Intel security flaw

Message boards : Number crunching : Intel security flaw
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 · 6 . . . 7 · Next

AuthorMessage
bluestar

Send message
Joined: 5 Sep 12
Posts: 2486
Credit: 1,935,932
RAC: 141
Message 1910661 - Posted: 4 Jan 2018, 21:48:39 UTC
Last modified: 4 Jan 2018, 21:51:00 UTC

The problem with not updating, except for that of a technological issue or problem in my case, is that the market for that of applications could be catching in and next bypassing a given technology,
because it could be for a general use or purpose for such a thing.

But except for such a market also sometimes legal as well, if not most of the time, also those things being mentioned for that of users and groups, and next also in a single name,
because we could be having the bad system for that of both errors and similar code, which next could be produced and become saturated, if not transmitted, across the web.

Therefore better have the updates, rather than not, and next also in a consecutive order.

Here for that of Windows only.
ID: 1910661 · Report as offensive     Reply Quote
Darth Beaver Special Project $75 donor
Avatar

Send message
Joined: 20 Aug 99
Posts: 6687
Credit: 20,565,890
RAC: 1,509
Australia
Message 1910680 - Posted: 4 Jan 2018, 22:33:27 UTC

So the hackers are at it again , ummm that might just explain what happened 36 hrs ago to me

There I am sitting at the machine and all of a sudden I get this phone call on the landline ( I have fibre to the home and phone runs on that )

The number on the display was very weird 03 242 , weird in the fact there should have been a few more numbers .

So I pick it up and then hang up and go back to the computer.

I had face book open and I get a friends request, lucky Lee my girlfriend was here she tells me no don't add him I ask why and she tells me he's a friend of a friend .

I think nothing of it seeing as he has come up as a suggested friend , probably because Lee has him on her Facebook or because her other friend has him on his Facebook

I ignore it and about 5-10 mins later I get another friends request but this time it's some chick I don't know and is not on Lees facebook

So I try to delete that request I get a message that the persons profile does not exist I think mmmmm strange !

I then delete the other request and both of them disappear .

I can only think now I know there is a exploit with the CPU that some how they hacked the modem and was reading the memory and that is how I got the friends request and when that didn't work they tried a second one with a picture of some hot chick thinking I would add them .

Read my lips suckers I don't add people to Facebook unless I actually have meet you face to face or know you for a very long time so please don't bother trying to hack me I'm not a NEWBEE.

Also any Crypto I have is not stored on my home system so your wasting your time there and all accounts have 2 factor authentication so don't even try it with twitter as that was also tried about a week ago .

It's a dead give away when twitter asks you while you have the page open to change you password and after you do you get the mobile phone web site on you computer and not the normal web page site . Also not good to try and hack someone that has the screen in the lounge room where I spend most of my time witch means I'm in front of the dam machine almost 24/7

Gues the Dumb... thought I actually use a mobile phone like all the other people and have things like Twitter or Facebook on them . Maybe the phones do have them apps but I do not use a mobile smart phone for anything other than making phone calls or sending txt's I do not use phones for social media it's always been to risky to use them for that and is now even more so

So be warned a hackers first type of attack will be to use your social media via your smart phone to hack you

Watch a show called cyber war and you will understand how these people do what they do and how doing just simple things can stop them in there tracks

So be careful out there they may be now able to read your memory but I suspect there still going to have to fall back on other ways to actually hack you so don't let them and reject all requests from Facebook and twitter unless you really know the person .

Any accounts you have at banks or Bit Coin activate 2 factor authentication and then you should be ok . Also when you get weird phone calls go straight to your computer and wait for the hack and reject any friends request you don't know and turn up your security by having all accounts active with 2 factor authentication .

I would also say buy a second mobile phone and use that .

I have 2 mobile phones and the authentication is split between the 2 phones . Some accounts the 2 factor authentication is on 1 phone and some accounts are on the other 1 and use different passwords for every site

(It mite help to have a little Black Book to keep all the usernames and passwords in so you don't forget witch is witch ) But make shore you store said black book somewhere people can't get at it if your broken into and robbed
ID: 1910680 · Report as offensive     Reply Quote
Profile HAL9000
Volunteer tester
Avatar

Send message
Joined: 11 Sep 99
Posts: 6520
Credit: 180,019,248
RAC: 41,252
United States
Message 1910694 - Posted: 4 Jan 2018, 23:39:19 UTC

I am not really worried about these issues for any of my home systems. As my systems would have to already become compromised by an attacker. At which point they could just access any data directly.

How it effects environments like AWS is really my only concern.
SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the BP6/VP6 User Group today!
ID: 1910694 · Report as offensive     Reply Quote
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 21682
Credit: 33,465,785
RAC: 31,748
United States
Message 1910701 - Posted: 5 Jan 2018, 0:07:35 UTC - in response to Message 1910562.  

For example, how easy is it for a hacker to become "an unprivileged, logged-in user". Can any counter-moves be made on this level ?


I would like to know this as well.

Depending on the services of the machine it may be the normal method of operation. Assuming you don't have a guest account and aren't running a web server then they would have to hack into your computer from some other way to get logged in. From there though another layer of hacking to exploit the flaw and a bit of luck and your passwords fly off to the criminals.
ID: 1910701 · Report as offensive     Reply Quote
Darth Beaver Special Project $75 donor
Avatar

Send message
Joined: 20 Aug 99
Posts: 6687
Credit: 20,565,890
RAC: 1,509
Australia
Message 1910703 - Posted: 5 Jan 2018, 0:15:09 UTC - in response to Message 1910701.  

Assuming you don't have a guest account


Good advice as when the hacker was trying to hack the twitter account last week I think it may have also been the fact I had a admin account without a password witch I have now deleted I don't remember a phone call happening just before that attempt and why I think it may have been the admin account I had without the password
ID: 1910703 · Report as offensive     Reply Quote
OzzFan Special Project $75 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15638
Credit: 59,009,517
RAC: 41,867
United States
Message 1910725 - Posted: 5 Jan 2018, 1:41:24 UTC - in response to Message 1910357.  
Last modified: 5 Jan 2018, 2:03:36 UTC

Regardless of manufacturer that's bad for computing as a whole. With the world's reliance on computers, it's bad enough having to contend with software flaws but hardware flaws...


There are always hardware flaws. I obviously don't need to remind anyone here of the FDIV bug in the original Pentium (which was a relatively minor bug compared to the F00F bug that could cause your computer to freeze up). This is why CPUs have steppings, to fix flaws in the original design.

But this particular flaw was originally a feature (i.e. no one really thought to exploit the feature introduced in the original Pentium Pro in 1995). What's worse is that because this is a hardware flaw, it has the potential to bypass virtual machines and hypervisors in the cloud so that, in theory, a hacker could access any running software or virtual machine running on a physical server. Cloud servers can have anywhere from 2 to several dozen virtual machines running at any given time (depending on need and specs).

Yes, this is a very serious flaw but nothing to panic over.
ID: 1910725 · Report as offensive     Reply Quote
OzzFan Special Project $75 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15638
Credit: 59,009,517
RAC: 41,867
United States
Message 1910728 - Posted: 5 Jan 2018, 1:51:33 UTC - in response to Message 1910540.  

For example, how easy is it for a hacker to become "an unprivileged, logged-in user". Can any counter-moves be made on this level ?


Using Meltdown or Spectre? The hacker wouldn't be able to use either method to become an unprivileged, logged-in user. The hack would have to run in the existing user context, such as through a browser exploit or a malicious executable, and they could then use these vulnerabilities to read contents of CPU and RAM at any time, or use the knowledge to create buffer overflow attacks so they could execute their own code.

So on their own, Meltdown and Spectre do not allow a hacker to become an unprivileged user. They don't really need to be an unprivileged user to wreak havoc. That said, these speculative execution flaws don't automatically allow a hacker to bypass other security systems in place, such as web browser sandboxing used in many modern browsers, or User Account Control in Windows.

As always, practicing safe computing (don't click on every link you see and don't open attachments from people you don't know) and be careful.
ID: 1910728 · Report as offensive     Reply Quote
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 9359
Credit: 120,040,508
RAC: 46,056
Australia
Message 1910754 - Posted: 5 Jan 2018, 4:08:36 UTC

Other than OzzFan there's a lot of noise with little to no signal here at the moment.

