Page 1 of 2 12 LastLast
Results 1 to 16 of 29

Thread: CacheOut Intel CPU vulnerability detailed

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    29,388
    Thanks
    0
    Thanked
    1,924 times in 668 posts

    CacheOut Intel CPU vulnerability detailed

    Another speculative execution attack. Said to be medium severity. Intel patches on the way.
    Read more.

  2. #2
    HEXUS.Squirrel Output's Avatar
    Join Date
    Nov 2007
    Posts
    1,747
    Thanks
    696
    Thanked
    307 times in 230 posts
    • Output's system
      • Motherboard:
      • Gigabyte AORUS Master X570
      • CPU:
      • AMD Ryzen 9 3950X
      • Memory:
      • 32GB (2x16GB) DDR4 Corsair Vengeance Platinum @ 3200MHz
      • Storage:
      • Sandisk Ultra 3D 2TB
      • Graphics card(s):
      • Gigabyte RX Vega 56 Gaming OC 8GB
      • PSU:
      • EVGA G3 750
      • Case:
      • bequiet Dark Base Pro 900 Rev.2
      • Operating System:
      • Windows 10 Pro x64
      • Monitor(s):
      • 2 x Dell P2214H

    Re: CacheOut Intel CPU vulnerability detailed

    So many vulnerabilities that have come out over time and continue to come out that are Intel only, it just adds another reason for me to be glad that I chose AMD again for my new build.

    I shudder to think of the presumable cumulative impact that all of the patches would have on performance.

  3. #3
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    10,400
    Thanks
    535
    Thanked
    1,092 times in 929 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 3700X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 30 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by Output View Post
    I shudder to think of the presumable cumulative impact that all of the patches would have on performance.
    It is doing wonders for Intel's economic performance. All those servers that dropped 40% in performance, now companies have to go out and buy 40% more Xeon servers to make up the shortfall. I couldn't make this stuff up.

    And no, they can't buy AMD servers, "we only buy Dell here".

  4. #4
    HEXUS.timelord. Zak33's Avatar
    Join Date
    Jul 2003
    Location
    I'm a Jessie
    Posts
    34,774
    Thanks
    2,874
    Thanked
    2,912 times in 1,800 posts
    • Zak33's system
      • Storage:
      • Kingston HyperX SSD, Hitachi 1Tb
      • Graphics card(s):
      • Nvidia 1060
      • PSU:
      • Coolermaster 800w
      • Case:
      • Silverstone Fortress FT01
      • Operating System:
      • Win10
      • Internet:
      • Zen FTC uber speedy

    Re: CacheOut Intel CPU vulnerability detailed

    Does anyone know of anyone in the private world, who has ever been "hacked" through any of these vulnerabilities?

    There have been so many, over so long...what are the real world impacts of these?

    Does my gran (not a real person) using her 3 year old PC run the risk of a good bank hack, if she obeys every other rule of internet safety? If she never clicks a link in an email, never falls for a phishing scam, never unzips a mystery attachment etc...is she at risk?

    Quote Originally Posted by Advice Trinity by Knoxville
    "The second you aren't paying attention to the tool you're using, it will take your fingers from you. It does not know sympathy." |
    "If you don't gaffer it, it will gaffer you" | "Belt and braces"

  5. #5
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    10,400
    Thanks
    535
    Thanked
    1,092 times in 929 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 3700X
      • Memory:
      • 16GB 3200MHz
      • Storage:
      • 1TB Linux, 1TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 30 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Samsung 2343BW 2048x1152
      • Internet:
      • Zen 80Mb/20Mb VDSL

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by Zak33 View Post
    Does anyone know of anyone in the private world, who has ever been "hacked" through any of these vulnerabilities?

    There have been so many, over so long...what are the real world impacts of these?

    Does my gran (not a real person) using her 3 year old PC run the risk of a good bank hack, if she obeys every other rule of internet safety? If she never clicks a link in an email, never falls for a phishing scam, never unzips a mystery attachment etc...is she at risk?
    Yes, she would be at risk...

    She goes to her favourite knitting website.
    The website serves up an advert
    Someone using the ad network serves up some javascript along with that picture of a kitten (awww).
    Now when you log into something on another tab, they can read your password.

    Updating your web browser fixes this. Keeping your OS up to date fixes this. Just let stuff update itself, and she will be fine. But it's these fly-by attacks that are the problem. Nothing is stored on the PC, so "my virus scanner didn't find anything" isn't surprising, but when some of these vulnerabilities are demonstrated with just javascript then you are wide open.

    Which reminds me, I need to go around the house and update all the graphics drivers. I haven't verified the idea that webgl can access sensitive memory through shader programming, but why risk it.

  6. #6
    Senior Member
    Join Date
    Jun 2013
    Location
    ATLANTIS
    Posts
    912
    Thanks
    1
    Thanked
    23 times in 21 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Disabling hyperthreading ... essentially my i3 becomes a Celeron.

  7. #7
    Member
    Join Date
    Feb 2015
    Posts
    114
    Thanks
    12
    Thanked
    2 times in 2 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Another month another performance reducing intel flaw discovered..whoops

  8. #8
    HEXUS.Squirrel Output's Avatar
    Join Date
    Nov 2007
    Posts
    1,747
    Thanks
    696
    Thanked
    307 times in 230 posts
    • Output's system
      • Motherboard:
      • Gigabyte AORUS Master X570
      • CPU:
      • AMD Ryzen 9 3950X
      • Memory:
      • 32GB (2x16GB) DDR4 Corsair Vengeance Platinum @ 3200MHz
      • Storage:
      • Sandisk Ultra 3D 2TB
      • Graphics card(s):
      • Gigabyte RX Vega 56 Gaming OC 8GB
      • PSU:
      • EVGA G3 750
      • Case:
      • bequiet Dark Base Pro 900 Rev.2
      • Operating System:
      • Windows 10 Pro x64
      • Monitor(s):
      • 2 x Dell P2214H

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by DanceswithUnix View Post
    It is doing wonders for Intel's economic performance. All those servers that dropped 40% in performance, now companies have to go out and buy 40% more Xeon servers to make up the shortfall. I couldn't make this stuff up.

    And no, they can't buy AMD servers, "we only buy Dell here".
    Sadly I can't say I'm too surprised.

    With how good AMD's EPYC line was said to be over the past few years though, you'd think someone would be rethinking things - even if it was just Dell and similar companies rather than those buying from them.

    I can only assume the thinking is "if they were any good, Dell/the others would be selling them too instead of only being Intel".

  9. #9
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    2,821
    Thanks
    1
    Thanked
    108 times in 91 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by Output View Post
    Quote Originally Posted by DanceswithUnix View Post
    It is doing wonders for Intel's economic performance. All those servers that dropped 40% in performance, now companies have to go out and buy 40% more Xeon servers to make up the shortfall. I couldn't make this stuff up.

    And no, they can't buy AMD servers, "we only buy Dell here".
    Sadly I can't say I'm too surprised.

    With how good AMD's EPYC line was said to be over the past few years though, you'd think someone would be rethinking things - even if it was just Dell and similar companies rather than those buying from them.

    I can only assume the thinking is "if they were any good, Dell/the others would be selling them too instead of only being Intel".
    They get such huge deals there is no point going EPYC
    Old puter - still good enuff till I save some pennies!

  10. #10
    Senior Member
    Join Date
    May 2014
    Posts
    1,569
    Thanks
    94
    Thanked
    209 times in 150 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by 3dcandy View Post
    They get such huge deals there is no point going EPYC
    Basically the old "competitive discounts"...

  11. #11
    Senior Member
    Join Date
    Aug 2006
    Posts
    1,465
    Thanks
    8
    Thanked
    70 times in 62 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Yay... more performance nerfs incoming, assuming I even get the patch on my 4790k....

    I'd already started saving for an upgrade but was hoping to hold off till desktop 'ryzen 4' but at this rate I might need to bite the bullet and get ryzen 3.

  12. #12
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,984
    Thanks
    413
    Thanked
    380 times in 259 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by Output View Post
    So many vulnerabilities that have come out over time and continue to come out that are Intel only.....
    Was always going to happen, once a new attack vector is discovered people find different ways to exploit it. I've not read the article but just going on the name given to the vulnerability it's probably safe to assume it's related to how Spectre exploited the cache buy guesstimating what's stored in part of the shared memory it doesn't have direct access to.

  13. #13
    Senior Member
    Join Date
    Aug 2019
    Posts
    271
    Thanks
    0
    Thanked
    10 times in 7 posts
    • Gentle Viking's system
      • Motherboard:
      • Gigabyte Aorus extreme X399
      • CPU:
      • TR 1920 X
      • Memory:
      • G Skill 64GB ( 8 X 8 ) PC3600 @ 3400
      • Storage:
      • Samsung evo 500GB nvme - 256GB Kingston SSD - 4TB spinning disk
      • Graphics card(s):
      • Powercolor 5700 XT red devil
      • PSU:
      • Corsair RM850I
      • Case:
      • Working on it, done summer 2020
      • Operating System:
      • windows 10 Ulti
      • Monitor(s):
      • 27" iiyama GB2788HS
      • Internet:
      • docis 3.1 cable 1000/100 mbit

    Re: CacheOut Intel CPU vulnerability detailed

    These intel threats are paid for by AMD,,,,,
    But that's also okay MMA enterprise rules have been the norm for a long time, so if you want to stay in the game, you have to play the game.

  14. #14
    Long member
    Join Date
    Apr 2008
    Posts
    1,567
    Thanks
    59
    Thanked
    278 times in 195 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by LSG501 View Post
    Yay... more performance nerfs incoming, assuming I even get the patch on my 4790k....

    I'd already started saving for an upgrade but was hoping to hold off till desktop 'ryzen 4' but at this rate I might need to bite the bullet and get ryzen 3.
    I'm in a similar position. I've noticed a severe drop in responsiveness since Spectre and Meltdown patching. Outright oomph seems mostly preserved but it's definitely an issue.

    I think I may well just go and get Ryzen 3. My only real reservation was the price of the chipset and also the heat generated by the chipset. I buy for the long term and so I'd definitely want PCI-e 4 but I can't be dealing with chipsets which need active cooling. Seems like a recipe for premature failure.

    At the moment I've been considering a bundle from OCUK. I suspect in a few years the many many cores will be made use of so I'm looking at 12 core Ryzen. Because I have absolutely no use for that kind of power. At all. Nothing. But I crave it.

    It's like water-cooling. Put the money into a decent air cooling system and it'll be better...... buuuuuut....... "my PC has a radiator".

  15. #15
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    15,102
    Thanks
    1,209
    Thanked
    2,254 times in 1,854 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 1x 8GB DDR4 2400
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by LSG501 View Post
    Yay... more performance nerfs incoming, assuming I even get the patch on my 4790k.... ...
    Your 4790k isn't even affected by this vulnerability

  16. #16
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,984
    Thanks
    413
    Thanked
    380 times in 259 posts

    Re: CacheOut Intel CPU vulnerability detailed

    Quote Originally Posted by philehidiot View Post
    I think I may well just go and get Ryzen 3. My only real reservation was the price of the chipset and also the heat generated by the chipset. I buy for the long term and so I'd definitely want PCI-e 4 but I can't be dealing with chipsets which need active cooling. Seems like a recipe for premature failure.
    If you're talking about X570 I've had one for 4 months now and despite trying my damnedest to get the PCH fan to spin on a silent profile I've not managed it, iirc even using a performance profile it doesn't start spinning until 49°, balanced is 59°, and silent is 69° and even then it starts out pretty slow.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •