Glitch in Intel cpus may result in security patch with big perf hit

Discussions about anything Computer Hardware Related. Overclocking, underclocking and talk about the latest or even the oldest technology. PCA Reviews feedback
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

I got the Meltdown PowerScript test working, but it's not for the faint of heart. Hopefully someone will release a simpler tool.

If you're willing to try it, BleepingComputer walks you through here: https://www.bleepingcomputer.com/news/m ... cpu-flaws/
There's lot's of Meltdown info there, including a way to bypass the Anti Virus block if you know your AV is compatible with the patch, but Windows Update is still blocking you (I checked and since I only use Windows Defender, looks like Defender already set the registry entry that indicates the AV is compatible).

However, that didn't work for me. I had to manually download the module and install it.

According to the script, I do have an exploitable system.

In other news, Microsoft is preventing the patch from being installed on AMD systems, for now, to avoid causing problems:
https://www.computerworld.com/article/3 ... uters.html
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

WTH. I went ahead and installed the Meldown patch on my main workstation - arguably the most exposed PC here. No issues, and the PowerShell script indicates Meltdown is patched although Spectre is only partially patched because MS hasn't released a full patch for it yet (and may never since it's hard to fix and hard to exploit).
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
Err
Life Member
Posts: 5842
Joined: Thu Nov 22, 2007 11:54 am

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by Err »

FlyingPenguin wrote:I've had no luck getting the flaw testing PowerScript to work properly so I've removed the link from above.

I'll see if I can figure it out first.
I have no experience with powershell but I tried the instructions. I really didn't understand the instructions but tried coping and pasting. The first command asked me to enable (something, I'm too tired to remember as I type this). The second command was supposed to bring in the script but all I got was red text stating that it couldn't.

I'm fairly sure the laptop I tried it on is patch in the BIOS and by the Cumulative Patch. I'm not a huge fan of Lenovo but they constantly patch their stuff.
User avatar
wvjohn
Posts: 9238
Joined: Wed Nov 22, 2000 7:09 am
Contact:

NV apparently vulnerable as well - will issue patches

Post by wvjohn »

when it rains, it pour

Spectre + crypto mining next? not to mention IOT.


https://www.reuters.com/article/us-cybe ... SKBN1EZ1E9

Nvidia patch release adds to scope of Spectre worries
Aishwarya Venugopal, Laharee Chatterjee
4 MIN READ

(Reuters) - Graphics specialist Nvidia Corp was the latest chipmaker to say its equipment was vulnerable to the Spectre security threat, broadening the scope of concern for millions of computers beyond their central processors.

FILE PHOTO: A NVIDIA logo is shown at SIGGRAPH 2017 in Los Angeles, California, U.S. July 31, 2017. REUTERS/Mike Blake
Spectre is one of two chipset flaws, the other dubbed Meltdown, revealed by researchers last week which offer hackers opportunities to steal sensitive information from laptops, desktop computers, smartphones, tablets and internet servers.

Advanced Micro Devices Inc, ARM Holdings and now Nvidia have reported being exposed to the Spectre flaw, while Intel Corp has been hit by both.

SPONSORED

Nvidia, the world's leading maker of graphics chip processors (GPUs), said in a blogpost releasing software security patches that affected chipsets included GeForce, Tesla, Grid, NVS and Quadro. (bit.ly/2DeYzXN)

“NVIDIA has no reason to believe that the NVIDIA GPU Display Driver is vulnerable to this (third) variant,” Nvidia said, referring to Meltdown. A display driver is an integrated circuit that acts an interface between Nvidia chips and a screen.

While the full extent of affected systems is not yet fully known, Cisco Systems Inc has said it has identified 18 vulnerable products and is looking for problems in nearly 30 other products, including switches and routers.

Releases to date from chipmakers have concerned central processing units (CPU) rather than graphics processors.

Affected companies, keen to quash any speculation that the flaws could require the replacement of millions of chips or provoke lawsuits caused by slowing computer performance, have been striving to play down the scale of the threat.

Intel and AMD have not disclosed the number of chips affected by the security flaws and AMD has said its products were at “zero risk” from Meltdown. ARM says that around 5 percent of more than 120 billion chips shipped since 1991 were impacted by Spectre and significantly fewer by Meltdown.