Instead of going in to Panic Mode, take a page out of t he Hitch Hiker's Guide to the Galaxy & Don't Panic.
Why not read an article that explains what is & isn't actually known at this stage?
Grant
Darwin NT
ID: 1910754 · Report as offensive     Reply Quote
Profile tullio Project Donor
Volunteer moderator
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 6502
Credit: 1,840,855
RAC: 2,715
Italy
Message 1910780 - Posted: 5 Jan 2018, 9:33:00 UTC - in response to Message 1910655.  
Last modified: 5 Jan 2018, 10:00:02 UTC

I am using only AMD Cpus both on Windows 10 and SuSE Linux. Should I apply the patches too? Microsoft sends me an upgrade every month, and I have no way to refuse it. I can refuse to install Linux updates, but so forth they have done no damages. I am running 4 BOINC projects using also nVidia graphic boards and/or VirtualBox.
Tullio


No, don`t do those updates.

Not sure the Windows Home edition can refuse, if so I don't know how.

Neither do I on my Windows 10 Home edition on a HP PC with AMD A10-6700 CPU.
Tullio
ID: 1910780 · Report as offensive     Reply Quote
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 9359
Credit: 120,040,508
RAC: 46,056
Australia
Message 1910784 - Posted: 5 Jan 2018, 9:45:46 UTC

OK, here are some early benchmarks comparing before patch & after patch performance on an i7-8700k WIn10 system,
Summary- Significant slow down for 4k disk reads (some write performances have actually improved). As for gaming, general productivity, general computing tasks- no measurable effect.
Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch .
Grant
Darwin NT
ID: 1910784 · Report as offensive     Reply Quote
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11735
Credit: 111,531,601
RAC: 48,466
United Kingdom
Message 1910804 - Posted: 5 Jan 2018, 14:13:06 UTC

Just been offered, and installed, what claims to be the January 2018 Security Monthly Quality Rollup for Windows 7 - which we weren't expecting until next Tuesday or (usually in the UK) Wednesday. No specific mention of either Meltdown or Spectre. Identity is KB4056894.

Windows Update offered it solo, without the usual Malicious Software Removal Tool, so we don't really know exactly what's going on - but it's perhaps a sign of progress.
ID: 1910804 · Report as offensive     Reply Quote
Profile Keith Myers Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 29 Apr 01
Posts: 3523
Credit: 212,185,111
RAC: 292,480
United States
Message 1910859 - Posted: 5 Jan 2018, 18:30:44 UTC

I got the same security rollup last night on one of my Windows 7 crunchers. Just checked and the other Windows 7 cruncher is downloading as I type. No idea of what was in the security patch. The KB information at MS didn't say what was in it. No sign of any update on the Windows 10 Home machine.
Seti@Home classic workunits:20,676 CPU time:74,226 hours
ID: 1910859 · Report as offensive     Reply Quote
Profile JakeTheDog
Avatar

Send message
Joined: 3 Nov 13
Posts: 150
Credit: 2,376,226
RAC: 1,090
United States
Message 1911060 - Posted: 6 Jan 2018, 3:44:46 UTC
Last modified: 6 Jan 2018, 3:49:20 UTC

This is my understanding of what should be done for these vulnerabilities.
1) Updates your operating system. Windows 10 patch is out. Windows 8 and 7 come out Tuesday the 9th. Dont know about older Windows, like Vista. Some virus scanners might block installation of the Windows updates. Check your virus scanner's website for info, or do additional research if you are unable to get the updates. OS will probably come out with more patches in the future.
2) Update your browsers. You type a specific command in Chrome's address bar, search for a "Strict Site Isolation" feature and enable it. Chrome will have more patches released at the end of this month. Firefox has an update out. The description says it "mitigates" the vulnerability, so I don't know how good this patch is. Safari will have one soon? Microsoft Edge and Internet Explorer are supposed to have them already, but I don't see it for my Windows 7. Possibly they are for Windows 10, I will have to check again on Tuesday. I'm sure all the developers will be working on new patches as time goes on.
3) Reduce your visits to suspicious websites and sites that have a lot of ads, until more security has been checked out.
4) There are motherboard patches for Intel Management Engine. Im not sure how this works. Each motherboard manufacturer should have info. However, they seem to include only those made in the past few years. I do not know what to do about my older rigs. WARNING: I think these are firmware update. Firmware updates for motherboards have high risk, if the update process is interrupted.

