Quantcast
[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology


View post   

[ Toggle deleted replies ]
File: 212 KB, 793x307, zero risk.png [View same] [iqdb] [saucenao] [google] [report]
64154830 No.64154830 [Reply] [Original] [archived.moe] [rbt]

Reminder, AMD64 CPUs are not affected by these severe intel security flaws.

>> No.64154930

>>64154830
project zero POC says otherwise

>> No.64154980

>>64154930

More incuck lies.

>> No.64155094

>>64154980
delusional amd fanboy advertisement thread

actually, amd would have pretty good incentive to lie or pretend they don't know about vulns

>> No.64155121

>>64154930
That has only been proven on a Bulldozer mobile chip with non default settings

>> No.64155122

>>64154930
no it doesn't this is exactly the project zero conclusion written into small easy to read package.

>> No.64155161

>>64155122
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
reading is hard

>> No.64155164

>>64155121

Even then the worst that could be done is access local process memory, no memory escape possible.

>> No.64155182

>>64155161
>v1 only with JIT
>v2 probably does, we couldn't do it but it does, beliebe us
>v3 probably does, beliebe us

Yea, you sure as fuck know how to read

>> No.64155235

>>64154830
Reminder that you don't know what AMD64 means

>> No.64155237

>>64155161

Linked from the same:

http://www.amd.com/en/corporate/speculative-execution

By default the old AMD CPU is not susceptible, and Ryzen not susceptable at all. Intel cannot be patched for spectre, and meltdown only affects intel.

Nice try incuck.

>> No.64155244

>>64155235

No U.

https://en.wikipedia.org/wiki/X86-64#AMD64

>> No.64155252

>>64155237
Intel are done this time.

>> No.64155258

>>64155237
>meltdown only affects Intel
https://developer.arm.com/support/security-update
nah, ARM too

>> No.64155261

>>64155244
That's great, but intel CPUs are also called AMD64 if they aren't itaniums

>> No.64155280

>>64155261
>https://en.wikipedia.org/wiki/X86-64#AMD64

https://en.wikipedia.org/wiki/X86-64#Intel_64

Nice reading comprehension, retard.

>> No.64155282

>>64154830
>not affected
>near zero
pick one, faggot

>> No.64155283

>>64155182
right, so I'm supposed to believe amd's corporate pr bullshit quarter page of '''info''' (when they stand to financially benefit from this assuming they're not affected) over a research team working to deliver POC

these vulns are affecting multiple architectures that are implemented differently
it's not only shittel. I'll take POC over corposhit PR anyday

>>64155237
>he actually posted the baseless quarter page of pr as a credible source
ahaha nice meme

do you know what the words "to date" mean?

>> No.64155294

>>64155280
Nice autism, retard

>> No.64155317

>>64155283
>right, so I'm supposed to believe amd's corporate pr bullshit
It's THE SAME FUCKING INFO YOU MORON

>> No.64155323

>>64155283

Holy shit how butthurt are you? KYS.

>> No.64155388

>>64155283
They have yet to produce those vulnerabilities on AMD chips except one under certain (unusual) circumstances.

>> No.64155473

>>64155388

Even then, it's still not MELTDOWN which is the trivially triggered INTEL flaw allowing full read access to kernel memory; the worst flaw which actually triggered this whole shitfest.

Note, SPECTRE was advised in July last year, MELTDOWN was advised last week. SPECTRE is being rolled-up with MELTDOWN by intel PR in a pathetic attempt at damage control trying to implicate AMD when all they did was show that intel was totatlly susceptible to SPECTRE as well, where AMD was only a limited edge case.

>> No.64155496

>>64155473
I completely agree with you.

>> No.64155536
File: 386 KB, 1000x1000, 1500551935194.png [View same] [iqdb] [saucenao] [google] [report]
64155536

>tfw never fell for the intel meme
feels good man

>> No.64155621

>>64155388
>>64155283
if AMD vulns somehow exist you can bet that Intel damage control will bring them to light

skepticism towards every party is healthy this early on. If AMD thought it was vulnerable, they would want to admit it as late as possible to absorb the largest amount of investment and customerbase

>> No.64155629

There are PAID intel shills in this forum and on every other one across the net. Intel payolla outlets Anandtech, Tom's Hardware and Arstechnica have all consulted their Intel contacts and VERY late published FAKE NEWS articles letting Intel off the hook. But not every tech site takes large cheques from Intel...

