Page 1 of 3 123 LastLast
Results 1 to 16 of 36

Thread: Zombieload Intel side-channel attack detailed

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    30,067
    Thanks
    0
    Thanked
    1,940 times in 681 posts

    Zombieload Intel side-channel attack detailed

    New sensitive data snooping attack relies on weaknesses in speculative execution.
    Read more.

  2. #2
    Senior Member
    Join Date
    May 2014
    Posts
    1,710
    Thanks
    104
    Thanked
    225 times in 161 posts

    Re: Zombieload Intel side-channel attack detailed

    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    327
    Thanks
    0
    Thanked
    22 times in 12 posts

    Re: Zombieload Intel side-channel attack detailed

    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    The more you live, less you die. More you play, more you die. Isn't it great.

  4. #4
    Cinnamon Roll Ozaron's Avatar
    Join Date
    Jan 2017
    Location
    Norfolk
    Posts
    592
    Thanks
    75
    Thanked
    32 times in 31 posts
    • Ozaron's system
      • Motherboard:
      • MSI X570 Unify
      • CPU:
      • Ryzen 3700X
      • Memory:
      • 32GB Patriot Blackout @ 3800 CL16
      • Storage:
      • Toshiba X300 4TB (2), Samsung 850 Evo 500GB
      • Graphics card(s):
      • Sapphire R9 Fury Nitro
      • PSU:
      • Seasonic M12-II 620w
      • Case:
      • Corsair Obsidian 500D
      • Operating System:
      • W10 Enterprise 64bit
      • Monitor(s):
      • BenQ GW2765HT
      • Internet:
      • 2.5 MB/s ↓ 0.86 MB/s ↑ ~20ms

    Re: Zombieload Intel side-channel attack detailed

    How many is this now? I'm losing count...

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    327
    Thanks
    0
    Thanked
    22 times in 12 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Tabbykatze View Post
    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    The more you live, less you die. More you play, more you die. Isn't it great.

  6. #6
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    10,942
    Thanks
    583
    Thanked
    1,174 times in 1,000 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 3700X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 30 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: Zombieload Intel side-channel attack detailed

    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security

  7. Received thanks from:

    mtyson (15-05-2019)

  8. #7
    Senior Member
    Join Date
    May 2014
    Posts
    1,710
    Thanks
    104
    Thanked
    225 times in 161 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    Probably not far off...

    Quote Originally Posted by DanceswithUnix View Post
    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security
    Looks that way, it's in their best interests to make sure they both are secure and have a one up on Intel.

  9. #8
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    15,173
    Thanks
    1,225
    Thanked
    2,280 times in 1,866 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 1x 8GB DDR4 2400
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    Just a new attack vector - once someone demonstrates one proof-of-concept attack through a new vector others will inevitably start exploring ways of using it, and you get a big spike in related exploits. And since Intel makes up the vast majority of the desktop CPU market it's an inevitable target for testing.

    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?

  10. #9
    Senior Member
    Join Date
    May 2009
    Posts
    219
    Thanks
    65
    Thanked
    20 times in 17 posts
    • blokeinkent's system
      • Motherboard:
      • MSI MPG Z390 Gaming Pro Carbon AC
      • CPU:
      • Core i7 9700KF s1151 3.6/4.9GHz
      • Memory:
      • 16GB (2x8GB) Corsair DDR4 Vengeance LPX Black PC4-25600 (3200)
      • Storage:
      • Samsung 2TB 860 Evo SSD + 250GB 750 Evo SSD + 3x WD 6TB
      • Graphics card(s):
      • EVGA GTX 1070 FTW Gaming ACX 3.0
      • PSU:
      • Corsair AX 760
      • Case:
      • Fractal Design Define S2 (White)
      • Operating System:
      • Windows 10 Pro 64bit
      • Monitor(s):
      • Acer Predator XB281HK 4K
      • Internet:
      • TalkTalk Faster Fibre +Boost

    Re: Zombieload Intel side-channel attack detailed

    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.

  11. #10
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    3,182
    Thanks
    2
    Thanked
    123 times in 105 posts

    Re: Zombieload Intel side-channel attack detailed

    I don't think AMD are susceptible but I bet they are sure gonna find out a million percent (RIP Jezza Kyles show) that they aren't...
    Old puter - still good enuff till I save some pennies!

  12. #11
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    10,942
    Thanks
    583
    Thanked
    1,174 times in 1,000 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 3700X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 30 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by scaryjim View Post
    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?
    Occam's razor would suggest it is just basic sloppiness. Yes it is difficult to get right, so would be an obvious corner to cut when up against a deadline.

    AMD still have a burden of having to be seen to be compatible and I think are held to a higher standard than Intel and so have to put more effort in for the fear of people pointing and shouting "incompatible" at the first hint of trouble.

  13. #12
    <Insert witty one liner> Kanoe's Avatar
    Join Date
    Dec 2005
    Posts
    831
    Thanks
    69
    Thanked
    78 times in 54 posts
    • Kanoe's system
      • Motherboard:
      • Asus Z9PE-D8 WS (Custom BIOS for NVMe Booting)
      • CPU:
      • 2x Intel Xeon E5-2667v2 @ Stock
      • Memory:
      • Samsung ECC RDIMM DDR3 PC-14900 128GB (8 x 16GB) @ Stock
      • Storage:
      • 960GB M.2, 960GB M.2, 960GB SSD, 2TB HDD
      • Graphics card(s):
      • MSI Sea Hawk X 1080Ti (2012MHz @1.012V)
      • PSU:
      • Superflower 1200W
      • Case:
      • Phanteks Enthoo Primo v2
      • Operating System:
      • Win 10 Pro 64bit
      • Monitor(s):
      • 28" ASUS PB287Q 4k + 24" Dell U2412M
      • Internet:
      • VM @ 940/45

    Re: Zombieload Intel side-channel attack detailed

    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.

  14. #13
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,480
    Thanks
    213
    Thanked
    170 times in 115 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 500Gb TcSunbow SDD (for games only) 1x500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • NZXT Source S340 Mid Tower
      • Operating System:
      • Win 10
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~30Mb

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Kanoe View Post
    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.
    Didn't the Spectre/Meltdown microcode fixes get deployed with Windows - I think this is the one: https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

    Presumably the same will happen here? (I wonder what further impact this will have on my ageing 3570k that I cannot afford to replace.)
    Trust

    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

  15. #14
    Member
    Join Date
    Jun 2018
    Posts
    151
    Thanks
    12
    Thanked
    34 times in 27 posts
    • atemporal's system
      • Motherboard:
      • Dell ownbrand
      • CPU:
      • i5-2500
      • Memory:
      • 4GB DDR3
      • Storage:
      • 160GB HDD
      • Graphics card(s):
      • you're kidding right?
      • PSU:
      • 300W OEM Dell
      • Case:
      • Dell Optiplex 990
      • Operating System:
      • windows 7
      • Monitor(s):
      • Some small 17" dell thing
      • Internet:
      • yes I has the internet

    Re: Zombieload Intel side-channel attack detailed

    only if you're on win10 and for a generation they want to support. Win7 could be patched too but they can't be arsed despite intel releasing the fix for it. So neither MS nor the mobo manufacturer will release the fix despite the code for it being released by intel.

  16. #15
    Senior Member
    Join Date
    May 2009
    Location
    Where you are not
    Posts
    758
    Thanks
    290
    Thanked
    58 times in 47 posts
    • Iota's system
      • Motherboard:
      • Asus Maximus Hero XI
      • CPU:
      • Intel Core i7 9700K
      • Memory:
      • CMD32GX4M2C3200C16
      • Storage:
      • 1 x 250GB / 1 x 1TB Samsung 970 Evo Plus NVMe
      • Graphics card(s):
      • Nvidia RTX 2080 FE
      • PSU:
      • Corsair HXi 850
      • Case:
      • Lian Li PC-X500B
      • Operating System:
      • Windows 10 Pro 64-bit
      • Monitor(s):
      • Dell S2716DG
      • Internet:
      • 40Mbps SKY Fibre

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by blokeinkent View Post
    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.
    At least you'll get OS level microcode support, more than users of older systems will receive. Also looking at the performance hit, if it's negligible on the 9900K, I doubt the 9700K/KF will be much different. Seems like it's a design flaw that has propagated through multiple refreshes of the architecture, until Intel come up with a newer chip design they'll probably see more exploits in a similar vein to this.

    Honestly as long as you aren't doing stupid things to get malware infections, it shouldn't be an issue anyway.

  17. Received thanks from:

    blokeinkent (15-05-2019)

  18. #16
    Senior Member
    Join Date
    May 2014
    Posts
    1,710
    Thanks
    104
    Thanked
    225 times in 161 posts

    Re: Zombieload Intel side-channel attack detailed

    The problem is its not about "doing stuoid things" that get you infected wherein a surprising amount of infections can happen while using legitimate sites. The majority of hits i see in our environments caught by the anti exploit software often have happened by normal day to day activities and are hits from malvertisements.

    This is why in enterprise organisations HTTPS interception has become mandatory so that the deep packet inspection can prevent attacks inside the "secure" communications with remote servers.

    It's been a long time since just "doing stupid" has been the majority cause of infections.

  19. Received thanks from:

    badass (17-05-2019),DanceswithUnix (16-05-2019)

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •