• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

New Spectre Vulnerability Version Beats All Mitigations, Performance to Badly Degrade After the Fix

Joined
Jun 10, 2014
Messages
2,428 (0.96/day)
Nothing we haven't seen before... Superscalar out of order with the levels of speculative execution and caching that are enabled by modern processes will always be vulnerable to this kind of attack.
Actually, there is nothing principally wrong with speculative execution and caching. It's only a matter of making sure all caches are cleaned etc., which will require redesigns of microarchitectures, not just the mitigations we've seen this far which only makes it harder. Getting rid of SMT would help a lot though.

Until this happens, we should expect a stream of new Spectre class exploits.

So physical access is required to implement any exploit?
Local access is required, as usual. These vulnerabilites are not a real problem for consumers or non-cloud servers, so software mitigations should really be opt-in. There is no reason for all of us to suffer.

This requires high level access to execute, which traditional security measures already prevent. This is one of those "if they get this you're already hosed" type situation. I'd be really surprised if the mitigations are required rather then optional patches that can be applied to just mission critical equipment that is most likely to get hit by this.
Well, this is exactly why we do security in layers. Sooner or later you should expect a vulnerability in one layer.
The real elephant in the room is the perpetual stupidity of (public) cloud computing, where a vulnerability on any layer can potentially bypass nearly all security measures. Nothing sensitive should ever run in the public cloud, unfortunately it does.

Although IMO most of this stuff has been wildly overblown, the majority of CPU attacks require a pre pwned system with remote administrator/BIOS access. I can see emergency patches for the remote execution ones, but the rest should be optional IMO.
Yes. Consumers should not worry about the exploits, only about the mitigations. I wish patches were opt-in.

Perhaps someone cleverer than me can tell me why adding its signature/behavior to antivirus/antimalware wouldn't solve the issue?
Because antimalware don't have the ability to stop any attack, just identify known bad software.
This is why there are endless streams of new virus variants for Windows, until the specific underlying vulnerabilities (/design faults) are resolved.

If you find a vulnerability, you can just make a script that makes thousands of small variants of the program performing the exploit, resulting in different binary signatures, and the cat and mouse game is on. Antimalware doesn't work the way people think, they can never fix an exploit, and it's even debatable whether they do much "good" at all. Having priveleged software like this may even open up new attack vectors, and there are even some antimalware software that can be regarded as malware/spyware itself.
 
Joined
Apr 30, 2014
Messages
47 (0.02/day)
To be honest. I think they should stop finding these things. Because when they do the source gets leaked then the new virus's come out. Stop finding holes period and things would not come out. Now adays we hear oh we found a new way to break a system. The weeks later the source is released to public and hackers just suck it up.
Sticking your head in the sand doesn't improve security, it just means you don't know what you don't know. Others are looking for these holes already.
 
Joined
Jul 5, 2013
Messages
12,804 (4.47/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
It should be noted that this set of vulnerabilities are even more difficult(read near impossible) to exploit than any of the rest like it and that it is not worth any level of worry for the common user or even most business and corporate entities. The fix can rather safely be ignored and avoided.

Remember kids, 100% of people that drink water die.
This!
 
Joined
Aug 20, 2007
Messages
14,789 (2.95/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse Razer Deathadder v2
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
This requires high level access to execute, which traditional security measures already prevent.
No, this type of code timing attack can certainly be executed from userland if I understand it correctly.

It should be noted that this set of vulnerabilities are even more difficult(read near impossible) to exploit than any of the rest like it and that it is not worth any level of worry for the common user or even most business and corporate entities. The fix can rather safely be ignored and avoided.


This!
I'm not so sure, but my philosophy on this remains the same. Fix the software design, don't gimp the cpu globally.
 
Joined
Jul 16, 2014
Messages
4,927 (1.98/day)
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
Because antimalware don't have the ability to stop any attack, just identify known bad software.
This has been the flaw of AV since time began. It still doesnt stop User stupidity.
 
Joined
Aug 20, 2007
Messages
14,789 (2.95/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse Razer Deathadder v2
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
Local access is required, as usual.
Where are people getting that idea? The previous spectre was demonstrated to work via javascript in a browser... I have no idea why this would be different as a variant unless I missed something.

What really makes it not noteworthy is the attack is slow and guessing memory locations hard. It requires a lot of setup, and generally, a skilled human hacker.
But not "local access."
 
Joined
Jul 16, 2014
Messages
4,927 (1.98/day)
Location
SE Michigan
System Name Dumbass
Processor AMD-9370BE @4.6
Motherboard ASUS SABERTOOTH 990FX R2.0 +SB950
Cooling CM Nepton 280L
Memory G.Skill Sniper 16gb DDR3 2400
Video Card(s) GreenTeam 1080 Gaming X 8GB
Storage C:\SSD (240GB), D:\Seagate (2TB), E:\Western Digital (1TB)
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Logitech G700s
Keyboard Logitech G910 Orion Spark
Software windows 10
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
Joined
May 5, 2020
Messages
43 (0.12/day)
So physical access is required to implement any exploit?
More or less. I mean I can only steal your car if I have physical access to it. This makes all cars unsafe, and we better ban/remove all cars to remove said threat. Obviously we could patch the car by putting it in a bunker, therefor making said car less useful. But that's obviously the best choice for the current situation.
 
Joined
Aug 20, 2007
Messages
14,789 (2.95/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse Razer Deathadder v2
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
This also requires competent QA testing.
If your software is really dealing with sensitive data you better fucking have Q&A or you deserve that lawsuit.

If it's a video game, have fun with that.

Its like reporting the news, "if it bleeds, it leads", so if it makes this kind of threat sound scarier, its in.
No my point is physical access is NOT required. They are being dismissive of this, which is valid in some ways, but for an invalid reason.
 
Joined
Jul 5, 2013
Messages
12,804 (4.47/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
No my point is physical access is NOT required.
Um, bro? You need to re-read that white paper.. Pay careful attention to section VI. Put simply, no one is going to achieve that level of code execute injection over a network(any network). Direct physical access is required, and even then, setting up the exploit seems to be very machine/platform specific and will require a extensive effort to gain success.
 
Last edited:
Joined
Oct 27, 2009
Messages
860 (0.20/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
YES!!!

I have been waiting for TPU to pick this up, so I can finally correct the bad reporting, and the terrible assumptions users who cant read make.

Neat take aways from this white paper:

- They only specify "Skylake" but fail to say which rendition of the arch, and its important to note, after initial skylake protection has been built in on an arc level

- They mention "Zen" testing, but not which one. Zen is old and been around awhile, they make a uOP mention with "Zen2" but its just an example.

- They mention ARM in the title and the text, but never actually show testing done with the ARM arc.

People are already questioning the methods used in this work as the flaws mentioned above are a pretty bid deal.

Remember kids, 100% of people that drink water die.
They mention the differences between zen and zen 2 and only test on Zen... but don't specify the chip, they specified Skylake refresh 8700t.
They are also intel funded, which might explain the vagueness of other chips used or just theoretically vulnerable.
In general, yet another poorly done "security piece" not learning from other groups stumbles or intentional misdirection's.
No CVE, no 90 days given to architecture owners, no credibility. I don't see any proof they tested against mitigated hardware.

Screenshot 2021-05-03 120119.png
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
22,149 (3.86/day)
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EK Custom
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Nvidia Titan RTX
Storage 1x 250GB 960 EVO | 1x 500gb Intel 720p | 32TB SAN
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Schiit Fulla 3 on Beyerdynamic DT 990 Pros
Power Supply Seasonic 1050W Snow
Mouse Roccat Kone Aimo White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
They mention the differences between zen and zen 2 and only test on Zen... but don't specify the chip, they specified Skylake refresh 8700t.
They are also intel funded, which might explain the vagueness of other chips used or just theoretically vulnerable.
In general, yet another poorly done "security piece" not learning from other groups stumbles or intentional misdirection's.
No CVE, no 90 days given to architecture owners, no credibility. I don't see any proof they tested against mitigated hardware.

View attachment 199059

Yup. presented as peer reviewed gospel but it isn't. I can make a cool PDF as well for the $7 monthly for Acrobat.
 
Joined
Oct 27, 2009
Messages
860 (0.20/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
Yup. presented as peer reviewed gospel but it isn't. I can make a cool PDF as well for the $7 monthly for Acrobat.
Trying to match University of Minnesota ethics ...
 
Joined
Mar 31, 2014
Messages
1,265 (0.49/day)
Location
Grunn
System Name Indis the Fair
Processor R5 3600 (PBO 150/130/130, 73c temp limit, FCLK/UCLK 1866)
Motherboard Asus Prime X470 Pro
Cooling Heatkiller VI Pro, VPP755 V.3, XT45 240mm, 2xA12x25, Arctic P14 case fans
Memory G.Skill Ripjaws V 2x16GB 4000 16-19-19 (b-die@3733 14-15/9-13-26-36 1.45v)
Video Card(s) EVGA 2080 Super Hybrid (A12x25 fan)
Storage 860EVO 500GB, 660p 1TB, WD Blue 3D 1TB, Sandisk Ultra 3D 2TB
Display(s) BenQ XL2430T, Dell P2417H
Case Phanteks Enthoo Pro M
Audio Device(s) DT770 Pro, Topping A50, Focusrite Scarlett 2i2, Røde VXLR+, Modmic 5
Power Supply Seasonic 860w Platinum
Mouse Razer Viper Mini, Razer Gigantus
Keyboard GMMK Fullsize v2 (Gateron Browns)
Software Win10 x64/Win7 x64/Ubuntu
Actually, there is nothing principally wrong with speculative execution and caching. It's only a matter of making sure all caches are cleaned etc.
There is nothing principally wrong, it is just a method that is naturally open to side channel attacks. Any shared resource in the system is a potential vector for a side channel attack (I would suggest reading some of the papers with respect to these types of attack e.g Xiong and Szefer "Leaking information through cache LRU states") because you can always get information through timing/QOS behaviour of the resource. Are you going to flush your entire L3 every time you context switch just to stop potential malicious threads snooping on something else? You don't, the performance penalty would be too big.

At the end of the day the software side needs to live up to a certain standard of security as well, if that doesn't happen you will never be able to make a computer that is both fast and versatile while being secure.

If you are completely anal about security then you will have to sacrifice either speed or versatility, and you will have to control the software and runtime environment well.
Getting rid of SMT would help a lot though.
Say bye to your performance then, because now you are going back to the early 2000s where you are 100% guaranteed that your back end is grossly underutilised.

The whole idea of resource sharing is that you can dynamically allocate resources to whatever needs it most. Sure if you can create a runtime where from the getgo you know how much resources each task will need there is no need for dynamic allocation, but good luck convincing any programmer to do that.

Static scheduling and partitioning has proven time and time again to go against what programmers want, else IA-64 wouldn't be left in a ditch and everything would be VLIW...
 
Joined
Aug 20, 2007
Messages
14,789 (2.95/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse Razer Deathadder v2
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
Um, bro? You need to re-read that white paper.. Pay careful attention to section VI. Put simply, no one is going to achieve that level of code execute injection over a network(any network). Direct physical access is required, and even then, setting up the exploit seems to be very machine/platform specific and will require a extensive effort to gain success.
You caught me. I'm at work and haven't had time to review the whitepaper in detail beyond a skim. I'm just operating on the assumption it's similar to past spectre exploits which were demonstrated to be usable in javascript.

I'll shutup until I read get home and can read it properly.
 
Joined
Dec 16, 2017
Messages
1,658 (1.34/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling AMD Wraith Stealth // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40 / ST10000VN0008
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Whatever build of Windows 10 is being served in Dev channel at the time.
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Joined
Sep 17, 2014
Messages
14,812 (6.11/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) MSI GTX 1080 Gaming X @ 2100/5500
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define C TG
Audio Device(s) Situational :)
Power Supply EVGA G2 750W
Mouse Logitech G502 Protheus Spectrum
Keyboard Lenovo Thinkpad Trackpoint II (Best K/B ever... <3)
Software W10 x64
Vaccinate that crap already. Jesus.

