News Posts matching "MDS"

Return to Keyword Browsing

Intel Tried to Bribe Dutch University to Suppress Knowledge of MDS Vulnerability

Cybersecurity researchers at the Vrije Universiteit Amsterdam, also known as VU Amsterdam, allege that Intel tried to bribe them to suppress knowledge of the latest processor security vulnerability RIDL (rogue in-flight data load), which the company made public on May 14. Dutch publication Nieuwe Rotterdamsche Courant reports that Intel offered to pay the researchers a USD $40,000 "reward" to allegedly get them to downplay the severity of the vulnerability, and backed their offer with an additional $80,000. The team politely refused both offers.

Intel's security vulnerability bounty program is shrouded in CYA agreements designed to minimize Intel's losses from the discovery of a new vulnerability. Under its terms, once a discoverer accepts the bounty reward, they enter into a NDA (non-disclosure agreement) with Intel, to not disclose their findings or communicate in the regard with any other person or entity than with certain authorized people at Intel. With public knowledge withheld, Intel can work on mitigation and patches against the vulnerability. Intel argues that information of vulnerabilities becoming public before it's had a chance to address them would give the bad guys time to design and spread malware that exploits the vulnerability. This is an argument the people at VU weren't willing to buy, and thus Intel is forced to disclose RIDL even as microcode updates, software updates, and patched hardware are only beginning to come out.

Update: (17/05): An Intel spokesperson commented on this story.

Apple: Protecting Macs from MDS Vulnerabilities May Reduce Performance by up to 40%

Apple has advised users that they should disable Intel's Hyper-Threading feature on the company's computers due to the recently exposed MDS vulnerabilities. Citing internal testing, Apple said that users can expect an up to 40% performance loss in such a scenario (depending on system and workload, naturally) in various benchmarks and multithreaded workloads. The performance loss is understandable - you're essentially halving the number of threads available for your CPU to process data.

Like Intel said, it becomes an issue of how much users value their performance compared to the security risks involved: a classic risk/benefit scenario, which shouldn't ever be in the equation, after all. If users buy a system with a CPU that has known performance levels, they will obviously expect those to be valid for the longevity of the product, unless otherwise stated and considering operational variances that fall within a margin of error/product obsolescence. Halving your performance because of a design flaw that resulted from an effort to achieve higher and higher IPC increases doesn't strike as a way to inspire confidence in your products.

Intel Releases CPU Microcode Updates For MDS Vulnerabilities Unearthed on May 14

Intel released CPU microcode updates to address four new security vulnerabilities disclosed by the company on May 14, 2019. These microcode updates can be encapsulated as motherboard UEFI firmware updates, and for some processors even distributed through Windows Update. In its Microcode Revision Guidance document put out on Tuesday, Intel revealed that all Core and Xeon processors going as far as the 2nd generation Core "Sandy Bridge" architecture are eligible for microcode updates.

2nd generation Core is roughly the time when motherboard vendors were forced to adopt UEFI (unrelated to these vulnerabilities). A number of low-power microarchitectures, such as "Gemini Lake," "Cherry View," "Apollo Lake," and "Amber Lake," which are basically all low-power processors released after 2012-13, also receive these updates. Until you wait for your motherboard vendor or PC/notebook OEM to pass on these microcode updates, Intel advises you to disable HyperThreading if your processor is older than 8th gen "Coffee Lake," and seek out the latest software updates.
Additional slides follow.

AMD Confirms its Processors are Unaffected by RIDL and Fallout Vulnerabilities

AMD in a statement confirmed that its processors are unaffected by the RIDL (Rogue In-Flight Data Load) and Fallout vulnerabilities. The company however worded its statement in CYA language, just to be safe. "...we believe our products are not susceptible to 'Fallout' or 'RIDL' because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so," reads the AMD statement put out late Tuesday (14th May).

AMD came to these conclusions on the basis of its own testing and discussions with the researchers who discovered RIDL. It's important to note here, that the "Fallout" vulnerability AMD is referring to in this statement is the one which is part of four MDS vulnerabilities Intel disclosed yesterday, and not the identically named "Fallout" vulnerability discovered by CTS Labs in 2018, allegedly affecting secure memory management of AMD "Zen" processors.

Intel Puts Out Benchmarks Showing Minimal Performance Impact of MDS Mitigation

Intel Tuesday once again shook the IT world by disclosing severe microarchitecture-level security vulnerabilities affecting its processors. The Microarchitectural Data Sampling (MDS) class of vulnerabilities affect Intel CPU architectures older than "Coffee Lake" to a greater extent. Among other forms of mitigation software patches, Intel is recommending that users disable HyperThreading technology (HTT), Intel's simultaneous multithreading (SMT) implementation. This would significantly deplete multi-threaded performance on older processors with lower core-counts, particularly Core i3 2-core/4-thread chips.

On "safer" microarchitectures such as "Coffee Lake," though, Intel is expecting a minimal impact of software patches, and doesn't see any negative impact of disabling HTT. This may have something to do with the 50-100 percent increased core-counts with the 8th and 9th generations. The company put out a selection of benchmarks relevant to client and enterprise (data-center) use-cases. On the client use-case that's we're more interested in, a Core i9-9900K machine with software mitigation and HTT disabled is negligibly slower (within 2 percent) of a machine without mitigation and HTT enabled. Intel's selection of benchmarks include SYSMark 2014 SE, WebXprt 3, SPECInt rate base (1 copy and n copies), and 3DMark "Skydiver" with the chip's integrated UHD 630 graphics. Comparing machines with mitigations applied but toggling HTT presents a slightly different story.

Yet Another Speculative Malfunction: Intel Reveals New Side-Channel Attack, Advises Disabling Hyper-Threading Below 8th, 9th Gen CPUs

Ouch doesn't even begin to describe how much that headline hurt. As far as speculative execution goes, it's been well covered by now, but here's a refresher. Speculative execution essentially means that your CPU tries to think ahead of time on what data may or may not be needed, and processes it before it knows it's needed. The objective is to take advantage of concurrency in the CPU design, keeping processing units that would otherwise be left idle to process and deliver results on the off-chance that they are indeed required by the system: and when they are called for, the CPU saves time by not having to process them on the fly and already having them available.

The flaws have been announced by Intel in coordination with Austrian university TU Graz, Vrije Universiteit Amsterdam, the University of Michigan, the University of Adelaide, KU Leuven in Belgium, Worcester Polytechnic Institute, Saarland University in Germany and security firms Cyberus, BitDefender, Qihoo360 and Oracle. While some of the parties involved have named the four identified flaws with names such as "ZombieLoad", "Fallout", and RIDL, or "Rogue In-Flight Data Load", Intel is using the PEGI-13 "Microarchitectural Data Sampling (MDS)" name.
Return to Keyword Browsing