPU security flaws

Just a "coincidence" I suppose?


edit on 5-1-2018 by Incandescent because: (no reason given)



posted on Jan, 5 2018 @ 09:08 AM
link   

originally posted by: dothedew
And just like most other security exploits, nobody probably even knew about it until the Intel Team found it, and articles started popping up about it..........

Good thing my laptop doesn't have an Intel Processor


I had a few intel powered computers leading up to the year 2005, and I was pretty much done with them after that point. Couldn't pay me to own one anymore.


That's a damn shame considering they are still pound for pound the best chips you can buy.

I lol at you, hard. Intel processors have an easily 45-60% advantage in power over the AMD alternative, so even if there is a 30% hit to chip performance, they'll still by and large out perform AMD competing chips.

I actually own both, an AMD and an Intel. No question which was the better buy. Still rocking a 2600k 6 generations old and it's still outperforming my AMD that's one generation old.

I don't skimp or buy budget products because those are the scam. But the most expensive flagship chip and it'll last you nearly 10 years, or buy budget chips every 2-3 years which will set you back thousands by the time you hit the 10 year mark. Ya know with all the main board and memory changes required when changing sockets.

Stay away from AMD/ATi unless you really can't avoid a budget system.



posted on Jan, 5 2018 @ 09:28 AM
link   
a reply to: intrptr

I remember writing programs in basic for my fathers life insurance business on a Kaypro before the coup.
Had to buy a z80 emulator board to run the software after
I was thinking a secure front end something like the old 12 channel MUX might resolve the cloud cache security problems.
Bring it in by the dozens with new time domain tracking.
edit on 5-1-2018 by Cauliflower because: (no reason given)



posted on Jan, 5 2018 @ 12:09 PM
link   
Never owned an intel from the AMD k2-6 with 300Mhz on I was always using AMD when building a rig. Price was always better than intel and often beat it on benchmarks because all the saved money could flow into higher cycling RAM or faster HDDs.

Although they stabbed me in the back by giving in into that TCPA/Trusted Computing crap. Traitors.



posted on Jan, 5 2018 @ 12:42 PM
link   
a reply to: verschickter

The flaw is in all chip manufacturers. ARM, AMD, Intel, etc.

Actually there are two flaws. The protected space in the kernel is not so protected when doing massive amounts of data swapping between cache and CPU. That is one of the vectors and the reason for the original, "Oh CRAP!" story on Wednesday.

Google says they already patched a work around for that exploit. They've tested it, rolled it company wide, and have seen little to no slowdown in user observable usage.

Apple started patching their latest OS at the end of last year.

It is going to take both OS and chip level coding to work around these two exploits.

I just wonder how many people out there know that they need to apply OS updates? If the samba scare of last year is any indication, mot people are unaware.

ETA: The Verge - Google says CPU patches cause ‘negligible impact on performance’ with new technique.
edit on 5-1-2018 by TEOTWAWKIAIFF because: add link




top topics



 
20
<< 1  2    4  5 >>

log in

join