Spectre and Meltdown

[viking60]

There are these CPU (Central processor Unit) flaws that has left the whole world vulnerable and they are called Spectre and Meltdown.

If this is a hardware flaw or a software flaw is hard to tell since the firmware is closed source but all computers and phones and the IOT are affected.

How it works:

All computers have a CPU and to make things smoother the CPU anticipates what you are going to do.
Lets say you type an URL then the CPU anticipates that you will press ENTER -it saves time and that is normally a good thing (over-simplified but works as an example).
The communication between your OS and the CPU is negotiated by the Kernel of your OS (Windows Linux/Android or IOS) and it is in this process where the time is saved.

This anticipation can be exploited though because if you decide to cancel your operation then your computer has already pressed ENTER for you and needs to nullify that operation.

Before the computer gets around to that some bad guys can exploit that memory and find out where your passwords are handled and reveal them.

..That is bad - and it is called Meltdown!

In the case of Spectre the attacker will not see the remains of your operations but can get there by executing a series of speculative operations (advanced guesswork).

Meltdown affects most CPU's built after 2003 - and that is a lot!

Now Meltdown can be patched and has been in Windows Linux and iOS but this can affect your Computer to run 30% slower.

Intel states that the negative effect will be much less in most cases.

Spectre may well haunt us for a longer time but all the top dogs are working on it....

Clouds like Amazon EC2, Microsoft Azure, and Google Compute Engine; are affected but if you have listened to any advice here you would never put any mission critical info "out there". Which clouds are affected depends on the technology they use.

Which cloud providers are affected by Meltdown?

Cloud providers which use Intel CPUs and Xen PV as virtualization without having patches applied. Furthermore, cloud providers without real hardware virtualization, relying on containers that share one kernel, such as Docker, LXC, or OpenVZ are affected.

Linus Torvalds says it diplomatically:

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you shit
forever and ever, and never fixing anything"?

https://www.youtube.com/watch?v=syAdX44pokE

I am patched - which I checked like this:

Code: Select all

dmesg | grep isolation
0.000000] Kernel/User page tables isolation: enabled

Code: Select all

zcat /proc/config.gz | grep -i page_table
CONFIG_PAGE_TABLE_ISOLATION=y


More here

[viking60]

You are not affected you say?

..Better stop using that phone for banking.....

[R_Head]

That is the problem when there is "1" (wink-wink, nudge-nudge) CPU manufacturer. Let us face it, the competition is pretty much non existent, no innovation, no choices... talk about a "Facist/Corporatist Market".

[viking60]

If some agencies with world domination ambitions haven't already exploited this then you can call me Apfelstrudel - and Intel knew about it.
This is not a flaw - it's a feature - according to them.

This is a flaw that nullifies all cautious measurements on our part because the hacking cannot be discovered, So nobody knows if this has been exploited.

But in the interest of National security -anything goes so this must have been a to good opportunity. Pretty sure that many NATO countries are going behind their populations backs on this one.

Terribly unfair of me if it isn't the case of course but they haven't gone out of the way to build up my trust so far....

viewtopic.php?f=21&t=3706&p=20337

[R_Head]

I bet the US give freebies and bribes to NATO members officials. Everybody has a price.... Greed has no bounds

[viking60]

I have stated that my system is patched above but that is only against Meltdown.
I do not wish to create a false sense of security which is worse than anything.

My Ideapad has Intel i3 and depending on the hardware the microcode for the CPU will be updated as soon as it comes out - maybe....

I am still vulnerable to Spectre which I can check Manjaro by installing the spectre-meltdown-checker - like this:

Code: Select all

sudo pacman -U https://mirror.netzspielplatz.de/manjaro/packages/pool/overlay/spectre-meltdown-checker-0.28-1-any.pkg.tar.xz


Then I can run

Code: Select all

sudo spectre-meltdown-checker

It will come up with something like this:

Code: Select all

Spectre and Meltdown mitigation detection tool v0.28

Checking for vulnerabilities against running kernel Linux 4.14.13-1-MANJARO #1 SMP PREEMPT Wed Jan 10 21:11:43 UTC 2018 x86_64
CPU is Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel:  NO
> STATUS:  VULNERABLE  (only 21 opcodes found, should be >= 70, heuristic to be improved when official patches become available)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
*   Hardware (CPU microcode) support for mitigation:  YES
*   Kernel support for IBRS:  NO
*   IBRS enabled for Kernel space:  NO
*   IBRS enabled for User space:  NO
* Mitigation 2
*   Kernel compiled with retpoline option:  NO
*   Kernel compiled with a retpoline-aware compiler:  NO
> STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI):  YES
* PTI enabled and active:  YES
> STATUS:  NOT VULNERABLE  (PTI mitigates the vulnerability)

A false sense of security is worse than no security at all, see --disclaimer


As you can see much is fixed and Meltdown is completely patched but Spectre is still haunting me but not as badly as before.

The kernel people of all distros are implementing microcode as soon as it is provided by the "sinners" (aka Intel)

This is how you check the status of your Microcode:

Code: Select all

dmesg |grep microcode
[    0.000000] microcode: microcode updated early to revision 0x80, date = 2018-01-04
[    0.527793] microcode: sig=0x806e9, pf=0x80, revision=0x80
[    0.527890] microcode: Microcode Update Driver: v2.2.

As you can see mine has recently been updated.

If you have another distro and want to check your vulnerability you can download the spectre-meltdown-checker script and run it as a script:

Code: Select all

wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh

Then run it as root:

Code: Select all

sudo sh spectre-meltdown-checker.sh

[R_Head]

Here is some interesting....

Now some lawmakers are questioning a large stock sale by the company’s chief executive late last year that was made before the news was made public, sending the company’s stock price down.

https://www.washingtonpost.com/news/bus ... ed4d2792a2

According to filings, on Nov. 29, Krzanich exercised and sold 644,135 options and sold an additional 245,743 shares that he already owned. That sale decreased his overall holdings by about 50 percent, bringing his ownership level nearer to what he held at the end of 2013 and at the minimum number of shares he must hold under Intel’s ownership requirements, according to the recent proxy filing. Each of those share transactions were made according to the pre-arranged trading plan, with the sale instructions determined at the end of October. The first mention of these planned trade decisions was in June 2015.

Since the plan was set up, Krzanich has had a common trading pattern. In February, he gets his equity payout under Intel’s performance-based incentive plan and makes incremental sales during the year under his pre-arranged trading plan. In 2017, he set up pre-arranged sales of 28,000 shares, which were executed in March, July and October. Then in November, he sold a large stake, cutting his holdings by half.

https://www.bloomberg.com/news/articles ... xamination

[viking60]

It seems to be good advice to avoid Intel CPU's in the future and go for AMD - if you have your tinfoil hat on.
Can you really rule out that this flaw is not created and (already) exploited by ambitious governments with even more ambitious agencies?

Intel can be "instructed" by the government. Could that be the case?

I dunno - who does? - but "safety first" may mean something else to you than to your government and did you plan to exchange your passwords with them?

In any case it is too late now. The concept of computing needs rethinking -because there is no way your data can be safe on the internet or in the cloud these days.

[R_Head]

Yes...

The poor men's back up is an external drive. I have 2 and they are kept on an Anti-Static bag. Back up all my important info and put away. Those drives are not installed or even connected to any system, just pure and simple back ups.

No cloud anything for me.

[viking60]

The new and quite dramatic thing is at the very brain of our computers is "infected". The Intel CPU is crap and it is the most important part of our PC's.

So the sinner is our Intel PC that generously offers our passwords to malicious websites with Javascript or other code that can read the Passwords offered by our shitty CPU.

All the patches are simply attempts to build a software wall around that crappy CPU.

Intel should offer new CPU's to everyone that have bought an Intel computer since Intel Pentium. That would be Billions of computers and even more Billions out of Intel's pockets.

There must be lots of lawyers drooling over the class act potential here - So make Intel fix what they have caused!

If that does not happen then it would indicate that Intel is protected from the top - not that the lawyers are deliberately missing out on this El Dorado.

I'll bet we never will see any legal action taken against Intel. If VW or any car company are delivering crappy and dangerous cars the have to be fixed and all are called back in to fix it - and it costs billions.

Intel should inform all manufacturers to call back computers with crappy CPU's and instruct them to deliver new or fixed computers...at their expense.

Isn't it typical? The first time we really want those lawyer (trolls) - they probably wont act

Please let me be wrong on this one....... ...Now where did I put that Typewriter......

[viking60]

Made this a sticky (for now).

It is the most dramatic change to online computing in computing history and if you are not fully patched now you will never be.

Most people are not fully patched so simply start using the internet in a different way.

If you have an Intel computer there is NO way of knowing if your passwords and bank accounts are already known to some hacker.

You will only know after it has happened so checking your bank account regularly is the only way to make sure.

Assume that your government has access and assume that hackers have access and act accordingly.

There is nothing else to do.

Welcome to the world of insecure computing - powered by Intel.

...and Spectre affects AMD too so you are not in the clear and should act accordingly.

Time to realize that online computing cannot be done safely....and everybody claiming so are lying or having an agenda.

Remember the good old days when you could trust people...and governments?

[Tenie7]

Every computer has a CPU, and to make operations go more smoothly, the CPU foresees your future actions.
Consider a scenario in which you write a URL and the CPU predicts that you will press ENTER. This saves time, which is often a positive thing (over-simplified but works as an example).