• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel-only Spoiler vulnerability disclosed. Tech press response: 'crickets'

Joined
Aug 20, 2007
Messages
10,752 (2.52/day)
Likes
9,786
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Gentoo Linux x64
Benchmark Scores FS/TS ext: FS 10778:https://www.3dmark.com/fs/18092626 TS 3734:https://www.3dmark.com/spy/6001589
#26
Then where are all the infected people?
I dealt with one not too long ago I suspect was using Spectre in some way (there may be a thread here about the whole process). But it was a pretty isolated case with an extremely sick PC. And I think the Spectre could've been happening on an ARM router as well (there was some hardcore privilege escalation going on in both places that would've required exploits beyond just the kernel).

By the way, this was being done completely remotely. and that still amazes me. I can't believe the lack of followup.
 
Last edited:
Joined
Nov 4, 2005
Messages
10,243 (2.08/day)
Likes
2,657
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#27
Purposefully? Yeah right. Talk about scare-mongering. :kookoo::rolleyes:
Right. Because Intel has them all in their pockets? I guess this (tech sites unwilling to call them out) is why we have rarely seen this problem reported. :rolleyes:

Exactly. Yet home users are the ones being targeted (intentionally or not) by all this scare-mongering. :(
If that data is at such risk from these vulnerabilities, where are all the breaches that have been attributed to these flaws?

It is possible a drunk can hop the curb, knock down a tree, drive across three lawns and run into my front porch. Does that mean standing on my front porch imposes a considerable amount of risk and therefore, I should move? I could happen. We even had a drunk flip her car in front of my house before.

Just because very serious vulnerabilities exist, that does not mean they are easy to exploit - even if being targeted by clever badguys. It would be extremely difficult for any bad guy to exploit these Intel vulnerabilities even in a data center - if for no other reason, they have to gain access to the CPU. It would almost have to be an inside job. Possible? Yes. Likely? No.

If you research all the major data center breaches, I bet you will find each and every one was due to human error/negligence. The Equifax one for example. The vulnerability was discovered months before the hack. The software developers even developed and distributed the necessary patch - Equifax IT people had it! But what happened? The system administrators never applied it and the information and security executives failed in their duties to secure and protect the data. Heck, all that stored personal data wasn't even encrypted! :mad::banghead: How stupid was that?

LOL Good thing I got rid of the wife then - and just to make sure with the girlfriend, got the snip snip procedure done too! :D

So you are willing to assume Intel didn't know their own chips architecture and no one, not a single person knew that it could pose a security threat to allow unfiltered access to the hardware?

The sheer number of corporate users still running XP on C2D chips running software that requires it is what scares people, not grandma saving pictures, but business handling thousands of users information, credit info, and much else. The issue is Intel has, had, and designed it knowing this might happen for the increase in single threaded performance with the flop of P4.
 
Joined
Jul 25, 2006
Messages
5,166 (1.11/day)
Likes
3,467
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
#28
I dealt with one not too long ago I suspect was using Spectre in some way (there may be a thread here about the whole process). But it was a pretty isolated case with an extremely sick PC. And I think the Spectre could've been happening on an ARM router as well
So one extremely sick computer that you "suspect" was using spectre "in some way", and one "ARM" (which isn't even Intel) router that you "think" had the Spectre on it is proof of widespread infections when there are 100s of millions of Intel based computers out there?

Come people - . Crossing the street with the green light and in a crosswalk after looking both ways can still get you run over. So do you stop crossing the street?

So you are willing to assume Intel didn't know
I never said anything of the sort! Why are you twisting words around. I never ever said Intel didn't know.

YOU said, "Intel purposefully used flawed security to increase the performance ... while AMD didn't." You said that. I did not make that up or twist your words around! That's you making all kinds of assumptions AND accusations of wrong doings with no proof of either of those claims.
The sheer number of corporate users still running XP on C2D chips running software that requires it is what scares people
The number of people still using XP scares me too. Users using operating systems that are unsafe, obsolete, superseded many times over, becoming true threats to everyone else is hardly the point! Rather, it is simply more scare mongering. :(

Again, we really need to be putting this into perspective - not perpetuating the exaggerations and FUD.
 
