Page 1 of 3 123 LastLast
Results 1 to 16 of 36

Thread: Zombieload Intel side-channel attack detailed

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    28,330
    Thanks
    0
    Thanked
    1,845 times in 628 posts

    Zombieload Intel side-channel attack detailed

    New sensitive data snooping attack relies on weaknesses in speculative execution.
    Read more.

  2. #2
    Senior Member
    Join Date
    May 2014
    Posts
    1,158
    Thanks
    73
    Thanked
    161 times in 110 posts

    Re: Zombieload Intel side-channel attack detailed

    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    234
    Thanks
    0
    Thanked
    19 times in 10 posts

    Re: Zombieload Intel side-channel attack detailed

    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    The more you live, less you die. More you play, more you die. Isn't it great.

  4. #4
    Cinnamon Roll
    Join Date
    Jan 2017
    Location
    Norfolk
    Posts
    523
    Thanks
    59
    Thanked
    28 times in 27 posts
    • Ozaron's system
      • Motherboard:
      • MSI Z170 SLI Plus
      • CPU:
      • i5-6600K @ 4.3GHz
      • Memory:
      • 16GB HyperX DDR4 2666MHz CL14
      • Storage:
      • Toshiba X300 4TB (2), Samsung 850 Evo 500GB
      • Graphics card(s):
      • Sapphire R9 Fury Nitro
      • PSU:
      • Seasonic M12-II 620w
      • Case:
      • In Win 707 ATX
      • Operating System:
      • W10 Enterprise 64bit
      • Monitor(s):
      • BenQ GW2765HT
      • Internet:
      • 2.5 MB/s ↓ 0.86 MB/s ↑ ~20ms

    Re: Zombieload Intel side-channel attack detailed

    How many is this now? I'm losing count...

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    234
    Thanks
    0
    Thanked
    19 times in 10 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Tabbykatze View Post
    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    The more you live, less you die. More you play, more you die. Isn't it great.

  6. #6
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    9,718
    Thanks
    478
    Thanked
    994 times in 846 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 2600X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 28 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: Zombieload Intel side-channel attack detailed

    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security

  7. Received thanks from:

    mtyson (15-05-2019)

  8. #7
    Senior Member
    Join Date
    May 2014
    Posts
    1,158
    Thanks
    73
    Thanked
    161 times in 110 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    Probably not far off...

    Quote Originally Posted by DanceswithUnix View Post
    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security
    Looks that way, it's in their best interests to make sure they both are secure and have a one up on Intel.

  9. #8
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    14,995
    Thanks
    1,187
    Thanked
    2,230 times in 1,835 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 1x 8GB DDR4 2400
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    Just a new attack vector - once someone demonstrates one proof-of-concept attack through a new vector others will inevitably start exploring ways of using it, and you get a big spike in related exploits. And since Intel makes up the vast majority of the desktop CPU market it's an inevitable target for testing.

    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?

  10. #9
    Member
    Join Date
    May 2009
    Posts
    124
    Thanks
    30
    Thanked
    14 times in 11 posts
    • blokeinkent's system
      • Motherboard:
      • MSI MPG Z390 Gaming Pro Carbon AC
      • CPU:
      • Core i7 9700KF s1151 3.6/4.9GHz
      • Memory:
      • 16GB (2x8GB) Corsair DDR4 Vengeance LPX Black PC4-25600 (3200)
      • Storage:
      • Samsung 2TB 860 Evo SSD + 250GB 750 Evo SSD + 3x WD 6TB
      • Graphics card(s):
      • EVGA GTX 1070 FTW Gaming ACX 3.0
      • PSU:
      • Corsair AX 760
      • Case:
      • Fractal Design Define S2 (White)
      • Operating System:
      • Windows 10 Pro 64bit
      • Monitor(s):
      • Acer Predator XB281HK 4K
      • Internet:
      • TalkTalk Faster Fibre +Boost

    Re: Zombieload Intel side-channel attack detailed

    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.

  11. #10
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    2,561
    Thanks
    0
    Thanked
    96 times in 79 posts

    Re: Zombieload Intel side-channel attack detailed

    I don't think AMD are susceptible but I bet they are sure gonna find out a million percent (RIP Jezza Kyles show) that they aren't...
    Old puter - still good enuff till I save some pennies!

  12. #11
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    9,718
    Thanks
    478
    Thanked
    994 times in 846 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 2600X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 28 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by scaryjim View Post
    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?
    Occam's razor would suggest it is just basic sloppiness. Yes it is difficult to get right, so would be an obvious corner to cut when up against a deadline.

    AMD still have a burden of having to be seen to be compatible and I think are held to a higher standard than Intel and so have to put more effort in for the fear of people pointing and shouting "incompatible" at the first hint of trouble.

  13. #12
    Senior Member
    Join Date
    Dec 2005
    Posts
    695
    Thanks
    63
    Thanked
    72 times in 49 posts
    • Kanoe's system
      • Motherboard:
      • Asus Z9PE-D8 WS
      • CPU:
      • 2x Intel Xeon E5-2670 @ Stock
      • Memory:
      • Corsair Vengeance Arctic White 32GB (8 x 4GB) @ Stock
      • Storage:
      • 240GB SanDisk Extreme II SSD, 960GB ADATA 8200 M.2, 960GB SanDisk Ultra II SSD, 1TB Samsung F3 HDD
      • Graphics card(s):
      • Sapphire R9 295X2 OC @ Stock
      • PSU:
      • Superflower 1200W
      • Case:
      • Phanteks Enthoo Primo v2
      • Operating System:
      • Win 10 Pro 64bit
      • Monitor(s):
      • 28" ASUS PB287Q 4k + 24" Dell U2412M
      • Internet:
      • VM @ 350/20

    Re: Zombieload Intel side-channel attack detailed

    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.

  14. #13
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,236
    Thanks
    154
    Thanked
    146 times in 102 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 2x500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • NZXT Source S340 Mid Tower
      • Operating System:
      • Win 10
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~30Mb

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Kanoe View Post
    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.
    Didn't the Spectre/Meltdown microcode fixes get deployed with Windows - I think this is the one: https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

    Presumably the same will happen here? (I wonder what further impact this will have on my ageing 3570k that I cannot afford to replace.)
    Trust

    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

  15. #14
    Member
    Join Date
    Jun 2018
    Posts
    117
    Thanks
    8
    Thanked
    25 times in 19 posts
    • atemporal's system
      • Motherboard:
      • Dell ownbrand
      • CPU:
      • i5-2500
      • Memory:
      • 4GB DDR3
      • Storage:
      • 160GB HDD
      • Graphics card(s):
      • you're kidding right?
      • PSU:
      • 300W OEM Dell
      • Case:
      • Dell Optiplex 990
      • Operating System:
      • windows 7
      • Monitor(s):
      • Some small 17" dell thing
      • Internet:
      • yes I has the internet

    Re: Zombieload Intel side-channel attack detailed

    only if you're on win10 and for a generation they want to support. Win7 could be patched too but they can't be arsed despite intel releasing the fix for it. So neither MS nor the mobo manufacturer will release the fix despite the code for it being released by intel.

  16. #15
    Senior Member
    Join Date
    May 2009
    Location
    Where you are not
    Posts
    586
    Thanks
    227
    Thanked
    46 times in 37 posts
    • Iota's system
      • Motherboard:
      • Asus Maximus Hero XI
      • CPU:
      • Intel Core i7 9700K
      • Memory:
      • CMD32GX4M2C3200C16
      • Storage:
      • 1 x 250GB / 1 x 1TB Samsung 970 Evo Plus NVMe
      • Graphics card(s):
      • Nvidia RTX 2080 FE
      • PSU:
      • Corsair HXi 850
      • Case:
      • Lian Li PC-X500B
      • Operating System:
      • Windows 10 Pro 64-bit
      • Monitor(s):
      • Dell S2716DG
      • Internet:
      • 40Mbps SKY Fibre

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by blokeinkent View Post
    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.
    At least you'll get OS level microcode support, more than users of older systems will receive. Also looking at the performance hit, if it's negligible on the 9900K, I doubt the 9700K/KF will be much different. Seems like it's a design flaw that has propagated through multiple refreshes of the architecture, until Intel come up with a newer chip design they'll probably see more exploits in a similar vein to this.

    Honestly as long as you aren't doing stupid things to get malware infections, it shouldn't be an issue anyway.

  17. Received thanks from:

    blokeinkent (15-05-2019)

  18. #16
    Senior Member
    Join Date
    May 2014
    Posts
    1,158
    Thanks
    73
    Thanked
    161 times in 110 posts

    Re: Zombieload Intel side-channel attack detailed

    The problem is its not about "doing stuoid things" that get you infected wherein a surprising amount of infections can happen while using legitimate sites. The majority of hits i see in our environments caught by the anti exploit software often have happened by normal day to day activities and are hits from malvertisements.

    This is why in enterprise organisations HTTPS interception has become mandatory so that the deep packet inspection can prevent attacks inside the "secure" communications with remote servers.

    It's been a long time since just "doing stupid" has been the majority cause of infections.

  19. Received thanks from:

    badass (17-05-2019),DanceswithUnix (16-05-2019)

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •