Page 1 of 3 123 LastLast
Results 1 to 16 of 36

Thread: Zombieload Intel side-channel attack detailed

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    Zombieload Intel side-channel attack detailed

    New sensitive data snooping attack relies on weaknesses in speculative execution.
    Read more.

  2. #2
    Senior Member
    Join Date
    May 2014
    Posts
    2,385
    Thanks
    181
    Thanked
    304 times in 221 posts

    Re: Zombieload Intel side-channel attack detailed

    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    374
    Thanks
    0
    Thanked
    26 times in 15 posts

    Re: Zombieload Intel side-channel attack detailed

    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    The more you live, less you die. More you play, more you die. Isn't it great.

  4. #4
    Two Places At Once Ozaron's Avatar
    Join Date
    Jan 2017
    Location
    Sometimes UK
    Posts
    638
    Thanks
    86
    Thanked
    34 times in 33 posts
    • Ozaron's system
      • Motherboard:
      • MSI X570 Unify
      • CPU:
      • Ryzen 3700X
      • Memory:
      • 32GB Patriot Blackout @ 3800 CL16
      • Storage:
      • Toshiba X300 4TB (2), Samsung 850 Evo 500GB
      • Graphics card(s):
      • Sapphire 5700XT, Sapphire R9 Fury Nitro
      • PSU:
      • Seasonic M12-II 620w
      • Case:
      • Corsair Obsidian 500D
      • Operating System:
      • W10 Enterprise 64bit
      • Monitor(s):
      • Gigabyte G27QC
      • Internet:
      • 2.5 MB/s ↓ 0.86 MB/s ↑ ~20ms

    Re: Zombieload Intel side-channel attack detailed

    How many is this now? I'm losing count...

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Location
    Geneva, Switzerland
    Posts
    374
    Thanks
    0
    Thanked
    26 times in 15 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Tabbykatze View Post
    *multi face slap groan*

    I love Intels response: Suffer a 3-9% reduction in performance dependent on load or by up to 30% by disabling SMT/HT...Nice

    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    The more you live, less you die. More you play, more you die. Isn't it great.

  6. #6
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    12,975
    Thanks
    778
    Thanked
    1,584 times in 1,339 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 5900X
      • Memory:
      • 32GB 3200MHz ECC
      • Storage:
      • 2TB Linux, 2TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 39 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Iiyama 27" 1440p
      • Internet:
      • Zen 900Mb/900Mb (CityFibre FttP)

    Re: Zombieload Intel side-channel attack detailed

    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security

  7. Received thanks from:

    mtyson (15-05-2019)

  8. #7
    Senior Member
    Join Date
    May 2014
    Posts
    2,385
    Thanks
    181
    Thanked
    304 times in 221 posts

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    So once you mitigate all possible exploits, what will be the performance? Bulldozer like?
    Probably not far off...

    Quote Originally Posted by DanceswithUnix View Post
    Interesting, it looks like AMD said their kit wasn't susceptible: https://www.guru3d.com/news-story/am...ad-attack.html

    But going to the AMD site referenced the Zombieload name has been removed so I wonder if they are having another look: https://www.amd.com/en/corporate/product-security
    Looks that way, it's in their best interests to make sure they both are secure and have a one up on Intel.

  9. #8
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,231
    Thanked
    2,291 times in 1,874 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by darcotech View Post
    WTF is going on with all this exploits? And it is mostly hitting Intel.

    Karma or something else?
    Just a new attack vector - once someone demonstrates one proof-of-concept attack through a new vector others will inevitably start exploring ways of using it, and you get a big spike in related exploits. And since Intel makes up the vast majority of the desktop CPU market it's an inevitable target for testing.

    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?

  10. #9
    Senior Member
    Join Date
    May 2009
    Posts
    272
    Thanks
    92
    Thanked
    34 times in 26 posts
    • blokeinkent's system
      • Motherboard:
      • MSI MPG Z390 Gaming Pro Carbon AC
      • CPU:
      • Core i7 9700KF s1151 3.6/4.9GHz
      • Memory:
      • 32GB (4x8GB) Corsair DDR4 Vengeance RGB PRO SL PC4-25600 (3200)
      • Storage:
      • Samsung 2TB 970 Evo Plus NVME + 860 Evo + 250GB 750 Evo SSD + 4x WD 6TB
      • Graphics card(s):
      • EVGA GTX 1070 FTW Gaming ACX 3.0
      • PSU:
      • Corsair AX 760
      • Case:
      • Fractal Design Define S2 (White)
      • Operating System:
      • Windows 10 Pro 64bit
      • Monitor(s):
      • Acer Predator XB281HK 4K
      • Internet:
      • Virmin M50 Fibre

    Re: Zombieload Intel side-channel attack detailed

    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.

  11. #10
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    3,919
    Thanks
    4
    Thanked
    183 times in 153 posts

    Re: Zombieload Intel side-channel attack detailed

    I don't think AMD are susceptible but I bet they are sure gonna find out a million percent (RIP Jezza Kyles show) that they aren't...
    Old puter - still good enuff till I save some pennies!

  12. #11
    root Member DanceswithUnix's Avatar
    Join Date
    Jan 2006
    Location
    In the middle of a core dump
    Posts
    12,975
    Thanks
    778
    Thanked
    1,584 times in 1,339 posts
    • DanceswithUnix's system
      • Motherboard:
      • Asus X470-PRO
      • CPU:
      • 5900X
      • Memory:
      • 32GB 3200MHz ECC
      • Storage:
      • 2TB Linux, 2TB Games (Win 10)
      • Graphics card(s):
      • Asus Strix RX Vega 56
      • PSU:
      • 650W Corsair TX
      • Case:
      • Antec 300
      • Operating System:
      • Fedora 39 + Win 10 Pro 64 (yuk)
      • Monitor(s):
      • Benq XL2730Z 1440p + Iiyama 27" 1440p
      • Internet:
      • Zen 900Mb/900Mb (CityFibre FttP)

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by scaryjim View Post
    That said, Intel appear to have a couple more holes in their spec-ex implementation than AMD. Whether that was a deliberate decision to improve performance, a simple oversight, or something that would've been difficult to predict ... who can say?
    Occam's razor would suggest it is just basic sloppiness. Yes it is difficult to get right, so would be an obvious corner to cut when up against a deadline.

    AMD still have a burden of having to be seen to be compatible and I think are held to a higher standard than Intel and so have to put more effort in for the fear of people pointing and shouting "incompatible" at the first hint of trouble.

  13. #12
    <Insert witty one liner> Kanoe's Avatar
    Join Date
    Dec 2005
    Posts
    969
    Thanks
    96
    Thanked
    109 times in 77 posts
    • Kanoe's system
      • Motherboard:
      • Asus ROG STRIX X299-E GAMING II
      • CPU:
      • Intel 7960X (4.4GHZ All Core)
      • Memory:
      • 64GB Corsair Vengeance PRO (8 x 8GB) 3200
      • Storage:
      • 1x 2TB M.2, 2x 1TB M.2, 960GB SSD, 2TB HDD
      • Graphics card(s):
      • nvidia 3080 FE (1965MHz @906mV +1500 VRAM)
      • PSU:
      • Superflower 1200W
      • Case:
      • Phanteks Enthoo Primo v2
      • Operating System:
      • Win 10 Pro 64bit
      • Monitor(s):
      • 28" Gigabyte M28U 4k + 24" Dell U2412M
      • Internet:
      • Zen 1 Gig Fibre

    Re: Zombieload Intel side-channel attack detailed

    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.

  14. #13
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,948
    Thanks
    354
    Thanked
    255 times in 173 posts
    • cheesemp's system
      • Motherboard:
      • ASUS TUF x570-plus
      • CPU:
      • Ryzen 3600
      • Memory:
      • 16gb Corsair RGB ram
      • Storage:
      • 256Gb NVMe + 500Gb TcSunbow SDD (cheap for games only)
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Cooler Master MWE 750 bronze
      • Case:
      • Gamemax f15m
      • Operating System:
      • Win 11
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~35Mb

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by Kanoe View Post
    Was going to upgrade my CPUs but all these exploits / performance hits if / when they get patched (still haven't got full mitigation for Spectre and Meltdown as the BIOS never got updated for my mobo), I'm wondering whether the money would be better spent changing the CPU, Mobo and RAM and going AMD based build.
    Didn't the Spectre/Meltdown microcode fixes get deployed with Windows - I think this is the one: https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

    Presumably the same will happen here? (I wonder what further impact this will have on my ageing 3570k that I cannot afford to replace.)
    Trust

    Laptop : Dell Inspiron 1545 with Ryzen 5500u, 16gb and 256 NVMe, Windows 11.

  15. #14
    Senior Member
    Join Date
    Jun 2018
    Posts
    226
    Thanks
    26
    Thanked
    40 times in 31 posts
    • atemporal's system
      • Motherboard:
      • Dell ownbrand
      • CPU:
      • i5-2500
      • Memory:
      • 4GB DDR3
      • Storage:
      • 160GB HDD
      • Graphics card(s):
      • you're kidding right?
      • PSU:
      • 300W OEM Dell
      • Case:
      • Dell Optiplex 990
      • Operating System:
      • windows 7
      • Monitor(s):
      • Some small 17" dell thing
      • Internet:
      • yes I has the internet

    Re: Zombieload Intel side-channel attack detailed

    only if you're on win10 and for a generation they want to support. Win7 could be patched too but they can't be arsed despite intel releasing the fix for it. So neither MS nor the mobo manufacturer will release the fix despite the code for it being released by intel.

  16. #15
    Senior Member
    Join Date
    May 2009
    Location
    Where you are not
    Posts
    1,330
    Thanks
    606
    Thanked
    103 times in 90 posts
    • Iota's system
      • Motherboard:
      • Asus Maximus Hero XI
      • CPU:
      • Intel Core i9 9900KF
      • Memory:
      • CMD32GX4M2C3200C16
      • Storage:
      • 1 x 1TB / 3 x 2TB Samsung 970 Evo Plus NVMe
      • Graphics card(s):
      • Nvidia RTX 3090 Founders Edition
      • PSU:
      • Corsair HX1200i
      • Case:
      • Corsair Obsidian 500D
      • Operating System:
      • Windows 10 Pro 64-bit
      • Monitor(s):
      • Samsung Odyssey G9
      • Internet:
      • 500Mbps BT FTTH

    Re: Zombieload Intel side-channel attack detailed

    Quote Originally Posted by blokeinkent View Post
    Marvellous. I've just splashed out on a new 9th gen coffee lake chip and still have to put up with this rubbishrubbishrubbishrubbish

    It's bad enough we never reach the BS performance figures that marketting departments promise us as it is, and then we have to take another hit for their incompetance.
    At least you'll get OS level microcode support, more than users of older systems will receive. Also looking at the performance hit, if it's negligible on the 9900K, I doubt the 9700K/KF will be much different. Seems like it's a design flaw that has propagated through multiple refreshes of the architecture, until Intel come up with a newer chip design they'll probably see more exploits in a similar vein to this.

    Honestly as long as you aren't doing stupid things to get malware infections, it shouldn't be an issue anyway.

  17. Received thanks from:

    blokeinkent (15-05-2019)

  18. #16
    Senior Member
    Join Date
    May 2014
    Posts
    2,385
    Thanks
    181
    Thanked
    304 times in 221 posts

    Re: Zombieload Intel side-channel attack detailed

    The problem is its not about "doing stuoid things" that get you infected wherein a surprising amount of infections can happen while using legitimate sites. The majority of hits i see in our environments caught by the anti exploit software often have happened by normal day to day activities and are hits from malvertisements.

    This is why in enterprise organisations HTTPS interception has become mandatory so that the deep packet inspection can prevent attacks inside the "secure" communications with remote servers.

    It's been a long time since just "doing stupid" has been the majority cause of infections.

  19. Received thanks from:

    badass (17-05-2019),DanceswithUnix (16-05-2019)

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •