[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology

View post   

[ Toggle deleted replies ]
File: 124 KB, 891x1044, 2018-01-03_20-35-46.png [View same] [iqdb] [saucenao] [google] [report]
64132286 No.64132286 [Reply] [Original] [archived.moe] [rbt]

It was good to meet you, friends!



>> No.64132328
File: 41 KB, 574x351, habbenings.jpg [View same] [iqdb] [saucenao] [google] [report]

well what the fugg

>> No.64132362

>including those from AMD, ARM, and Intel

>Putting AMD first and Intel last
>ARM is a CPU manufacturer

>> No.64132374
File: 1.07 MB, 1440x2560, 1515020405982.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64132376

Install uMatrix and block javascript from reading your passwords from memory

>> No.64132379


>> No.64132388

>not even one mention of ryzen, let alone an exploitation test on it
Really makes you think

>> No.64132389
File: 73 KB, 470x495, 1499008594733.jpg [View same] [iqdb] [saucenao] [google] [report]

Apple wins

>> No.64132398

Fake news

>> No.64132406

here is my statement: I fucked your mom, you cumskin cracker

>> No.64132443

Intel marketing at work

>> No.64132460

Yep. They only got it working on FX.

>> No.64132486

time to upgrade then

>> No.64132553

Intel literally released the same statement "lmao no we fine". Why would the pajeets have more credibility right now?

>> No.64132581

AMD's affected CPUs are ARM, not their relevant stuff.

>> No.64132605

Because the Google report said AMD aren't affected.


>> No.64132608
File: 206 KB, 701x262, Screen_Shot_20180104_at_00.40.41.png [View same] [iqdb] [saucenao] [google] [report]

because the jewgle testers who actually found this shit could hardly get it to work on AMD

>> No.64132775

>Google says issue doesn't affect AMD
>Google says issue affects AMD
Thanks Google.

>> No.64132830

Does this mean I should buy amd stock?

>> No.64132833

Spectre affects AMD. Intel is fucked by meltdown and spectre.

>> No.64132848

alphabetical order

>> No.64132851
File: 353 KB, 663x715, 1494727672774.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64132901

Spectre was announced at the same time just to distract people from Intel's blunder, Spectre doesn't seem to be as dangerous as Meltdown and the fix doesn't impact performance.

>> No.64132950

Spectre affects everyone but is harder to exploit.
Meltdown is intel only.

>> No.64132993

What fucking fix?

>> No.64132994
File: 180 KB, 633x758, file.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64133000
File: 353 KB, 1000x697, 1433287483175.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64133001

Spectre (variant 2) is worse because it's unfixable except with a hardware redesign and affects every chip since the early 90s.
But it's much harder to execute and can be mitigated.

Spectre (variant 1) is easily patchable with no performance issues

Meltdown (variant 3) is intel only and has the huge performance hit.

>> No.64133031

AMD's ARM CPUs are affected, not their x86 CPUs.

>> No.64133037

That's the reason for the embargo, jewtel were paying jewgle to try and implicate AMD before making it public.

>> No.64133042

only if you using FX pro, ryzen still comfy

>> No.64133050


>> No.64133127
File: 70 KB, 212x237, file.png [View same] [iqdb] [saucenao] [google] [report]



>> No.64133203
File: 88 KB, 1150x705, 86f2c88b80.png [View same] [iqdb] [saucenao] [google] [report]

>AMD is also affected
>on their mobile bulldozer
nigga what?

>> No.64133275

Ryzen is not affected:
AMD CPUs tested by Google:
AMD FX(tm)-8320 Eight-Core Processor (called "AMD FX CPU" in the rest of this document)
AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G (called "AMD PRO CPU" in the rest of this document)

>> No.64133279

Nice try Intel root kit users.

>Also to clarify, the Google team only demonstrated functional exploit PoC on FX CPUs (FX8320 & A-10), not Zen. Zen AFAIK is immune to all 3 exploits.

>> No.64133285

AMD affected by one bug, along with intel and arm. And even then you need non standard config on arm or AMD chips for it to work.
Intel have two, including the kernel memory one which is worse.

>> No.64133339



>> No.64133387

What a fucking pain in the ass developing sidechannel attacks must be. Such precise timing required and even then it only works one out of X times, so you have to build additional tools to repeat your attacks in some reliable manner.

Exploit development is truly the most autistic of all IT related disciplines.

>> No.64133419

Oh shit theres a 8320e in my old disassembled rig sitting in the garage. Is it going to explode and kill me?

>> No.64133445

>Implying Intel PR didn't pay Google bloggers to report that AMD is also affected by the vulnerabilities.
Yes Goy everyone is affected, don't worry keep buying Intel

>> No.64133446

people over at plebbit are saying it was even tested on Ryzen yet.

I just don't know anymore.

>> No.64133466
File: 88 KB, 821x869, 1511581793245.jpg [View same] [iqdb] [saucenao] [google] [report]

All these vulnerabilities were known all along by triple letter agencies.
These agencies actually requested AMD and intel to implement these flaws?

>> No.64133495

Brainlet here, i have a ryzen cpu, and if ryzen isnt affected and i got that windows update how will this update affect me?

>> No.64133510
File: 65 KB, 726x781, holy_sheeeez.png [View same] [iqdb] [saucenao] [google] [report]

>> No.64133529

You got that backwards brah.
All Apple machines use vulnerable Intel chips

>> No.64133541

Frog, the Isreali's have probably been using this for years, got caught by a Nation State like Russia or China, and are now scrambling to patch it before it gets used on their ass's. There's way more to this than meets the eye. This whole Spectre thing getting thrown out there suddenly, seems really fishy.