Joined
Mar 10, 2010
Messages
6,222 (1.87/day)
Likes
2,380
Location
Manchester uk
System Name RyzenGtEvo
Processor Amd R5 2600X@4.1
Motherboard Crosshair hero7 @bios 1201
Cooling 360EK extreme rad+ 360$EK slim all push, cpu Monoblock Gpu full cover all EK
Memory Gigabyte Aurus Rgb 16Gb in two sticks.
Video Card(s) Sapphire refference Rx vega 64 waterblockedEK
Storage Samsung Nvme Pg981 samsung 840, WD 1Tb+2Tb +3Tbgrn, 1tb seagate sshd hybrid(games)
Display(s) Samsung uea28"850R 4k freesync, LG 49" 4K 60hz ,Oculus
Case Lianli p0-11 dynamic
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro
Power Supply corsair 1200Hxi
Mouse Roccat Kova
Keyboard Roccat Iksu force fx
Software Win 10 Pro
Benchmark Scores 8056 vega 3dmark timespy
#29
So one extremely sick computer that you "suspect" was using spectre "in some way", and one "ARM" (which isn't even Intel) router that you "think" had the Spectre on it is proof of widespread infections when there are 100s of millions of Intel based computers out there?

Come people - . Crossing the street with the green light and in a crosswalk after looking both ways can still get you run over. So do you stop crossing the street?

I never said anything of the sort! Why are you twisting words around. I never ever said Intel didn't know.

YOU said, "Intel purposefully used flawed security to increase the performance ... while AMD didn't." You said that. I did not make that up or twist your words around! That's you making all kinds of assumptions AND accusations of wrong doings with no proof of either of those claims.
The number of people still using XP scares me too. Users using operating systems that are unsafe, obsolete, superseded many times over, becoming true threats to everyone else is hardly the point! Rather, it is simply more scare mongering. :(

Again, we really need to be putting this into perspective - not perpetuating the exaggerations and FUD.
Spoken like an intel share holder no less.

This is a forum of discussion , i didn't tie any of these lapses in security together or suggest they were.

I mearly tried to point out that many long term security issues DO already exist, despite many not knowing about them.

Some we may here about in a few years.

And that NoOne , not you, not Intel , Microsoft ,Amd or any IT professional knows for sure what attack vectors are in use or being stacked.

So the ideology that a hacker Needs access is FUD

They might have had access for 18 years.(via chrome or winrar for example)

My pc is in no danger , i appreciate im not a target, directly but my card details are, and I don't control any of the IT equipment i tend to have to type card details into.

Shit over here most shops have a free serve ATM running Xp in the corner.
 
Last edited:
Joined
Mar 10, 2015
Messages
1,428 (0.95/day)
Likes
951
System Name Wut?
Processor 4770K @ Stock
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage Samsung 840 Pro 256GB
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
#30
Come people - . Crossing the street with the green light and in a crosswalk after looking both ways can still get you run over. So do you stop crossing the street?
I never said anything of the sort! Why are you twisting words around.
The same question can be posed back to you. Most are not suggesting to stop using Intel. Most are just saying that this IS a problem and should be concerning just not concerning in the way that some are proclaiming.
 
Joined
Jul 25, 2006
Messages
5,166 (1.11/day)
Likes
3,467
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
#31
I do own some Intel. I also own some AMD.
And that NoOne , not you, not Intel , Microsoft ,Amd or any IT professional knows for sure what attack vectors are in use or being stacked.
Exactly!

The same question can be posed back to you.
And what's the question? I say, yes we still cross the street. What I don't think is right is assuming Intel is purposely doing wrong. What I don't think is right is trying to tie unrelated software program flaws to these hardware flaws. That's like saying a flaw in the software of GM trucks means there must be a problem with Ford engines. :kookoo:

And what I don't like is the suggestion the threat is HUGE when it really isn't even though it affects many processors. We have to keep it in perspective or we become part of the misinformation problem.

Edit comment: fixed typos.
 
Last edited:
Joined
Jun 28, 2015
Messages
375 (0.27/day)
Likes
147
#32
So we find that Intel purposefully used flawed security to increase the performance of CPUs while AMD didn't.

Not many tech sites are willing to call out the biggest CPU manufacturing company for mistakes they made to get ahead of their competition when many of those chips were praised for their performance.

At the end of the day it's a risk that most people would take without caring, so doesn't really matter? Not until it does.
The best hacks never get noticed, only the worst hack blunders make the news.
 
