Intel CPU security flaw

Official support for the KXStudio Linux distribution and applications.
More info at http://kxstudio.linuxaudio.org/

Moderators: falkTX, khz, MattKingUSA

hyenaz
Establlshed Member
Posts: 24
Joined: Mon May 16, 2016 8:05 pm

Intel CPU security flaw

Postby hyenaz » Wed Jan 03, 2018 6:56 pm

https://www.theregister.co.uk/2018/01/0 ... sign_flaw/

Has anyone else been following this? Can we expect a performance hit in music applications?

folderol
Establlshed Member
Posts: 702
Joined: Mon Sep 28, 2015 8:06 pm
Location: Here, of course!
Contact:

Re: Intel CPU security flaw

Postby folderol » Wed Jan 03, 2018 8:13 pm

From what I've read, we probably (mostly) dodged the bullet.
It seems the fix will mostly affect I/O not processor intensive tasks.
Building up a buffer full of sound will be fine, but there may be a bit of a bottleneck getting each buffer to the soundcard

hyenaz
Establlshed Member
Posts: 24
Joined: Mon May 16, 2016 8:05 pm

Re: Intel CPU security flaw

Postby hyenaz » Wed Jan 03, 2018 10:09 pm

Good to hear. I don't want to lose 30% of CPU speed.

This was really funny:

"The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers."

User avatar
thetotalchaos
Establlshed Member
Posts: 127
Joined: Mon Sep 29, 2014 8:29 pm
Contact:

Re: Intel CPU security flaw

Postby thetotalchaos » Fri Jan 05, 2018 2:34 pm

hyenaz wrote: Has anyone else been following this? Can we expect a performance hit in music applications?


I hope not. In less than a year, both Intel and Mozilla, two of the finest examples of freedom respecting companies, betrayed us and let us down. And although i am quite happy, using Chromium and Epiphany, I am not ready to assemble a new AMD Based home system. My configuration is less then an year old, Intel based.....s*it.
Check out my latest music album The Butterfly Effect
https://soundcloud.com/biser-angelov/sets/the-butterfly-effect

hyenaz
Establlshed Member
Posts: 24
Joined: Mon May 16, 2016 8:05 pm

Re: Intel CPU security flaw

Postby hyenaz » Fri Jan 05, 2018 4:05 pm

Reading Intel's PR statement, it basically translates to:

There is no problem, and the problem effects all chip manufacturers, and the problem will be minor for most users, and the problem will be mitigated in the long term.

So hopefully fixes in the longer term will mitigate any CPU hit.

windeguy
Establlshed Member
Posts: 11
Joined: Mon Feb 18, 2013 12:14 am
Location: Dominican Republic

Re: Intel CPU security flaw

Postby windeguy » Fri Jan 05, 2018 5:50 pm


folderol
Establlshed Member
Posts: 702
Joined: Mon Sep 28, 2015 8:06 pm
Location: Here, of course!
Contact:

Re: Intel CPU security flaw

Postby folderol » Fri Jan 05, 2018 5:56 pm

Intel are doing their usual mixture of flat out lies plus bait and switch.

There are very real and serious problems and there are two separate issues.

The first, is immediately and easily exploitable. It is specific to all Intel processors since 2009, and also one (as yet unreleased) class of ARM processors. it doesn't affect AMD nor any other class of processors. This is the 'Meltdown' one that devs all round the world have been working flat out for months to work-around it. Note this is not a fix. A proper fix has to be done with new CPU hardware.

The other one (spectre) is much harder to exploit, and requires more uninterrupted attack time - unfortunately it is also much harder to fix. This one affects just about all modern processors. Browser makers are working to produce blocks in javascript to close that particular attack vector. Once more, this is not a fix, and again, eventually hardware solutions need to be found.

The final gotcha is that new hardware doesn't solve the problem for old systems that for one reason or another can't be replaced. For them, there will always need to be some form of software hack.

On the plus side, there have already been a lot of benchmark tests done on the new code, and we should get off pretty lightly.

The people who will be in the worst position are relatively small ISPs who's machines are doing mostly net and storage accessing.

m.lp.ql.m
Establlshed Member
Posts: 32
Joined: Fri Nov 23, 2012 5:51 pm

Re: Intel CPU security flaw

Postby m.lp.ql.m » Fri Jan 05, 2018 7:12 pm

Related, but more selfish question: I was just about to start putting together a new system. Any guesses as to when the new, "fixed," hardware will be available?