If anyone here mentions 'SPECTRE', they are an Intel shill. Spectre is an 'exploit' that has no proven attack vector on AMD Ryzen parts, and the THEORETICAL vectors are simply patched on AMD with no performance hit. On Intel, Spectre CANNOT be patched, however. Either way, spectre is another TRIVIAL and insignificant bug- of which many thousands have already been dealt with on both AMD and Intel.

It is MELTDOWN that is the only issue that matters. Meltdown describes the NSA backdoor built into every Intel CPU designed to allow user code ring-0 access. This is an ARCHITECTURAL design of intel's CPU's, and cannot be fixed except by flushing and state resetting before EVERY virtual memory/IO operation- a massive slowdown of key functionality.

AMD's memory architecture is completely different, and does NOT allow this NSA requested attcak vector- not now, not ever.

Linux has gone crazy cos the exploit is a clear NSA backdoor, which Linux types will not accept. Microsoft, as an OS, is riddled with NSA exploits by Microsoft, so doesn't need a CPU hardware vector. Thus MS can happily patch the hole (on Intel only) at the cost of significant performance degradation on all mutli-core mulit-app use cases (which excludes most current games).

Intel cannot have a 'fixed' CPU til the end of 2019 at the earliest. Roadmapped Intel parts (like icelake) all have this NSA backdoor.

There is ZERO AMD issue - indeed AMD Ryzen is the future, just as the original AMD64 was the future when intel was shilling for the broken hopeless netburst design.

>> No.64155683

>>64155629
>There are PAID intel shills in this forum and on every other one across the net.
Yes there are and they are out in force like never before in the history of the company.

>> No.64155722

>>64155621

Wow do you believe that Intel wouldn't have a crack team working around the clock trying to make this bug fly on AMD? If this design flaw was on AMD, we'd know.

>> No.64155748

>>64155722
that's exactly what I'm saying but time is also a factor. Keep in mind all this has gone public very recently. If shittel is somehow going to counter AMD's claim they had to wait for it to go public first

>> No.64155802
File: 112 KB, 629x578, DStoUAMXkAAiCqS.jpg [View same] [iqdb] [saucenao] [google] [report]
64155802

Wrong, AYYMD is affected by Meltdown

AYYMD has been lying like the liars that they are

>> No.64155845

>>64155802

You're getting desperate now.

>> No.64155877

>>64155845
Look at the last line, faggot

AYYMD is a lying piece of shit and they certainly are affected by Meltdown

>> No.64155957

>>64155877

Oh wow the process can see its own memory pages, big fucking deal. Wake me up when AMD can read pages from kernel or other processes. Yawn.

>> No.64155992

>>64155802
>It's possible
>But we can't do it

Yep, AMD sure is screwed

>> No.64156331

>>64155258
nobody gives a shit about ARM security though.

>> No.64156395

So what's the best AMD processor for gaming? Anything close to the 8700k?

>> No.64156407

>>64155877
That line looks like you've written it yourself, and infact... It's kinda... Stupid syntax.

>> No.64156425

>>64156331
probably should, as Cortex 75 is server CPU

>> No.64156588
File: 13 KB, 504x129, sponsors.png [View same] [iqdb] [saucenao] [google] [report]
64156588

>>64154930
project zero also had this fine print

>> No.64156648

>>64156425
>ARM for server
for what purpose

>> No.64156692
File: 198 KB, 2518x1024, poor little intel.png [View same] [iqdb] [saucenao] [google] [report]
64156692

>>64154830

>> No.64156723

>>64156648
low power data center

>> No.64156800

>>64154830
academic papers and every single independent advisory says otherwise. Only a moron would educate himself on press releases, no matter if they came from Intel or AMD or whichever vendor.

>> No.64156851

>>64155629
>There are PAID intel shills
I don't know about intel, but I'm pretty sure that there are AMD shills (paid or not, it's irrelevant) and you're one of them. You keep posting this pasta and similar shit.

>> No.64157024

>>64156800
None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit. Researchers suspect AMD hardware MAY be vulnerable to v2, but it's extremely difficult to exploit to the point they consider it an academic curiosity and not worth issuing a patch for. The third variant definitely does not affect AMD hardware, and this is the variant that, when patched, causes a massive performance hit.

>> No.64158154

>>64156800

Despite the OP pic quoting the academic paper direct from the researchers, which clearly states that AMD is not affected.

>> No.64158181
File: 153 KB, 1166x767, Capture.jpg [View same] [iqdb] [saucenao] [google] [report]
64158181

Whats this?

>> No.64158290

>>64158181
They wouldn't want the sponsors >>64156588 to look bad now do they?

>> No.64158304

>>64158181
Learn to read. Spectre v1 has been verified on AMD hardware, Spectre v1 is not a big deal because it has already been patched with negligible performance impact.

>> No.64158511

>>64158181

Leaves out the fine print:

>on some older AMD arch (not RYZEN), if you change a non-default setting to enable eBPF JIT, it is vulnerable to this attack. This setting is on by default with Intel and cannot be disabled.

>> No.64158692
File: 119 KB, 794x602, 1515124581509.png [View same] [iqdb] [saucenao] [google] [report]
64158692

>>64158181
Spectre v2 works on Ryzen, in theory
A working PoC is being done on Ryzen/EPYC as we speak, apparently with some success.
>yfw AMD shot themselves in the foot by leaking the problem too early and now every white hat involved want to prove AMD wrong

>> No.64158718

>>64158692

More incuck damage control. KYS.

>> No.64158730

>>64158692
AMD can just release a patch that turns that option off and leaves it off.
Nobody uses it by default anyway.

>> No.64158740
File: 66 KB, 600x400, meltdowned.png [View same] [iqdb] [saucenao] [google] [report]
64158740

>>64154930
>>64155094
>>64155802
>>64155877
Wew
Stay salty Intel niggers

>> No.64158758
File: 213 KB, 846x934, 1515123623419.png [View same] [iqdb] [saucenao] [google] [report]
64158758

>>64158718
Nope, this is from the Red Hat Enterprise guys
They were not happy with AMD, to say the least. AMD might be able to mitigate the attack window for Spectre ver2, but it's not immune from it like AMD boldly claimed.
>>64158730
That's for Meltdown, not Spectre. Spectre's fix is not complete yet.

>> No.64158811

>>64158758

>rhel

Why not get a competent source.

>> No.64158834

>>64158758

>I was going to prove something that neither google, intel or amd were able to but I was too busy porting systemd to ibm mainframe during my holiday break

>> No.64158932

>>64156588
oy vey delid dis!

>> No.64159119

>>64158758
>we've been working on this for a year
>we have absolutely no proof of concept
>some guys are still working on creating one
>but AMD is totally vulnerable guys!!!1

Yeah, I definitely believe that asshole.

>> No.64160361 [DELETED] 

>>64154830
SOURCE
SOURCE

SOURCE
SOURCE
SOURCE

SOURCE
SOURCE

SOURCE
SOURCE

SOURCE
SOURCE
SOURCE

>> No.64160569

>>64158154
....OP is not quoting academic papers, but an AMD press release.

>> No.64160572

>>64158758
>shouldn't comment publicly
>comments publicly
how desperate are you
and also no proof
just cautionary speculation

>> No.64160693

>>64157024
>None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit.
No researcher ever stated that.
>Researchers suspect AMD hardware MAY be vulnerable to v2, but it's extremely difficult to exploit to the point they consider it an academic curiosity and not worth issuing a patch for.
No researcher ever stated that.

>> No.64160709

>>64158811
Redhat IS a competent source and IS an industry standard.

>> No.64160830

>>64157024
>an academic curiosity and not worth issuing a patch for

such a puerile academic curiosity they released a firmware update to disable branch prediction altogether.

>https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
>This update for kernel-firmware fixes the following issues:
>
>- Add microcode_amd_fam17h.bin (bsc#1068032 CVE-2017-5715)
>
>This new firmware disables branch prediction on AMD family 17h processor
>to mitigate a attack on the branch predictor that could lead to
>information disclosure from e.g. kernel memory (bsc#1068032 CVE-2017-5715).

I demand AMD shills to stop, along with Intel ones.

>> No.64162531

>>64155473
Keeps me wondering how long they have been know. Gotta go rewatch James Bond Spectre for some hints

>> No.64162582

>>64155282
because everything is hackable , even intel after the patch.

Until you prove it can be exploited it non issue

>> No.64162694

>>64155992
More like:
>The vuln. is provably there (instructions past illegal memory access are performed)
>There is no PoC yet that can read kernel memory on AMD processor.
We have to see how this pan out.
So Meltdown is potentially possible on AMD.

>> No.64162730

>>64162694
Just wait

>> No.64162739

>>64157024
>None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit.
No, linux only patched BPF in the kernel. They targeted BPF only for convenience, not that that's the only potential attack vector against the kernel. Note that other runtimes that don't do process isolation have to have separate security mitigations against variant 1 (like JS engines).

>> No.64162757

>>64162694
meltdown is 100% not going to work on AMD, this is just not how proper CPUs are made where you give away your L1$ data away for free

>> No.64162832

>>64162757
I think you missed the part where they proved the vulnerablity exist only they couldn't exploit it on AMD.

>> No.64162933

>>64160709
You should know that any source which questions amd isn't reliable and competent. This board is /r/amd.

>> No.64164144

Incucks still desperately trying to implicate AMD into this infail fuckup.

>> No.64164450

>>64155252
Na. They'll switch up architecture and then not only keep selling units, sell more because they now have to replace the existing cpus in a fuckton of machines as well. They'll be fine. Better even.

>> No.64165714

>>64162832
>it exists
>but it doesn't exist

>> No.64165989

>>64155629
>There are PAID intel shills in this forum
almost surely not. why would the prevailing opinion of this particular forum matter in any sort of context? every single apparent 'intel shill' is actually a troll, going for the low-hanging fruit i.e. the autists on this board who are enraged by the possible misunderstandings brought about by Intel's PR and go into a hissy fit when someone apparently fell for the intentional conflation of Meltdown vs. Spectre. the number of trolls who go on pokerfaced about how 'the vulnerability' impacts AMD is really high, and they are fapping to you guys trying to make them understand what they do understand but are amused by pretending not to.

>> No.64166050
File: 79 KB, 706x674, sureitisnt.png [View same] [iqdb] [saucenao] [google] [report]
64166050

>>64156851
t. Intel pajeet

>> No.64166581

>>64165989
>is actually a troll
You are a troll. And >>64166050
; and >>64164144 ; and all those samefaggots who refute plenty of evidence with plain namecalling. We have CVEs, papers and advisories like >>64160830 yet the only think they keep spewing are AMD press releases. Even worse, they pretend that AMD press releases are the official papers ( >>64158154 ) and repeat unfounded claims and speculations ( >>64157024 ). That's the definition of a troll, and if I may add, a shitty one.

>> No.64166637

>>64166581
the definition of a troll is 'a person who tries to get a rise out of others by making claims he has no investment in'.

>> No.64167279

>AMD64
You use that work, but I don't think you know what it means

>> No.64167313

>>64155629
>There are PAID intel shills in this forum
and then there are folks like you who "shill" AMD

FOR
R
E
E

>> No.64167353

>>64160709
They guy says says basically the same than amd though. Not vulnerable to meltdown, the big bad exploit with the performance decrease, when fixed. Technically vulnerable to spectre, but that's kind of trivial , because Spectre is a fundamental vulnerability for all processors with out of order execution. If a processor has this feature, it is technically vulnerable. If it is practically possible to exploit that vulnerability is another question

>> No.64167400
File: 944 KB, 1228x1502, 1495812218308.png [View same] [iqdb] [saucenao] [google] [report]
64167400

>>64155094

>> No.64167443

>>64164450
You cant just pull a new architecture out of a hat. It will take years before this is fixed.

>> No.64167540
File: 318 KB, 882x758, 1490730560541.jpg [View same] [iqdb] [saucenao] [google] [report]
64167540

>>64167443
DELET

>> No.64167560

>tryhard hackers from all over the world can't get a single PoC on x86-64 after days of hard work, still at it fruitlessly
>implying russian script kiddies will magically be able to
We're not in the clear yet, but this looks very promising.

Side note: No such thing as AMD64

>> No.64167604

>>64158758
>information has emerged that an anonymous source close to X...
Cool story.

>>
Name (leave empty)
Comment (leave empty)
Name
E-mail
Subject
Comment
Password [?]Password used for file deletion.
Captcha
Action