CPU Vulnerabilities, Meltdown and Spectre, Kernel Page Table Isolation Patches, and more

LOL! I had the same thoughts regarding VS 2015/2017.

 

Don't get me wrong, I am not saying updating immediately is necessary, nor that stability should not be tested before deployment, or reviewing other's issues with the update. M$ has horrible QA/QC these days, especially with updates. No one is denying that (or their telemetry tracking crap, or advertising on the OS). But, there is a difference between waiting to make sure it is stable and doesn't break things and not taking security updates at all. In a heavily networked world, one vulnerable computer in the chain can screw up so much. Take the TSMC crash as an example (not perfect for this specific talk, but is a recent example of what can happen). They likely didn't update windows because of it breaking things and compatibility with software, etc. But, once it got on their systems, it ground everything to a halt.

So, I find the argument on not doing security updates because it is someone's own machine to be a bit like the problem of anti-vaxxers. Sure, you might be fine and get away with it, but there are others that need considered. And as ALLurGroceries mentioned, hiding your head in the sand doesn't make this not real.

 

Being real and being something worth all of the fear-mongering drama and losing sleep over are two different things. I don't think anyone questions whether the risk is real. It's clearly not imaginary, but whether or not it warrants the drama is a matter of personal opinion. There is basis or grounds for fear. It probably even pales in comparison to the vulnerabilities nobody knows about. I'm always skeptical about this nonsense, and grow more skeptical as the dramatic shrillness intensifies. It makes for really good headlines to prop up junk journalism though. And, it gives AMD fanboys something to throw darts at Intel over because they are "more at risk" than AMD. (Never mind the fact they have been irrelevant in the PC space for most of their existence and only very recently became worthy of honorable mention. That's not a slam on AMD at all, just an observation of human behavior.)

I think Woody is on point here.

Siberian Tigers are very dangerous and worthy of fear. But, there are none roaming my neighborhood. There could be some day, under the right set of circumstances. I'm not losing any sleep over how dangerous they are, even though I agree they are absolutely deadly. Rattlesnakes, black widows and scorpions are very common around here. The risk of getting bitten by one of them is real, but I do not worry about them. I never even think about them unless I see one, which is very seldom, and then I swiftly move on and forget about them. If and when I am ever bitten by a rattlesnake, I might start losing sleep worrying about rattlesnakes and I would probably want the rest of the world to share my slice of hell even though my experience is an anomaly.

Bottom line: I care more about having a system that works the way I want it to than having one that is presumed to be more secure at the expense of functionality.

 

I quote myself. From the article from Woody. Very well said.

 

Exactly. Just like living in fear of being bitten by rattlesnakes or being in a plane crash, or hit by a car when crossing the street. Possible: yes. Probable: no. Not something to make major life changes over based on fear or extreme care for avoidance.

 

You seem to be pretty emotional about a technical issue, which I guess is basis for suggesting that you perhaps not post in a thread causing you such distress. From my viewpoint each of these vulnerabilities is a huge pain in the ass and requires me to stop systems (now repeatedly) in a non-graceful manner to apply patches for things that intel has been extremely sketchy and slimy about. If you don't deal with these kinds of issues professionally, consider yourself lucky.

 

A notification drew me here and I was amused to find the drama ongoing. How little you see me posting in this (or similar) threads is a reflection of my lack of concern or emotion for the matter. I can certainly appreciate that the emotions of those that are passionate about it has become a pain in your ass though. Thankfully, I don't have to deal with that. But, in my line of work I do have to deal with people that are inordinately emotional about other things, most of which are equally unworthy of it. Thus, I can empathize with the inconvenience and ungracefulness of the situation. I guess that's why we get paid for what we do. I'll unwatch the thread again now that the humor has worn off.

 

I am thinking of upgrading VS2015 to VS2017 sadly there's no ISO which is bad. Downloading 40-50GB once kills my data quota.
Do let me know if you find any. I tried VS 2015 with older Anaconda for data analytics but switching back and forth between VScode and VS2015 made me furious and analytics has been sidelined.
No even a torrent where I can resume/pause the download to keep the monthly quota in check.

 

Intel discloses three more chip flaws
Reuters Staff, August 14, 2018 / 7:14 PM
https://www.reuters.com/article/us-cyber-intel/intel-discloses-three-more-chip-flaws-idUSKBN1KZ280

"(Reuters) - U.S. chipmaker Intel Corp ( INTC.O) on Tuesday disclosed three more possible flaws in some of its microprocessors that can be exploited to gain access to certain data from computer memory.

Its commonly used Core and Xeon processors were among the products that were affected, the company said.

"We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices," the company said in a blog post here

Intel also released updates to address the issue and said new updates coupled those released earlier in the year will reduce the risk for users, including personal computer clients and data centers.

In January, the company came under scrutiny after security researchers disclosed flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel Corp, Advanced Micro Devices Inc ( AMD.O) and ARM Holdings.

AMD on Tuesday said it was not impacted by the new flaws disclosed by Intel.

The chipmaker’s shares fell nearly 1 percent to $48.18 in late afternoon trading."

 

Intel rips up microcode security fix license that banned benchmarking
It really really really didn't want you to know that there may be a significant performance hit
By Thomas Claburn in San Francisco 23 Aug 2018 at 18:39
https://www.theregister.co.uk/2018/08/23/intel_microcode_license/

"Intel has backtracked on the license for its latest microcode update that mitigates security vulnerabilities in its processors – after the previous wording outlawed public benchmarking of the chips.

The software, released this month, counters the Foreshadow aka L1TF Spectre-related flaws in its CPUs. However, its terms of use and redistribution were problematic.

Following The Register's report on Tuesday that Linux distro Debian decided to withhold packages containing the microcode security fix over concerns about its license, open-source pioneer Bruce Perens called out Intel for trying to gag netizens.

