Skip to main content

Beyond the Intel Meltdown Bug

The Intel Page Table Bug and the Multithreading Bugs, have spurned many discussions and a lot of complicated hard work is going into mitigating it, but I am not convinced that the software mitigations are sufficient The problem will only really be solved once Intel fixes the bungle in their processor microcode (which is currently causing processor crashes causing the bungled Intel fixes to be withdrawn by Dell and HP), or make new silicon.

Theo De Raadt seems to agree with me: "Solving these bugs requires new cpu microcode, a coding workaround, *AND* the disabling of SMT / Hyperthreading."

The latest OpenBSD news on the mitigation of these bugs is here:
http://www.undeadly.org/cgi?action=article;sid=20180824024934

and you should read this:
http://www.undeadly.org/cgi?action=article;sid=20180815070400 

I have written more than one assembler, linker and debugger when I was younger and computers were simpler.  I have found and fixed a bug in an Intel C compiler and reported the same bug in GCC.  I have also written a few device drivers for Linux and Windows, so I am experienced with digging deep down in the computer weeds.  However, I am not unique - there are thousands of other people with the same experience and the problem is that some of these people are not very nice...

The issue that I see with software patches in the Compilers, OS and Web Browsers, is that an attacker need not use a new patched Compiler, OS or Web Browser.  

If an attacker is smart enough to understand and use the side effects of faulty processor instructions to read someone else's data, then he is smart enough to write a piece of assembly code by hand and insert it inline in a C code wrapper to exploit it, or he can simply use an older unpatched version of the C compiler/OS/Browser.

The other problem is that there are hundreds of different Intel processors and there is no easy way for ordinary mortals to tell which Intel processor is inside their computer.  The sticker on the outside of a box is purely a marketing sticker with no useful information on it.  Consequently, trying to figure out which of the hundreds of patches you need is a fool's errand.  Therefore the easiest solution is to buy a new AMD based computer.

One Way Mirror

Intel is trying their level best to throw sand in the eyes of the press, by pointing out minor flaws in the AMD processor line.  Yes, AMD processors have some bugs too, but the Intel Meltdown bug is extremely dangerous.  An attacker can rent a $5 virtual server in a data centre and then read the data of other users, while the victims have no way to tell that they are being spied upon.  

It is like having a one-way mirror in your bedroom - you cannot tell whether there are prying eyes on the other side.

I fear that all the hard work that was done by BSD, Amazon, Google, Microsoft, Apple, Redhat, Linus and others, will only stop script kiddies and will not stop a determined attacker.

Sell, Sell, Sell...

In 1997, there was the Intel Pentium F00F bug.  If one would stick the code "F0 0F C7 C8" into an inline assembly statement, then a faulty Pentium processor would immediately halt.  The problem that we have now, is much, much worse, but same as the F00F bug, it will only be completely solved once everyone threw their old Intel computers away and bought new AMD computers, or new Intel ones made with new silicon. 

If you haven't followed the lead of the Intel CEO and swapped your Intel stock for AMD stock, then you better do so post haste, since nobody in their right mind should buy Intel processors, until they properly fixed this mess.

New i7 processors with 4, 6 or 8 cores and no multithreading are now hitting the shelves (Oct 2018), so things are slowly improving, but you should not buy a product with an i3 or i5 processor if you can help it.

ARM

Oh well, at least my little Raspberry Pi is fine and maybe I should go and dig my Beaglebone Black out of the junk box too...


Écrasez l'infâme!

Herman
Labels:

Comments

Post a Comment

On topic comments are welcome. Junk will be deleted.

Popular posts from this blog

Parasitic Quadrifilar Helical Antenna

This article was reprinted in OSCAR News, March 2018:  http://www.amsat-uk.org If you want to receive Satellite Weather Pictures , then you need a decent antenna, otherwise you will receive more noise than picture. For polar orbit satellites, one needs an antenna with a mushroom shaped radiation pattern .  It needs to have strong gain towards the horizon where the satellites are distant, less gain upwards where they are close and as little as possible downwards, which would be wasted and a source of noise.  Most satellites are spin stabilized and therefore the antenna also needs circular polarization, otherwise the received signal will flutter as the antennas rotate through nulls. The helical antenna, first proposed by Kraus in 1948, is the natural solution to circular polarized satellite communications.  It is a simple twisted wire - there seems to be nothing to it.  Various papers have been published on helix antennas, so the operation is pretty well understood. Therefore,
2 comments
Read more

Weather Satellite Turnstile Antennas for the 2 meter Band

NEC2, 2 m band, 146 MHz, Yagi Turnstile Simulation and Build This article describes a Turnstile Antenna for the 2 meter band, 146 MHz amateur satcom, 137 MHz NOAA and Russian Meteor weather satellites.  Weather satellite reception is described here .  A quadrifilar helical antenna is described here .   Engineering, is the art of making what you need,  from what you can get. Radiation Pattern of the Three Element Yagi-Uda Antenna Once one combine and cross two Yagis, the pattern becomes distinctly twisted. The right hand polarization actually becomes visible in the radiation pattern plot, which I found really cool. Radiation Pattern of Six Element Turnstile Antenna Only a true RF Geek can appreciate the twisted invisible inner beauty of a herring bone antenna... Six Element Turnstile Antenna Essentially, it is three crosses on a stick.  The driven elements are broken in the middle at the drive points.  The other elements can go straight throug
Post a Comment
Read more

To C or not to C, That is the Question

As most would know, the Kernighan and Ritchie C Programming Language is an improved version of B, which is a simplified version of BCPL, which is derived from ALGOL, which is the Ur computer language that started the whole madness, when Adam needed an operating system for his Abacus, to count Eve's apples in the garden of Eden in Iraq.  The result is that C is my favourite, most hated computer language , which I use for everything. At university, I learned FORTRAN with punch cards on a Sperry-Univac, in order to run SPICE, to simulate an operational amplifier.  Computers rapidly lost their glamour after that era! Nobody taught me C.  I bought the book and figured it out myself. Over time, I wrote a couple of assemblers, a linker-locator, various low level debuggers and schedulers and I even fixed a bug in a C compiler - not because I wanted to, but because I had to, to get the job done!   Much of my software work was down in the weeds with DSP and radio modems ( Synchronization,
Post a Comment
Read more