• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CacheOut is the Latest Speculative Execution Attack for Intel Processors

L

lexluthermiester

Joined
Jul 5, 2013
Messages
25,559 (6.47/day)
Steevo said:
So if AMD can do it with a tenth the budget does that make them awesome or Intel that shitty?
Click to expand...
Flawed premise. You are assuming that the engineers are careless, that security testing was not done and that the qualification stage of R&D fails to double and triple check engineering samples.

These vulnerabilities are being discovered by methods the engineers never conceived of, let alone could have predicted and prevented.
 
trparky

trparky

Joined
Mar 6, 2017
Messages
3,211 (1.23/day)
Location
North East Ohio, USA
System Specs
System Name My Ryzen 7 7700X Super Computer
Processor AMD Ryzen 7 7700X
Motherboard Gigabyte B650 Aorus Elite AX
Cooling DeepCool AK620 with Arctic Silver 5
Memory 2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s) XFX AMD Radeon RX 7900 GRE
Storage Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s) Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case Lian Li LANCOOL II MESH C
Audio Device(s) On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply MSI A850GF
Mouse Logitech M705
Keyboard Steelseries
Software Windows 11 Pro 64-bit
Benchmark Scores https://valid.x86.fr/liwjs3
lexluthermiester said:
You are assuming that the engineers are careless
Click to expand...
I wouldn't go so far as to say that they were careless, I'd go more with the idea that they were rushed by upper management to push a product out faster with less validation.

I read a Reddit post that was written by a person who worked on the Centaur x86 chip. He mentioned that he knew people who worked at Intel back in 2014 and many of Intel's upper management wasn't happy with the engineering departments rather glacial pace at validating new hardware to be shipped to end-users so they pushed the engineering departments to go faster. Unfortunately, I think the whole industry is paying for that mistake right now. Slow and steady wins the race.

https://www.reddit.com/r/hardware/comments/ep0lf4/_/fenxd69
I don't know if I should believe fully in what that guy said but knowing how upper management of some companies is monumentally stupid I wouldn't put it past them for making such a stupid move. I fully believe in the idea of failing upwards. Those who can, do; those who can't, manage.
 
Last edited:
R-T-B

R-T-B

Supporter
Joined
Aug 20, 2007
Messages
20,789 (3.41/day)
System Specs
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64
These vulnerabilities are incredibly clever, timing based vulnerabilities.

Think of it this way: in binary logic a cpu problem can only be true or false. A program makes a request for data it has no rights too. It is (correctly) told to screw itself. Thing is, someone figured out it takes slightly longer when the value is "false" for the processor to return the "fudge off" command. Guess what you can now reliably infer from that? Yep, the complete boolean. And you can do it again and again...

Would you have ever considered this as an engineer? It's basically the "I can tell when you are lying" problem in computer form.
 
Last edited:
You must log in or register to reply here.
Top