New vulnerability found in Intel processors

[Minbari]

The "good" news about Intel processors are keep coming. I feel like I've been cheated all these years by Intel. So Intel f you!
SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability

 

[tedbell]

 

[Crivens]

It is almost as if they are mutating while already sold, by the look of it.

This reminds me to get some obscure hardware running. Maybe some sparc64?

 

[rigoletto@]

You can get some Risc-V as powerful as a Pentium 4 for 3K (with extension board), from SiFive.

 

[Deleted member 30996]

Like I was saying...

This security shortcoming can be potentially exploited by malicious JavaScript within a web browser tab, or malware running on a system, or rogue logged-in users, to extract passwords, keys, and other data from memory. An attacker therefore requires some kind of foothold in your machine in order to pull this off. The vulnerability, it appears, cannot be easily fixed or mitigated without significant redesign work at the silicon level.

Nothing to see here, NoScript users, move along...

 

[Crivens]

You can get some Risc-V as powerful as a Pentium 4 for 3K (with extension board), from SiFive.

I've got kids. 3k does not compute in that situation.

 

[ralphbsz]

Last I checked, the IBM 1401 had no security vulnerabilities. The IBM 360 does however (the model /91 has speculative execution, and probably suffers from similar problems). So if you want to be secure, proceed to the few places in the world where you can still compute using a 1401. There's one that runs every Wednesday morning for a few hours, pretty close to me (in the Mountain View Computer History Museum).

This joke does try to point out a real existing problem. Certainly Intel has a quality control problem in their processors as far as security is concerned. But in the real world where we need cost-effective compute resources, it is somewhere between "very hard" and "virtually impossible" to avoid using Intel gear. Fortunately, these side-channel security leaks have been known for decades: We used to joke about customers of shared data centers being able to observe how busy the other tenants are by measuring disk and network latencies, so the fundamental vulnerability goes back to as far as people have been sharing computing resource. And in spite of all the academic research, these side channels remain very difficult to exploit, and for most users are not a problem that occurs in practice. So we'll have to continue to live with them, like it or not.

 

[PMc]

Jepp, the party goes on.

As was already prophecised by knowledgeable people in jan/feb last year, here is not a single security flaw that can be workarounded or fixed, but an essential design weakness that opens up a huge can of worms and will keep us occupied for years to come.

While I agree to most in this well-argued-for text by ralphbsz , there is one important thing to consider:

The general concept of interaction of caches with side-channels has been known for at least a decade; I discussed it with colleagues in the context of storage subsystems (disks and RAID controllers) a long time ago, but I was not involved in CPU design. We decided that the risk and bandwidth were so ludicrously low for storage that it wasn't worth thinking about. Maybe people involved in CPU design also thought about it and rejected it being a significant risk; or maybe they didn't think about it. The important thing to remember is: those people are not evil, nor stupid. They are trying really hard to give CPU customers that what CPU customers have been clamoring for: chips that are "good, cheap, fast".

"Those people" do not exist as a uniform entity. Companies like Intel employ many engineers, and people are esentially different from each other. So, while many of them might not have thought about the issue, for a few of them, those with a stronger tendency to think-outside-the-box, this huge can of worms would without doubt have somehow adumbrated (just like ralphbsz got the idea to consider it concerning those storage devices).

But then, at that point, what should they have done? To whom should they have talked?

The engineering consequences at that point would have been the same as they are today: to really get rid of the general issue, a fundamental re-design of the cpu-architecture (as it has developed over the last 50 years) would be necessary - a task that is practically impossible for a single company.
So even if the whole intel shop would have known about the issue, there was no option to do much about it. The product roadmap is already fixed for the next years, the investments are done: the business must go on, or we all loose our money! There is no alternative.

And this is not the only such development. Our commodities are under an increasing danger of cyber-attacks, and with the IoT virtually everything will come under such danger. At the same time, producers' responsibilities are delegated away over dozens of daisy-chained sub-contractors distributed all over the globe, so that you no longer can figure out anybody who would be respnsible for any decisions made. And all this happens, because there is no alternative (to the ever-increasing speed of the globalized turbocapitalistic madness).

 

[ralphbsz]

If you worry about cyber attack (and you should!), think about this. According to the BBC news I heard last night (*), archeologists have discovered that ~2500 years ago, a giant solar storm happened, about a factor of 10x worse than anything we've experienced. We know that solar storms these days knock out satellites, communication lines, power delivery, and lots of other stuff ... and we know that from having experienced these outages. A solar storm 10x is very scary. With our reliance on communications networks today, it might be TEOTWAWKI. Anything Intel (or Microsoft or Facebook or whatever company people love to hate here and now) can do pales in comparison.

(*) One of the few advantages of coming home really late from a musical event is getting to listen to BBC news.

 

[PMc]

Well, if it happens every 2.5k years, one could bet on it not happening during one's lifetime.

But indeed it should be obvious that the information technology is in a way fragile by nature. And the fact that it is always possible to add another level of indirection adds to this.
I dont care if destructive things may happen due to evil people or due to stupidity or because nature strikes back, I care about good engineering work. And the most striking argument against good engineering work nowadays is called "money".