Intel CPU - Design flaw in fiecare procesor din ultimii 10 ani
Last Updated: Mar 12 2021 19:26, Started by
ct03nut
, Jan 03 2018 09:08
·
0
#1315
Posted 14 March 2018 - 13:28
Deci contrar a ce fac toate firmele de "security", care dau 90 zile standard firmei care are probleme, pentru a putea limita sau rezolva de tot bug-ul, ei le dau 24 de ore, apoi publica pe un site cumpărat de la o firma cunoscută ca "shady", apoi unele site-uri sunt notificate în avans chiar și fata de AMD, ceea ce deja ridica semne de întrebare. După care dau și interviuri cu imagini din "sediul lor" lol
https://i.imgur.com/OkWlIxA.jpg Nope, nu e nimic necurat aici, doar luați cu un pic de sare informațiile. O basculantă. |
#1316
Posted 14 March 2018 - 18:38
Mi se parea mie ca am mai auzit undeva de chestiile descrise de escroci :
http://seclists.org/...ure/2018/Jan/12 http://seclists.org/...ure/2018/Jan/21 Quote
Timeline ======== 09-28-17 - Vulnerability reported to AMD Security Team. 12-07-17 - Fix is ready. Vendor works on a rollout to affected partners. 01-03-18 - Public disclosure due to 90 day disclosure deadline. |
#1317
Posted 14 March 2018 - 22:13
Si on topic : https://marc.info/?l...03339803198&w=2
Quote
Err....do I get it right, that a possibly vulnerable CPU (from 2016) is still vulnerable to MELTDOWN but a newer BIOS *fakes* the CPU flags so the MELTDOWN "detection code" says, "this CPU is NOT vulnerable" Noul microcode Intel ce rezolva "higher than expected reboots" :> |
#1318
Posted 15 March 2018 - 04:32
eu in locul lui intel as da in judecata microsoftul. pe linux s-a rezolvat fara urme, dar pe windows cumparatorii suporta pierderi de putere.
|
#1319
Posted 15 March 2018 - 05:53
Cum asa? Nu e problema la microsoft ca intel are probleme.
|
#1320
Posted 15 March 2018 - 09:11
Arthos, on 14 martie 2018 - 22:13, said:
Si on topic : https://marc.info/?l...03339803198&w=2 Noul microcode Intel ce rezolva "higher than expected reboots" :> 41ex, on 15 martie 2018 - 04:32, said:
eu in locul lui intel as da in judecata microsoftul. pe linux s-a rezolvat fara urme, dar pe windows cumparatorii suporta pierderi de putere. |
#1321
Posted 15 March 2018 - 11:58
Mr_nobody_, on 15 martie 2018 - 09:11, said:
Meltdown nu are treabă cu BIOS-ul, microcodul Intel e doar pentru Spectre v2. Meltdown se rezolvă prin KPTI (kernel page table isolation), deci e o chestie în kernel. Quote BIOS *fakes* the CPU flags so the MELTDOWN "detection code" says, "this CPU is NOT vulnerable" Bios-ul minte sistemul de operare ca procesorul nu e vulnerabil la Meltdown si ca atare SO nu incarca protectiile. |
#1322
Posted 15 March 2018 - 14:00
Mr_nobody_, on 15 martie 2018 - 09:11, said: "Problema" la Windows e că folosește patch-ul Intel. Linux folosește patch-ul Google. Ar fi cam ciudat ca Intel să dea ĂŽn judecată Microsoft fiindcă folosește patch-ul lor, nu cel de la Google. de ce nu-l foloseste pe cel de la google atunci? sau sa faca microsoft. inteleg ca nu se poate fiindca windowsul e prost facut. |
#1323
Posted 15 March 2018 - 15:06
Arthos, on 15 martie 2018 - 11:58, said:
Bios-ul minte sistemul de operare ca procesorul nu e vulnerabil la Meltdown si ca atare SO nu incarca protectiile. Bănuiesc că Windows verifică procesorul. Dacă e Intel, bagă KPTI, dacă e AMD nu bagă. 41ex, on 15 martie 2018 - 14:00, said:
de ce nu-l foloseste pe cel de la google atunci? sau sa faca microsoft. inteleg ca nu se poate fiindca windowsul e prost facut. |
#1324
Posted 15 March 2018 - 22:56
Understanding Spectre and Meltdown by Intel :
[ https://www.youtube-nocookie.com/embed/pi2ftnlfImo?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] Quote Fortunately, Intel has design a new set of CPU Hardware Features that work with the Operating System to create virtual fences, protecting the system and the data it contains from this kind of speculative execution attack L.E. https://newsroom.int...-silicon-level/ Quote We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3.These changes will begin with our next-generation Intel® Xeon® Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel® Core™ processors expected to ship in the second half of 2018. Edited by Arthos, 15 March 2018 - 23:08. |
|
#1325
Posted 16 March 2018 - 14:45
Cica "Intel isi Regandeste Procesoarele din cauza Spectre si Meltdown"
https://www.idevice....ectre-meltdown/ |
#1326
Posted 16 March 2018 - 15:12
Afcors, Linus Torvadis dixit:
Legat de Spectre fix: https://www.theregis...ctre_fix_linux/ Legat de vulnerabilitățile procesoarelor AMD: https://www.theinqui...s-torvalds-fake Sunt de acord cu el: vulnerabilitățile, sunt în primul rând, bug-uri. Nu există lucru, fie el obiect sau software, creat de om și fără nici un fel de defect sau vulnerabilitate. Însă devine obositoare toată drama artistică din jurul acestor vulnerabilități: nume de scenă, achiziție domeniu web, site, tam-tam pe rețelele de socializare .... |
#1327
Posted 17 March 2018 - 17:45
#1328
Posted 17 March 2018 - 18:11
mie la aplicatia aia imi da ca sunt neprotejat de spectre desi am ultimele actualizari.
