Major Intel CPU Hardware Vulnerability Found, Could Cost 35% Performance

Discussion in 'Security News' started by Slyguy, Jan 2, 2018.

  1. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,084
    4,346
    Fortinet Engineer
    USA
    Other OS
    This is far worse than anyone can imagine.. About those Ryzen's I built.. o_O

    News - Rumour: Major Intel CPU Hardware Vulnerability Found, Could Cost 35% Performance

    A major hardware flaw appears to have been discovered in Intel CPUs, and bypassing this bug can drastically impact performance. Patching the Intel CPU bug is purported to cause a performance hit of 30-35% on Intel CPUs, while all AMD CPUs are unaffected.

    The bug itself could potentially have devastating consequences. It opens up possible security vulnerabilities in Intel CPUs, including large cloud providers and web hosts. The hardware bug causes an Intel CPU to prefetch system memory areas and gain control of any application, in theory allowing for a VM on shared hosting to read and write over another VM. Breaking out of the confines of virtual machines hosted at cloud providers could prove hugely damaging.

    According to numerous sources, the security bug is currently embargoed, with Intel trying to keep a lid on it lest it is exploited for an attack. The bug was allegedly unearthed by developers working on the Linux kernel, with several major kernel patches dropping over the festive period quickly drawing attention. Patches typically take months of development and discussion before they’re pushed out, but here we have multiple patches being pushed in double quick time. The theory is that these patches are being released to prevent the security vulnerability in Intel processors.

    Thanks to these kernel updates, there is a workaround for Linux users. Kernel Page-Table Isolation (PTI) restricts processes so they can only access their own memory area, blocking any potential read or writes and effectively shutting down the flaw. The downside is that PTI affects low-level features, and performance can be affected anywhere from 5-50 percent. According to Brad Spengler, from GR Security, an Intel Core i7-6700 will take a 29% performance hit while an Intel Core i7-3770S will run 34% slower.

    If you’re a Windows user, the fix might take a little longer. Microsoft is currently working on its own isolation feature like PTI, although it may be a while until it’s available.

    As for AMD CPU owners - worry not! This hardware bug will have zero impact whatsoever on AMD hardware as they are protected against these types of attack. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privilege mode when that access would result in a page fault,” says AMD’s Tom Lendacky. “The X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI is set, disables the AMD processors by not setting the X86_BUG_CPU_INSECURE feature.”

    Should this all be true, this could have major repercussions for Intel. As it’s hardware related there could be very little Intel can do other than take the performance hit, and this really wouldn’t compare favourably to AMD. What are your thoughts on the matter?
     
  2. plat1098

    plat1098 Level 5

    Aug 23, 2017
    227
    1,332
    Brooklyn
    Windows 10
    Microsoft
    #2 plat1098, Jan 2, 2018
    Last edited: Jan 2, 2018
    About that money I spent. o_O

    The i7 6700 takes a 29% performance decrease in the scenario. :mad: But unlike what the article states, I wish they wouldn't rush and hurry out the patches at the expense of further issues. This is especially true of Microsoft.

    Add: I'll be watching this closely. Forcing users to choose between security and performance is to be condemned. Intel should be sanctioned if this turns out to be legit.
     
  3. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,084
    4,346
    Fortinet Engineer
    USA
    Other OS
    #3 Slyguy, Jan 2, 2018
    Last edited by a moderator: Jan 3, 2018
    This is worse than anyone can imagine. Speaking from an enterprise realm, this is going to murder companies. Companies often 'run at the edge' of performance to save costs and don't actually have 20-40% performance to lose. This could run into the billions worldwide. Worse, realize that virtually ALL password manager backends run virtualized on servers. We must remember, when we speak of servers we don't differentiate between virtual or physical, a server - for all intents and purposes - is a server. So those password manager servers are VM's running on a physical and according to what I am reading - they're leaking kernal data.

    I've been warning friends/family for the last year or two of a coming IT Apocalypse and this is about as close as we can get to one IMO. Intel must be punished for this, it's RECKLESS on their part since they focused entirely on speed/performance while knowingly leaving incredible security holes in place. Class actions should be the least of their worries.

    Can you imagine laptops getting a 35% performance hit? This is going south fast..

    I'm going to return those ChromeBooks I bought, all of them have intel. No way I am taking that kind of hit on new hardware. I'll buy some ARM Chromebooks or something, not this rubbish from Intel.
     
  4. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,699
    11,814
    AppGuard LLC Virginia, U.S.
    #4 Lockdown, Jan 2, 2018
    Last edited by a moderator: Jan 3, 2018
    The only way Microsoft and Intel will be sanctioned is if governments, companies and people stop buying their product.

    And what are the chances of that happening when both companies are nothing but monopolies ?

    So now I can say Average Joe would be best served by using an AMD Chromebook. A mythical beast. The stuff of legend.

    We're talking about performance hits that will result in lost investment and increased expenses in the aggregate totaling billions of dollars.

    With losses and increased costs like that, lawsuits from big names in the industry will be a comin'. Even the average folk aren't simply going to sit by and idly accept it. People are going to sue.
     
  5. Kubla

    Kubla Level 2

    Jan 22, 2017
    96
    249
    United States
    #5 Kubla, Jan 2, 2018
    Last edited: Jan 2, 2018
    From what I read this will affect the Xeon workstation and server environment as well, not sure how a 35% performance hit will even be acceptable in those arenas let alone the PC market.

    One thing is for sure conspiracy theorists are going to have a field day with NSA mandated back doors in Intel chip scenarios.
     
  6. SHvFl

    SHvFl Level 32
    Content Creator Trusted

    Nov 19, 2014
    2,151
    16,384
    Supermodel for McDonald's
    Europe
    Windows 10
    Emsisoft
    Hope it actually happens because if it's true i am getting a new cpu to replace what i have now at a bargain. They will be forced to do it when they are send to court by every company and organisation on the planet. Wouldn't mind a free upgrade.
     
  7. LASER_oneXM

    LASER_oneXM Level 17
    Content Creator

    Feb 4, 2016
    847
    4,405
    university/IT
    Germany / Poland
    Windows 8.1
    Kaspersky
    source: Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit In Windows And Linux | HotHardware

     
  8. DeepWeb

    DeepWeb Level 9

    Jul 1, 2017
    436
    1,412
    Nurse
    On a journey
    Windows 10
    Emsisoft
    There is NO WAY they will get away with this without a massive class action lawsuit. What about Apple machines?
     
  9. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,084
    4,346
    Fortinet Engineer
    USA
    Other OS
    #9 Slyguy, Jan 2, 2018
    Last edited by a moderator: Jan 3, 2018
    As an IT Engineer w/Server Certifications, I can say you aren't overstating this at all. Especially given the prevalence of firms running 'at the edge' of performance of their servers already - most are. A 35%, heck, a 15% performance hit could CRIPPLE their entire infrastructure! This is the apocalypse many of us have been warning about.. It's arrived, the train is in the station.

    One of our clients runs 30 VM servers (THIRTY bro).. Each of those is allocated to within 5-6% of their capacity, that's how VM's work. When you sign up for Azure, Microsoft gives you 'just enough', anyone that runs Azure knows how close even they cut that, it's how costs are kept from going through the roof.

    This blows all of that out of the water and just as bad, shows Intel was playing loose as a goose with security.

    Apparently Apple is impacted. If Linux is you can bet Apple is. Apparently all chips in the last decade are impacted by it. That is, all intel.. Not Arm, AMD, etc.. Even those M3 and M4 Intels are apparently impacted.

    So yeah, Intel played fast and loose to keep their edge and got PWNED.
     
  10. Nightwalker

    Nightwalker Level 7

    May 26, 2014
    325
    1,287
    Lawyer
    Windows 10
    Emsisoft
    I saw this at Reddit, dont know if it is accurate, but this performance hit should be pretty task specific imo.

     
  11. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    Intel have really screwed up, and they are dead in the water now. Apparently the CEO recently cashed out on stocks, but I am not sure if it's legit or not. I switched to AMD over 4-5 months ago, I haven't trusted Intel since the McAfee products they produced. And my distrust has saved me... We had the recent Intel Management Engine (ME) vulnerability, and now we have this.

    Intel's CEO Just Sold a Lot of Stock
     
  12. DeepWeb

    DeepWeb Level 9

    Jul 1, 2017
    436
    1,412
    Nurse
    On a journey
    Windows 10
    Emsisoft
    Just noticed you found the same article. Funny coincidence how he sold half of his stock 2 weeks ago...

    Wow. Just unbelievable. I will never go Intel again. Most people bought these chips because of that 30% performance advantage over AMD and now it turns out that's all due to the fact that they are cutting corners left and right risking security.
     
  13. rockstarrocks

    rockstarrocks Level 14

    Apr 16, 2017
    686
    6,783
    Civil Engineer
    Delhi>India>Asia>Earth>S.S.>Milky way>Our Universe
    Windows 10
    Emsisoft
    Well Ryzen mobile is looking better and better now.
     