Joined
Apr 30, 2011
Messages
1,193 (0.41/day)
Likes
1,181
Location
Greece
Processor AMD FX-8350 4GHz@1.3V
Motherboard Gigabyte GA-970A UD3 Rev3.0
Cooling Zalman CNPS5X Performa
Memory 2*4GB Patriot Venom RED DDR3 1600MHz CL9
Video Card(s) XFX RX580 GTS 4GB
Storage Sandisk SSD 120GB, 2 Samsung F1 & F3 (1TB)
Display(s) LG IPS235
Case Zalman Neo Z9 Black
Audio Device(s) Via 7.1 onboard
Power Supply OCZ Z550
Mouse Zalman ZM-M401R
Keyboard Trust GXT280
Software Win 7 sp1 64bit
Benchmark Scores CB R15 64bit: single core 99p, multicore 647p WPrime 1.55 (8 cores): 9.0 secs
#33
Where do you think those hackers got millions of data and codes from? They just took advantage of those exploits the server and cloud PCs have in their CPUs. So, it doesn;t matter if we aren't personally under big security risk when running CPUs that have exploit, but the danger is mostly in our data being stolen from servers owned either by big enterprises or goverments and their services. Very immature responses here sadly...
 

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
14,690 (3.24/day)
Likes
4,612
Location
Mid-Atlantic
System Name Desktop
Processor i5 7500 Kaby Lake
Motherboard AsRock MicroATX Z170M Exteme4
Cooling Stock
Memory 2x 8G Gskill Aegis DDR4 2400
Video Card(s) Nvidia GTX 970 FTW+
Storage Samsung nVME 512
Display(s) Dell 27" 1440p 8bit GSYNC
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse Logitech G900 Chaos Spectrum
Keyboard Code V2B
Software Windows 10
#34
Where do you think those hackers got millions of data and codes from? They just took advantage of those exploits the server and cloud PCs have in their CPUs. So, it doesn;t matter if we aren't personally under big security risk when running CPUs that have exploit, but the danger is mostly in our data being stolen from servers owned either by big enterprises or goverments and their services. Very immature responses here sadly...
Uh no... Most data breaches are because of humans letting bad guys into systems they should not be let into. Nothing to do with CPU vulnerabilities...
 
Joined
Mar 23, 2016
Messages
1,921 (1.71/day)
Likes
2,095
Processor Ryzen 5 2600X
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Realtek ALC887 (dead)
Power Supply EVGA 850 BQ
Mouse Kingston HyperX Pulsefire FPS
Keyboard Logitech K520
Software Windows 10 Professional 64-bit
#35
AMD's response to Spoiler:

"We are aware of the report of a new security exploit called SPOILER which can gain access to partial address information during load operations. We believe that our products are not susceptible to this issue because of our unique processor architecture. The SPOILER exploit can gain access to partial address information above address bit 11 during load operations. We believe that our products are not susceptible to this issue because AMD processors do not use partial address matches above address bit 11 when resolving load conflicts."

https://www.amd.com/en/support/kb/faq/pa-240
 

P4-630

The Way It's Meant to be Played
Joined
Jan 5, 2006
Messages
9,477 (1.95/day)
Likes
9,353
Location
Vinewood
System Name Desktop / Laptop
Processor Intel i7 6700K @ 4.3GHz (1.175 V) / Intel i3 7100U
Motherboard Asus Z170 Pro Gaming / HP 83A3 (U3E1)
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut + 5 case fans / Fan
Memory 16GB DDR4 Corsair Vengeance LPX 3000MHz CL15 / 6GB DDR4 Samsung 2400MHz CL15
Video Card(s) MSI GTX1070 Gaming X 8GB / Intel HD620
Storage Samsung 970 evo 500GB + Samsung 850 Pro 512GB + Hitachi 2.5" 7200rpm 750GB / Samsung 256GB M.2 SSD
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p + 21.5" LG 22MP67VQ IPS 60Hz 1080p / 14" 1080p IPS Glossy
Case Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s) SupremeFX Onboard / Realtek onboard + B&O speaker system
Power Supply Be quiet! Straight Power 10 500 Watt CM / Powerbrick
Mouse Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard RAPOO E9270P Black 5GHz wireless / HP backlit
Software Windows 10 / Windows 10
#36
"An Intel spokesperson told us after publication that it hopes applications can be built in future to defend against SPOILER attacks, or hardware protections can be deployed:

Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research.
"

https://www.theregister.co.uk/2019/03/05/spoiler_intel_processor_flaw/
 
Joined
Jul 5, 2013
Messages
5,465 (2.58/day)
Likes
3,593
Location
USA
#37
Gonna chime in and offer 2 cents. What I've read up on this seems to indicate clarification is needed.
1) Has existed since Core Duo.
Actually it seems that it started with the last iteration of the Pentium4/PentiumD, however not truly important point.
2) Has been used in the wild already.
As in actual attacks? That can not be found/verified.
3) Can't be patched with software (unless, apparently, if you're talking about a massive slowdown).
This has yet to be determined. I'm betting it can. But who's going too? See below..

This seems very similar to the Spectre & Meltdown types of problems and are similarly difficult to exploit remotely. So difficult that one would effectively need physical access to the system in question to accomplish an attack. The general public need not worry. It's the governments and big business' that need be concerned. However simple precautions strictly implemented is all that will be needed to prevent a data breach via this attack vector. Interestingly, those are the same precautions needed to avoid Spectre & Meltdown, so anyone already guarding against those are all set.
 
Last edited:
Joined
Mar 10, 2015
Messages
1,428 (0.95/day)
Likes
951
System Name Wut?
Processor 4770K @ Stock
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage Samsung 840 Pro 256GB
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
#38
And what I don't like is the suggestion the threat is HUGE when it really isn't even though it affects many processors.
It affects nearly every processor in data centers globally. You know, the ones that will actually be targeted.

hat I don't think is right is trying to tie unrelated software program flaws to these hardware flaws. That's like saying a flaw in the software of GM trucks means there must be a problem with Ford engines.
Not at all and you know that. It is akin to saying there is a software problem in GM's ECM that will cause GM engines to explode.
 
Joined
Jul 25, 2006
Messages
5,166 (1.11/day)
Likes
3,467
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
#39
So difficult that one would effectively need physical access to the system in question to accomplish an attack.
Exactly! That's why I said above, it likely would have to be an inside job. And the bad guys would just need physical access to the computer, but access into the computer.

And while patching the actual flaw may not possible (we are talking about hardware here), I bet the ability to exploit the vulnerabilities is possible, either in the OS, anti-malware solutions, motherboard BIOS, all three, or a combination of those three.

I also agree there is no evidence it has been used out in the wild yet - and I note yesterday's Tom's article does not say it's been used in the wild either, as the OP suggested.
It affects nearly every processor in data centers globally. You know, the ones that will actually be targeted.
So what? Just because something is targeted, that does not mean it will, or can be be exploited. The information this CPU flaw potentially exposes is not something a badguy can get "just by" :rolleyes: hacking the data center and then scouring the drives. He has to hack the individual computer. How likely is that?
 
Joined
Jul 5, 2013
Messages
5,465 (2.58/day)
Likes
3,593
Location
USA
#40
It affects nearly every processor in data centers globally. You know, the ones that will actually be targeted.
Ah but then again, simple precautions properly implemented.
It is akin to saying there is a software problem in GM's ECM that will cause GM engines to explode.
That is not a great analogy.

Exactly! That's why I said above
I beg your pardon, must have missed it. Sorry about that.
 
Joined
Jul 25, 2006
Messages
5,166 (1.11/day)
Likes
3,467
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
#41
I beg your pardon, must have missed it. Sorry about that.
NO! No apology necessary. I appreciate the reiteration for it appears many missed, or just ignored that very important fact.
 
Joined
Aug 20, 2007
Messages
10,752 (2.52/day)
Likes
9,786
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Gentoo Linux x64
Benchmark Scores FS/TS ext: FS 10778:https://www.3dmark.com/fs/18092626 TS 3734:https://www.3dmark.com/spy/6001589
#42
So one extremely sick computer that you "suspect" was using spectre "in some way", and one "ARM" (which isn't even Intel) router that you "think" had the Spectre on it is proof of widespread infections when there are 100s of millions of Intel based computers out there?
You asked, I answered. I don't really disagree with your claims, just was saying if you are a valuable enough target all bets tend to be off. But we knew that. Comes with the turf.
 
Joined
Jan 8, 2017
Messages
3,983 (4.79/day)
Likes
3,098
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
#43
So we find that Intel purposefully used flawed security to increase the performance of CPUs while AMD didn't.
The real question is why was it that AMD basically got more or less the same level of IPC out of their designs without these vulnerabilities and Intel couldn't.
 
Joined
Mar 10, 2015
Messages
1,428 (0.95/day)
Likes
951
System Name Wut?
Processor 4770K @ Stock
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage Samsung 840 Pro 256GB
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
#44
Joined
Jul 24, 2009
Messages
549 (0.15/day)
Likes
100
#45
All I see is more cheap Xeons. :D

Sadly there isnt much normal boards that would take it.

The real question is why was it that AMD basically got more or less the same level of IPC out of their designs without these vulnerabilities and Intel couldn't.
They probably could, but its most likely cheaper to make it way they do.
 