Meltdown could let hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory and steal passwords. Spectre potentially allows hackers to trick otherwise error-free applications into giving up secret information.

GeForce, Nvidia’s core line of GPUs, is aimed at consumer markets and includes gaming chips.

The Quadro chipsets are used for commercial workstations, while Tesla powers datacenters and is used for artificial intelligence processing such as that used in self-driving cars.

“It’s not shocking to see this given the widespread nature of the chip vulnerabilities ... This situation will test its brand and reputation although we see minimal financial ramifications to the company,” said Daniel Ives, research analyst at GBH Insights, said about Nvidia.

Nvidia shares were down 1.3 percent at $219.09 in early trading on Wednesday. Intel shares were little changed, while AMD, believed to be able to benefit from its rivals’ issues, were up 1.7 percent.

Chipmakers and operating system vendors have been pushing out patches to fix the flaws, but the software updates have also raised a host of new concerns.

Microsoft Corp said Tuesday its software patches slowed down some PCs and servers, with systems running on older Intel processors seeing a noticeable decrease in performance and added that security updates froze some computers using chipsets from AMD.




http://nvidia.custhelp.com/app/answers/detail/a_id/4611
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

AMD boards may also require firmware updates. They may not be susceptible to Meltdown, but they are to Spectre.

It's a mess. This is all based on some bad decisions in basic CPU design to trade off security for performance. It's going to impact all kinds of devices including big iron routers.

Lack of transparency is not helping.

Intel needs to come clean about Meltdown and Spectre
https://www.theverge.com/2018/1/10/1687 ... own-issues
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
psypher
Golden Member
Posts: 884
Joined: Sun Nov 02, 2014 1:05 pm
Location: Marietta

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by psypher »

The more stories I read the more I start to think that no nefarious hacker needs to bother exploiting this flaw to cause havoc, Microsoft/Intel/etc... are all doing a fine job of bricking computers!
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

SpecuCheck Windows utility for checking the state of the software mitigations against Meltdown & Spectre

Post by FlyingPenguin »

Steve Gibson tweeted a link to this simpler test:

https://github.com/ionescu007/SpecuCheck
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

Oops. Posted a link to the source code. The EXE file for that test is available here: https://github.com/ionescu007/SpecuCheck/releases

Use the x86 version only for 32bit operating systems.

You have to run this from a DOS command prompt with admin privileges.

If you don't have the patch, you just get a message that the patch is not installed, because part of the patch is it adds an API that this tool uses to test for exploitability.

If you're patched it will look like this. There are mitigations indicated as still being vulnerable (no) because they either require a Spectre OS patch or a BIOS update:

Image
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

Steve Gibson did a deep dive into this on his last podcast.

Here's the short version for those of you who don't need to understand ALL the nitty gritty:

- The reason this all happened (and this is a VERY simplistic explanation) is that modern CPUs do a LOT of prediction and caching to improve performance. Since a lot of CPU operations are repetitive (like loops) the CPU is constantly guessing ahead to predict what code and data you may be re-using in the immediate future and storing it in very fast CPU cache (because it takes a LOT longer to retrieve it from memory). The trouble is that since the user and kernel spaces both share those caches, what these researchers discovered is that a program running in user space can "see" or at least infer what a kernel process is doing. This could allow a malicious app running in user space to "see" another what another program is doing - even one running in the protected kernel space. It can basically be used as a spy tool to steal confidential data like passwords or (in the case of a server) private encryption keys.

- AMD CPUs that are having issues with the patch are older Athlon X2 and Sempron CPUs. MS is now blocking AMD CPUs until they resolve the problem.

- As I mentioned before, if your AV company doesn't set a registry setting to indicate it is compatible with the patch, you won't get the patch OR ANY FUTURE WINDOWS UPDATES until that registry setting is set. This is because many AV products use unapproved "hooks" into the kernel and this patch breaks those hooks. You can assume all major AV vendors will eventually make their AV compatible and set the registry, but if you're one of those people running a 4 year old free AV app you may want to update. Honestly, IMO, all you need is Windows Defender and - if you want some extra protection, get Malwarebytes Premium or run Malwarebytes free on a monthly basis. AV apps have become so big and bloated, they are becoming a performance and security issue themselves.

- Should you rush into the patch? Not really. There are other mitigations. Keep in mind this exploit can only be taken advantage of if you first allow a malicious program to be installed. If you're not the type of person who installs anything (especially unsigned software) willy-nilly, then you're not likely to have something nasty get in there in the first place to use this exploit. Firefox and Chrome are both actively blocking attempts by websites that offer you an install that would exploit this. I suspect AV products will start to do the same soon.

- Real world performance hits from the patch on home users have been negligible. On servers they can be VERY significant though (some gaming servers saw CPU usage go up 250%, but we can assume these companies will re-code their server software to make it more efficient). How much of a performance hit you actually see depends on how often your OS switches between a kernel and a user program, and that's a very subtle thing. It's more common on very processor intensive tasks. SQL server, for instance, seems to take a substantial hit (FYI: a lot of database programs use SQL server, like Quickbooks). The patch forces the CPU to flush the cache every time it switches from kernel to user (so there's no data in the cache for a malicious user app to see). Arguably, CPUs should have been doing this all along, but CPU manufacturers chose not to because it costs performance. They assumed that other mitigations would make it hard to leak information through the cache, but these researchers showed it was actually possible.

- Do check your mobo manufacturer's download patch for a BIOS update. The Windows patch alone doesn't totally solve the problem.

- How bad is this? If you're a cautious person and don't let untrusted software into your PC, it's no big deal. This is more of a concern for your average non-techie who is prone to downloading fake Flash updates. It's also a big problem for servers although IN THEORY servers shouldn't ever be installing unsigned software, so MS is actually recommending server operators hold off if they are sure that their practices will not allow unsigned software to be installed. Trouble is that we HAVE had hackers steal encryption keys from software vendors and inject fake updates into poorly secured update systems, so server operators are kind of in a bad place: be safe and install the patch and take a major performance hit, or don't install the patch and hope that they're security practices are good and some bozo doesn't plug a malicious flash drive into a server.

Here's Steve Gibson's podcast on this subject. The whole show is a good one, and he mentions Meltdown issues several times before the main segment, but if you want to cut to the chase on Meltdown, then jump ahead to the 1:27 mark:

"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
psypher
Golden Member
Posts: 884
Joined: Sun Nov 02, 2014 1:05 pm
Location: Marietta

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by psypher »

FlyingPenguin wrote:Steve Gibson did a deep dive into this on his last podcast.
- Should you rush into the patch? Not really. There are other mitigations. Keep in mind this exploit can only be taken advantage of if you first allow a malicious program to be installed.
Except for Spectre, I believe that one can be exploited with javascript.
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

Yeah, and I think Meltdown can be too. That's what Chrome and Firefox are mainly blocking. Again, expect AV to be detecting that too.

No patch for Spectre yet though.
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
normalicy
Posts: 9513
Joined: Sat Nov 25, 2000 4:04 am
Location: St. Louis, MO USA
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by normalicy »

I'm interested to see if other hardware vendors go through the effort to patch older product firmwares.
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

AMD is releasing Spectre firmware updates to fix CPU vulnerabilities

https://www.theverge.com/2018/1/11/1688 ... ryzen-epyc
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
FlyingPenguin
Flightless Bird
Posts: 32773
Joined: Wed Nov 22, 2000 11:13 am
Location: Central Florida
Contact:

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by FlyingPenguin »

According to Steve Gibson, the eventual BIOS updates (IF they release it for your CPU - Intel says earlier than Haswell may never be patched - and IF your mobo manufacturer provides it) will add new instructions that the OS can use instead of the "blunt force" fix that the current Windows patch uses, which should negate the performance loss. The OS will detect if you have the new instructions (or the latest generation of CPUs that already have an instruction that does this) and use that instead of flushing the cache when switching from kernel to user space.
"Turns out I’m 'woke.' All along, I thought I was just compassionate, kind, and good at history. "

Image
User avatar
Err
Life Member
Posts: 5842
Joined: Thu Nov 22, 2007 11:54 am

Re: Glitch in Intel cpus may result in security patch with big perf hit

Post by Err »

Steve Gibson released a tool to check for Meltdown and Sptectre:

https://www.grc.com/inspectre.htm
Post Reply