>> No.64133547
File: 205 KB, 659x525, 158494994545961.png [View same] [iqdb] [saucenao] [google] [report]

am my pc gonna die

>> No.64133548

They got meltdown to read at 500kb/s

>> No.64133584

BTFO!!!!!!!!!!! I love this nigger!

>> No.64133592

The NSA has been streaming your memory dumps straight to their servers for years anon.

>> No.64133611
File: 346 KB, 499x358, 1453281024467.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64133613
File: 2.97 MB, 306x205, 1514937229846.gif [View same] [iqdb] [saucenao] [google] [report]


>> No.64133624
File: 195 KB, 512x719, 1393135437438.png [View same] [iqdb] [saucenao] [google] [report]

>AMD is not susceptible to *all* three variants
Spot the wiggle word.
>near zero risk to AMD processors *at this time*
Yes, because there is no published POC yet.

>> No.64133631


They likely were. Just like those leaks for winshit the last few years, known bugs for decades don't get patched because someone said 'don't' who belonged to an acronym and winshit obliged. It's not like spy agencies are going to tell the makers to fix their shit when they want to abuse the holes themselves. Likely told them to add special backdoors as well.

>> No.64133654

When I was a kid (late 80s/early90s) I thought the alphabet agencies must have put little bugs in mice and keyboards to track all user inputs into home computers, and then phone home, or perhaps the spooks came and copied the bugs' memory when people weren't at home. Not every paranoid fantasy is true. I bet they just found out about them many years ago and didn't say anything.

>> No.64133681
File: 60 KB, 612x472, 1508361788189.jpg [View same] [iqdb] [saucenao] [google] [report]

>Looks fishy
That's what I'm thinking. No one noticed this for this long. I mean, not even guys who designed the very same CPUs!
And everyone knows that NSA is evil.

>> No.64133695
File: 63 KB, 718x716, 1503870618211.jpg [View same] [iqdb] [saucenao] [google] [report]

I'm going to bed now. Hopefully there will be more hysteria in news sources after I'll wake up.

>> No.64133698

Do I have to patch my fucking router ?

>> No.64133713

Unfortunately, yes.

>> No.64133731
File: 278 KB, 806x720, 1491900349542.png [View same] [iqdb] [saucenao] [google] [report]

>still letting java to run
>still downloading malicious exe files

>> No.64133758

OK, patch list so far
>Router (possibly Modem)
Fuck me I guess

>> No.64133765

>praying there will never be a new exploit otherwise your PC is completely pwned by chink cryptominers

>> No.64133766

Meltdown is easy as shit and totally accurate.

>> No.64133771
File: 109 KB, 2250x2324, 1502534850116.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64133787

or the Sun can explode tomorrow killing us all

>> No.64133799

Spectre is pretty irrelevant and almost impossible to execute, it's purely academic.

>> No.64133800

>That's what I'm thinking.
Yeah, it's not even related or as bad as Meltdown, so why were they sitting on it? It might be coincidence the two popped up at the same time, but I'm doubtful.

>> No.64133806

So how many variants are they vulnerable to? Two? One?

I'm joking with you but that can be interpreted in a couple of ways. The important point is that they aren't vulnerable to Meltdown, which is the major problem.
Spectre is a concern, but no where near as much because it is far more contained in scope and more difficult to exploit.

>> No.64133812
File: 103 KB, 1053x671, 1514980730596.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64133849

It seems Zen is vulnerable no none of them. Some APUs might be affected by one of those variants, but it's fixable without performance loss, unlike Intel.

>> No.64133861

New exploits come out everyday. Couldn't say the same for the sun

>> No.64133873
File: 106 KB, 1280x720, [HorribleSubs] Gintama - 237 [720p].mkv_snapshot_20.50_[2011.12.10_12.01.17].jpg [View same] [iqdb] [saucenao] [google] [report]

How will Intel ever recover?

>> No.64133919

You don't install shit on your router, you don't run shit on your router.

These exploits need an application actively targeting them, which could be your browser through Javascript.

You don't use a browser on your router, you don't use your router to browse the Internet, you very likely don't install new software on your router so your router is most likely the last device you need to worry about.

>> No.64133927

Can someone in the parlance of reddit "give me a ELI5"?

>> No.64133938

Jew protecting jews, kinda neat

>> No.64133954

>Spectre is a concern, but no where near as much because it is far more contained in scope and more difficult to exploit.
Yes, an entirely new vulnerability class that allows for complete memory disclosure inside programs is absolutely nothing.

>> No.64133977

It's the same ring.
Meltdown is faaaaaar more dangerous.

>> No.64133996

Meltdown is a Spectre attack that leverages a specific vulnerability in Intel chips. Meltdown IS Spectre.

>> No.64133998

There are 2 flaws that both reveal kernel memory to unprivileged applications:

Spectre 1: Hard to exploit. Unfixable. Affects Intel and AMD.
Spectre 2: Fixable without penalties.

Meltdown: Intel only. Fix means 5-60% performance reduction

Intel PR says "Everyone is fucked". However the most severe bug only affects Intel.

>> No.64134013
File: 522 KB, 975x1357, 1505569066698.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64134023

Spectre doesn't work out of userland which is the big thing and harder to utilize. Meltdown escalates to kernel access.

>> No.64134037
File: 212 KB, 793x307, intelplsgo.png [View same] [iqdb] [saucenao] [google] [report]


variant 3 is meltdown which only affects intel

variants 1 & 2 are spectre, one of which can be patched and one which is rather hard to actually do anything malicious with

>> No.64134042

What's the difference between the two spectre attacks? I thought spectre can only read shit like passwords or any open application? Isn't it a much bigger threat to servers/databases than us chucklefucks sitting at home?