5) Cell phones. I believe Apple phones already have OS patches. Android patches have been given to Google phones, and manufacturers. It's up to the manufacturers to send their own updates. The Android security patch should say Janaury 2018.
6) Android browsers. I only checked Chrome Mobile. The current thing to do is also enable "Strict Site Isolation." Might have more patches in future updates.
ID: 1911060 · Report as offensive     Reply Quote
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 21682
Credit: 33,465,785
RAC: 31,748
United States
Message 1911072 - Posted: 6 Jan 2018, 5:07:31 UTC - in response to Message 1910859.  

I got the same security rollup last night on one of my Windows 7 crunchers. Just checked and the other Windows 7 cruncher is downloading as I type. No idea of what was in the security patch. The KB information at MS didn't say what was in it. No sign of any update on the Windows 10 Home machine.
KB did indicate the Windows Kernel was updated.
ID: 1911072 · Report as offensive     Reply Quote
wandrr

Send message
Joined: 24 Dec 00
Posts: 9
Credit: 500,472
RAC: 6,592
Canada
Message 1911138 - Posted: 6 Jan 2018, 16:34:02 UTC - in response to Message 1911060.  

This is my understanding of what should be done for these vulnerabilities.
1) Updates your operating system. Windows 10 patch is out. Windows 8 and 7 come out Tuesday the 9th. Dont know about older Windows, like Vista. Some virus scanners might block installation of the Windows updates. Check your virus scanner's website for info, or do additional research if you are unable to get the updates. OS will probably come out with more patches in the future.
2) Update your browsers. You type a specific command in Chrome's address bar, search for a "Strict Site Isolation" feature and enable it. Chrome will have more patches released at the end of this month. Firefox has an update out. The description says it "mitigates" the vulnerability, so I don't know how good this patch is. Safari will have one soon? Microsoft Edge and Internet Explorer are supposed to have them already, but I don't see it for my Windows 7. Possibly they are for Windows 10, I will have to check again on Tuesday. I'm sure all the developers will be working on new patches as time goes on.
3) Reduce your visits to suspicious websites and sites that have a lot of ads, until more security has been checked out.
4) There are motherboard patches for Intel Management Engine. Im not sure how this works. Each motherboard manufacturer should have info. However, they seem to include only those made in the past few years. I do not know what to do about my older rigs. WARNING: I think these are firmware update. Firmware updates for motherboards have high risk, if the update process is interrupted.

5) Cell phones. I believe Apple phones already have OS patches. Android patches have been given to Google phones, and manufacturers. It's up to the manufacturers to send their own updates. The Android security patch should say Janaury 2018.
6) Android browsers. I only checked Chrome Mobile. The current thing to do is also enable "Strict Site Isolation." Might have more patches in future updates.


Very good summary. Thanks!
Arnie
Alberta, Canada
ID: 1911138 · Report as offensive     Reply Quote
Profile Ageless
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 14343
Credit: 3,583,273
RAC: 119
Netherlands
Message 1911162 - Posted: 6 Jan 2018, 17:41:39 UTC

From https://newsroom.intel.com/news-releases/industry-testing-shows-recently-released-security-updates-not-impacting-performance-real-world-deployments/

As Intel and others across the industry partner to protect customers from the exploits (referred to as “Spectre” and “Meltdown”) reported Wednesday, extensive testing has been conducted to assess any impact to system performance from the recently released security updates. Apple, Amazon, Google and Microsoft are among those reporting that they are seeing little to no performance impact.
Jord

Ancient Astronaut Theorists can tell you that I do not help with tech questions via private message. Please use the forums for that.
ID: 1911162 · Report as offensive     Reply Quote
Profile Mike Special Project $75 donor
Volunteer tester
Avatar

Send message
Joined: 17 Feb 01
Posts: 30872
Credit: 59,953,593
RAC: 23,662
Germany
Message 1911166 - Posted: 6 Jan 2018, 17:50:11 UTC - in response to Message 1911162.  

From https://newsroom.intel.com/news-releases/industry-testing-shows-recently-released-security-updates-not-impacting-performance-real-world-deployments/

As Intel and others across the industry partner to protect customers from the exploits (referred to as “Spectre” and “Meltdown”) reported Wednesday, extensive testing has been conducted to assess any impact to system performance from the recently released security updates. Apple, Amazon, Google and Microsoft are among those reporting that they are seeing little to no performance impact.


