LinkBack URL
About LinkBacksPanda aren't ready yet it seems. Though what's to stop previously naughty AVs just setting the reg key?
Panda aren't ready yet it seems. Though what's to stop previously naughty AVs just setting the reg key?
Hardwareluxx did some testing too:
https://www.hardwareluxx.de/index.ph...or-design.html
Das Testsystem
Prozessor Intel Core i7-3960X 3,3 @ 3,9 GHz
Kühlung Corsair H110i GT All-in-One-Wasserkühlung
Mainboard ASUS P9X97 Deluxe
Arbeitsspeicher G.Skill
SSD OCZ Arc 100 240 GB
Netzteil Seasonic Platinum Series 1.000 Watt
Betriebssystem Windows 10 64 Bit
Gehäuse Fractal Design Define R5
A GTX1080TI was used.
Also from the Hardware Unboxed video:
So,the patch tested so far is not the full one.Apparently the full fix will also rely on firmware updates from Intel, so I’ll keep you guys up to date with news and benchmark results.
Is the vulnerability as bad as the news and some tech sites are making out ? - at least from a home user standpoint. I'm no tech wiz but this flaw seems to just render available the same vulnerabilities as a normal key logger or sniffer would do. I mean it's just opening up the potential to 'read' kernel level content. It's not allowing execution of any code at kernel level right ?
Or am I misunderstanding how it all works ?
Intel Core i7 5930k @ 3.7Ghz Turbo
MSI X99A Gaming 7
16Gb Corsair DDR4 2667Mhz
2x SLI MSI GTX 980
2x 500Gb SSD's (Raid 0)
EVGA 1000w PSU
Windows 7 Pro 64Bit
G-Sync AOC G2460PG 1080p
LG Flatron W2261VP
But this one doesn't rely on the stupidity of a user to download and install said key logger or sniffer. I can imagine the 'bad guys' are trying to squirrel it away into adverts so it'll run when you browse the interwebs.Originally Posted by Dave_07
Interesting read on how "retpolines" are being made into a compiler option to make one of the Spectre attacks go away. That's horrible, I have to wonder if just turning off speculative indirect jumps in the kernel space would be less than the <1.5% performance hit being seen here.
https://support.google.com/faqs/answer/7625886
Out of order execution was first featured in Pentium Pro, and subsequently the Pentium II and its successors.
Oh yeah, that's ofc I think the main gateway for the majority of infections now-a-days, is via the browser. But the point I was just picking up on, is even if malicious code designed to take advantaged of this exploit does get onto a system, the most it will be able to do is just 'decern' some kernel level content right ? It's not like it's going to actually execute kernel level code right ?
Last edited by Dave_07; 04-01-2018 at 04:59 PM.
Intel Core i7 5930k @ 3.7Ghz Turbo
MSI X99A Gaming 7
16Gb Corsair DDR4 2667Mhz
2x SLI MSI GTX 980
2x 500Gb SSD's (Raid 0)
EVGA 1000w PSU
Windows 7 Pro 64Bit
G-Sync AOC G2460PG 1080p
LG Flatron W2261VP
Its interesting how the tests with the Core i7 7700K and Core i7 3960X seems to show more performance drop in games than the Core i7 8700K tested by Hardware Unboxed.
The problem is if this affects older CPUs worse than newer ones,then its not going to be highlighted by many websites as they will only test the latest high-end CPUs.
Plus what about a lower end CPU like a Core i3 for example??
Also the issue is all the games tested so far seem quite multi-threaded,so what about the ones based on older engines which are probably more I/O limited??
From my admittedly limited understand the performance hit will be minimal on any (only Intel?) processor that implements PCID (Process context identifiers) (was that from Sandy Bridge onwards?) as without PCID the information in whatever cache (TLB?) has to be cleared before a context switch so as not to expose ring 0 (Kernel) data to a ring 3 (user) process, however with PCID (afaik) the data stored in the cache is fenced off and only accessible with the relevant permission so when a context switch is needed there's no need to flush the cache.
The big question that we're all missing. Are the new VIA processors vulnerable xD
Someone tested a Core i5 4690K based system with an RX580 8GB:
https://www.reddit.com/r/pcgaming/co...tch_impact_on/
Nobody will care about them,since it is not worth the effort,hence they are INVINCIBLE!!
Xlucine (04-01-2018)
You're correct in isolation. But they can get hold of sensitive data like passwords (including potentially admin/root passwords) which allow them to use another method to execute code.
I would laugh if Intel knew about this all along, but considered it worthwhile to keep up the "competitive edge" over AMD...
edit: grammar
lol well the CEO sure knew, as he dumped pretty much all of his personal stock shares in intel a few months before all this leaked out.
Intel Core i7 5930k @ 3.7Ghz Turbo
MSI X99A Gaming 7
16Gb Corsair DDR4 2667Mhz
2x SLI MSI GTX 980
2x 500Gb SSD's (Raid 0)
EVGA 1000w PSU
Windows 7 Pro 64Bit
G-Sync AOC G2460PG 1080p
LG Flatron W2261VP
I'd be pretty shocked if they didn't know about it all along TBH, obviously like any integrated circuit designer they'd never admit knowledge, or voluntarily divulge, information of an errata as that would be like telling the world the lock on your front door isn't all that, but the fact they introduced PCID (Process context identifiers) in latter designs kind of gives away the fact that they where aware of the potential for data to leak from one process to another.
It also probably explains why the Zen microarchitecture is less, or not at all, effected as it was pretty much designed from the ground up whereas Intel's current processors are all based on the basic Core design that was introduced almost two decades ago but with hundreds of iterations made along the way.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