ultimele stiri spun ca sunt in faza de productie actualizari prin windows care nu ar necesita si de bios, am inteles corect? dupa aceste actualizari, oare intel va mai lucra pe viitor la alte actualizari mai bune care sa nu mai ia din performante la procesoarele mai vechi? Edited by 41ex, 17 March 2018 - 18:11. |
#1329
Posted 18 March 2018 - 20:19
@41ex
Stirile se refera la posibiliatea de a incarca microcode-ul patchuit la pornirea Windows fara a fi nevoie de update de bios care poate fi disponibil sau nu de la producatorul placii de baza cum e posibil pe Linux. In video si comunicatul din postul meu precedent Intel se lauda ca urmatoarele procesoare de la sfarsitul anului rezolva "hardware" Meltdown si Spectre 2. Dupa mine cand vor fi disponibile pe piata suportul pentru cele vechi va fi sistat. Acum ca noile procesoare vor folosi socket nou , vor avea doar fix de microcode sau chiar schimbari hardware e prea devreme de anticipat. @misuspita Quote
The client works on AMD Ryzen machines but it also works on any machine that has these ASMedia chipsets and so quite a few motherboards and other PCs are affected by these vulnerabilities as well. If you search online for motherboard drivers, such as the ASUS website, and download ASMedia drivers for your motherboard, then those motherboards are likely vulnerable to the same issues as you would find on the AMD chipset. We have verified this on at least six vendor motherboards, mostly the Taiwanese manufacturers. So yeah, those products are affected. Vulnerabilitatile inventate de ei pentru AMD sunt ale ASMedia si ca atare merg si pe Intel :> Quote
DK: I think the biggest question that I still have is that ultimately who originated this request for analysis – who was the customer that kicked this all off? ILO: I definitely am not going to comment on our customers. DK: What about the flavor of customer: is it a semiconductor company, is it someone in the industry, or is it someone outside the industry? I don’t expect you to disclose the name but the genre seems quite reasonable. ILO: Guys I’m sorry we’re really going to need to jump off this call but feel free to follow up with any more questions. Dupa ce au dat-o in bara recunoscand ca au fost platiti de clienti la urmatoarea intrebare au dat bir cu fugitii si au publicat pe site-ul lor clarificare : https://safefirmware...arification.pdf Quote The vulnerabilities described in our site are second-stage vulnerabilities. What this means is that the vulnerabilities are mostly relevant for enterprise networks, organizations and cloud providers. Ce sa zic good luck cu acess fizic in datacenter pentru flash-uit bios-uri restart de servere si alte activitati deastea nesuspicioase :> Si cireasa de pe tort : Quote IC: Say, for example, CTS-Labs were in charge of finding Meltdown and Spectre, you would have also followed the same path of logic? YLZ: I think that it would have depended on the circumstances of how we found it, how exploitable it was, how reproducible it was. I am not sure it would be the case. Every situation I think is specific. |
|
#1330
Posted 18 March 2018 - 22:00
Arthos, on 18 martie 2018 - 20:19, said:
Ce sa zic good luck cu acess fizic in datacenter pentru flash-uit bios-uri restart de servere si alte activitati deastea nesuspicioase :> Sper doar că Intel nu are vreo legătură cu circul ăsta. Ar fi cam josnic chiar și pentru ei. |
#1331
Posted 20 March 2018 - 13:22
[ https://www.youtube-nocookie.com/embed/RrhVhFHTe9o?feature=oembed - Pentru incarcare in pagina (embed) Click aici ]
l-au atacat introducand parola de admin :> Edited by Arthos, 20 March 2018 - 13:23. |
#1332
Posted 20 March 2018 - 14:08
Arthos, on 20 martie 2018 - 13:22, said:
[ https://www.youtube-nocookie.com/embed/RrhVhFHTe9o?feature=oembed - Pentru incarcare in pagina (embed) Click aici ] l-au atacat introducand parola de admin :> |
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users