back to article Another data-leaking Spectre CPU flaw among Intel's dirty dozen of security bug alerts today

Intel will today emit a dozen security alerts for its products – including details of another data-leaking vulnerability within the family of Spectre CPU flaws. This bundle of disclosures is the start of the processor giant's efforts to move to a quarterly cadence of updates, we understand. Rather than drop surprise alerts …

  1. Joerg

    So what? CPU Errata exist since the first products hit the market...

    So what? CPU Errata exist since the first products hit the market... and even before that.

    All CPUs (and not only those) have had CPU Errata. Any piece of hardware has multiple revisions and a list of Errata which includes serious bugs too. Then what?

    All of a sudden it seems that only Intel is affected by that while AMD saves the world or something? Clearly AMD has been spinning this crap all over the 'net as a major issue with Intel hardware .. which is a big lie indeed. AMD kept lying telling that their products aren't affected and bug free. AMD doesn't make public most of its Errata. That is a fact. AMD is the one hiding and spreading fake info against its competitors.

    1. Nate Amsden

      Re: So what? CPU Errata exist since the first products hit the market...

      I think it's mostly an excuse to get page views. There are legit situations where these bugs can be considered dangerous(much more so if you are in an organization that is a tempting target) but those are pretty few and far between vs the more common security exploits as the article notes.

      The page views things isn't specific to intel though it's to many of these recent security things where people are making up code names and dedicated websites for them, or in the case of AMD trying to manipulate the stock price. So far overblown.

      I don't believe AMD is spinning this at all myself but certainly vocal AMD fans are trying (to no avail from what I can see -- don't get me wrong I do like AMD I was pretty hard core fan of theirs for Opteron 6000 but then they burned many bridges with those server chips and Epyc isn't yet enough to get me excited again -- mainly on power usage).

      I'll change my tune if these intel bugs provide a way to crash the processor(I keep thinking back to the f00f bug).

      Doing some searching seems there may be such a bug coming soon

      https://en.wikipedia.org/wiki/Halt_and_Catch_Fire#Intel_x86

    2. Roo
      Windows

      Re: So what? CPU Errata exist since the first products hit the market...

      "All of a sudden it seems that only Intel is affected by that while AMD saves the world or something?"

      Intel ship the most $ worth of CPUs by a very wide margin, so they will naturally attract the most attention. The fact is SPARC, MIPS, ARM and even POWER have been reported as having SPECTRE vulns - so it's not just poor likkle old Intel.

      To my reckoning there are an awful lot of VMs out there sharing Intel boxes on networks with strangers, so it seems reasonable that Intel cops the majority of the flak to me... Big fail is a natural by-product of big success. :)

    3. Brian Miller

      Re: So what? CPU Errata exist since the first products hit the market...

      There's a bit of a difference between errata and "pants down" problems. Yes, AMD has much less of a problem than Intel, but I'll wager that it's inadvertent. I'd believe that it was deliberate if AMD released internal docs showing what security design decisions were made, how they realized the side channel attack could occur, and what could be done about it.

      Now that world+dog know, hopefully future chips will have better design. At least the microcode can be updated, unlike the chips of yesteryear.

      1. Anonymous Coward
        Anonymous Coward

        Re: Other companies vs Intel

        Other companies were doing their best with horses in the race, then we found out horses had an illness.

        Intel though had one or two more so, because they worked they horses extra hard, with even more whips.

        Everyone else gets a condolences on their dead horses, Intel continued to whip its horse.

    4. Roo
      Windows

      Re: So what? CPU Errata exist since the first products hit the market...

      "AMD kept lying telling that their products aren't affected and bug free. AMD doesn't make public most of its Errata. That is a fact. AMD is the one hiding and spreading fake info against its competitors."

      Extraordinary claims require extraordinary proof, of which you have provided precisely zero. In fact AMD *have* reported SPECTRE vulns - and they *do* publish their errata, although I can't prove that they publish it all. While we're in the business of fair play, you could also point out that the 800lb Gorilla's arse sat on errata for months and some cases years, MELTDOWN included.

      Personally I'd like CPU vendors to feel confident enough to be open about their vulns, and be given the space to remove the root causes without people whining about backward compatibility. I think that *could* be achieved with a compact ISA with a freely available robust validation suite (actively maintained with tests for vulns added as they crop up). As it stands I think folks punting x86 chips are doomed to fail due to the inherent complexity and ambiguous spec of the ISA, they have a very tough job.

      1. Warm Braw

        Re: So what? CPU Errata exist since the first products hit the market...

        inherent complexity and ambiguous spec of the ISA

        The ISA really has nothing to do with this particular set of woes; speculative execution and branch prediction (for example) are not part of the ISA, they're implementation optimisations that could be applied to any ISA that has a conditional branch - and that means any ISA at all.

        Complex instructions can mean you get significantly more compact code and that has a knock on in terms of the number of instructions you need to pre-fetch and the size of the caches. Of course, the more complex instructions are, the more chance there is of a bug in the process of decoding the complex instruction into the correct series of simpler operations in the processor itself, but such bugs are easily fixed in microcode and in principle can be validated statically.

        These problems have arisen because CPUs outperform memory - and that seems unlikely to change any time soon.

    5. Anonymous Coward
      Facepalm

      Re: So what? CPU Errata exist since the first products hit the market...

      'Clearly AMD has been spinning this crap .. AMD is the one hiding and spreading fake info against its competitors.'

      Actually it was AMD on the receiving end of such speculative crap, mainly by CTS that "may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports."

    6. Anonymous Coward
      Anonymous Coward

      Re: So what? CPU Errata exist since the first products hit the market...

      I would figure with how poorly Intel treats its employees and all the layoffs the first poster wouldn't be a shill but there he/she is.

    7. Anonymous Coward
      Anonymous Coward

      Re: So what? CPU Errata exist since the first products hit the market...

      Because they made a cynical design decision in secret, and they got caught. That's not what errata are for.

    8. Anonymous Coward
      Anonymous Coward

      Re: So what? CPU Errata exist since the first products hit the market...

      "So What"? A 30% reduction of Processor capability. Consider an instantaneous reduction in your car's power. So what,indeed.

  2. Alan J. Wylie

    CVE-2018-3693 "BCBS" Bounds Check Bypass Store"

    Note that -3639 is a very similar "speculative store bypass" from May: don't get confused as I did for a short time. Could -3693 be the same as the Intel one?

    Mark Rutland of ARM on the Linux Kernel Mailing List

    arm64: spectre-v1 write fixes (CVE-2018-3693)

    These patches inhibit spectre-v1-write gadgets found in arch/arm64, using the same mitigation applied to existing spectre-v1-read gadgets.

    This issue is also known as CVE-2018-3693, or "bounds check bypass store". More details can be found in the Arm Cache Speculation Side-channels whitepaper, available from the Arm security updates site [1].

    [1]

    1. Anonymous Coward
      Anonymous Coward

      A whole lotta "not just intel"

      Intel x86 offerings are insecure, Intel are still selling their insecure chips and until they show that they have learned their lesson then truely they cannot be trusted.

      Intel sold premium products on promise of security and when it became public that their products were faulty at time of sale then they should have recalled, they still have not been.

      So whilst there may be other CPU manufacturers with similar speculative execution problems it doesn't change the fact that intel did not, and has not, stopped selling their faulty insecure chips nor are they willing to atone for their sins.

      No amount of shill posts are going to change the fact that Intel got caught but refuse to make amends.

      1. DCFusor

        Re: A whole lotta "not just intel"

        Not defending Intel here - but there's a difference between "refuse" and "cannot" that I think you're missing here.

        All server chips? End of Intel and we haven't replaced them all yet, some aren't even still made for those older sockets that have these bugs.

        Soldered-in laptop chips? Self righteous "ought to do the right thing" needs to consider what's even possible to do, Intel isn't a central bank that can print money and thereby cheat everyone else via inflation.

        They just die - along with your pension fund that owns them - and other outfits with zillions of Intel chips running their worlds too. Then *you* die. Careful what you ask for.

        So many people just don't understand how the world works, how things tie together.

        It's lucky that it's damn unlikely Joe average home gamer will suffer from these - thinking you are important enough to deserve the effort required is vain as hell. There are other ways to get most anything about you that's wanted without using these tricks.

        Many of us complained about the approach of ever more layers of cache, depth of pipelines, and speculative execution from the beginning, and we didn't even realize it could lead to this kind of bug back then. We were right...but we were objecting to "ugly can't be right" vs knowing just how it was gonna be wrong. Other ways should have been pursued and are being pursued that will gain performance and per-watt performance as they mature. We just wasted a decade going the wrong way.

      2. big_D Silver badge

        Re: A whole lotta "not just intel" @AC

        ntel x86 offerings are insecure, Intel are still selling their insecure chips and until they show that they have learned their lesson then truely they cannot be trusted.

        Intel sold premium products on promise of security and when it became public that their products were faulty at time of sale then they should have recalled, they still have not been.

        And what would they do with recalled chips? This problem affects pretty much ALL processors from all manufacturers, including ARM and various other RISC processors, AMD etc. Some more, some less.

        None have released Spectre free chips, although Meltdown was almost exclusively Intel.

        Why haven't they? Because they can't. It isn't a simple matter of writing a bug fix. These problems are fundamental in the design of all modern processors. You need to go back to the late 90s to find a design that doesn't embody these techniques. You need to then unlearn everything you've been doing in processor design for the last 20 years and come up with a new way of doing it!

        That isn't going to happen over night. There will be a couple of new generations of chips, which were already in development when this all hit, which will still be partially vulnerable to these attacks. I would guess, that we won't see a completely corrected design until at least 2012, if not later. And chances are there will be incompatibilities with existing chips and software.

        This is going to shake up the whole industry, not just Intel, it will affect all processor manufacturers, all operating system vendors (including Open Source), all web browsers, all hypervisor vendors and possibly a large number of normal applications vendors. It might be that existing Windows, Android, iOS, MacOS and Linux versions will no longer run on new hardware, that new versions will be required and new software to run on them.

        That will mean legacy software will be stuck on legacy chips. And legacy software will be anything from Windows 10 back (although the next iteration will probably be available in a legacy processor and new processor versions), it is unlikely that Windows 7 or 8.1 will get patched for new processor designs, they are already EOL and will be stuck on old hardware. The same for any software that isn't 100% compliant with the official documentation.

        This obviously also applies to all other operating systems and software as well.

        If it really is a complete redesign of multithreading and hyperthreading on the processors, that is a game changer for everyone. Move to the new hardware and buy new versions of all of your software or stick with older, vulnerable chips and run your existing hardware.

        1. big_D Silver badge

          Re: A whole lotta "not just intel" @AC

          That should be 2021, not 2012! Shame the edit is only 10 minutes...

        2. Anonymous Coward
          Anonymous Coward

          @ "And what would they do with recalled chips?"

          Whatever they do with trash normally, I would seriously doubt intel would actually recall the hardware, they are much more likely to pay a set price for RAM, motherboard and CPU sufficent to buy an equivilent product from someone else.

          "This is going to shake up the whole industry" it is already shaken but irrespective of what happens to intel all your predictions about the end of the world if Intel disappear is just rubbish. There is emulation and they could implement everything that the CPU was supposed to do on other hardware, with options to turn security down if more accurate emulation if required.

          As to OS and apps then since they are mostly written in portable lanaguages then they should all move over to new hardware with minimal changes.

          As to the complete redesign of CPU pipe tech then that is required action anyway, currently it is broken beyond repair. Multi-threading is not intel nor multiCPU dependant hence would not be effected even if they went back to a single CPU, multithreading was after all just a quick answer to silicon switching speed, their are better ways to parallel process.

          I have seen an aweful lot of posts in this thread that made clear that the poster didn't actually understand the subject they are posting about, intel was after all just one CPU manufacturer there are many others.

          Personally I would say that abandoning the "legacy apps" to emulators in exchange for real security and open standards would be a massive improvement over what we have at the moment.

          Lastly bare in mind that for years intel and their friends have been making money hand over fist, if they want to retain control of the PC market then perhaps they are going to have to give some of that money back to the people they ripped off. If they blew it all on hookers and blackjack then there are plenty of others who can take over right now with minimal impact to the rest of the world.

          1. big_D Silver badge

            Re: @ "And what would they do with recalled chips?"

            Whatever they do with trash normally, I would seriously doubt intel would actually recall the hardware, they are much more likely to pay a set price for RAM, motherboard and CPU sufficent to buy an equivilent product from someone else.

            My point being, they can't replace them with a "bug free" chip from their own product lines and there are currently no equivalent products from other manufacturers that aren't also affected.

            I guess they could replace those Core i7 and Xeons with Pentium III chips or AMD Athlon+ chips from the turn of the Century. AMD multicore chips are out, ARM and SPARC chips are out, any powerfoul x86/x64 clone is out... So, what would you spend the money on?

            The best Intel, AMD, Apple Qualcomm and the others can do is patch the firmware and give enough information to the OS vendors and application developers that they can do their best to protect their software from such attacks.

            it is already shaken but irrespective of what happens to intel all your predictions about the end of the world if Intel disappear is just rubbish. There is emulation and they could implement everything that the CPU was supposed to do on other hardware, with options to turn security down if more accurate emulation if required.

            You are forgetting the timescales. There is no magic bullet for this. Every chip designer is currently rushing around trying to get new designs into the pipeline. The problem is, that is a long pipeline, so there won't be any "Spectre free" designs for the next few years. It is something we will have to live with.

            And I never said it would be the end of the world if Intel went down, I was just pointing out that, currently, there is no alternative to Intel, if you want a Spectre free design.

            As to OS and apps then since they are mostly written in portable lanaguages then they should all move over to new hardware with minimal changes.

            OS? Not really, a lot of it is still done in Assembler/machine code, even if a majority is written in C/C++ or high level, managed languages. But it is the low-level libraries that will need to be re-written first, before the rest can come over. That can take years, even with a big programming team to pick through those 10s of millions of lines of code and re-test everything.

            Even something "trivial" on paper, like changing from Bigendian architecture to Littelendian architecture, would require a lot of work, you still need to review all of the code, whether manually or automated, to ensure you pick up every instance of Bigendian moves.

            Applications are a little easier, but, for example, up until recently most of Excels macros and VBA was written in Assembler for performance. You aren't going to re-write that in a few weeks!

            Again, this isn't about defending Intel, this is just pointing out, that currently, there are no "safe" chip designs from ANY of the major players that would be in a position to push out the required numbers of high performance parts. There might be some small players, with low performance chips, like the Eden x86 chips (32-bit) that might not be affected by Spectre, but that would set you back to turn of the Century performance and software, no modern Linux, no modern Windows or OS X, no PC with more than 4GB RAM...

            1. Anonymous Coward
              Anonymous Coward

              Re: @ big_D and it's all to appailing even to consider

              "Safe" chip design, this needs to be at the first simply because you need to agree that unqualified "safety" does not exist, everything has "unsafe" conditions. With this in mind Engineering attempts to limit the implicit "unsafe" conditions so as to provide the maximum "safe" functionality for a minimum of risk, this is something that I would say Intel have failed at.

              Lets consider the PC, for years the push behind CPU design has been towards faster processing and to be frank what hardware and software "safety" there was, went right out the window. They pushed clock speeds until they hit the barrior implicit in silicon (even with cooling) so they went to multicores to get more performance (note that this already required a complete rewrite of OS inorder for it to actual give the promised performance gain) and for a while it looked as though things were progressing. However now we find that the "safety" of the tech behind CPU pipe optimisation was reliant upon no one noticing that the optimisation could be abused so as to make the resultant lack of "safety" in systems employing the tech more of a consideration that the performance gained.

              We here, have all seen a lot of "we thought it was okay to do this because we never dreamt that anyone would ever want to deliberately break the system" type design fkups in computing. You would imagine given the last 30 years experience that it must be clear that yes, there are plenty of people who do indeed what to break the system, especially when that system is between them and someone elses's money. So IMHO it is reasonable to suggest that Intel are responsible for any losses due to their design blindness if this is not obvious to anyone else reading this then consider the following.

              Lets look at CPU design like any other large engineering project, for example building a skyscraper. As part of our design process we needed to do a risk assessment and we found that the design was within acceptable risk/benefit levels, we knew from experience there were dangers but we set adequate safeguards inorder to mitigate the losses. So the design is accepted, we got paid, put the building up and then someone else discovered that on the outside on the ground floor there is a cable hanging down that if pulled would make the building fold up like a concertina. You can bet that we are not going to be making any more building for a long time and no one sane and with a clue is going to accept the idea of just putting a sign and cordon saying "do not pull" next to the cable, as a solution. The building has to come down and if it means that the people who used to live there have to be spread out to across a number of other buildings you can bet we are going to be paying a large percentage of those relocation and demolition costs, even if we go bust we might as well live in the courthouse because that is where we will be spending our waking moments for a long time if we do not address this.

              So like our stupidly "designed" building, the PC as we know it needs to be dismantled and a new "safe design" put in it's place even if it is only a bungalow. The facts are that when the skyscrapers start falling then is going to take a long time before anyone will want live in a building with more than a couple of floors. This doesnt stop us making the buildings wider in order to get the same benefit without the known risk, agreed the land costs will be higher in the city but luckily we bought up large areas of desert to the south and we can offer housing there in exchange if we provide free transport into the city then most people would be satisfied. Intel seem to be hoping that enough people will put the view from their skyscraper windows over the fact that they are living in a deathtrap, presumably in the hope that since we have a name for building skyscrapers they can hold out until we can build one to meet the new regulations. We are hoping that we can hush up the bad press when their buildings start folding up but we hope to keep getting paid to put them up until the last second.

              In Intel's case they do not actually have to go bust, if they addressed the problem rather than pretending it doesnt exist but if even they do go bust someone else can buy up that desert land cheap and meet the housing crisis. We have a lot of different builders who currently specialise in one bedroom housing but that is because Intel controlled the skyscrape market, without Intel in the way marketshare and money is going to be coming their way sufficent for them to meet the needs of now and the future.

              There have after all been plenty of "safe" chip designs, CPUs exist without speculative execution but since the market still only believes in Intel and skyscrapers then a whole lot of people have to suffer before the majority of market recognises the cost of the view.

              As to no "modern" operating systems, if you are restricted to lean designs then you will discover there is a lot of fat that can be cut and still have a fully functional "modern" OS. On you other points x86 emulation as I said will either be fast enough or require to code to be optimised for the new environment.

              You might hope that isolation of your existing systems from cable pullers might work in the short term but now that everyone knows about the cables you can bet there are plenty of people right now pulling on anything that looks even a bit like a cable and it only take one for your decision to hope for the best to become it was all your fault, forget any insurance you were negligent

              1. big_D Silver badge

                Re: @ big_D and it's all to appailing even to consider

                I agree with your analysis of the situation, up to a point.

                You keep banging on about Intel, as if they are something special in this situation. I keep trying to point out that, while Meltdown is solely an Intel problem, Spectre is an industry-wide problem that affects pretty much every processor designer / maker at the moment.

                It is as if all skyscraper builders had designed in the wire outside the ground floor to collapse the building.

                At the current time, there is no alternative.

                They are all, including Intel, working on new designs to rectify this, but this isn't something that will happen over night. Therefore they all, including Intel, are working on patches to the microcode, among other things, to circumvent or at least mitigate the problem.

                Intel have been shoving out microcode patches for everything going back to Sandy Bridge (2011). AMD are doing the same, as are Qualcomm and Co.

                Just look at the Windows and Linux patches in the last 6 months, all have had regular updates for Intel and AMD microcode changes to combat this.

                The chip makers are also providing as much information as possible to help mitigate this problem at the software level.

                Your only real choice at the momnt is to either not use a computer at all, or dump your PC and smartphone and dig out a Pentium III machine or earlier...

                I am not saying that Intel are innocent, just pointing out that the whole industry is guilty and there are no real "safe" alternatives on the market at the moment, even if you wanted to abandon Intel because of Spectre. That would strike AMD, ARM, SPARC and most other processors off the list as well.

    2. Alan J. Wylie

      Re: CVE-2018-3693 "BCBS" Bounds Check Bypass Store"

      Yes - the ARM one is the same as the Intel one.

      Intel Open Source Security Incident Response Team: Speculative Execution Branch Prediction Side Channel and Branch Prediction Analysis Method

      CVE: CVE-2017-5753, CVE-2018-3693

      https://nvd.nist.gov/vuln/detail/CVE-2018-3693

  3. JBowler

    Duh, a 256 byte auto array?

    Better example, please.

  4. Rastor728
    Angel

    Blah Blah Blah

    These "tech details" read more and more like the adult voices in the Charlie Brown movies and shows......

  5. EnviableOne
    Stop

    You make your bed ....

    Intel invented speculative execution in their relentless drive to keep up with moores law, and caused the whole mess as others had to copy the idea to even attempt to compete with Chipzilla.

    There was no thought about the security of executing code across boundaries

    there was no thought of the posibility of these side channel attacks

    the only thought was SPEED leads to PROFIT

    what we need is to stop speculative paths when they hit a boundary, unless the process is previously authorised

    1. BlokeInTejas

      Re: You make your bed ....

      Intel did not invent speculative execution. Almost certainly, IBM did.

      Check your history. Google 'Tomasulu'.

      Twerps.

  6. cutterman

    Most of these seem to depend on getting root as a local user.

    In which case you may have more serious things to worry about...

    1. Michael Wojcik Silver badge

      Most of these seem to depend on getting root as a local user.

      None of them do. But thanks for playing.

  7. jms222

    > Intel invented speculative execution

    They most certainly did not.

    1. EnviableOne
      Pint

      Wel maybe they didnt invent it, IBM did, but they were the first to bring it to Mainstream CPUs with the Pentium Pro

      1. herman

        So, mainframe computers were not main stream? That is an interesting opinion, but it just doesn't fly.

  8. hapticz

    one basket for all the eggs?

    before certain people decided to take advantage of others, (for profit by fraud, deceit, strategy, etc) the specter of losing any amount of spare change legally was minimal, but a scaling up of so many business's to proportions that yielded millions of bucks with very little real 'effort' became suddenly 'important enough to pay attention to". loss of patent code execution has ever been fraught with risk, speculation and unending revisions. this industry is dynamic, like it or not, like politicians tweaking the culture to 'make it all work right".

    these obscure defects in the processors, now offer some the very minimal advantage to nudge a few bucks away from those who have, up until now, chosen greed as a way of life, rather than one that honestly improves the entire lot. security some say? when did that suddenly become an issue?

  9. elvisimprsntr

    Brings a new meaning to "Intel Inside."

  10. Kevin McMurtrie Silver badge
    Pint

    shutterstock_chip_person.jpg

    Is El Reg making listicles of bad stock photos for a new episode of BuzzGasm?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like