  14. Danielx64

    Danielx64 Level 8

    Mar 24, 2017
    396
    1,689
    Australia
    Windows 10
    ESET
    Nope: AMD Struggles to Be Excluded from Unwarranted Intel VT Flaw Kernel Patches

     
  15. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,084
    4,346
    Fortinet Engineer
    USA
    Other OS
    This is glorious.. It means because of Intel, virtually everyone is going to take a significant performance hit? That's not going to float well with AMD and smacks of cronyism with intel. Why do companies think they can get aware with this? Maybe in the short term, but never forever.. This is like the VW Diesel rigging fiasco.

    Also think about this - US Govt. systems all generally use Intel. (intel's largest customer is the fed govt) That means up to this point almost everything was 'security theater' because of this. Intel, one of the largest govt. suppliers was screwing you the tax payer over! What about secure facilities? Ships? Planes? Weapons flatforms? Intel chips in those too? How will a 35% performance hit impact them? How has this now revealed exploit impacted state secrets? Did the NSA know about it and expect it to be kept secret so they'd have the keys to the castle?

    Another thing to remember.. Cloud Based password managers generally ALL run in VM's.. You can bet Lastpass, Stickypassword and yes, Bit Warden run on VM's within server based clusters, almost everything does. So the whole 'I don't trust the cloud' thing isn't a tin foil hat thing, it's reality because the reality is, your crypto libraries running in VM's could have been intercepted.

    I've never used Intel for desktop gaming, my old faithful FX series gaming rigs were almost all upgraded to Ryzen in the fall. Dodged the bullet on that one provided AMD can fight for their performance exclusions due to Intels lies, greed and manipulation. I've listed ALL of my intel based laptops/notebooks on Ebay. I'm done with them. Intel will never set foot in my home again. I'm replacing the notebooks with bunch of brand new top-kit ARM powered Chromebooks.
     
  16. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    Great minds think alike ;)

    Ditched Intel months ago and went straight to AMD Ryzen. My AMD Ryzen 5 has been performing brilliantly for many months now without issue, and the AMD SVM technology has been spectacular so far.
     
  17. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,084
    4,346
    Fortinet Engineer
    USA
    Other OS
    Ryzen 5 is a beast at the price it is, after using Ryzen 7, then using a Ryzen 5 I couldn't see or feel a difference and it was like +/- 3fps in games. So I really think the hotspot for price and performance is the Ryzen 5 1500x right now. It's a wonderful CPU for $160.

    I think Ryzen supplies will dwindle fast in the coming weeks/months. Also they could see a price jump. I know AMD stock is going up nicely right now. Intel is dead in the water.

    My server engineers just built out a $15,000.00 server for a client, I hope they don't read about this and see that extra 5K they spent for performance will be vaporized?
     
  18. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    #18 Opcode, Jan 3, 2018
    Last edited: Jan 3, 2018
    Speaking of Intel...

    The other day, a friend of mine asked me how his friend could uninstall McAfee. I replied, "Run the uninstaller?" and I got back, "Yes I did this for my friend but after the reboot all the drivers are still active I can see the services in Process Hacker and the self-defence is on so I can't terminate any of the processes or end the Services even though I uninstalled it". He even ran the cleaner utility for her after which they developed specifically to solve issues like this, but to no avail did it work. The folders were also left behind.

    Of course she could have gone into Safe Mode and tried the cleaner utility there, but the point is... How is this even legally allowed? I think a law needs to be put in place about software installations. McAfee don't own someone else's PC. They should work on their uninstallation. I remember 8 years ago when I was uninstalling it for a family member, the exact same thing happened. I remember it like yesterday, and it's been 8 years since.

    If I install Emsisoft Anti-Malware, EVEN QIHOO, I won't expect it to rootkit-up my system and block its components from being removed after a clean uninstallation and reboot. McAfee? I will literally be surprised if it doesn't happen. I've uninstalled it maybe 7 times in total in my life at different times and scenarios, and none of the 7 times ever went successful and were properly completed.

    At least I know I can get a first class rootkit in 2018. Download the free AV trial.
     
  19. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    #19 Opcode, Jan 3, 2018
    Last edited: Jan 3, 2018
    The Ryzen 5 is absolutely amazing, words cannot describe. I don't use my PC for gaming but for working AMD Ryzen has helped me so much
     
  20. Malware Person

    Malware Person Level 4

    Jun 8, 2016
    156
    244
    United States
    Windows 10
    BitDefender
Loading...
Similar Threads Forum Date
The Intel Broadwells Have a Major Design Defect When Running Office 2016 News Archive Sep 29, 2015
iOS iPhone Jailbreaking Dies Slowly as Major Repositories Shut Down Android, iOS and Windows 10 Mobile Nov 24, 2017
Vulnerabilities Discovered in Mobile Bootloaders of Major Vendors Security News Sep 4, 2017