Intel's gagging order came in the form of this license clause: "You will not, and will not allow any third party to … publish or provide any Software benchmark or comparison test results." That made it impossible for free-software bastion Debian to push Intel's microcode to its users as a security update.

The reason for Intel's insistence on a vow of silence is that – even with the new microcode in place – turning off hyper-threading is necessary to protect virtual machines from attack via Foreshadow – and that move comes with a potential performance hit. Red Hat, which evidently didn't get the memo to shut up about benchmarks, earlier this month noted: "The performance impact when HT is disabled is dependent on many factors. Measured impact ranges from a +30 per cent gain, to -50 per cent loss and beyond. Most HT testing, however, showed losses in the 0-30 per cent range."

Predictably, Intel's contractual omertà had the opposite effect and drew attention to the problem. "Performance is so bad on the latest Spectre patch that Intel had to prohibit publishing benchmarks," said Lucas Holt, MidnightBSD project lead, via Twitter.

In response to the outcry, Intel subsequently said it would rewrite the licensing terms. And now the fix is in.

Spoiler: Details

Via Twitter, Imad Sousou, corporate VP and general manager of Intel Open Source Technology Center, on Thursday said: "We have simplified the Intel license to make it easier to distribute CPU microcode updates and posted the new version here. As an active member of the open source community, we continue to welcome all feedback and thank the community."

The reworked license no longer prohibits benchmarking.

Perens, in a phone interview with The Register, approved of the change.

"This is a relatively innocuous license for proprietary software and it can be distributed in the non-free section of Debian, which is where is used to be, and it should be distributable by other Linux distributions," he said.

As to how Intel managed to shoot itself in the foot, Perens speculates that whoever wrote the text did not consider where the microcode was going and what the implications could be.

"You can't expect every lawyer to understand CPUs," he said. "Sometimes they have to have a deep conversation with their technical people."

Let the tests begin. ®

Booted-note
OpenBSD supremo Theo de Raadt today reiterated his plea to people to disable Intel's hyper-threading for security reasons. "DISABLE HYPERTHREADING ON ALL YOUR INTEL MACHINES IN THE BIOS," he carefully suggested in a mailing post post to OpenBSD developers and users.

"Take responsibility for your own machines: Disable SMT in the BIOS menu, and upgrade your BIOS if you can. I'm going to spend my money at a more trustworthy vendor in the future.""

Comments

 

List: openbsd-tech
Subject: Disable SMT/Hyperthreading in all Intel BIOSes
From: Theo de Raadt <deraadt () openbsd ! org>
Date: 2018-08-23 18:35:22
https://marc.info/?l=openbsd-tech&m=153504937925732&w=2

"Two recently disclosed hardware bugs affected Intel cpus:

- TLBleed

- T1TF (the name "Foreshadow" refers to 1 of 3 aspects of this
bug, more aspects are surely on the way)

Solving these bugs requires new cpu microcode, a coding workaround, *AND* the disabling of SMT / Hyperthreading.

SMT is fundamentally broken because it shares resources between the two cpu instances and those shared resources lack security differentiators. Some of these side channel attacks aren't trivial, but we can expect most of them to eventually work and leak kernel or cross-VM memory in common usage circumstances, even such as javascript directly in a browser.

There will be more hardware bugs and artifacts disclosed. Due to the way SMT interacts with speculative execution on Intel cpus, I expect SMT to exacerbate most of the future problems.

A few months back, I urged people to disable hyperthreading on all Intel cpus. I need to repeat that:

DISABLE HYPERTHREADING ON ALL YOUR INTEL MACHINES IN THE BIOS.

Also, update your BIOS firmware, if you can.

OpenBSD -current (and therefore 6.4) will not use hyperthreading if it is enabled, and will update the cpu microcode if possible.

But what about 6.2 and 6.3?

The situation is very complex, continually evolving, and is taking too much manpower away from other tasks. Furthermore, Intel isn't telling us what is coming next, and are doing a terrible job by not publically documenting what operating systems must do to resolve the problems. We are having to do research by reading other operating systems. There is no time left to backport the changes -- we will not be issuing a complete set of errata and syspatches against 6.2 and 6.3 because it is turning into a distraction.

Rather than working on every required patch for 6.2/6.3, we will re-focus manpower and make sure 6.4 contains the best solutions possible.

So please try take responsibility for your own machines: Disable SMT in the BIOS menu, and upgrade your BIOS if you can.

I'm going to spend my money at a more trustworthy vendor in the future."

 

Most BIOS from vendors like Dell,Lenovo etc.. don't have option of enabling/disabling HT. What to do then?

 

This seems to be gathering steam in the professional world, and vendors are keen to keep customers, so if you have servers / workstations / laptops that don't have HT disable open a ticket with your vendor asking for a BIOS update with the option to disable HT - use these industry recommendations as references in your request(s).

Once you get one vendor to update, you can use that as a reference to list for other vendor requests.

As he said:

"Also, update your BIOS firmware, if you can."

@unclewebb - any chance of getting an option to disable Hyperthreading in ThrottleStop?
http://forum.notebookreview.com/thr...atches-and-more.812424/page-106#post-10785283

 

Wow. What an absolute joke. For people with quad cores, disabling HT is extremely significant. 4/8 to 4/4 reduces the future proofing of the chip massively. For dual cores it’s even more significant!

Will MS disable HT through microcode? Or does it require BIOS changes? I’d really like the option to keep HT, which a mandatory microcode update would obviously not allow.

 

It is interesting that "coincidentally" Intel's next 9xxx CPU's are all coming out without HT, except for the "enthusiast" i9-9900k.

I've actually run without HT for many years, not recently, to reduce thermals and increase headroom for OC. I didn't miss it.

There were (are?) applications that run better without HT enabled, although I haven't tested for this for a long time. This will likely change as people will be testing to quantify the loss after disabling HT.

I wouldn't worry too much about it, 4c, 6c, 8c CPU's have enough cores for the most part to run without HT and get the same perceptible performance.

Benchmarks will show the difference, but living in the real world of user perception, you likely won't notice - if you do, turn it back on.

 

I do agree, HT is situational. Some games do benefit, most don't. Ideally I'd like a toggle where I can stay 4/4, but switch to 4/8 if needed (threaded games or Handbrake stuff). Hopefully tools like ThrottleStop are able to change that on the fly, as I can't see MS, Intel or laptop vendors implementing such a useful, consumer friendly feature

It is very interesting that the new 9xxx series will for the most part not include HT. I would not be surprised if this influenced Intel's decision.

 

Why would we use it like that! Simply not worth the purchase. I simply want HT to be disabled w/ my consent.
We buy them because those extra cores really help when Intel tools are used instead of generic compilers/toolchains.
Simply refuse to run w/o HT.

 

Since a bit OT, I'm sending a possible solution thru PM.

 

I agree, i7 CPUs like 6700K/7700K and older ones too definitely need to keep hyperthreading active to be relevant for the coming years - I don't think we need to disable hyper threading yet, it will take a lot for me to disable hyperthreading on my 6700K, I can't see it happening, and if I ever decide I need to, it's gonna result in me buying a new motherboard & getting a newer CPU (maybe even AMD if Intel don't have answers in hardware for it, but choosing AMD will be very difficult as I game at 144Hz).

 

I actually think that is because the 14nm++ process is used and, at the moment, the coffee lake refresh is not a significant enough jump, or was already implemented with the 8086K for over the 8700K performance. They already had enough HT chips at the 6 core level, so releasing the 6C/6T, 8C/8T, and 8C/16T makes sense. Still, I do wonder whether the fix for HT will be in those chips and, if not, whether reviewers will mention the security issue at launch?

 

The fixes for these issues have only just been implemented in Cascade Lake, an upcoming server product. It's the point on which Intel has been trying to sell Cascade Lake to cloud providers. They have not mentioned the fixes being present in consumer stuff at all. I am pretty sure these new chips will just be the same Skylake cores again.

 

I thought I had seen somewhere that the 9 series would have some of the fixes (possibly in content from hotchips), but I cannot find a source on that, so I must be mistaken. My apologies on misstating Intel's offerings and thank you for the correction.

 

Jay did this in the brief time Intel's NDA choked benchmark publication... such a rebel.

Testing Spectre and Meltdown Slow Downs with Skunkworks
JayzTwoCents
Published on Aug 27, 2018
Spectre and Meltdown were recently in the new again but not for the reason you might think... Does the latest patch affect Skunkworks in Windows 10 compared to Windows 8.1?


TheCompyshop 20 minutes ago
"Jay I think you’re going about this wrong. High end CPUs might not have as much of a difference. But lower end ones do. My 2600k was smooth until these flaws were discovered. Gaming performance had so much more stutter afterward that I just bought an 1800x and rinsed my hands of the whole thing. I think you should test normal builds, and I think you should do more tests on hard drive speed, and memory speed. As well as a couple rendering tests"

Justin Hammer 1 hour ago (edited)
"I have noticed that booting into Windows 10 off of my 500 GB Samsung 850 EVO now takes around 3 seconds longer since the patching as well as drastically slower load speed from my 7200 RPM secondary drive whether it be load times into games or the icons of the videos and photos. The CPU I have is an i7 6700k clocked at 4.4Ghz."

Vyacheslav Ivanov 1 hour ago (edited)
"Hey Jay. Before the Intel vulnerabilities rolled out, my 8700k was running flawlessly. When I heard about the vunerabilities, I did a BIOS+ Windows 10 patches and that negatively slowed down my system when I compared benchmarks similar to yours. And I noticed the performance degradation in my daily tasks. So I sold my parts and went to the Ryzen 7 2700x and X470."

Vyacheslav Ivanov 1 hour ago (edited)
"Hey Jay. Before the Intel vulnerabilities rolled out, my 8700k was running flawlessly. When I heard about the vunerabilities, I did a BIOS+ Windows 10 patches and that negatively slowed down my system when I compared benchmarks similar to yours. And I noticed the performance degradation in my daily tasks. So I sold my parts and went to the Ryzen 7 2700x and X470."

Tekjunkie28 1 hour ago
"I had a 4670K that was a great PC up until about January. I noticed while gaming and running twitch or YouTube on my 2nd monitor that it was stutter or last the video. Gameplay wasn't slowed down that much overall but it was quite annoying. I upgraded to a 2700x and all is better. I always take care and maintain a clean PC both hardware and software. The only issue I can come up with is meltdown and spectre patches slowing down the older hardware. I have a friend who still uses the 4670k system he built and is now noticing voice cutout in discord while we play pubg. Started about 3 weeks ago or so."

Traumbrecher 30 minutes ago
"I don't know if you'll quite be able to recreate this, but I definitely noticed an impact on my work-provided laptop, which is a Lenovo P50 with a Xeon E3-1505M chip, 16GB RAM, 500GB SSD. Before the Spectre/Meltdown patches, this thing was pretty quick. After the patches, the most menial things like trying to run multiple browser tabs, a couple Excel docs, and Outlook 2013 all at once seem to bog it down and cause it to have to think for a few seconds, which really impacts my speed at work and is damn frustrating to productivity levels. When you can move faster than a Xeon-powered laptop, it's a bit ridiculous and aggravating. If you're able to get your hands on any Xeon chipped PCs (whether laptop, desktop, server, whatever), I'd be interested in seeing you test this pre/post-patch on those CPUs."

Marco Chaves 44 minutes ago
"Massive drop here. 6700k @ 4.2gh ALL cores. 2x8gb DDR4 3200 cl16. Gtx1070. Windows 10 fully updated. Bf1 amiens high quality preset minimuns of 120 FPS before patching and now dips to about 90 FPS. 64 players Conquest."

Rick Cooper 28 minutes ago
"Intel I7 5820k asus sabertooth x99 with 32gb of 2666mhz memory I have noticed major impact we are talking lags and such i can reinstall OS pre patch before spectre patches and machine is fine after i get lags and such i have redone windows 10 OS at least 8 times and noticed it everytime after the patches machine bogs / lags and i have checked all overclocks thoroughly 4.4ghz 4ghz stock you name it i notice it. I have tried about everything even RMA'd the memory / ssd and am about to RMA the CPU to make sure it isnt the CPU i have changed mobo also again after the windows updates involving spectre / meltdown rig gets laggy and will have odd slowdowns can go to windows 7 or 8 and is all good no issues at all but windows 10 after patching machine goes nuts."


Some of these slowdowns could be other things, non-S&M related Windows updates or Nvidia updates or Game updates that have nothing to do with S&M...there are lots more in the comments.

 

Solving Spectre and Meltdown may ultimately require an entirely new type of processor
Are Meltdown and Spectre too fundamental to patch? One expert suggests they may be.
By Mark Hachman, Senior Editor, PCWorld | AUG 21, 2018 9:00 AM PT
https://www.pcworld.com/article/329...equire-an-entirely-new-type-of-processor.html

"How to identify and fix execution bugs like Spectre and Meltdown has been a burning topic among microprocessor buffs this year.

At Hot Chips, one of the industry’s premier academic conferences on microprocessors, experts agreed that the ultimate solution to solving them may require, yes, a lot more talk.

At a panel Monday at the Cupertino, California event, Professor Mark Hill of the University of Wisconsin, Madison, was asked to think about the implications of side-channel, speculative execution attacks on modern microprocessors like those made by ARM, Intel, and others.

His solutions included specialized cores, flushing caches on context switches, and business ideas like charging more for exclusive virtual machines.

But the real answer, he and several other panelists said, is more collaboration between hardware and software designers—and maybe a complete redesign of today’s microprocessors..."

"...
Hill’s suggested solutions included isolating the branch prediction element, adding randomization, and implementing better hardware protections.

Adding slower, safer execution modes by turning off speculation could be one solution; another would be to split an execution engine between “fast cores” and “safe cores.”

He also suggested business solutions including charging more for virtual machines—instead of sharing hardware resources with more than one VM, a cloud provider could provide exclusive access.

Finally, Hill noted that Spectre-style attacks could also lead to resurgence of accelerators: fixed-purpose logic that is optimized for a single task, and doesn't rely on speculation.

The fundamental solution to the problem, though, would be a ground-up reworking of the architectural definition, Hill said.

A computer architecture is the way in which a processor executes the software instruction set, with arithmetic units, floating-point units, and more—and today’s chips were designed to conform to the needs of the original model.

But if the basic architectural model is fundamentally flawed, he said, it may be time for a new one. In other words, Spectre and Meltdown aren’t bugs—just flaws in the design of all modern chips—and a new model may be needed..."

 

Yeah,

From my previous posts...


Will Microsoft pull July/August 2018 Microcode updates?
Posted on 2018-08-28 by guenni

​

[German]Does Microsoft withdraw or replace Intel Microcode updates for Windows released in July/August 2018? Here are a few things I’ve compiled with the request for feedback, maybe there is an explanation.


Chaos at the July/August Microcode Updates-borncity.com
Addendum: Same questions at askwoody.com
Seems to be an incident, seconds after I published the above article, Susan Bradley posted this article on askwoody.com with some additional information. It seems that Microsoft withdraw several updates.

-----------------------------------------------------------------------

Patch Lady – what’s up with the Microcode updates?
Posted on August 28th, 2018 at 09:09 Susan Bradley Comment on the AskWoody Lounge
Yesterday we’ve been seeing potential issues with the microcode updates and they were expired off of WSUS servers last night…


https://www.reddit.com/r/sysadmin/comments/9apooi/kb4100347_rendering_systems_unbootable/?st=jlckzbjr&sh=94b0f954

https://www.reddit.com/r/Windows10/comments/995k2s/got_the_kb4100347_update_july_cumulative_update/e4m9ffn

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb4100347-intel-cpu-update-causing-boot-issues-and-pushed-to-amd-users/

Unsure what’s up, but Microsoft appears to be pulling these updates back.

I think there is/was metadata detection issues and they were offered up and installed on machines they shouldn’t have been installed.

-----------------------------------------------

Exactly as I expected! I'm an realist. Jump right into the M$ Update mess fastest possible as many others (For me equal... hiding the head in the sand) ain't for me @Mr. Fox Why should I ?

From one of the links above...

 

well.. I don't even use any of there microcode.. I just simply removed them due to it is messing with my BCLK OC on my non OC HQ CPU

Security is you! not the OEMs .. if you know what you are doing then.. you don't need any of those Micro$hit I completely removed all the microcodes from my BIOS and I simply use the software oriented microcodes and I had no more issues related to BCLK issues

 

Do you mean that microcodes which are sent by MS Updates actually don't interfere with undocumented overcklocking capabilities of Non-OCeable processors? Is it the same for Multiplier unlock or BCLK only?
P.S. You change BCLK in BIOS, right?

 

yup it won't cause any problems related to BCLK OC but... regarding to Multiplier unlock I don't know about it because my 6700HQ cpu can't have Multiplier unlocked or by other means.. Impossible (Only managed to unlock Multiplier while using 1 core only but not while using 2 cores or more) because it is officially locked although BCLK is officially locked too! but I found a way around to unlock it unofficially through modding & unlocking BIOS Fully from A-->Z

and yes.. I change BCLK in BIOS but only after I make sure that it is solid stable I was changing it through BCLK in XTU and after I make sure it was solid stable I changed it through BIOS to apply permanently

 

This directly brings up the point of waiting for stability to be tested. You do understand why it was forced in the first place, right? Too many people, when given the choice, didn't take it when proven safe. Another reason is to force telemetry and marketing on the OS down people's throats so that they could transition it to an OS as a service model, putting the legwork in on the transition so that they could say it is primarily their services offered that is being bought rather than their product, which removes it from the protections in CISG and the UCC, moving it to contract law based on services, which are much more profitable for companies and can allow giving up of rights to the company that you would otherwise have if you purchased a good.

Now, this is why I find there should be a happy middle ground, one M$ still hasn't figured out. They do have a setting for updates that is found, at least in the Enterprise edition, in Windows Updates > advanced options that allows changing from Semi-Annual Channel (Targeted) to Semi-Annual Channel, the first being mostly stable and the second being for widespread adoption. This still isn't good enough, but it is a start.

Before this, you would have boffins like Woody and others collect user experience and problems, dig into the changes that occurred for the updates considering the considerable lack of information from M$, etc. It is good work. But, there is a difference between waiting for that information and a push to not do ANY security updates.

 

Isn’t that quote (Don’t get me wrong...)in my last posts? Not always easy use a phone when posting.

 

I didn't see it at first and edited my post for that reason. Please review to see if you still agree with the content. I do apologize, I noticed that you had liked it in between my first posting of it and the edit (but hoping to get it fixed before anyone reacted, read, etc., I failed in that regard). So, unlike what is common with me in marking my edits of posts, this time I did not, would like to apologize, and would like this to be here to give context to your post.

 

I don't trust on M$ at all.
If Microsoft wanted to be the peoples good helper, they would push out Intel Microcode on all their OS (From the beginning they only offered this on 1 OS version - the last one and as optional). They could put it out to all OS (every Win 10 versions-build) if they wanted, but instead preferred to make it as a decoy to try to push everyone on the last Win 10 OS version... Not credible at all.


I don't use their update service (the forced way). I use standalone updates if there is something I want download on my computers. And I will continue in same way.

I stand on my last statements. Let the people determine what they want of patches.

All good, bruh

 

I agree, M$s handling of this, and of updates overall, has been abysmal. And the handling of important security updates has only amplified the attention to their incompetence, such as applying Intel fixes to AMD, having me download Intel's microcode update on an AMD TR machine, etc. It has also been a headache to speed up kernel patches for Linux, BSD, Apple, etc., but M$ seems to keep screwing the pooch on it, so to speak. Plus, microcode updates for Windows only causes a software implementation of the microcode during boot processes. We really need firmware application to flash the chip microcode to not need the software side from M$. But, that is also why I do not mind waiting months for them to say, hey, we got this stable, you really should update it. Also allowing people to look up deployment problems.

If being honest, M$ is the reason I recently did a clean format and install of Win 10 Ent 1803. If they didn't break it in the upgrade where things were messing up, then I wouldn't have had to do it (I am changing my backup retention program due to their broken system). So I do get it. But I also believe there is a middle ground here.

 

Is Hyper-Threading a Fundamental Security Risk?
Joel Hruska on August 27, 2018 at 9:00 am
https://www.extremetech.com/computing/276138-is-hyper-threading-a-fundamental-security-risk

"Ever since Intel introduced Hyper-Threading (known generically as Simultaneous Multi-Threading), debates about whether or not to disable the feature have almost entirely revolved around its impact on performance.

Back when the feature debuted, it wasn’t unusual for programs to misinterpret what it meant for a system to have a virtual CPU core as opposed to a second physical chip (back then, it was one core to a socket, no exceptions, and programs didn’t differentiate between a physical and a logical CPU core).

As software and operating systems were updated, HT settled down and it’s less common today to need to shut it off to preserve performance.

But in the wake of Spectre, Meltdown, and Foreshadow, serious concerns have been raised about the security implications of Hyper-Threading.

Theo de Raadt, the founder of OpenBSD, argues that HT can no longer be trusted and should be disabled by default. ExtremeTech reached out to de Raadt to discuss the issue and why he and other developers in the open-source software community are concerned about the security risks of Hyper-Threading.

Spoiler

According to de Raadt, every operating system is either adding the ability to disable Simultaneous Multi-Threading (Intel’s Hyper-Threading is a specific implementation of SMT) or modifying their schedulers “to avoid co-tenancy on SMP cpus of different security domains.” Symmetric Multi-Processing, or SMP, refers to the modern practice of having multiple CPU cores on a single die, all with access to a combined pool of memory and devices. In contrast, Intel’s Hyper-Threading shares certain resources between the physical core and its logical counterpart, including translation lookaside buffers (TLBs), the L1 data cache, and the branch target cache (BTC) without providing any ability to differentiate between security domains and isolate data between the two CPU cores.

As we’ve previously discussed, Spectre, Meltdown, and Foreshadow are all flaws that exploit certain behavior that Intel CPUs engage in when they speculatively execute instructions. While speculative execution is a longstanding and proven technique for improving overall CPU performance, de Raadt identifies three distinct issues that have combined to create these problems. He writes:

1) Intel CPUs fetch and decode and execute instructions including their data loads without doing any security checks, then unwind them if they were wrong after the fact. CPUs from other vendors have experienced minor spectre problems, but Intel takes it to a whole new level.

2) Since they don’t do security checks up front, and tie their L1D to their TLB, Intel has a really astounding “where did a cache line come from, we don’t care” error in their L1D cache, which results in data in a cache line from a different privilege domain becoming visible to speculative instructions, which creates a further spectre problem.

3) The same speculation without security check applies to registers. Intel didn’t even check if the FPU is enabled, before accessing FPU registers. So they really don’t do *any security checks* before running an instruction. ALL decisions are made at the end. That means ALL instruction sequences have spectre side effects, and we are simply waiting for people to find worse consequences and publish them.

de Raadt also criticized Intel’s disclosure policies, noting that OpenBSD has had to study workarounds in other projects, like Xen and FreeBSD, to create their own solutions. He believes it’s likely that we’ll continue to see more security flaws related to Spectre and that there’s a possibility for black hats to combine different methods of exploiting these flaws to break security models. Foreshadow, it could be argued, is one such attack. While more complex than the first variants of Spectre, it can also be used to break Intel’s Software Guard eXtensions, or SGX — and SGX was supposed to be immune to this kind of attack. There’s even a chance that these attacks could be used to leak address information, which means Spectre and Rowhammer could be combined. It’s the gift that keeps on giving.

Thus far, OpenBSD is the first operating system to call for disabling HT altogether — Intel’s official guidance is that HT does not need to be disabled if all other fixes and patches have been deployed. But it’s incredibly difficult to practically guarantee that all necessary security contexts will be maintained and respected in the absence of hardware restrictions that prevent two different processes operating in different security domains from running at the same time. Even if you can ensure that the processes running on a CPU are compatible from a security domain perspective, as soon as the security domain of one of those processes shifts, you’d have to evict it from the CPU core it’s running on and put it somewhere else — flushing the caches and TLB in the process. Modern OS schedulers regularly move workloads across CPU cores to optimize execution, but forcing a CPU to do this in the name of security can carry a heavy performance hit. We’ve already seen some evidence of this in Spectre, although the tests that exposed it tended to be worst-case scenarios.

Is AMD Affected?
Thus far, almost all the discussion around Spectre, Meltdown, and Foreshadow has focused on Intel. There’s a practical reason for this. These attacks are believed to threaten the security of cloud and enterprise server providers and Intel dominates these markets. Prior to the launch of Epyc, Intel held 99% of the x86 server market and the overwhelming majority of servers sold per year are x86 machines. AMD has begun to chip away at Intel’s market dominance, but CEO Lisa Su has stated her company is targeting mid single-digit percentages of the market by the end of 2018. Even if AMD and Intel were equally exposed technically, Intel would be shouldering virtually the entire effective exposure.

But while this could change in the future, current evidence suggests AMD CPUs aren’t nearly as vulnerable as their Intel counterparts. AMD has released a statement indicating that it isn’t impacted by Foreshadow, which Intel calls the L1TF (L1 Terminal Fault). It recommends that its customers not implement Foreshadow protections at this time and states that its CPUs are protected by hardware paging architecture protections built into Epyc CPUs.

One additional piece of evidence in AMD’s favor is that the company’s SMT implementation is known to be different from Intel’s. We’ve previously only discussed these differences in terms of their impact on performance, but the slide above does note that the L0/L1/L2 ITLBs and L1/L2 DTLBs are shared but “SMT tagged,” which means they can only be accessed by the thread that owns them.

The devil is absolutely in the details on issues like this, and we don’t want to imply that this single slide establishes the degree to which AMD’s SMT implementation is or is not secure, but AMD does appear to have implemented protections in certain areas that Intel lacks.

It’s possible, for example, that future attacks could be based on cache evictions rather than speculative loads, and this type of tagging might not protect against such alternatives.

In our conversation, de Raadt notes that OpenBSD has also made changes to disable SMT and CMT (that’s Bulldozer’s core-sharing technology) on AMD CPUs out of an abundance of caution, despite not knowing if the CPUs will ultimately prove to be vulnerable to this type of attack.

As of this writing, OpenBSD 6.4 (expected in October / November) is the first OS to avoid all use of Hyper-Threading and disable it by default, but other operating systems, like Red Hat, have announced that they will ship kernels with updated controls allowing users to choose whether to disable the feature or not.

Whether other vendors follow Theo de Raadt’s lead may depend on what vulnerability disclosures drop next and how serious the next round of exploits is.

Intel has announced that its upcoming Cascade Lake platform will contain hardware fixes for some Spectre variants, while others will still be mitigated by software solutions or a combination of the two.

That’s one point everyone in the security industry seems to agree on: There will be new disclosures and security issues related to Spectre that haven’t happened yet."

Comments

 

Speaking to CPU security bugs...among other things...

Despite 'Painful' Spectre Response, Linus Torvalds Says He Still Loves Speculative Execution (youtube.com)
https://linux.slashdot.org/story/18...lds-says-he-still-loves-speculative-execution

Keynote: Linus Torvalds, Creator of Linux & Git, in conversation with Dirk Hohndel, VP
The Linux Foundation
Published on Sep 4, 2018
Keynote: Linus Torvalds, Creator of Linux & Git, in conversation with Dirk Hohndel, VP & Chief Open Source Officer, VMware

 

Another Minor Optimization Queued For Systems Mitigated Against Spectre / Meltdown
Written by Michael Larabel in Linux Kernel on 8 September 2018 at 06:38 AM EDT.
https://www.phoronix.com/scan.php?page=news_item&px=Drop-SYSCALL64-Tramp-KPTI

"On Intel systems affected by the Meltdown and Spectre vulnerabilities, another minor optimization is on its way to the Linux kernel to ever so slightly lower the impact of the kernel-based page table isolation (PTI) mitigation.

The minor optimization is removing the SYSCALL64 entry trampoline. On an Intel Skylake system with Retpolines and KPTI enabled, the syscall overhead dropped from about 237 ns down to 228 ns.

It wouldn't be noticeable by itself, but for months already and likely for the foreseeable future until corrected CPUs are on the market, kernel engineers will continue to pursue every micro-optimization possible to help offset the performance losses introduced by the Spectre and Meltdown mitigation techniques.

They have certainly made improvements to the performance since the original KPTI and Retpoline work since January, but in I/O heavy syscall heavy workloads there remains a generally noticeable overhead.

As far as any security ramifications from dropping the SYSCALL64 entry trampoline, Andy Lutomirski who wrote this patch commented, " This does not add a new direct information leak, since the TSS is readable by Meltdown from the cpu_entry_area alias regardless. It does allow a timing attack to locate the percpu area, but KASLR is more or less a lost cause against local attack on CPUs vulnerable to Meltdown regardless. As far as I'm concerned, on current hardware, KASLR is only useful to mitigate remote attacks that try to attack the kernel without first gaining RCE against a vulnerable user process."

The patch as of this morning is now queued in Thomas Gleixner's x86 / pti branch where the Spectre / Meltdown mitigation work pools before being pulled into the mainline Linux kernel."

 

Want to puke?

Windows 10 users as guinea pigs?
While writing the blog post, I was thinking about whether the Windows 10 users on the clients should serve as guinea pigs. Why?

• According to Microsoft, the microcode updates should not be offered via WSUS, but they are still distributed and installed via Windows Update.
• However, Windows 7/8.1 usually does not get these microcode updates, only Windows 10 is getting updates.
• And on Windows server systems, the administrator must explicitly activate the microcode updates (due to performance problems) via the registry entry.

Read... By Poopusan Windows 10

 

Updated OP:

Update 9/14/2018 - Summary of Intel microcode updates
Last Updated: 13 Sep 2018
https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates

Protect your Windows devices against Spectre and Meltdown
Last Updated: 11 Sep 2018
https://support.microsoft.com/en-au...your-windows-devices-against-spectre-meltdown

 

I just found another ms's trick to force people from Windows 7. The Meltdown Patch can be optimised for better performance with PCID for processors Haswell+ which support both PCID and INVPCID.
The problem is that InSpectre told me that performance optimization is not enabled for this type of OS yet could be and should be.
Google told me that Windows 8.1 and above (Server 2012 and above) actually use it while users with Windows 7 do not.

Looks like microsoft uses anything possible to drop Windows 7 support in favor of newer operating systems.

 

Spectre and Meltdown Hardware Protection Added to Intel's 9th Gen CPUs
By Lawrence Abrams, October 8, 2018, 11:42 AM
https://www.bleepingcomputer.com/ne...ware-protection-added-to-intels-9th-gen-cpus/

"As part of today's Intel's Fall Desktop Launch event, new 9th generation CPUs were announced that include hardware protection for two of the Spectre and Meltdown vulnerability variants. This information was slipped into the fine print of a slide announcing the release of Intel's new 9th Gen CPUs as can be seen below.

Spectre and Meltdown protections in 9th Gen CPUs
The fine print listed in the slide above states:

The new desktop processors include protections for the security vulnerabilities commonly referred to as "Spectre", "Meltdown" and "L1TF". These protections include a combination of the hardware design changes we announced earlier this year as well as software and microcode updates.

* Speculative side channel variant Spectre V2 (Branch Target Injection) = Microcode + Software

* Speculative side channel variant Meltdown V3 (Rogue Data Cache Load) = Hardware

* Speculative side channel variant Meltdown V3a (Rogue System Register Read) = Microcode

* Speculative side channel variant V4 (Speculative Store Bypass) = Microcode + Software

* Speculative side channel variant L1 Terminal Fault = Hardware

In March 2018, Intel announced that they would be adding hardware protection to forthcoming CPUs that would protect users against some of the variants through partitioning.

"While Variant 1 will continue to be addressed via software mitigations, we are making changes to our hardware design to further address the other two," former Intel CEO Brian Krzanich stated in a press release. "We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional “protective walls” between applications and user privilege levels to create an obstacle for bad actors."

With the release of the 9th gen CPUs, hardware protection for the L1 Terminal Fault and Meltdown V3 vulnerabilities has been added, but the other vulnerabilities still require software and microcode protection.

For those looking for more information regarding the Spectre & Meltdown vulnerabilities, you can read out prior coverage:

• Google: Almost All CPUs Since 1995 Vulnerable To "Meltdown" And "Spectre" Flaws
• Microsoft: Performance Dip on Old Windows Versions Due Meltdown & Spectre Fixes
  
• Intel Announces CPU Hardware Protections to Prevent Future Spectre-Like Flaws
  
• Researchers Disclose New Foreshadow (L1TF) Vulnerabilities Affecting Intel CPUs

Previous software and microcode protections would cause a performance hit on older CPUs. With the release of these new CPUs, they are powerful enough that any performance hit caused by these protections should not be noticeable.

It has not been detailed what specific hardware changes were made add protection. BleepingComputer has contacted Intel for more information, but had not heard back at the time of this publication.

This is a developing story..."

See also:

Intel Core i9-9900k 8c/16t, i7-9700K 8c/8t, i7-9600k 6c/6t 2nd Gen Coffee Lake CPU's + Z390
http://forum.notebookreview.com/thr...e-lake-cpus-z390.811225/page-50#post-10806888

 

And on the same subject as the above post, and covering some of the same info, but they have a nifty easy to understand table here that summarises:
https://www.guru3d.com/news-story/s...hardware-for-new-core-desktop-processors.html

 

Gaming slowdown traced to Spectre Microcode patch included with Windows 10 Update 1809, if you didn't have that microcode patch installed already. It made the new Nvidia driver update seemingly slow down gaming performance:

NVIDIA Slows Performance in New Drivers
Testing Games
Published on Oct 12, 2018
NVIDIA Drivers 399.24 vs 416.16 on GTX 1060 6GB
http://forum.notebookreview.com/threads/nvidia-thread.806608/page-80#post-10808829

 

I post here instead of the Nvidia thread.

FYI. Aida64 and Sisoft Sandra will show the Intel Microcode outside regedit and Hwinfo. And if you add in a newer Linux microcode Data file it won't show up in Regedit. But the Cpu will pick up the newest one whatever it is located.

 

Researchers Claim to Find New Solution to Spectre, Meltdown Tomshardware.com | October 18, 2018 at 10:20 AM


Spectre and Meltdown shook many PC enthusiasts when they came to light. They were essentially the first speculative execution flaws to attract global attention, and because they affected processors from Intel and AMD to varying degrees, the internet was awash with concern for several months. Eventually, researchers discovered more and more speculative execution flaws. But now researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they've found a way to prevent these attacks.

The researchers call their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent paper. This name stands in opposition to Intel's Cache Allocation Technology (CAT) and is said to prevent attackers from accessing ostensibly secure information through exploiting flaws in the speculative execution process. Best of all, DAWG is said to require very few resources that CAT isn't already using and can be enabled with operating system changes instead of requiring the in-silicon fixes many thought were needed to address the flaws.

 

Windows 10 2019 Will Reduce Performance Hits Caused by Spectre Mitigations to “Noise-Level”
By Rafia Shaikh, 3 hours ago
https://wccftech.com/windows-10-2019-spectre-v2-slowdowns/

"Microsoft is currently pushing out new Preview Builds from Windows 10 2019 edition to Insiders in Skip Ahead and Fast Ring. Along with other improvements and features, it looks like the next version of the desktop operating system carries a mitigation for the Spectre v2 speculative execution side-channel attack that will stop the machines from slowing down.

When the companies hustled to address Spectre and Meltdown vulnerabilities, one of the major concerns was the reduced performance of the PCs. Mitigation, in some tests, showed a severe impact on performance that could go from 5% to 30%. Intel’s microcode mitigations for Spectre variant 2, tracked as CVE- 2017-5715, were specifically of concern as they change how hardware speculatively executes.

However, Google’s cloud systems suffered little to no impact as the company engineers developed a software-based mitigation for Variant 2 known as Retpoline that offers near to no impact on performance.

“Retpoline as a mitigation strategy swaps indirect branches for returns, to avoid using predictions which come from the BTB, as they can be poisoned by an attacker.
The problem with Skylake+ is that an RSB underflow falls back to using a BTB prediction, which allows the attacker to take control of speculation.” – LKML

It appears that the Windows maker is now planning to take a similar approach with Windows 10 19H1. According to reports (first spotted by MSPU), the Redmond tech giant will “enable Retpoline by default” starting from the next feature update that will be released to Windows 10. This change was first reported by Insiders who are currently testing the Windows 10 19H1 builds.

Windows Kernel team’s Mehmet Iyigun‏ later confirmed this change, suggesting that Windows 10 2019 will be able to reduce performance impact caused by Spectre v2 mitigations to “noise-level.”

Yes, we have enabled retpoline by default in our 19H1 flights along with what we call "import optimization" to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios. https://t.co/CPlYeryV9K
— Mehmet Iyigun (@mamyun) October 18, 2018

Retpoline has already been implemented by Linux distributions, including Red Hat and SUSE. It appears that Microsoft could have implemented this with Windows 10 October 2018 Update.

“It’s possible to enable retpoline on stock RS5 since the necessary binary metadata is present in the binaries,” Windows’ Iyigun‏ added. “However, we also have made a few fixes and perf improvements after RS5 forked, so it’s better as a complete package…”"

 

Great news. I just assumed Intel would rather sell new chips with hardware mitigations, and that MS wouldn't care enough - so we'd have to live with reduced performance until we upgraded. Apparently not!

 

Microsoft to Implement Google's Solution to Speed up Windows 10 Version 1903
The next version of Windows 10 (coming in 2019) will be faster, thanks to new approach to mitigate the Spectre and Meltdown vulnerabilities.
Mauro Huculak @pureinfotech, October 20, 2018
https://pureinfotech.com/windows-10-version-1903-19h1-retpoline/

Previous article on v1903, recently updated:

Windows 10 version 1903 (19H1): All the new features and changes
UPDATED 10/27: Windows 10 version 1903 (19H1) is expected to rollout sometime in spring 2019, and here are all the new features and changes that Microsoft has added to the new version thus far.
https://pureinfotech.com/windows-10-1903-19h1-april-2019-update-features/

Windows 10 update (and retirement) calendar: Mark these dates
Microsoft is releasing new versions of Windows 10 on a set schedule – and just as regularly retiring older versions from support. Here are all the dates you need to know about through Windows 7's retirement in 2020 and beyond.
https://www.computerworld.com/artic...and-retirement-calendar-mark-these-dates.html

"March 12, 2019
Windows 10 1903 – probably named "April 2019 Update" – launches between this date and late April.
...
July 15, 2019
Around this date, Microsoft will notify customers – on a post to a company blog – that Windows 10 1903 is stable enough to deploy to all corporate PCs and will simultaneously begin seeding Windows 10 Pro, Pro Workstation and Enterprise with the upgrade via Windows Update for Business (WUfB).
...
Nov. 10, 2020
Microsoft purges Windows 10 Home 1903, Pro 1903 and Pro Workstation 1903 from the support roster on this date or later."

 

Intel CPUs fall to new hyperthreading exploit that pilfers crypto keys


Reference:-
https://arstechnica.com/information...erthreading-exploit-that-pilfers-crypto-keys/

I guess Intel is going for another round of never ending fixes

 

After reading that, seems more of a threat for cloud servers, and not exploitable by Java over the internet, probably no real tangible risk most PC users. Intel & OS providers still need to cover these threats though, so will be interesting to see what is done & if there are more performance impacts to come.

On some previously released news, I'm happy to hear that retpoline is going to be incorporated in Windows next year, which will provide Spectre fixes without the need for the performance decreasing microcodes. Actually, does that mean that motherboard manufacturers will need to re-issue new microcodes that don't have the Spectre fix - to allow for the performance to come back once this retpoline fix has been issued by Windows? Or I suppose retpoline fixed Windows could automatically disable the previous Spectre microcode fixes in the registries - a bit like how that free program InSpectre can be used to enable & disable the Spectre protection to regain performance.

 

Looks like openBSD was right about HT being a security issue on Intel and AMD.