Yet more flaws found in X86 of the Specter variety

Discussion in 'Hardware' started by desertlap, May 3, 2021.

  1. desertlap

    desertlap Pen Pro - Senior Member Senior Member

    Messages:
    3,766
    Likes Received:
    5,080
    Trophy Points:
    231
    JoeS and sonichedgehog360 like this.
  2. sonichedgehog360

    sonichedgehog360 AKA Hifihedgehog Senior Member

    Messages:
    2,569
    Likes Received:
    2,343
    Trophy Points:
    181
    If it’s Spectre or a direct derivative, it is quite possible that (while not mentioned in the article) it affects ARM since Spectre impacted all pre-2019 processors (ARM and IBM included) that use branch prediction: “Spectre has been shown to work on Intel, AMD, ARM-based, and IBM processors.” I wonder how RISC-V is affected? It is extremely new and unspoiled without any bloat (arguably, ARM has quite a bit too now as a decades old uarch). I think if we were to get around these issues, a clean slate like RISC-V is the best way forward. Plus, RISC-V is way more efficient than any of the other options.

    EDIT: I skimmed through the research paper. While they mention in the introductory abstract that “[m]odern Intel, AMD, and ARM processors translate complex instructions into simpler internal micro-ops that are then cached in a dedicated on-chip structure called the micro-op cache,” they only explicitly tested against x86 (specifically, Intel and AMD) in the written description of their research. So, it is quite possible that ARM is likewise vulnerable to a similar technique since it also employs a micro-op cache that has demonstrated Spectre vulnerabilities in the past.
     
    Last edited: May 3, 2021
  3. desertlap

    desertlap Pen Pro - Senior Member Senior Member

    Messages:
    3,766
    Likes Received:
    5,080
    Trophy Points:
    231
    I did too. and as with all things the truth is a bit complicated.

    You are correct that in 2018 pretty much all mainstream processors x86 or ARM were affected. The difference is that both Qualcomm and Apple have taken significant steps with their specific variations of ARM with real hardware mitigations since then. versus intel's microcode mitigations.

    ALL of the companies that make processors have become a bit cagey about this subject, but the advisors we work with on our government contracts repeatedly tell us if security is THE top priority you don't want either X86 or windows. Of course there is no such thing as a free lunch and you hugely limit yourself by excluding those.

    My simple point is that I wonder what it will take for both the industry and regulators to take this as seriously as they should.

    PS: FWIW, these experts tells us that if it has to be x86, the best choice as of today is AMD's bulldozer based chips, followed by the 5th gen Ryzens running one of the commercial Linux distros

    PPS; Part of the criteria our advisors use is how easy the exploits are to execute in the context of a system eg. hardware and OS and applications and if it can be done remotely versus requiring physical access and so on...

    PPPS: OS and Apps play a HUGE role in this too. In other words, Snapdragon and Apples A series chip are roughly equal (though Apple's secure enclave might give it an edge), but that IOS is definitely more secure than Android
     
    Last edited: May 3, 2021
    Marty and sonichedgehog360 like this.
  4. Marty

    Marty Pen Pro - Senior Member Senior Member

    Messages:
    3,613
    Likes Received:
    3,707
    Trophy Points:
    231
    Did you ever get confirmation if the Solar Winds hack did in fact use a Spectre-based attack vector?

    I mean given Intel's overwhelming market position in datacenter:

    (WCCFTech)
    "According to TrendForce, the x86 architecture has remained the mainstream server architecture at the end of 2020 and Intel dominates the market with a 92% market share..."

    I'm baffled why major government agencies continue awarding the contracts to Intel without corresponding demands on the security architecture. In fact after 3 years, shouldn't the entire industry and every major chip OEM be announcing completely overhauled architectures by now? Everyone seems so laid back... :confused:
     
    Last edited: May 3, 2021
    sonichedgehog360 likes this.
  5. Steve S

    Steve S Pen Pro - Senior Member Super Moderator

    Messages:
    8,648
    Likes Received:
    4,233
    Trophy Points:
    331
  6. desertlap

    desertlap Pen Pro - Senior Member Senior Member

    Messages:
    3,766
    Likes Received:
    5,080
    Trophy Points:
    231
    @Marty

    Nothing officially stated, but that is the consensus among our advisors. As to why, what you cite I think self answers eg. the state of the market is such that there isn't a viable alternative.

    The one area we have seen more effort and progress is essentially making the fences that surround the systems more robust eg. networking hardware than can detect these types of attempts and block them from ever reaching the vulnerable systems.
     
    Marty and sonichedgehog360 like this.
  7. desertlap

    desertlap Pen Pro - Senior Member Senior Member

    Messages:
    3,766
    Likes Received:
    5,080
    Trophy Points:
    231
    Steve S likes this.
Loading...

Share This Page