Joined
Jul 5, 2013
Messages
5,465 (2.58/day)
Likes
3,593
Location
USA
#46
You asked, I answered. I don't really disagree with your claims, just was saying if you are a valuable enough target all bets tend to be off. But we knew that. Comes with the turf.
And the real thing is, if you're a valuable enough target, anyone with physical access is going to use easier methods to obtain their objectives.
 
Joined
Feb 2, 2015
Messages
2,624 (1.71/day)
Likes
2,309
Location
On The Highway To Hell \m/
#47
It is akin to saying there is a software problem in GM's ECM that will cause GM engines to explode.
No...it is not. That's akin to saying nobody would have to do anything(as in initiate a purposeful attack to try and get your data), but your data will be automatically transferred to someone else anyway(without anyone intending it to be). Which is not going to happen.
 
Joined
Mar 10, 2015
Messages
1,428 (0.95/day)
Likes
951
System Name Wut?
Processor 4770K @ Stock
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage Samsung 840 Pro 256GB
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
#48
No...it is not. That's akin to saying nobody would have to do anything(as in initiate a purposeful attack to try and get your data), but your data will be automatically transferred to someone else anyway(without anyone intending it to be). Which is not going to happen.
I know but the first comparison was:

That's like saying a flaw in the software of GM trucks means there must be a problem with Ford engines.
which is not even close to what this is like.

Ah but then again, simple precautions properly implemented.
Which you have no control over. These exploits are used to jump the boundaries of virtualization. All it takes is someone else's virtualized server to be used to pilfer data out of yours.

Also, I am well enough aware that this is not easy. However, there are plenty enough KNOWN actors that can pull this off with 'relative' ease. There are an unknown number of unknowns...imagine that.
 
Joined
Aug 20, 2007
Messages
10,752 (2.52/day)
Likes
9,786
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Gentoo Linux x64
Benchmark Scores FS/TS ext: FS 10778:https://www.3dmark.com/fs/18092626 TS 3734:https://www.3dmark.com/spy/6001589
#49
And the real thing is, if you're a valuable enough target, anyone with physical access is going to use easier methods to obtain their objectives.
If they can get it, yeah, certainly.
 
Joined
Jul 25, 2006
Messages
5,166 (1.11/day)
Likes
3,467
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
#50
which is not even close to what this is like.
LOL That's because you were not following the thread and therefore my analogy flew right by you.

For those following, they could easily see (especially since I quoted the comment :rolleyes:) where mine tied back to the previous claim about WinRAR and Chrome flaws. Those are (1) software flaws and (2) in software NOT made by Intel. Which of course was the point. The Intel processor flaw is not related to any software flaw, let alone software made by a different company.

Yet you tried to claim the Intel problem was like "GM" software causing "GM" engines (hardware) to explode. See the difference? Since software, and in particular, Intel software is NOT causing Intel hardware to fail, your analogy makes no sense in this scenario.

And the real thing is, if you're a valuable enough target, anyone with physical access is going to use easier methods to obtain their objectives.
If they can get it, yeah, certainly.
Yeah, like walk out the door with the computer (and hopefully not get noticed). Or sit down at the computer (when nobody is looking) and install a keylogger on the computer and a nearby transmitting device to send those keystrokes out to the bad guy parked, unnoticed, in the back alley.

Again, yes, it is a serious flaw. Can it be exploited? Yes. Easily? Not at all.

Does this analogy better relate:

You have a safe deposit box at your bank. You keep a big wad of cash, jewels and important papers in the box. Like most safe deposit boxes, your box takes two keys to open; one a bank officer has and must use, and the other you keep in your possession. Unbeknownst to you, your lock is broken and any key or even a screwdriver can turn your lock.

Is that a serious flaw? Absolutely.
Can it be exploited? Yes.

How?

Well a badguy has to gain access to the bank itself, without triggering any alarms or showing up on any security cameras,​
Then he has to crack open (again without triggering any alarms) and gain entry into the safe where the safe deposit boxes are located,​
He has to locate your box among 100s or more boxes (assuming he knows the number on your box),​
Then he has to somehow unlock the bank officer's lock on your box,​
Then he has to unlock your lock and remove your valuables.​
Sound easy? Not to me.​
But that's not all.​
Because this hacker... err... bank robber doesn't want anyone to know the computer... err... bank as been hacked... err... robbed, he has to close and lock your box, close and lock the safe, exit and lock the bank doors - all without triggering any alarms or being noticed.​
Finally, he has to make a clean getaway.​

Piece of cake, right?
 
Top