>> No.64134043
File: 448 KB, 455x395, Laughing Alligators.png [View same] [iqdb] [saucenao] [google] [report]

my fucking sides

>> No.64134085

L1 I$ that is keyed by CPL

what did he mean by this?

>> No.64134095

>Spectre doesn't work out of userland which is the big thing and harder to utilize.

God, are you Russian? This logical trampolining reminds me of Chernobyl. "It's not a nuclear explosion, it's only a nuclear meltdown. Calm down everyone!"

>Meltdown escalates to kernel access.
Yes, and Meltdown is just a Spectre attack. The next time a processor bug pops up, we'll have another Meltdown. Maybe worse.

>> No.64134103
File: 92 KB, 739x467, meltdown.png [View same] [iqdb] [saucenao] [google] [report]

>> No.64134118

Disclosure of the programs memory, which the program has access to.
The main concern is in things like browsers where you can exploit the shit via Javascript.

>> No.64134128

Stop typing, fucking niggers. You want to dearly justify your Intel purchases. Intel wants it to seem like an industry-wide problem to protect themselves.


Thank you for spreading truth instead of Intel bullshit.

>> No.64134129

is meltdown patched on the current creator update?

this whole thing is fucking insane

>> No.64134149

>Disclosure of the programs memory, which the program has access to.
Across programs too. People have already demonstrated keyloggers using this.

>> No.64134153

>quoting me when i specifically state that the important thing is that AMD isnt vulnerable to meltdown
Maybe you should stop being a nigger and read posts.

>> No.64134156

Anon instead of typing in all caps actually read the papers instead of being a retard

>> No.64134162

>All Apple machines use vulnerable Intel chips
You are a fucking imbecile. NO, THEY DO NOT! Read up on some of your shit before you spout off like a fucking loud cunt.

>> No.64134175

Link to demonstration/source.

>> No.64134177


>> No.64134192

Whats all this about a Kernel causing trouble?
Didnt we kill that guy in Libya years ago now?

>> No.64134211

AMD as much as admitted they are vulnerable. Google explicitly stated they are.
I'm as pissed as anyone. AMD runs my servers.

>> No.64134242

Idiot meltdown !=Spectre
Only Intel architecture has the specific vulnerability of not protecting privileged (see kernel) memory.

>> No.64134261

KEK. I stand corrected.
Okay, I'm crumpling like paper now. May-maybe so.

>> No.64134264

Spectre need to be executed, and servers usually don't run non-trusted code.

On the contrary, desktops run arbitrary code each time they open a web browser.
From now, any website can try to fetch data from your computer, unless Javascript is deactivated.

>> No.64134294

Didn't mean to quote you anon, sorry.

>> No.64134311

Why javascript is still a fucking thing is beyond me.
I've been using noscript for the last 5 years and i'm certainly thinking about whether or not i should update or wait for better solutions because this PC has virtually nothing of value to steal.

>> No.64134349

>both reveal kernel memory to unprivileged applications
Incorrect, only Meltdown does that

>> No.64134353

The problem, particularly with Meltdown, is that an actor could buy a VPS and run their exploit code on it to get access to the underlying system or other VM on the same host.
So it is a particular issue for people who offer hosting.

>> No.64134384

macOS is already patched, pajeet.

>> No.64134388

So what are the chances my mainframe is being hacked into right now? How do I avoid exposing myself?

>> No.64134403

Who here /PowerMacG5Quad/
Literally the most powerful CPU that isn't susceptible

>> No.64134404

So, for anyone here (because no one runs javascript), spectre shouldn't be an issue?

>> No.64134417

The brief uses both the terms "kernel memory" and "kernel virtual memory", what's the difference?

Spectrev1 can read kernel virtual memory from user.
Spectrev2 can from root.
Meltdown can read kernel memory from user.

>> No.64134425

No, this is an overreaction. AMD is in the same boat.

>> No.64134427

And also susceptible to a performance drop as result.
There's no magical fix all

>> No.64134440

ur fucking stupid. intel is being hit with 2 lawsuits, just got a downgrade, and their rep is tarnished.

amd has none of those things and they're the only real competitor to kiketel. don't be a fucking jew, amd is a great buy

>> No.64134445

You are misinformed, obviously. The silicon lattice is identical between AMD and Intel, this issue is at a hardware level and will eventually envelope all processor manufacturers. Intel has the resources to recover, AMD doesn't.

>> No.64134462

Is there a list of Intel processors that are effected?

>> No.64134465
File: 15 KB, 587x390, 1513540651713.jpg [View same] [iqdb] [saucenao] [google] [report]

> thread theme

I-it's not that bad right guys? My cryptocurrencies and furry porn collections are still safe? R-right?

>> No.64134470

No one ever said it wasn't, you stupid fucking street shitter.

>> No.64134473

Spectrev1 is patchable easily.

>> No.64134477

was it made in the last 10 years?

>> No.64134485



>> No.64134489

Anything before skylake

>> No.64134494

The iOS/A chip/M processor, Russia's Elbrus CPU, ARM64, et cetera are the future. Goodbye Intel, and possibly AMD.

>> No.64134495

Every intel chip since 1993 except pre 2013 atoms and iterium

>> No.64134497

Any Intel CPU that uses OOE
Potentially all Intel x86 CPUs made since Pentium III (with the sole exception of the first gen Intel Atom) may be affected

>> No.64134506

>Apple wins
How exactly are they winning here you flaming homo fanboy

>> No.64134514

>I-it's not that bad right guys
Meltdown stealing a password in real time

>> No.64134515


How are you able to post without JS enabled? At the very minimum scripts served by google need to be allowed (the fucking captcha).

>> No.64134517

If only, just wait till MSM picks up on this. The true scope of this will envelope all processor manufacturers. ESPECIALLY AMD!!! They are all built on the same silicon lattice, which is the problem. Intel can ride this, AMD not so much.

>> No.64134529

Skylake and whatever Intel releases next are also affected m8, it will require a hardware redesign to fix it, there are no safe Intel CPUs.

>> No.64134538


>what incucks actually imply

>> No.64134541

convinced this is a ploy to force everyone to upgrade
in 3 months intel miraculously comes out with new CPUS

>> No.64134543

True, AMD will be hit harder than Intel. Just wait.

>> No.64134545

What the fuck are you talking about? The exploit simply doesn't work on AMD.

>> No.64134560

Pass I presume

The issue is AMD and Intel x86 CPUs handle speculative execution differently. That's why meltdown in affects intel.

Spectre however works in everything, including Arm which is a radically different architecture to x86.
Spectre is also less serious and harder to execute. Only intel is getting that performance gimping patch for meltdown.

>> No.64134567

Intel shills going full damage control.

you're even getting posts like >>64134465 trying to downplay how bad it actually is

expect lots and lots of shilling in the coming days

>> No.64134572

AMD only seems to be vulnerable to Spectre 2, which is entirely irrelevant since it's so hard to execute unlike Meltdown which is piss-easy.

>> No.64134578

>tfw AMD Phenom II X4
just how safe am i from this

>> No.64134590

Meltdown doesn't but spectre is global (all x86 and Arm CPUs)
Hell spectre might even affect PowerPC but no one has bothered to check.

>> No.64134592
File: 356 KB, 799x732, aaaaaaaaaaaaaaaaaaaa.png [View same] [iqdb] [saucenao] [google] [report]

Intel is so fucked that I seriously doubt that they even have money to pay for shills right now.

>> No.64134601

All I can say is my research group has relationships with Intel and AMD. The base tech is the same, despite the diff in branding.

>> No.64134603

>Lists AMD first when literally 99.9% of their CPUs aren't vulnerable

>> No.64134605


Apple uses Intel CPUs...

>> No.64134606

Ever since the implementation, no reports of performance loss have been reported.

>> No.64134611

For now it seems the first atoms are the only ones truly safe. If the cpu has speculative execution, its fucked.

>> No.64134629

From what's I've read and understood, Spectre can't access kernel space.
Anyway, cloud providers are fucked by Meltdown.

It's still an issue, but Javascript will probably be the main infection factor.
I could be a non patchable root privilege escalation breach, usable by any infected software.

But it's far more frightening on smartphone, where antivirus are not the norm. I guess an infected app may break the sandbox.

>> No.64134639

Yeah for cucks like you and me, we won't see shit.

Talk to me when this fix hits google and amazon datacenters running linux.

>> No.64134665

AMD isn't affected by Meltdown at all, this a fact stated by the people who found the exploit to begin with.

>> No.64134672

I can't say much right now, but just wait in the coming days A LOT more info is going to be revealed. My research group at uni has direct contacts within both Intel and AMD. We know their tech, and honestly AMD is just better at damage control. This is problematic.

>> No.64134730

You're misinformed, stop shilling.

>> No.64134735

>Javascript will probably be the main infection factor.
Mozilla is already patching Firefox to cut down the accuracy of timing info available. These attacks rely on very precise timing.


>> No.64134737

The exploit has already been tried on AMD and it simply doesn't work, you can shut the fuck up and try to concern troll some other thread with more impressionable people, I recommend somewhere on /v/.

>> No.64134763

Literally read the papers you dumb fuck.
AMD handles speculative execution differently to intel so meltdown is intel only.
It's spectre that applies to all chips, intel, AMD-x86 and Arm

>> No.64134764

So with the virtual memory that spectre can read how does it differ to meltdown?

>> No.64134770

oh the irony. You stupid fuck.

>> No.64134779

What's the estimated performance hit for intel users?

>> No.64134781

>essionable people, I recommend somewhere on /v/.
You're sadly mistaken, it's not so simple.

>> No.64134790


see >>64134037

variant 3 is meltdown genius

>> No.64134792

Programs in user space can read user space memory. It's also much harder to execute than meltdown.

Meltdown let malicious code in user space read all the kernel memory.

>> No.64134793

it's incredibly difficult to use, to the point of being incredibly impractical

meltdown is the big one

>> No.64134813
File: 13 KB, 320x244, bezmenov_img_42.jpg [View same] [iqdb] [saucenao] [google] [report]

I don't think it's funny. You all are being taken for a ride.

>> No.64134819

Whats usually stored in non virtual memory?

>> No.64134823

Spectre 1 is easily fixable and doesn't affect AMD as far as I know, Spectre 2 is almost impossible to execute and requires a separate attack vector which is already compromised, it's not an issue at all.

>> No.64134837

Exactly, "near zero" is not zero.

>> No.64134848

Year of the POWER desktop?

>> No.64134862

So should I switch out my intel build with AMD?

CPU, Mobo, AIO cooler.. sounds like a new fucking build.


>> No.64134869

Literally says that version 3 doesn't affect and you tit

>> No.64134872

sheeit well now what?

>> No.64134876


>> No.64134904

isnt the new refresh in feb-mar?

>> No.64134910

>Thanks Google.
this is done intentionally, you have to protect your Intel friends ey google

>> No.64134928

>silicon lattice is identical between AMD and Intel
You're funny.

>> No.64134932

apparently it was only variant 2 which is non malicious and required non secure AMD config. Google purposely gimped AMD testing here to make them look bad on FX chips

>> No.64134934

Only because spectre is harder to pull of doesnt mean it wont fuck us in the future.

>> No.64134940

Near zero means they didn't find any way to exploit it at all but there still might be some way they didn't try, it's just a way of saying zero without looking like idiots if someone somehow finds a way to exploit it later on.
aka nothing

>> No.64134947
File: 37 KB, 968x164, which one of you did this?.png [View same] [iqdb] [saucenao] [google] [report]

Only x86-64 and ARM are affected by Spectre or this applies to every architecture?

>> No.64134956

Why is JavaScript in the browser allowed to directly read memory to begin with?

>> No.64134963

everything that uses speculative execution, aka every cpu

>> No.64134971

the ride hasn't even began yet.

wait until youtubers start their usual utterly nonsensical take on the topic while having an inevitable comment meltdown flamewars over "all is lost" vs "amd is immune".

this has hardly leaked into normie space, the worst is yet to come.

>> No.64134976

AMD is vulnerable to Spectre 1, it was demonstrated on AMD CPUs.
Spectre 2 was demonstrated on Intel only.

>> No.64135025
File: 55 KB, 785x296, DSpmxcLUQAA2VRu.jpg [View same] [iqdb] [saucenao] [google] [report]

fuck you intel shills, just posted by AMD

>> No.64135029

thnx :)

>> No.64135080

How smug are AMD right now?

>> No.64135090
File: 152 KB, 466x492, 1508965386340.png [View same] [iqdb] [saucenao] [google] [report]

How do I safely log into websites without having passwords stolen from memory? I use uMatrix, but the majority of sites break with javascript disabled.

>> No.64135098

Those have been tested, but anything with speculative execution is probably in trouble.
I know nothing about IBM or PowerPC and those chink/russian meme architectures but I imagine they're all affected.

>> No.64135104

Thanks for the link

> Whats usually stored in non virtual memory?
"non virtual" memory and virtual memory are the same physical thing.

On today computers, there is 2 main memory protections: user-space/kernel-space isolation, and virtual memory.

The separation of user space and kernel space means a regular program can't access the memory reserved by the kernel (and can't even use all the CPU instructions. Search "Protection ring" on Wikipedia if you're interested).
Meltdown bypass this protection.

In addition of that, each process has it's own memory stack, what's we call virtual memory. When the process A try to write something to address 0x12345, it can be anywhere in the RAM, like 0x67889. When the process B write to 0x12345, it will be in another random place. 0x12345 is a virtual address, thus relative to Process A. 0x67889 is a physical address.
In theory, both processes can't accidentally access to other's memory. Spectre bypass this protection.

>> No.64135112

We don't know if it affects Zen.

Google only tested on Piledriver and Excavator.
They also didn't test Skylake and above on the Intel side.

>> No.64135125

L1 I$ = Level one instruction cache
CPL = Current Privilege Level
Basically he's saying that the they should check instructions to make sure they only execute code in their domain. From an architectural standpoint, adding this check costs performance.

>> No.64135141
File: 39 KB, 1221x322, 423423453.png [View same] [iqdb] [saucenao] [google] [report]

>"Negligible performance impact expected."
Variants 1 and 2 are part of the Spectre exploit, variant 3 is Meltdown.

>> No.64135142

It can't.
But it don't ask permission, it's the purpose of this attack.

>> No.64135211

Which AMD chips are unaffected? I've read everything but they all just say 'AMD'. Are all AMD chups safe?

>> No.64135259


>> No.64135278
File: 36 KB, 656x444, 1.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64135282

have Ryzen chips skyrocketed in price now..?

>> No.64135293

> Spectre is a flaw in design that has been used by many processor manufacturers for decades. It affects virtually all microprocessors on the market, including chips made by AMD that share Intel’s design and the many chips based on designs from ARM in Britain.


>> No.64135297

Damn it feels good to have a Zensta

>> No.64135306



>> No.64135322

Zen is almost certainly not affected, and according to this git, same with all previous AMD CPUs
FX-8320 and an A10 SoC were shown to have some vulnerability to one variant of Spectre, so take this with a grain of salt...

>including chips made by AMD that share Intel’s design and the many chips based on designs from ARM in Britain
What did AMD produce that was shared with Intel's designs?

>> No.64135339

How do you know it's only ryzen that's not affected? I wouldn't mind jerking off my purchasing decision a little.

>> No.64135343

instruction Current Privilege Level

>> No.64135352
File: 18 KB, 636x466, 1514423918237.jpg [View same] [iqdb] [saucenao] [google] [report]

Wow /g/ has so many experts. How are you all so smart?

>> No.64135354

X86 and X64 architecture.

>> No.64135359

Certain FX chips are affected with specific non-default software configurations, and AMD ARM-based chips are also affected, but neither of them are affected by Meltdown which is the bug that requires the performance-killing patch.

>> No.64135371

we know how to read the information provided

>> No.64135396

But the flaw has little to do with what architecture the CPU uses and more to do with how it predicts what's needed from the kernel. Don't forget that ARM64 is also affected by this issue.

>> No.64135397

Excavator is also vulnerable to variant 2.
Maybe some side effect of the complete UMA with the GPU?
Piledriver wasn't though, so it's either a regression or an APU platform specific issue.

>> No.64135408

>Piledriver wasn't though
That FX chip was the FX-8320. Why Google had one of those in their labs is anyone's guess

>> No.64135409

>intel vulnerbility thread
>50% Ryzen shilling
>direct links to stores selling AMD shit
>none of the AMD pajeets mentioning you can literally download the patched windows 10 from microsoft right now and there is a 0% performance hit


Never change /g/, stick to running virus checks on your wifes boyfriends PC's and leave the real computing to us Intel bros

>> No.64135410
File: 17 KB, 246x225, ytdtrsture.jpg [View same] [iqdb] [saucenao] [google] [report]

I can read too. Dose not mean I can comprehend what it means. Just surprised that /g/ know so much about this.

>> No.64135424

> https://github.com/torvalds/linux/commit/00a5ae218d57741088068799b810416ac249a9ce#diff-678874d00bf0df04f6f427f16f1dea36R926

>- Exclude AMD from the PTI enforcement. Not necessarily a fix, but if
> AMD is so confident that they are not affected, then we should not
> burden users with the overhead

>> No.64135443

>AMD is so confident that they are not affected, then we should not
>burden users with the overhead
That will bite AMD in the ass. Spectre is confirmed to work on AMD's older x86-64 processors

>> No.64135455

there are rumors of another bug which is not fixable, any truth to this?

>> No.64135463

Spectre is not related to PTI

>> No.64135481

Crap, you're right. PTI is Meltdown.

>> No.64135483

this is about meltdown not spectre

>> No.64135494

>Just surprised that /g/ know so much about this.
what gave you that impression? I see a handful of fags in the know and 90% of the board being amd fags going >hurr durr told you your processor a shit

>> No.64135495

erroneous, fallacious, false, inaccurate, incorrect, mistaken, off, unsound, untrue,counterfactual, false, specious, spurious, truthless, untrue, untruthful.

>> No.64135507

erroneous, fallacious, false, inaccurate, incorrect, mistaken, off, unsound, untrue,counterfactual, false, specious, spurious, truthless, untrue, untruthful.

>> No.64135513

We're patched with 0 performance impact since last month bro. Stay mad.


>> No.64135518

erroneous, fallacious, false, inaccurate, incorrect, mistaken, off, unsound, untrue,counterfactual, false, specious, spurious, truthless, untrue, untruthful.

>> No.64135530

erroneous, fallacious, false, inaccurate, incorrect, mistaken, off, unsound, untrue,counterfactual, false, specious, spurious, truthless, untrue, untruthful.

>> No.64135532
File: 107 KB, 511x405, checkmate.png [View same] [iqdb] [saucenao] [google] [report]

> Critical flaws revealed to affect most Intel chips since 1995
prepared for this shit.. checkmate hackers

>> No.64135534

Every recent Mac has PCID. Performance impact is negligible.

>> No.64135535

>>none of the AMD pajeets mentioning you can literally download the patched windows 10 from microsoft right now and there is a 0% performance hit

You don't know if there is a performance hit. Microsoft is not the most open actor when dealing with security breaches.

It's still highly pretentious and and a bit dangerous for AMD to reject the KPTI. Now that the breaches are on the spotlight, I would not be surprised if other variants working on AMD were discovered.

>> No.64135540

>there is a 0% performance hit
cool s o u r..c...e

Sorry, I'm on Intel

>> No.64135565
File: 56 KB, 1280x720, Octane.jpg [View same] [iqdb] [saucenao] [google] [report]

This wouldn't ever happen if people would use fucking MIPS which is obviously still superior in multithreading and floating point performance. X86/64 is still supercharged 8088 and nothing changes this fact. It's a fucking mystery why Intel is still in this business.

>> No.64135579

You don't need to go back that far, Pentium 233MMX is Fine.
It's Pentium Pro and successors (ie. Pentium II, Pentium III, Core) that are vulnerable.

My first PC (that was mine, not a family PC) was a 233MMX with 64MB SD-RAM.
My god did she fly on Redhat 7, even though It was older hardware by then (the reason I had it...)

>> No.64135583
File: 87 KB, 645x773, 1509622229771.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64135616

Where did you get this info?

>> No.64135639

Can someone here tell me if Samsung or Softbank can take advantage of this?

Softbank bought ARM you know

>> No.64135680

>We're patched with 0 performance impact since last month bro.
Has anyone actually tested the performance?
This flew under the radar and people usually don't test performance of updates if there is no known reason to.

>> No.64135689

smug Dr. Lisa Su/10

>> No.64135691
File: 59 KB, 1196x300, d8c4975268.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64135711

the madman

>> No.64135718

Apple always wins anon :^)

>> No.64135719


>> No.64135762

the white says they tested bristol ridge and excavator. I don't think anyone directly mentioned ryzen yet. I've been looking for ryzen specifically all day myself.

>> No.64135802
File: 80 KB, 738x908, NewCapture.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64135835
File: 2.04 MB, 250x188, xcombaybee.gif [View same] [iqdb] [saucenao] [google] [report]

Guess I'll spend some time running my heaviest, most demanding shit before Microsoft come sidling through the door to hand me the chalice of hemlock.

>> No.64135836
File: 121 KB, 456x368, 3a3fc8f871fb46eb809e58d1330490b308371e72d774b28ebc257db0601bd21f.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64135878

Careful with that meme anon, it's an antique!

>> No.64135887

>I don't know how to read

>> No.64135914
File: 1.91 MB, 331x197, 1485479686589.gif [View same] [iqdb] [saucenao] [google] [report]

I'll use another one then

>> No.64135977
File: 190 KB, 1600x1200, The Fox and the Grapes.jpg [View same] [iqdb] [saucenao] [google] [report]

Here goes nothing...

>> No.64135994

>Every intel chip since 1993 except pre 2013 atoms and iterium

technically the original Pentiums are clean, and shit started going wrong with P6, which introduced OoO and speculative execution in x86.

>> No.64136027

is my console affected

>> No.64136037

I would imagine that rush of people going to AMD is minimal to none on the desktop market.
Epyc and Threadripper are probably going to be the CPUs that will see higher demand

>> No.64136041

is that a screenshot from jpkiwigeek?

>> No.64136042

Don't know if anyone touched/thought of it yet

>> No.64136062

Now that I think about it, I wonder it those vulnerabilities could help with rooting / unlocking / hacking phones, hacking consoles, modifying PC firmware (where signed images are used, maybe this could help bypass those checks).
In any case, it's going to be interesting.

>> No.64136109

if your console is running on default CPU settings, with it should, then no.

>> No.64136115

the example code in the spectre pdf worked well on my computer. its about 70% accurate.

i had to change it to use rdtsc instead of rdtscp as that caused a SIGILL though.

>> No.64136117

Damn /g/s got all the true oldfags

>> No.64136142

someone brought it up in another thread
but also got ignored.
Console run special Jaguar cpus though so it would be hard to test I'd gather.

>> No.64136171

Consoles use AMD

>> No.64136177
File: 68 KB, 934x934, 1415075612686.jpg [View same] [iqdb] [saucenao] [google] [report]

>tfw have FX 8320

>> No.64136179

It is more accurate to say that branch prediction is fucked.

>> No.64136205

I have a genuine question. Do anyone is stupid enought to think this is a oversight instead of a intended backdoor that got leaked

>> No.64136219

All the variants of the exploit are all about knowing exactly how the CPUs prediction works and tricking it to repeatedly do the wrong things. Zen's predictor uses a learning algorithm that improves itself over time in order to not to do the wrong things. Good luck to anyone trying to make a practical exploit against that.

>> No.64136243

spectre, not meltdown. meltdown is the one that's fucking up AWS right now

>> No.64136259
File: 1.51 MB, 425x481, dc8887a18cf7b477e456711979779ffa.gif [View same] [iqdb] [saucenao] [google] [report]

Is this exploit going to kill cryptocurrencies?

>> No.64136325
File: 2.48 MB, 200x150, 1427213993973.gif [View same] [iqdb] [saucenao] [google] [report]

So in brainlet terms, everyone's shit is going to get slower?
My toaster won't even toast anymore?

>> No.64136329

Did they post a research paper on it? I want to know how they did this so i can figure out how to mitigate it.

>> No.64136341

They'll probably skyrocket the prices of computer equipment

>> No.64136348

Luckily then, you'll at most have a <1% performance penalty, since you're only vulnerable to variant 1 which is already patched out in major OS'es. (Variant 3 is the big performance penalty hitter, for which patches are imminent)

Might be the first time you can gloat over Intel users with Piledriver...

>> No.64136359

aah i love this guy, i hope he lives longer

>> No.64136372

how will it do that?

>> No.64136380

>Do anyone is stupid enought

>> No.64136387
File: 164 KB, 568x612, 1514043058471.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64136396

so this exploit enables a hostile actor to steal information from most computer systems in the world.

think about it...

>> No.64136397

No, since most cryptocurrencies aren't mined in big vm clouds, so variants one and two aren't useful.
Variant 3 could be exploited with some novel userspace application, but most miners with farms don't really have anything open and worst case they'll just migrate to ryzen 1200 systems.

>> No.64136411

what happens when Bittrex or Coinbase get hacked for billions in losses?

you don't think that will hurt the crypto market?

>> No.64136418

so anyone who has walles on their intel machine is stuffed?
all my coins are on an exchange.

>> No.64136431

but they have to run the exploit or the attacker needs to have access to their system.

>> No.64136446

exploit kernel writes of your crypto
spoof transactions with botnet
crypto dies in about two hours once everyone realizes what's going on, but only after all your crypto is spoofed and sold for fiat

>> No.64136447

>so anyone who has walles on their intel machine is stuffed?
the point is that EVERYONE is stuffed

>> No.64136460

I don't know enough about how the exploit is implemented.

Can it be done remotely? What access is needed?

>> No.64136478

>So what are the chances my mainframe is being hacked into right now

Seeing as we are loser nobodys on 4 chan I say about 0%.

>> No.64136487

Well from what I gathered, the machine needs to execute something to run the exploit, so things llike javascript etc, would be the "remote", I guess don't run any javascript etc.

>> No.64136497

Against a wallet provider maybe, might have even been used against them in some of the recent attacks if Google's known about this since June last year.
But also >>64136431
Either they'd have to voluntarily run something dodgy (very unlikely on a production server) or otherwise have an exploit that allows for rce (this is more likely) which just means sloppy security anyway.

>> No.64136511

and it's also a very memory intensive process, correct? so not something we could expect to see on a massive scale?

>> No.64136523

>can't browse my favorite ad-ridden sketchy porn sites on my smartphone since they will inevitably get some meltdown ads and there will never be a security update for it
fug :DD

>> No.64136529

yeah good call, this was big deal during ryzen launch, their new fancy branch predicting ai. I felt they downplayed it a lot, maybe it'll kick them to tout it again.

>> No.64136531
File: 24 KB, 290x364, 1496096950849.jpg [View same] [iqdb] [saucenao] [google] [report]

Not everyones JUST people with Intel CPUs

>> No.64136534

The actual point is - no they aren't.
Only Intel are vulnerable to variants 2 and 3.
Only Construction Cores AMD is vulnerable to Variant 1, Zen is not vulnerable to any variant.

Variant 3 is the bad one.

Conspicuously also missing from the Google report is how Skylake and above have a mitigation technique anyway, which still has a performance penalty, but it's nothing like the 30% that Haswell and below and get.

>> No.64136549

Could also depend on how they are hosting.
If an attacker could get access to a machine on the same VPS or network (even legitimately) then that could be used to cross to the servers of the providers.

>> No.64136560

i think he meant people using the exploits to botnet mine "for" them.

>> No.64136578

No I am specifically worried about the vulnerability this poses to SSL keys.

>> No.64136597

>be poor
>be neet
>hacker testing new toys finds your toaster
>he bricks it just as a proof of concept
>no more chinz nor anime for (you)
>you finally kys

>> No.64136602
File: 216 KB, 369x387, 1502686168167.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64136607
File: 104 KB, 270x276, 1493901060695.png [View same] [iqdb] [saucenao] [google] [report]

So, uh.
Has anyone started dumping DRM stuff?

>> No.64136630

So what does it all mean for the everyday gayming retard like me?

Should I be ordering new AMD parts right now, or does it only really matter for big companies and their services, or something else?

>> No.64136634
File: 59 KB, 516x550, Mfw+im+playing+dark+souls+_d0a276fdba2cf487c690a7c07134da52.jpg [View same] [iqdb] [saucenao] [google] [report]

>Haswell and below


>> No.64136644
File: 69 KB, 525x429, 1514867924946.jpg [View same] [iqdb] [saucenao] [google] [report]

>tfw thinking about all the racks full of intel servers at work

>> No.64136659

Yeah dude.
Want some rope?
I've already prepared for myself.

>> No.64136678
File: 965 KB, 978x936, 1502400947272.png [View same] [iqdb] [saucenao] [google] [report]

I was considering upgrading my PC soon. Should I also get an AMD GPU then? Who knows if GPUs might be fucked next.

>> No.64136681

>power9 cpus unaffected
feels so good that i invested in a raptor talos ii late last year :)

>> No.64136700

Has anyone here actually tried running the patch?

>> No.64136704

Who are you niggers?
How do you even buy that shit?
What OS do you even run on those?

>> No.64136722

direct from supplier and arch of course :^)

>> No.64136735

raptor engineering
it's expensive af though

older power kit you can get on ebay for a few hundred bucks and run linux/aix/whatever on, been thinking about it

>> No.64136739

Not yet, but it well be pushed soon, it's already on the Fast Rings

>> No.64136741
File: 112 KB, 675x1200, 90834098345.jpg [View same] [iqdb] [saucenao] [google] [report]

I accidentally order the FX 8320 which has been bottlenecking by gtx1070 for a while now i think. but now it may have been the right decision

>> No.64136748
File: 611 KB, 322x322, 1510784996724.gif [View same] [iqdb] [saucenao] [google] [report]

>AMD gets thrown under the bus right as they're about to win

top fucking kek.
Doesnt matter if its true or negligible. Normies arent going to look into the details.

>> No.64136769


>> No.64136794

But is this anything for me, the average gentile, to worry about? I think not..

>> No.64136796

kernel and other programs can be read and code injected just like cheats for your videogames use
hard to detect by antivirus
doesnt matter if you dont run weird shit
DRM, backdoors, and other things they want to hide are now out in the open for reversing and debugging
probably why its getting fixed instead of hushed

>> No.64136804
File: 2.31 MB, 3072x3118, 1513761471496.png [View same] [iqdb] [saucenao] [google] [report]

???????? IS LINUS DYING????



>> No.64136826

See >>64133510

>> No.64136827
File: 33 KB, 705x530, 1414203689345.jpg [View same] [iqdb] [saucenao] [google] [report]

>mfw my entire datacenter is non-virtualized because I'm too lazy to do it and have been making bullshit excuses to management and clients about why clients can't have more access to their systems
>mfw none of this affects me in anyway
>mfw management will see me as a hero for essentially being lazy as shit

>> No.64136840

>2133MT/s RAM on Ryzen
Not you anon, not you

>> No.64136841

>DRM, backdoors, and other things they want to hide are now out in the open for reversing and debugging

You are a fucking moron.

>> No.64136865
File: 77 KB, 635x451, 1514753065344.jpg [View same] [iqdb] [saucenao] [google] [report]

>moved everything to AWS this fall
feels good man, at least until the bill comes

>> No.64136884
File: 69 KB, 775x837, 12806-14099-2717.jpg [View same] [iqdb] [saucenao] [google] [report]

On a scale of 1-10 how fucked am I for having intel?

>> No.64136895

The sun explodes billions of times a day, otherwise you wouldn't be receiving any heat from it.

>> No.64136899


>> No.64136911

Someone give me a basic gestalt on this.

Is this the panic scenario of "90% of the human population is going to be destroyed"
or is it the more relaxing scenario of "EVERYBODY is going to die, so you don't have to worry."?

>> No.64136915
File: 259 KB, 1280x1185, 1514849210882.jpg [View same] [iqdb] [saucenao] [google] [report]

Mfw I almost bought g4560 + b250m but after all of this I'm thinking of saving a little more and going with r3 1200 + b350m

>> No.64136928

what does this mean for someone who draws lewd commissions for living? am I fucked somehow?

>> No.64136937
File: 108 KB, 680x578, 19146-13843-27032.jpg [View same] [iqdb] [saucenao] [google] [report]

Shit dude I was expecting 11 at worst.
12 is too much

>> No.64136966

do you have anything to hide? if not 0

>> No.64136969

secure audio path(drm)
protected process(drm)
code signing
driver signing
i bet they have at least one encrypted "analyics" timer in the kernel doing something shady
can dump it all now as it runs in kernelspace

>> No.64137003

post lewds

>> No.64137079

We'd need to see some of your work for a proper assessment.

>> No.64137250
File: 81 KB, 1574x570, CPU Benchmark Comparisons.png [View same] [iqdb] [saucenao] [google] [report]

i7 6700k

c u c k e d

>> No.64137419

Russians moved to produce their own silicon a couple of years ago. First models released last year.

>> No.64137684

Is that a special settings screen? is it available for W10?

>> No.64137714

nope, youve gotta use arch

>> No.64137777

Arch Linux? Thanks

>> No.64137798

yeah thats the one
nice get btw

>> No.64137953

>Haswell and below
It's only below Haswell. Haswell has PCID.

>> No.64138405

did it go something like this:
>wew boss if we turn off this security feature the performance increases by 5%!
>ship it

Name (leave empty)
Comment (leave empty)
Password [?]Password used for file deletion.