Intel Claims Security Flaw Also Impacts Non-Intel Chips, Exploits Can't Corrupt, Modify or Delete Data [Updated]

[tdar]

Not.
There are far more secure systems out there, for instance intelligence or military.

You do know that many intel and Military systems are x86 systems running Windows right? Other run some type of unix,or linix. I am sure that there are some Macs as well.
[doublepost=1515030524][/doublepost]

In all seriousness, AMD processors are safe. If you are building your next PC take a long and very thourough look at Ryzen.

Intel says that is not true. That AMD is affected. We will see.
[doublepost=1515030774][/doublepost]

And intelligence agencies.

Intels response so far is very defensive and not hugely convincing. Interesting to see how it plays out

I think we should cut them some slack about how they are acting today. If this is as bad as it seems, this could be life threatening for most corporations. Intel Is not most but it is going to very much hurt. They are trying to mitigate the damage as best they can. We would all do that.

 

[lpolarityl]

Check out this blog post from project zero (google's security exploit team):

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

OP might want to add this as an update to the post/article. Tons of detailed information.

 

[PizzaBoxStyle]

Shading AMD is just another Intel cheap shot. That company has problems.

This is exactly what I'm starting to think, too.

 

[tdar]

From AMD's statement:
"AMD is not susceptible to all three variants."
If written by a native English speaker, this is a VERY curious wording. Does this really mean that AMD is not susceptible to ANY of the three variants, or does it mean that AMD might be susceptible to one or two of the variants?

I think that's clear. If they were susceptible to zero of the variants they would have just said so. LOUDLY.

 

[lpolarityl]

I think that's clear. If they were susceptible to zero of the variants they would have just said so. LOUDLY.

See the link I just pasted, Google did thorough tests and proved all processor brands/types ARE affected by the exploit.

 

[Tech198]

This stretches back all the way to the 2XXX series chips (Maybe even before that), so I'm sure Intel has known for a very long time. It's funny how this came up all of the sudden and AMD's stocks skyrocketed (Before coming back down)

...and despite this... they still constantly say "We care about security"

The bigger the target, the quicker the response should be.

 

[Zindog]

So much for “good enough” IT. SPARC is looking pretty good about now. This is gonna hurt in the cloud. Do you want to let someone else control your hardware stack?

 

[usarioclave]

No it's not. It's incredibly uncommon actually.
Source: Work in forensics and work with government agencies around the world.

Well, it depends on what you work on. If all you work on are secure systems then it's SOP.

 

[SactoGuy18]

I think right now AMD is trying to find out how much of the x86-64 instruction set is vulnerable to this exploit. That is because AMD may have to issue its own (and quite different) set of patches to fix this problem, given AMD's different implementation of the x86-64 instruction set.

Apple, I'm sure, is looking at how vulnerable the A-Series SoC's are affected since they heavily rely on the ARM instruction set. It could likely be fixed with an iOS 11.2.x update specifically geared for the 64-bit A-Series SoC (A7 to A11).

 

[ke-iron]

The fix is simple.

Unplug yourself from the internet.

 

[filterdecay]

The fix is simple.

Unplug yourself from the internet.

you first

 

[Lone Deranger]

Flaw? Or intentional backdoor?

 

[dantroline]

I wonder how long Intel has known about this flaw.

Probably when they designed it. People (many of you reading) used to laugh off claims that hardware exploits are baked into our computers and that nothing we do on them is private. Are they still laughing?

 

[Lestdog]

Bingo. It’s mind boggling how people can be so naive when it comes to these issues. Intel has had backdoors for a long time in their processors. This is no secret or conspiracy theory. Also, it is completely rational to assume that Intel would keep open “flaws” that three letter agencies have discovered but “bad actors” haven’t as long as possible to allow three letter agencies to work their magic and Intel can claim ignorance.

But then again, all this is just conspiracy theory tin foil hat crap, you know ... just like those crazy people who thought Apple was manipulating their devices performance. ...... oh wait.

Just like those jerks who claimed water was wet... they turned out to be right after all!! You're making claim dressed as a statement of fact and that's where conspiracy theorists lose their minds. No, it's gennerally not rational to just assume anything. Can I assume that you're locked up in your man cave on top of several grand in cash packing enough ammo to supply a small army? This is what conspiracy theorists do right? It would be awesome if I were right about that but it's not rational based on your post.

 

[jdawgnoonan]

Not.
There are far more secure systems out there, for instance intelligence or military.

Um...really....Intel has nothing to do with that.....

 

[dantroline]

Just like those jerks who claimed water was wet... they turned out to be right after all!! You're making claim dressed as a statement of fact and that's where conspiracy theorists lose their minds. No, it's gennerally not rational to just assume anything. Can I assume that you're locked up in your man cave on top of several grand in cash packing enough ammo to supply a small army? This is what conspiracy theorists do right? It would be awesome if I were right about that but it's not rational based on your post.

Actually, no. People don't run antivirus software on their Apple devices because they believe the hype that they don't need to. And people who do run antivirus software think it's a talisman and believe the antivirus company isn't going to spy on them. People share every boring detail of their little self centred existence on social media because they believe that the shiny Bookface or whatever company will exercise discretion and look after their privacy. They assume everything is all rainbow unicorn land and their comfortable existence is guaranteed as long as they pay the shiny device tax. Then their eyes glaze over in stupor as their credit card is milked and houses robbed.

People are brainwashed. That's the problem. They are intentionally ignorant just as tech companies have been intentionally exploiting said ignorance and selling or even giving away access to private and sensitive personal information, probably to gain lucrative government contracts. How anyone can utter a single word in defense of Intel is beyond me.

 

[richardsonrs]

Just like those jerks who claimed water was wet... they turned out to be right after all!! You're making claim dressed as a statement of fact and that's where conspiracy theorists lose their minds. No, it's gennerally not rational to just assume anything. Can I assume that you're locked up in your man cave on top of several grand in cash packing enough ammo to supply a small army? This is what conspiracy theorists do right? It would be awesome if I were right about that but it's not rational based on your post.

Just thought I'd let you know that water isn't wet. Water makes things wet but water itself is just water

 

[KPandian1]

Like Fox/fake news, is this a faux security crisis, i.e., are there real incidents to illustrate the problem?

 

[jav6454]

Intel says that is not true. That AMD is affected. We will see.

At this point, Intel will say anything to stay out of the spotlight. After all, it's their own CPUs that are the most affected by these two bugs.

Although to be honest, AMD says they aren't affected by both attacks, while the researches do state that they tested Spectre on AMD CPUs. AMD countered by stating they haven't been able too and are working to check and correct.

 

[tdar]

Some Possible good news...Turns out as both a Windows Insider and a Apple Developer, both my primary and secondary computers have been patched for months. I never knew or noticed any change.

 

[fairuz]

AMD says they're not affected, but Spectre supposedly affects AMD...

I'm no system designer, but I never understood why kernel-level privilege separation as a security feature is a thing anyway. It seems rather complicated and pointless, and there's a vulnerability every year. Seems like a relic from the days of shared systems. Userspace programs ought to be sandboxed beyond that. I'm sure you've all seen this comic: https://xkcd.com/1200/

 

[cube]

I think what has been released is the easy fix to one of the three vulnerabilities.

 

[tdar]

I think what has been released is the easy fix to one of the three vulnerabilities.

This is likely true.

 

[cmaier]

Probably when they designed it. People (many of you reading) used to laugh off claims that hardware exploits are baked into our computers and that nothing we do on them is private. Are they still laughing?

I doubt that. This is a side channel attack, like measuring power consumption to determine instruction operands. Not something designers think about.

 

[jav6454]

Not.
There are far more secure systems out there, for instance intelligence or military.

Forgot to mention, you do realize many of those systems run on Intel CPUs right? Not consumer but the server side ones. Not to mention, the Intel scientific CPUs that are not even out for servers.