[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

Due to resource constraints, /g/ and /tg/ will no longer be archived or available. Other archivers continue to archive these boards.Become a Patron!

/g/ - Technology

View post   

[ Toggle deleted replies ]
File: 212 KB, 793x307, zero risk.png [View same] [iqdb] [saucenao] [google] [report]
64154830 No.64154830 [Reply] [Original] [archived.moe] [rbt]

Reminder, AMD64 CPUs are not affected by these severe intel security flaws.

>> No.64154930

project zero POC says otherwise

>> No.64154980


More incuck lies.

>> No.64155094

delusional amd fanboy advertisement thread

actually, amd would have pretty good incentive to lie or pretend they don't know about vulns

>> No.64155121

That has only been proven on a Bulldozer mobile chip with non default settings

>> No.64155122

no it doesn't this is exactly the project zero conclusion written into small easy to read package.

>> No.64155161

reading is hard

>> No.64155164


Even then the worst that could be done is access local process memory, no memory escape possible.

>> No.64155182

>v1 only with JIT
>v2 probably does, we couldn't do it but it does, beliebe us
>v3 probably does, beliebe us

Yea, you sure as fuck know how to read

>> No.64155235

Reminder that you don't know what AMD64 means

>> No.64155237


Linked from the same:


By default the old AMD CPU is not susceptible, and Ryzen not susceptable at all. Intel cannot be patched for spectre, and meltdown only affects intel.

Nice try incuck.

>> No.64155244


No U.


>> No.64155252

Intel are done this time.

>> No.64155258

>meltdown only affects Intel
nah, ARM too

>> No.64155261

That's great, but intel CPUs are also called AMD64 if they aren't itaniums

>> No.64155280



Nice reading comprehension, retard.

>> No.64155282

>not affected
>near zero
pick one, faggot

>> No.64155283

right, so I'm supposed to believe amd's corporate pr bullshit quarter page of '''info''' (when they stand to financially benefit from this assuming they're not affected) over a research team working to deliver POC

these vulns are affecting multiple architectures that are implemented differently
it's not only shittel. I'll take POC over corposhit PR anyday

>he actually posted the baseless quarter page of pr as a credible source
ahaha nice meme

do you know what the words "to date" mean?

>> No.64155294

Nice autism, retard

>> No.64155317

>right, so I'm supposed to believe amd's corporate pr bullshit

>> No.64155323


Holy shit how butthurt are you? KYS.

>> No.64155388

They have yet to produce those vulnerabilities on AMD chips except one under certain (unusual) circumstances.

>> No.64155473


Even then, it's still not MELTDOWN which is the trivially triggered INTEL flaw allowing full read access to kernel memory; the worst flaw which actually triggered this whole shitfest.

Note, SPECTRE was advised in July last year, MELTDOWN was advised last week. SPECTRE is being rolled-up with MELTDOWN by intel PR in a pathetic attempt at damage control trying to implicate AMD when all they did was show that intel was totatlly susceptible to SPECTRE as well, where AMD was only a limited edge case.

>> No.64155496

I completely agree with you.

>> No.64155536
File: 386 KB, 1000x1000, 1500551935194.png [View same] [iqdb] [saucenao] [google] [report]

>tfw never fell for the intel meme
feels good man

>> No.64155621

if AMD vulns somehow exist you can bet that Intel damage control will bring them to light

skepticism towards every party is healthy this early on. If AMD thought it was vulnerable, they would want to admit it as late as possible to absorb the largest amount of investment and customerbase

>> No.64155629

There are PAID intel shills in this forum and on every other one across the net. Intel payolla outlets Anandtech, Tom's Hardware and Arstechnica have all consulted their Intel contacts and VERY late published FAKE NEWS articles letting Intel off the hook. But not every tech site takes large cheques from Intel...

If anyone here mentions 'SPECTRE', they are an Intel shill. Spectre is an 'exploit' that has no proven attack vector on AMD Ryzen parts, and the THEORETICAL vectors are simply patched on AMD with no performance hit. On Intel, Spectre CANNOT be patched, however. Either way, spectre is another TRIVIAL and insignificant bug- of which many thousands have already been dealt with on both AMD and Intel.

It is MELTDOWN that is the only issue that matters. Meltdown describes the NSA backdoor built into every Intel CPU designed to allow user code ring-0 access. This is an ARCHITECTURAL design of intel's CPU's, and cannot be fixed except by flushing and state resetting before EVERY virtual memory/IO operation- a massive slowdown of key functionality.

AMD's memory architecture is completely different, and does NOT allow this NSA requested attcak vector- not now, not ever.

Linux has gone crazy cos the exploit is a clear NSA backdoor, which Linux types will not accept. Microsoft, as an OS, is riddled with NSA exploits by Microsoft, so doesn't need a CPU hardware vector. Thus MS can happily patch the hole (on Intel only) at the cost of significant performance degradation on all mutli-core mulit-app use cases (which excludes most current games).

Intel cannot have a 'fixed' CPU til the end of 2019 at the earliest. Roadmapped Intel parts (like icelake) all have this NSA backdoor.

There is ZERO AMD issue - indeed AMD Ryzen is the future, just as the original AMD64 was the future when intel was shilling for the broken hopeless netburst design.

>> No.64155683

>There are PAID intel shills in this forum and on every other one across the net.
Yes there are and they are out in force like never before in the history of the company.

>> No.64155722


Wow do you believe that Intel wouldn't have a crack team working around the clock trying to make this bug fly on AMD? If this design flaw was on AMD, we'd know.

>> No.64155748

that's exactly what I'm saying but time is also a factor. Keep in mind all this has gone public very recently. If shittel is somehow going to counter AMD's claim they had to wait for it to go public first

>> No.64155802
File: 112 KB, 629x578, DStoUAMXkAAiCqS.jpg [View same] [iqdb] [saucenao] [google] [report]

Wrong, AYYMD is affected by Meltdown

AYYMD has been lying like the liars that they are

>> No.64155845


You're getting desperate now.

>> No.64155877

Look at the last line, faggot

AYYMD is a lying piece of shit and they certainly are affected by Meltdown

>> No.64155957


Oh wow the process can see its own memory pages, big fucking deal. Wake me up when AMD can read pages from kernel or other processes. Yawn.

>> No.64155992

>It's possible
>But we can't do it

Yep, AMD sure is screwed

>> No.64156331

nobody gives a shit about ARM security though.

>> No.64156395

So what's the best AMD processor for gaming? Anything close to the 8700k?

>> No.64156407

That line looks like you've written it yourself, and infact... It's kinda... Stupid syntax.

>> No.64156425

probably should, as Cortex 75 is server CPU

>> No.64156588
File: 13 KB, 504x129, sponsors.png [View same] [iqdb] [saucenao] [google] [report]

project zero also had this fine print

>> No.64156648

>ARM for server
for what purpose

>> No.64156692
File: 198 KB, 2518x1024, poor little intel.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64156723

low power data center

>> No.64156800

academic papers and every single independent advisory says otherwise. Only a moron would educate himself on press releases, no matter if they came from Intel or AMD or whichever vendor.

>> No.64156851

>There are PAID intel shills
I don't know about intel, but I'm pretty sure that there are AMD shills (paid or not, it's irrelevant) and you're one of them. You keep posting this pasta and similar shit.

>> No.64157024

None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit. Researchers suspect AMD hardware MAY be vulnerable to v2, but it's extremely difficult to exploit to the point they consider it an academic curiosity and not worth issuing a patch for. The third variant definitely does not affect AMD hardware, and this is the variant that, when patched, causes a massive performance hit.

>> No.64158154


Despite the OP pic quoting the academic paper direct from the researchers, which clearly states that AMD is not affected.

>> No.64158181
File: 153 KB, 1166x767, Capture.jpg [View same] [iqdb] [saucenao] [google] [report]

Whats this?

>> No.64158290

They wouldn't want the sponsors >>64156588 to look bad now do they?

>> No.64158304

Learn to read. Spectre v1 has been verified on AMD hardware, Spectre v1 is not a big deal because it has already been patched with negligible performance impact.

>> No.64158511


Leaves out the fine print:

>on some older AMD arch (not RYZEN), if you change a non-default setting to enable eBPF JIT, it is vulnerable to this attack. This setting is on by default with Intel and cannot be disabled.

>> No.64158692
File: 119 KB, 794x602, 1515124581509.png [View same] [iqdb] [saucenao] [google] [report]

Spectre v2 works on Ryzen, in theory
A working PoC is being done on Ryzen/EPYC as we speak, apparently with some success.
>yfw AMD shot themselves in the foot by leaking the problem too early and now every white hat involved want to prove AMD wrong

>> No.64158718


More incuck damage control. KYS.

>> No.64158730

AMD can just release a patch that turns that option off and leaves it off.
Nobody uses it by default anyway.

>> No.64158740
File: 66 KB, 600x400, meltdowned.png [View same] [iqdb] [saucenao] [google] [report]

Stay salty Intel niggers

>> No.64158758
File: 213 KB, 846x934, 1515123623419.png [View same] [iqdb] [saucenao] [google] [report]

Nope, this is from the Red Hat Enterprise guys
They were not happy with AMD, to say the least. AMD might be able to mitigate the attack window for Spectre ver2, but it's not immune from it like AMD boldly claimed.
That's for Meltdown, not Spectre. Spectre's fix is not complete yet.

>> No.64158811



Why not get a competent source.

>> No.64158834


>I was going to prove something that neither google, intel or amd were able to but I was too busy porting systemd to ibm mainframe during my holiday break

>> No.64158932

oy vey delid dis!

>> No.64159119

>we've been working on this for a year
>we have absolutely no proof of concept
>some guys are still working on creating one
>but AMD is totally vulnerable guys!!!1

Yeah, I definitely believe that asshole.

>> No.64160361 [DELETED] 






>> No.64160569

....OP is not quoting academic papers, but an AMD press release.

>> No.64160572

>shouldn't comment publicly
>comments publicly
how desperate are you
and also no proof
just cautionary speculation

>> No.64160693

>None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit.
No researcher ever stated that.
>Researchers suspect AMD hardware MAY be vulnerable to v2, but it's extremely difficult to exploit to the point they consider it an academic curiosity and not worth issuing a patch for.
No researcher ever stated that.

>> No.64160709

Redhat IS a competent source and IS an industry standard.

>> No.64160830

>an academic curiosity and not worth issuing a patch for

such a puerile academic curiosity they released a firmware update to disable branch prediction altogether.

>This update for kernel-firmware fixes the following issues:
>- Add microcode_amd_fam17h.bin (bsc#1068032 CVE-2017-5715)
>This new firmware disables branch prediction on AMD family 17h processor
>to mitigate a attack on the branch predictor that could lead to
>information disclosure from e.g. kernel memory (bsc#1068032 CVE-2017-5715).

I demand AMD shills to stop, along with Intel ones.

>> No.64162531

Keeps me wondering how long they have been know. Gotta go rewatch James Bond Spectre for some hints

>> No.64162582

because everything is hackable , even intel after the patch.

Until you prove it can be exploited it non issue

>> No.64162694

More like:
>The vuln. is provably there (instructions past illegal memory access are performed)
>There is no PoC yet that can read kernel memory on AMD processor.
We have to see how this pan out.
So Meltdown is potentially possible on AMD.

>> No.64162730

Just wait

>> No.64162739

>None of the researchers were able to use any of these vulnerabilities except the first variant of Spectre on AMD hardware, and that specific variant was fixed with a software patch that incurred only a negligible performance hit.
No, linux only patched BPF in the kernel. They targeted BPF only for convenience, not that that's the only potential attack vector against the kernel. Note that other runtimes that don't do process isolation have to have separate security mitigations against variant 1 (like JS engines).

>> No.64162757

meltdown is 100% not going to work on AMD, this is just not how proper CPUs are made where you give away your L1$ data away for free

>> No.64162832

I think you missed the part where they proved the vulnerablity exist only they couldn't exploit it on AMD.

>> No.64162933

You should know that any source which questions amd isn't reliable and competent. This board is /r/amd.

>> No.64164144

Incucks still desperately trying to implicate AMD into this infail fuckup.

>> No.64164450

Na. They'll switch up architecture and then not only keep selling units, sell more because they now have to replace the existing cpus in a fuckton of machines as well. They'll be fine. Better even.

>> No.64165714

>it exists
>but it doesn't exist

>> No.64165989

>There are PAID intel shills in this forum
almost surely not. why would the prevailing opinion of this particular forum matter in any sort of context? every single apparent 'intel shill' is actually a troll, going for the low-hanging fruit i.e. the autists on this board who are enraged by the possible misunderstandings brought about by Intel's PR and go into a hissy fit when someone apparently fell for the intentional conflation of Meltdown vs. Spectre. the number of trolls who go on pokerfaced about how 'the vulnerability' impacts AMD is really high, and they are fapping to you guys trying to make them understand what they do understand but are amused by pretending not to.

>> No.64166050
File: 79 KB, 706x674, sureitisnt.png [View same] [iqdb] [saucenao] [google] [report]

t. Intel pajeet

>> No.64166581

>is actually a troll
You are a troll. And >>64166050
; and >>64164144 ; and all those samefaggots who refute plenty of evidence with plain namecalling. We have CVEs, papers and advisories like >>64160830 yet the only think they keep spewing are AMD press releases. Even worse, they pretend that AMD press releases are the official papers ( >>64158154 ) and repeat unfounded claims and speculations ( >>64157024 ). That's the definition of a troll, and if I may add, a shitty one.

>> No.64166637

the definition of a troll is 'a person who tries to get a rise out of others by making claims he has no investment in'.

>> No.64167279

You use that work, but I don't think you know what it means

>> No.64167313

>There are PAID intel shills in this forum
and then there are folks like you who "shill" AMD


>> No.64167353

They guy says says basically the same than amd though. Not vulnerable to meltdown, the big bad exploit with the performance decrease, when fixed. Technically vulnerable to spectre, but that's kind of trivial , because Spectre is a fundamental vulnerability for all processors with out of order execution. If a processor has this feature, it is technically vulnerable. If it is practically possible to exploit that vulnerability is another question

>> No.64167400
File: 944 KB, 1228x1502, 1495812218308.png [View same] [iqdb] [saucenao] [google] [report]


>> No.64167443

You cant just pull a new architecture out of a hat. It will take years before this is fixed.

>> No.64167540
File: 318 KB, 882x758, 1490730560541.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.64167560

>tryhard hackers from all over the world can't get a single PoC on x86-64 after days of hard work, still at it fruitlessly
>implying russian script kiddies will magically be able to
We're not in the clear yet, but this looks very promising.

Side note: No such thing as AMD64

>> No.64167604

>information has emerged that an anonymous source close to X...
Cool story.

Name (leave empty)
Comment (leave empty)
Password [?]Password used for file deletion.