Where are people getting that idea? The previous spectre was demonstrated to work via javascript in a browser... I have no idea why this would be different as a variant unless I missed something.

What really makes it not noteworthy is the attack is slow and guessing memory locations hard. It requires a lot of setup, and generally, a skilled human hacker.
But not "local access."
Ignorance is bliss I guess? Or its just parroting something that went around for a while. Much like how people still flash BIOS on GPUs like they upgrade drivers. -_-

Regardless, @efikkan you also mentioned disabling SMT. Now look at the current marketplace :D Say an enterprise disables that for its server farm. Suddenly you have a capacity problem and there is no supplier to build you another bunch of servers. And you're already under pressure because of supply issues in a normal cycle for hardware. Its a rock and a hard place, and there is really never enough time as it is. Fast and some collateral is always going to win the day over slow and careful.
 
Last edited:
Joined
Aug 20, 2007
Messages
14,789 (2.95/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse Razer Deathadder v2
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
Someone at Microsoft should pick up that phone.
Microsoft's enterprise products have Q&A testers. They just aren't who you think.

Hint: They are... you guys!
 
Joined
Dec 16, 2017
Messages
1,658 (1.34/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling AMD Wraith Stealth // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40 / ST10000VN0008
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Whatever build of Windows 10 is being served in Dev channel at the time.
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Microsoft's enterprise products have Q&A testers. They just aren't who you think.

Hint: They are... you guys!
Wouldn't I know it...

1620068939575.png


I don't have much to complain about, though. So far, the issues I had in the last 5 years, that I could consider rather grave, I could probably count them with one or two hands. Not exactly a lot.

Definitely not as much as other people say they have had.
 
Joined
Jul 5, 2013
Messages
12,804 (4.47/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
similar to past spectre exploits which were demonstrated to be usable in javascript.
And that only works given a TON of assumptions and perfect circumstances, none of which are real world possibilities. That supposed "proof of concept" was only barely so and had zero practical application.
 
Joined
Feb 20, 2019
Messages
2,442 (3.02/day)
System Name Flavour of the month. I roll through hardware like it's not even mine (it often isn't).
Processor 3900X, 5800X, 2700U
Motherboard Aorus X570 Elite, B550 DS3H
Cooling Alphacool CPU+GPU soft-tubing loop (Laing D5 360mm+140mm), AMD Wraith Prism
Memory 32GB Patriot 3600CL17, 32GB Corsair LPX 3200CL16, 16GB HyperX 2400CL14
Video Card(s) 2070S, 5700XT, Vega10
Storage 1TB WD S100G, 2TB Adata SX8200 Pro, 1TB MX500, 500GB Hynix 2242 bastard thing, 16TB of rust + backup
Display(s) Dell SG3220 165Hz VA, Samsung 65" Q9FN 120Hz VA
Case NZXT H440NE, Silverstone GD04 (almost nothing original left inside, thanks 3D printer!)
Audio Device(s) CA DacMagic+ with Presonus Eris E5, Yamaha RX-V683 with Q Acoustics 3000-series, Sony MDR-1A
Power Supply BeQuiet StraightPower E9 680W, Corsair RM550, and a 45W Lenovo DC power brick, I guess.
Mouse G303, MX Anywhere 2, Another MX Anywhere 2.
Keyboard CM QuickFire Stealth (Cherry MX Brown), Logitech MX Keys (not Cherry MX at all)
Software W10
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
Pay careful attention to section VI. Put simply, no one is going to achieve that level of code execute injection over a network(any network). Direct physical access is required, and even then, setting up the exploit seems to be very machine/platform specific and will require a extensive effort to gain success.
This gives me hope that patches will be opt-in. Hurting the performance of every x86 connected to the internet seems like a knee-jerk overreaction if the risk of the vulnerability is low.

The risk/effort balance has to be right, and you can't ever stop everything. If this vulnerability requires direct physical access then it's of no consequence to any consumer device. Even thinking about my servers in a colo datacenter, the amount of ID checking and paperwork to gain access to my own hardware is enough to prevent this from being a casual drive-by exploit.
 
Joined
Aug 30, 2006
Messages
6,537 (1.22/day)
System Name ICE-QUAD // ICE-CRUNCH
Processor Q6600 // 2x Xeon 5472
Memory 2GB DDR // 8GB FB-DIMM
Video Card(s) HD3850-AGP // FireGL 3400
Display(s) 2 x Samsung 204Ts = 3200x1200
Audio Device(s) Audigy 2
Software Windows Server 2003 R2 as a Workstation now migrated to W10 with regrets.
...I could probably count them with one or two hands.
Using my wrists in the up, or down, position, plus my 10 fingers, gives me the ability to count to 2^12 = 4096.
 
Joined
Dec 16, 2017
Messages
1,658 (1.34/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling AMD Wraith Stealth // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40 / ST10000VN0008
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Whatever build of Windows 10 is being served in Dev channel at the time.
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Joined
Jun 10, 2014
Messages
2,428 (0.96/day)
I'm not so sure, but my philosophy on this remains the same. Fix the software design, don't gimp the cpu globally.
Please elaborate, fix which software design? And what relevance does this have for a hardware bug?

What really makes it not noteworthy is the attack is slow and guessing memory locations hard. It requires a lot of setup, and generally, a skilled human hacker.
But not "local access."
Virtual memory address space is huge, it's not a matter of "hacking skills", but defeating something called entropy. Don't forget memory is moved a lot around too, so extracting useful continuous blocks of memory wouldn't be easy.

Are you going to flush your entire L3 every time you context switch just to stop potential malicious threads snooping on something else? You don't, the performance penalty would be too big.
There should be no need. The CPU will know if the code is privileged to read a cache line, and once these enforcements are firmly in place, the Spectre class of bugs will go away.

At the end of the day the software side needs to live up to a certain standard of security as well, if that doesn't happen you will never be able to make a computer that is both fast and versatile while being secure.
Right there you demonstrated that you don't grasp this subject.
A hardware bug must be resolved in hardware. As long as the user can run any software they want, other software can't protect against a hardware bug like this.

Getting rid of SMT would help a lot though.
Say bye to your performance then, because now you are going back to the early 2000s where you are 100% guaranteed that your back end is grossly underutilised.
You don't understand how SMT works either then. SMT is sharing a core's resources between multiple threads. The usefulness of SMT is decreasing with more efficient CPU architectures, while the complexity of all the extra safeguards throughout the pipeline to facilitate multiple threads is only growing. Back when SMT was introduced, it made a lot of sense since the pipelines were stalled much more and implementing SMT required very little die space. Right now SMT is mostly a marketing thing, with mounting security implications, and this die space would be better spent making faster cores.

Unfortunately though, I wouldn't expect SMT to go away anytime soon.

Static scheduling and partitioning has proven time and time again to go against what programmers want, else IA-64 wouldn't be left in a ditch and everything would be VLIW...
Itanium had many flaws, probably the biggest one was a very complex instruction scheme.
But as of now, the primary bottleneck of CPUs is primarily cache misses, then secondary branching. If something is going to beat speculative execution for general workloads, it needs to solve/avoid these two problems.
 

r9

Joined
Jul 28, 2008
Messages
2,850 (0.61/day)
System Name PC1| PC2|Poweredge r410
Processor i7 9700k| Ryzen 1600| 2 x E5620 @2.4GHz
Memory 16GB DDR4 |16GB DDR4 | 32GB ECC DDR3
Video Card(s) GTX 1070|2 x RX570 |On-Board
Storage 512GB SSD+1TB SSD|512GB SSD+1TB|2x256GBSSD 2x2TBGB
Display(s) 50" 4k TV | 27" + 2 x 24" LCD Setup
Software Windows 10 |Windows 10| Server 2012 r2
Oh my God there goes my sleep tonight.
 
Top