User avatar
English Guy
Establlshed Member
Posts: 420
Joined: Wed Oct 17, 2012 7:28 pm
Location: England

Re: Intel CPU security flaw

Postby English Guy » Fri Jan 05, 2018 8:14 pm

I want to keep an old kernel on hand and run it on an offline system when I work

User avatar
Lyberta
Establlshed Member
Posts: 635
Joined: Sat Nov 01, 2014 8:15 pm
Location: The Internet
Contact:

Re: Intel CPU security flaw

Postby Lyberta » Sat Jan 06, 2018 9:20 am

English Guy wrote:I want to keep an old kernel on hand and run it on an offline system when I work


KPTI can be disabled with runtime switch. If you don't run untrusted code, you can easily turn it off.

User avatar
briandc
Establlshed Member
Posts: 1309
Joined: Sun Apr 29, 2012 3:17 pm
Contact:

Re: Intel CPU security flaw

Postby briandc » Sat Jan 06, 2018 9:33 am

Kinda sounds to me like a big scare to get people buying new computers.


brian
Have your PC your way: use linux!
My sound synthesis biome: http://www.linuxsynths.com

tavasti
Establlshed Member
Posts: 451
Joined: Tue Feb 16, 2016 6:56 am
Location: Kangasala, Finland
Contact:

Re: Intel CPU security flaw

Postby tavasti » Sat Jan 06, 2018 9:51 am

briandc wrote:Kinda sounds to me like a big scare to get people buying new computers.

Problem is real. Current state, any website can put javascript reading all your passwords from your browsers password manager or from your keepass if it is open. Same goes for office documents, reading memory with word doc macros is possible. However, implementing word doc which works also in libreoffice in linux might be bit harder :-)

So if there is update for your browser available, update now.
Linux veteran & Novice musician

Hear my music at https://audiu.net/users/tawaste

User avatar
42low
Establlshed Member
Posts: 1619
Joined: Sun Apr 17, 2016 2:31 pm
Location: Netherlands

Re: Intel CPU security flaw

Postby 42low » Sat Jan 06, 2018 11:08 am

hyenaz wrote:Good to hear. I don't want to lose 30% of CPU speed.

I don't want anyone to have access to my data without asking and without knowing who's looking. That's more worrying to me.
And what worries me even more is that this is a thread for everyone and everything up to the highest positions and most vulnerable systems. If this problem is as it is in the news all over then half the world is open.

folderol wrote:It is specific to all Intel processors since 2009

You wish it was.

The first attack has implications for Intel cpu's since 1995
https://tweakers.net/nieuws/133505/onde ... n-arm.html

So my rough guess is about 99.9% of all intel computers. And if it's true that it's "all chip manufactureres" the the problem would be even more worrying. That would be energy compagnies, regular compagnies, politician, law enforcments and justice, and much more.

hyenaz wrote:Reading Intel's PR statement, it basically translates to:
There is no problem, and the problem effects all chip manufacturers

Of course that's what they state. :twisted:
But what i read all over the internet is that it is not about amd and that it's a huge entrance at the back.
Last edited by 42low on Sat Jan 06, 2018 11:21 am, edited 2 times in total.

tavasti
Establlshed Member
Posts: 451
Joined: Tue Feb 16, 2016 6:56 am
Location: Kangasala, Finland
Contact:

Re: Intel CPU security flaw

Postby tavasti » Sat Jan 06, 2018 11:16 am

m.lp.ql.m wrote:Related, but more selfish question: I was just about to start putting together a new system. Any guesses as to when the new, "fixed," hardware will be available?


https://twitter.com/securelyfitz/status ... 0652196864

That says maybe some minor fixes on summer. Something bit better 2019-2010. Full fix 2021.
That isn't word of god, but anyway guess from somebody who knows workflow and constrants on processor industry.
Linux veteran & Novice musician

Hear my music at https://audiu.net/users/tawaste

User avatar
42low
Establlshed Member
Posts: 1619
Joined: Sun Apr 17, 2016 2:31 pm
Location: Netherlands

Re: Intel CPU security flaw

Postby 42low » Sat Jan 06, 2018 7:15 pm

m.lp.ql.m wrote:Any guesses as to when the new, "fixed," hardware will be available?

I've read on a linux forum that the software fix is to be expected this weekend. Then the hardware bug isn't a problem anymore.

This one is fun too. :twisted:
"The inventor of Linux is furious at Intel"
https://www.businessinsider.nl/linus-to ... el-2018-1/


Return to “KXStudio Discussion”

Who is online

Users browsing this forum: No registered users and 18 guests