For security questions specifically related to Intel processors or other Intel hardware.
Questions tagged [intel]
30 questions
48
votes
3 answers
Are new Intel CPUs vulnerable to Meltdown/Spectre?
Has Intel released any information about new processors?
According to their advisory a number of processors are susceptible, but it says nothing about when new processors will be fixed. Also Meltdown and Spectre Vulnerabilities has no answers…
bitmask
- 585
- 1
- 5
- 12
16
votes
2 answers
Are new AMD processors more secure than Intel ones?
Since the discovery of Meltdown and Spectre, CPU security has been compromised and trust to the main manufacturers reduced, particularly Intel. 8 months later I wonder, what CPUs are more secure at this moment?
Why? Have the patches achieved the…
user3770060
- 163
- 1
- 5
16
votes
1 answer
Why are AMD processors not/less vulnerable to Meltdown and Spectre?
I’ve read up on Meltdown and Spectre and it’s not obvious to me why AMD would be less vulnerable. Do AMD processors simply not have speculative execution? Or do they have some way of not exploding the same side channels?
Update: I ask because AMD’s…
Ethan Reesor
- 271
- 2
- 7
16
votes
1 answer
How can anyone access Intel's "backdoor OS", MINIX?
I've read that all recent Intel-based machines include a secret MINIX-based OS, and that it even includes its own web-server.
How does one access this OS's services from the main OS?
Its purpose seems to be to be accessed through the network. How…
MWB
- 303
- 2
- 11
14
votes
1 answer
New CVE-2018-5407 "PortSmash vulnerablity" in Intel CPU
I just heard in the news: Intel CPUs impacted by new PortSmash side-channel vulnerability. Is it as threatening as Meltdown/Spectre? Is it patched? What should we do to be safe? Does it affect AMD CPU's?
It is found by a team in a university so…
0_o
- 1,142
- 1
- 9
- 19
11
votes
2 answers
What are the new MDS attacks, and how can they be mitigated?
Several new hardware side-channels were discovered called MDS attacks, which allow reading arbitrary memory, like Meltdown. Many existing mitigations are useless against them. The relevant CVEs are:
CVE-2018-12126 - Microarchitectural Store Buffer…
forest
- 64,616
- 20
- 206
- 257
11
votes
2 answers
Does recent Intel hardware mitigate Meltdown at the hardware level?
Recently a security researcher made the following claim via Twitter (emphasis added):
If you're running Windows, I'm about to publish a tool that checks if you have the "Variant 3: rogue data cache load (CVE-2017-5754)" aka #Meltdown patches…
Alexander O'Mara
- 8,774
- 6
- 34
- 38
9
votes
3 answers
Ring -3 exploits and existence of other rings
Concept of Rings
Rings were introduced in the forerunner of UNIX, Multics, and had 8 rings for reading, writing, executing and calling (I don't quite understand why it needed 8 rings to do this, if anybody does consider that a bonus question!). The…
LTPCGO
- 965
- 1
- 5
- 22
8
votes
1 answer
Intel firmware/microcode updates that make processors "immune" to both Spectre and Meltdown?
Recently Intel has claimed the following in a press release (emphasis added):
SANTA CLARA, Calif., Jan. 4, 2018 — Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and…
Alexander O'Mara
- 8,774
- 6
- 34
- 38
6
votes
1 answer
Why does my unpatched system *appear* to not be vulnerable to Spectre?
Since the corresponding research papers offer quite explicit descriptions publicly, I suppose that publishing my code below is not considered as encouraging or endorsing exploits. Nevertheless, I am aware that some answerers may prefer to stay…
Hagen von Eitzen
- 1,098
- 8
- 19
5
votes
1 answer
What was state of the art knowledge on security of speculative evaluation when it was introduced to Intel CPUs?
Many sources claim that almost all Intel x86 CPUs back to Pentium Pro are vulnerable to the Meltdown attack. Pentium Pro was introduced to the market in 1995.
What was the state of the art knowledge on security of speculative evaluation, the basis…
liori
- 161
- 4
4
votes
1 answer
INTEL-SA-00086 extracting the secret key used to encrypt Intel CPU code: is the digital signature bypassed?
In a recent attack to INTEL-SA-00086, the researchers are able to extract the secret key that encrypts updates to various Intel CPUs.
In the arstechnica blog it is mentioned as
The key may also allow parties other than Intel—say a malicious hacker…
kelalaka
- 5,409
- 4
- 24
- 47
4
votes
0 answers
FLUSH + RELOAD Proof of Concept - Why do we need to flush more than needed?
Problem
I am putting together a proof of concept for the FLUSH + RELOAD attack. The method is outlined in great detail in this paper. The general idea is simple - cached addresses can be accessed with much greater speed than addresses not in the…
K. Jiang
- 91
- 2
4
votes
1 answer
Sacrificing 30% of my CPU performance (by disabling Hyper-Threading) to fully mitigate CPU vulnerabilities, necessary?
I used the spectre-meltdown-checker, version 0.42, without any option resulting in all-green results. But, in a help page, I found the --paranoid switch, which resulted in about a half of later CVEs to become red. I read what it told me, that for…
LinuxSecurityFreak
- 1,562
- 2
- 18
- 32
4
votes
0 answers
What is Silent Lake?
The Wikipédia's TEE entry mentions a hardware technology called Silent Lake that can support TEE implementations:
The following embedded hardware technologies can be used to support
TEE implementations:
...
Intel:
Trusted Execution…
Daniel
- 627
- 5
- 16