It depends......................
Some with german abilities should read this http://www.planet3dnow.de/cms/35759-massive-sicherheitsluecke-in-intel-cpus-update-amd-arm-bugfixes-2/
With each crime and every kindness we birth our future.
ID: 1911166 · Report as offensive     Reply Quote
Grant (SSSF)
Volunteer tester

Send message
Joined: 19 Aug 99
Posts: 9359
Credit: 120,040,508
RAC: 46,056
Australia
Message 1911249 - Posted: 6 Jan 2018, 20:42:59 UTC
Last modified: 6 Jan 2018, 20:50:35 UTC

Another look at the impact of the security patch.

Summary- the biggest impact on performance is on benchmarks, most likely due to the fact they are frequently monitoring I/O (Input/Output) and making system calls to do so. So they are most impacted by the patch. In actual real life situations, the penalty (when there is one) is around 3.21%, which is within the margin of error for many tests, and as a actual performance penalty isn't enough to actually be noticeable by a user (generally 10% or more is necessary before people start to notice if things are better or worse).
Where the patch is most likely to have a noticeable impact on actual performance is in the enterprise area (eg here with the Seti servers). However so far the very few comparative benchmarks I've seen have been with high end SSDs, where any impact will be most noticeable. On mechanical HDDs any impact is likely to be much less due to their already low levels of performance, and so they make many, many less system calls than a SSD does when under heavy loads and the impact of the patch will be much less.
It's appearing (with the very limited testing to date) that the impact is pretty much only apparent on systems under extremely heavy loads (eg synthetic benchmarks, overloaded storage servers). For the average user, where I/O is minimal most of the time, the effects would appear to be non- existent.

Microsoft's 'Meltdown' Patch Has Little Impact On Storage Application Performance.
Grant
Darwin NT
ID: 1911249 · Report as offensive     Reply Quote
Profile Ageless
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 14343
Credit: 3,583,273
RAC: 119
Netherlands
Message 1911450 - Posted: 7 Jan 2018, 9:57:46 UTC

Solved. All get a Raspberry Pi: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/
Jord

Ancient Astronaut Theorists can tell you that I do not help with tech questions via private message. Please use the forums for that.
ID: 1911450 · Report as offensive     Reply Quote
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 11735
Credit: 111,531,601
RAC: 48,466
United Kingdom
Message 1913706 - Posted: 18 Jan 2018, 12:34:45 UTC

In the last couple of weeks, I've had to opportunity to hear two different BOINC project server administrators - Kevin Reed of World Community Grid, and our own Eric K - describe their real-world experience of the Meltdown / Sceptre security patches, as applied to high-performance, high-throughput, Linux servers. Both of them say that they've seen real-world slowdowns of 20% - 30% on that class of machine running BOINC server software - which by definition spend their time moving data from disk to network and vice-versa. I've just sent this email round to a small discussion group.

As I understand it from Eric, the problem is keeping the 'kernel' and 'user' memory areas segregated. Previously, this was done via software flags: now it's done by physically unloading one set of memory page tables, and re-loading the other set. And that's done at every context switch between kernel and user mode. And those switches occur every time disk or network IO is needed. And what do BOINC servers spend their time doing?

Eric has one server with 512 GB of RAM: that's the one which handles workunit generation for the new(-ish) Green Bank / Breakthrough Listen data. The format of that data requires that 64x more data than previously has to be loaded from 'tape' images on disk, before even the first WU can be split. Eric is thinking and planning how to mitigate the delays by re-allocating servers and implementing smart caching where possible: but that's all dependent on time and manpower, both of which are in short supply.

Separately, I note that "[Einstein] are going to shut down the project next Tuesday, Jan 23rd at around 10 AM CET for an upgrade of our database backend systems to make them ready for the years to come. We're going to upgrade hardware parts, operating systems as well the databases themselves, which is why we need to shut down the entire project, including the BOINC backend and this very website". They don't say whether this has been planned with Meltdown / Spectre remediation in mind (possibly it's coincidental - seems a bit quick for causation), but they'll certainly need to address it somehow.

All of which makes me wonder (not for the first time) whether BOINC should encourage and enable some sort of 'server admin support group' (perhaps alongside the server stable branch proposal), for occasions like this when a common problem hits all of you at once?
ID: 1913706 · Report as offensive     Reply Quote
Previous · 1 · 2 · 3 · 4 · 5 · 6 . . . 7 · Next

Message boards : Number crunching : Intel security flaw


 
©2018 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.