Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Horrific Security Flaw Affects Decade of Intel Processors
www.popularmechanics.com ^ | 03 January 2018 | By Eric Limer

Posted on 01/03/2018 1:55:39 PM PST by Red Badger

The fix requires major OS rewrites which will probably make your computer run slower.

An extremely severe security flaw has been found to affect nearly every Intel processor made in the past decade or more, giving any hackers who might know how to exploit it access to protected information systemwide. The Register reports that programmers are rushing to make the sweeping changes necessary to protect against the vulnerability on Linux and Windows operating systems, with such fixes required on macOS as well. Even worse, you can expect these vital updates to noticeably slow down your computer.

The design flaw in Intel's x86-64 hardware—first introduced in 2004 and still in use in the lion's share of modern-day processors—allows programs without the proper permissions to access the part of an operating system known as the kernel, a low-level chunk of code that controls literally everything in your system.

The exact details of the vulnerability are still somewhat under wraps, but as The Register has pieced together from multiple, technical sources, it appears the flaw is based in a feature called "speculative execution." This trick allows a processor to do things before it's absolutely sure they need to be done, so the results are ready as quickly as possible if needed and simply ignored if not. In Intel's x86-64 hardware, however, it appears that programs may be able to speculatively execute code they would not have permission to run under normal circumstances, allowing carefully-constructed, malicious code to essentially read your entire operating system's mind without the proper permission. The potential bounty of such an attack includes passwords, login files, and pretty much anything you'd ever want to keep secret.

It's hard to zero in on the most troubling part of this flaw. Intel's x86-64x processors are the most widely-used chips in virtually every form of laptop. If you don't know what processor you have, you almost certainly have one with this flaw. If you do have an AMD processor, however, congratulations—they are confirmed to be safe from the exploit.

In addition to the ubiquity of Intel processors, the low-level nature of this vulnerability means that hackers who may have learned to exploit it would have access to an unprecedented number of machines. And considering x86-64 has been around and prevalent since 2004, possible hackers have had access for over 10 years. No researchers have yet come forward with an example program that exploits this flaw, but that's hardly proof that hackers, or the NSA, didn't figure out how to make use of this exploit years ago.

On top of it all, the fix requires extremely deep and wide-reaching changes at the root levels of an operating system's software—changes that could impact performance of Intel machines by as much as 30 percent. The only alternative? A new computer with a different processor, or one powerful enough to make up for the performance hit. Even worse, these performance hits won't just come to your computer, but also the army of distant servers that run countless internet-connected services in the cloud.

So what can you do? Not much. If you have a computer with a competing AMD processor, pat yourself on the back and breathe easy. Otherwise, make sure that your computer's operating system is up to date with the latest security updates, though fixes for this particular problem may not be widely available for days or even weeks. Intel has yet to publicly comment on the vulnerability, but the consequences will likely reverberate for years.


TOPICS: Computers/Internet; Education; History; Society
KEYWORDS: cpu; flaw; hack; intel; intelprocessors; windowspinglist
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-111 next last
To: Zathras

“If this is related to Intel Vpro”

i see nothing in this tech article that says security bug is related to Vpro:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Tech article states:

“It is understood the bug is present in modern Intel processors produced in the past decade.”


41 posted on 01/03/2018 3:23:03 PM PST by catnipman ( Cat Nipman: Vote Republican in 2012 and only be called racist one more time!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Red Badger; dayglored; ~Kim4VRWC's~; 1234; 5thGenTexan; AbolishCSEU; Abundy; Action-America; ...
Serious Intel vulnerability that may effect all Macs that we can do nothing about at this point except to make sure you keep bad guys away from your Mac and also keep all Trojans off your Macs. . . At least Mac users have an advantage over all Windows users in that it is much easier to keep Malware off Apple products, because Windows users with Intel inside are vulnerable to this as well. . . In fact ALL Intel processors may be affected. Just a word of warning for all Intel users. — PING!

Pinging dayglored for the Windows Ping List. . .


Intel Inside Vulnerability Alert!
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

42 posted on 01/03/2018 3:24:40 PM PST by Swordmaker (My pistol self-identifies as an iPad, so you must accept it in gun-free zones, you racist, bigot!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

AMD winning again


43 posted on 01/03/2018 3:50:20 PM PST by dila813 (Voting for Trump to Punish Trumpets!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Bryanw92

If I ran a software company producing browsers or operating systems, I would have death squads hunting these people...


44 posted on 01/03/2018 3:53:23 PM PST by Little Ray (Freedom Before Security!)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Zathras

Are you talking about Intel?


45 posted on 01/03/2018 4:03:03 PM PST by Durus (You can avoid reality, but you cannot avoid the consequences of avoiding reality. Ayn Rand)
[ Post Reply | Private Reply | To 18 | View Replies]

To: dila813

My Desktop (HP Pro) is AMD, and those three letters have never looked so good right now!

But my laptops are screwed, though.


46 posted on 01/03/2018 4:06:59 PM PST by VanDeKoik
[ Post Reply | Private Reply | To 43 | View Replies]

To: VanDeKoik

Yeah, same at least my main is good


47 posted on 01/03/2018 4:21:23 PM PST by dila813 (Voting for Trump to Punish Trumpets!)
[ Post Reply | Private Reply | To 46 | View Replies]

To: Little Ray

>>If I ran a software company producing browsers or operating systems, I would have death squads hunting these people...

They’re easy to find. Just go to McAfee, Norton, Kaspersky, etc. They know who makes the viruses for them to extort money from us with.


48 posted on 01/03/2018 4:24:58 PM PST by Bryanw92 (Asking a pro athlete for political advice is like asking a cavalry horse for tactical advice.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Gideon7
I am skeptical as well. The Intel response is that they realize there is a vulnerability (they refuse to call it a bug): https://newsroom.intel.com/news/intel-responds-to-security-research-findings/ and they will patch around it. But if it is like the rowhammer DRAM attack in the past, using it for exploitation will be difficult and the attack will be easy to prevent.
49 posted on 01/03/2018 4:24:58 PM PST by palmer (...if we do not have strong families and strong values, then we will be weak and we will not survive)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Governor Dinwiddie

Your experience is the same as my experience. And they hated working for me, because they don’t respect women.The fact that I checked their code and made them redo it if it was slip shod didn’t help. Had to be tough with them.


50 posted on 01/03/2018 4:37:35 PM PST by w1andsodidwe (TRUMP. He makes me smile, too.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: VanDeKoik

The new, patched kernel code runs slower on AMD processors as well, because what used to be huge hardware optimizations on any contemporary family of CPUs are entirely bypassed (for example, by constantly flushing caches), to keep privileged information safe. This is why the Linux command du -s now runs only half as fast, even on an AMD processor. The only way to get around this would be to have a different copy of the O/S for Intel and AMD! Might be where things are headed!


51 posted on 01/03/2018 4:38:55 PM PST by steve86 (Prophecies of Maelmhaedhoc O'Morgair (Latin form: Malachy))
[ Post Reply | Private Reply | To 46 | View Replies]

To: ImJustAnotherOkie

Apple uses intel on Macs. But phones and pads don’t.


52 posted on 01/03/2018 4:41:01 PM PST by AFreeBird
[ Post Reply | Private Reply | To 13 | View Replies]

To: Red Badger

Roflmao! I had one of those too. It was running DOS and it did seem faster.


53 posted on 01/03/2018 4:43:39 PM PST by AFreeBird
[ Post Reply | Private Reply | To 27 | View Replies]

To: steve86

You’d think that after all these years - they’d know that.


54 posted on 01/03/2018 4:45:15 PM PST by AFreeBird
[ Post Reply | Private Reply | To 33 | View Replies]

To: All

Not a flaw.
It is a feature.


55 posted on 01/03/2018 4:48:52 PM PST by LegendHasIt
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
No researchers have yet come forward with an example program that exploits this flaw, but that's hardly proof that hackers, or the NSA, didn't figure out how to make use of this exploit years ago.

Actually, it sounds more like an NSA-mandated back door than a bug.

56 posted on 01/03/2018 4:49:09 PM PST by Mr. Jeeves ([CTRL]-[GALT]-[DELETE])
[ Post Reply | Private Reply | To 1 | View Replies]

To: AFreeBird

Duhh


57 posted on 01/03/2018 4:55:22 PM PST by ImJustAnotherOkie
[ Post Reply | Private Reply | To 52 | View Replies]

To: Red Badger

Computers in China won’t have to have the patch...


58 posted on 01/03/2018 4:56:46 PM PST by mrsmith (Dumb sluts: Lifeblood of the Media, Backbone of the Democrat/RINO Party!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

I’m sure Intel knew about this they just wanted to market those high benchmark speeds so they kept it quiet.


59 posted on 01/03/2018 5:00:00 PM PST by circlecity
[ Post Reply | Private Reply | To 1 | View Replies]

To: palmer

Thanks for the link. Intel’s statement says that the media reports are inaccurate.

The demonstrated exploit could only extract a few bytes, and based on the twitter comments it looks probabilistic and timing sensitive based the behavior of the CPU cache loader. It is plausible that this creates a potential side channel for information leakage, and the fact that the PCID hardware feature (which tags cache lines with a context ID) can allegedly mitigate the problem seems to confirm it that the cache is the source of the information side channel.


60 posted on 01/03/2018 5:01:15 PM PST by Gideon7
[ Post Reply | Private Reply | To 49 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-111 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson