Did Intel patch these exploits in hardware in their newest chips, or are they still only patched through microcode?
Did Intel patch these exploits in hardware in their newest chips, or are they still only patched through microcode?
Christopher Gray
Other urls found in this thread:
git.kernel.org
wiki.ubuntu.com
merriam-webster.com
merriam-webster.com
twitter.com
Jeremiah Cruz
They are basically unpatched. There's also other speculation attacks still coming out weekly. Intel can't afford to dump performance though so they just skipped fixing anything.
Kevin Butler
arent these exploits like FUNDAMENTAL flaws in the processor? the way the predicative stuff works etc, i dont think itll ever be actually fixed.
Zachary Hughes
They're still unpatched on the Intel side. Moderate mitigations exist which make them more difficult to perform in a reasonable timeframe. Intel's current CPU dominance is completely fucked by 10nm yields and MCM, so they can't give up their single-thread advantage for anything, even security.
Isaiah Wood
They are flaws in the design which goes beyond Intel. POWER, ARM, etc all have the issue.
At the end of the day neither of these exploits matter to the average person. They require a the user to be dumb enough to run executables from untrusted sources.
If at a corporate level you shouldn't be that worried unless you have shit security, granted they should and already do patch for the exploit.
Caleb Hill
They could do internal encryption between the memory space, or scramble it and decode it through the MEI for the OS.
Cameron Ramirez
Spectre is a fundamental flaw. Meltdown was just intel being retarded by only checking memory protection before retiring the instruction.
Jaxson Thomas
> /proc/cpuinfo
> bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass
Christian Cruz
The shitty thing about spectre or meltdown is that it may be allowed by the MMU: access to certain pages should require privileged mode, it's something like nx bit and it's possible since the 68000 processors era with external signals for privileged mode. It's a blatant lack of hardware security features
Elijah Jenkins
>intel just went '' fuck it ''
Liam Sanders
brainlet general /bg/ thread ?
Andrew Perez
Oohhhhh the paid Intel shill’s here and xhe’s fucking salty!
Bark something sweet out for us bitch.
Kayden Clark
Those are already patched you dipshit. Ryzenfall on the other hand can't even be patched to this day
Nicholas Reed
Dude, most average users are more than dumb enough to run anything under the sun.
Eli Morales
>bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf
update your kernel.
Jason Johnson
Microcode patching isn't the same thing as hardware patching.
Lucas Myers
I said brainlet general because if you read articles instead of just retardedly believkng big headlines you'd know that the meltdown and spectre exploits cant be fixed since it relies on x86 design flaws.
Kevin Davis
this, the only thing that would suck is intel shutting down non physical cores so my next cpu will be a zen 2 nontheless
Jose Wood
dafuq u n00bs talk'n bout, shit is patched.
Matthew Hughes
Your comment also applies for yourself, retard.
Brayden King
Will Ryzen 2 have these exploits?
Jason Martinez
Nobody even cares about these, they were never actually used, and the likelihood of someone wanting to backdoor your shitty PC is unlikely, so stop going on about it, user. It's fucking nothing.
Parker Rogers
Ryzen doesnt have any prooven exploits yet apart from few where you need physical access to the machine.
Nicholas Rogers
Jose Hall
>muh gooey is all green text therefore shits good
Nathan Murphy
But what can you even do on openBSD?
Nathaniel Campbell
>all have the issue.
Not RISC-V, it seems. They see this as one way to succeed.
Bentley Allen
this. I just bought a new i7 last month, fully knowing about all these exploits and didn't patch anything. I don't care because I do not install shit and my browser doesn't even allow javascript nor do I have flash. I just do not fucking care. Internet for me is this board here and a few other little sites and thats that.
Lucas Hill
where's the Foreshadow attack? hmm??
Steve Gibson from GRC is a fucking snakeoil salesman and he needs to roll over an die
he defends Intel and says that he will continue to buy intel even though they have fucking 24+ hardware security vulnerabilties and counting
also you can just change a value in regedit and fool the InSpectre program
also also Steve is still using Windows XP even though it hasn't received security patches for years now (and no, he doesn't have an enterprise suscription to get extended support) so good luck, I'm sure his computer which doesn't have an antivirus either is totally clean and his program won't ship with malware
im gonna spit on his grave when he rolls over and dies
Gavin Hughes
>Disable Meltdown protection
>Disable Meltdown Protection
hahaha it sure is fixed my man. if that program can disable the mitigations, then what prevents a virus or malware to disable them aswell? rofl kys my man
Cooper Hernandez
It takes a couple years for something to go from R&D to the retail shelf. It will be a couple more years until Intel redesigns their shit, if ever.
Jordan Perry
That's not in AMD processors, it's in the ASmedia chipsets (WHICH INTEL ALSO USES FOR ALL OF THEIR MOTHERBOARDS)
and besides, AMD patched their chipset within a couple of days and there is no performance impact
50000000000000000000 rupees (0,00USD value) has been deposited into your Intel Preferred Damage Control Affiliate Account (IPDCAA))
Brody Martin
harmless shit
Owen Robinson
site is months out of date
are you blind? You do see the SpeculationControl shell script output right?
who the fuck is talking about your foreskin attack? read the title thread (Spectre/Meltdown)
merriam-webster.com
merriam-webster.com
How many word definitions did I link to?
Then why the fuck do you have 3 letters in your stupid acronym? retard.
Wyatt Rivera
>site is months out of date
you should still read it
Kevin Fisher
Meltdown doesn't affect AMD processors, because Intel (and IBM and some ARM cores) optimised their prediction so hard they started a cache fetch in parallel to checking whether it was allowed - but either way the fetch happened and got cached, so an easily-observable cache side-channel emerged.
That was a dumb design fault, not a fundamental flaw - you have to run privilege checks before fetches, not in parallel, unless you really consider your security to be optional in which case why even bother running an MMU.
Intel has announced it never intends to fix Spectre variant 1.
It's possible to fix Spectre overall by eliminating observable noninteractive side channels between different trust boundaries caused by prefetching, caching and (mis)prediction. RISC-V is looking into this exact thing, as it's possible to share caches but also prove that this can be eliminated.
Eliminating interactive side channels on the same hardware is probably impossible, period, but that requires attacker code running on both sides of the trust boundary so the practical implications of that class of attacks are insignificant in just about every threat model I can think of.