'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

General discussion and chat (archived)

User avatar
Isengrim
Board Warrior
Board Warrior
Posts: 1325
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Isengrim » 2018-01-07, 19:09

dark_moon wrote:And dont forget about new AMD PSP (AMD’s “Management Engine”) hole: https://chefkochblog.wordpress.com/2018 ... -hole-too/
Off-topic:
From what I understand, AMD has released patches to motherboard manufacturers to allow for disabling the PSP in the BIOS, which is something Intel hasn't been entirely consistent about yet.
a.k.a. Ascrod
Linux Mint 19.3 Cinnamon (64-bit), Debian Bullseye (64-bit), Windows 7 (64-bit)
"As long as there is someone who will appreciate the work involved in the creation, the effort is time well spent." ~ Tetsuzou Kamadani, Cave Story

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-07, 19:53

Wow, well it took me about an hour but I finally nailed down that my Vishera AMD FX-8350 does not have P2P since it was
put out in 2012. Whew. :mrgreen: I will be holding on to this one. But it is pretty awesome to see AMD make the move to
allow you to disable it, while Intel basically sits with their ars to the wind.

It is interesting to note though that in order to even exploit the P2P on AMD you need to have physical access to the motherboard.
Unlike Intel being able to access remotely. This is truly a huge hit for Intel and if AMD can simply shut down their P2P and fix the hole
and Intel's issues are baked into the chip then Intel is going to have a really bad year.

The sad part of this is that Intel CEO knew this was coming and dumped all of the shares he could before this became public. :thumbdown:
"...unless I am mistaken what he did is a form of inside trading."

Let me break this down to make it simple:

* When did he know about this 'little problem' => June 2017
* When did he sell ALL (as many as legally possible) of his shares? => November 2017
* When did the ordinary shareholders get this information => 2018

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-07, 20:00

Isengrim wrote:which is something Intel hasn't been entirely consistent about yet.
Hahaha, Try like dodge and obfuscate and do everything in it's power to down play it's role in what is now
a massive security hole. There has been work on trying to understand the issues with Intel's P2P for awhile now
and Intel kept it as tight a secret as possible. Now it's all coming out and they are trying to not only down play it,
but also deflect some of the blame by pointing to AMD. They hosed themselves and I'm glad to see it. :mrgreen:

I really feel sorry for those in the industry that will be taking a huge hit in performance just to keep their systems
from being insecure. I wonder what the ratio of AMD to Intel processors there is in the industry? :think:
Last edited by Thehandyman1957 on 2018-01-07, 20:01, edited 1 time in total.

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-08, 02:07

One has to wonder how long the NSA knew about this, or any other CPU vulnerability. The NSA is a pretty damn smart organization that hires some of the best mathematicians in the world. All day long I bet they look for vulnerabilities. More so than any BS CPU manufacture or OS manufacturer. After all, it's the NSA's job.
Last edited by John connor on 2018-01-08, 02:08, edited 1 time in total.

User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-09, 06:10

It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs:
https://www.theregister.co.uk/2018/01/0 ... wered_pcs/
Users report Athlon-powered machines in perfect working order before the patch just don’t work after it.
The patch doesn’t create a recovery point, so rollback is little use and the machines emerge from a patch in a state from which rollback is sometimes not accessible.
Some say that even re-installing Windows 10 doesn’t help matters.
Others have been able to do so, only to have their machines quickly download and install the problematic patch all over again …

John connor

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by John connor » 2018-01-09, 14:46

Off-topic:
HAHAHA I love all who love Windows 10. Not so much for their clowness, but for their sheer lack of common sense when they've been turned into a whore by M$. I've argued with so many idiots on various forums about how 10 and it's mandated update crap was garbage. Not to mention its built in keylogger and all the other privacy invading crap. I figure in about 10 years when I update my computer yet again, and I have to us 10, I'll use PFsense or Untangle on the network and block all of M$'s ASNs. If I need a critical I'll download it with a VPN. Damn shame that gone are the days of owning your own damn computer and doing what YOU wanted to do with it. Pisses me off quite frankly. And the whole nonchalant, I really don't care attitude with 10 users and their asinine defense of the whole thing. It's like being being raped only you are making money at the same time for the raper.
Last edited by John connor on 2018-01-09, 14:47, edited 1 time in total.

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-09, 14:52

John connor wrote:
Off-topic:
HAHAHA I love all who love Windows 10. Not so much for their clowness, but for their sheer lack of common sense when they've been turned into a whore by M$. I've argued with so many idiots on various forums about how 10 and it's mandated update crap was garbage. Not to mention its built in keylogger and all the other privacy invading crap. I figure in about 10 years when I update my computer yet again, and I have to us 10, I'll use PFsense or Untangle on the network and block all of M$'s ASNs. If I need a critical I'll download it with a VPN. Damn shame that gone are the days of owning your own damn computer and doing what YOU wanted to do with it. Pisses me off quite frankly. And the whole nonchalant, I really don't care attitude with 10 users and their asinine defense of the whole thing. It's like being being raped only you are making money at the same time for the raper.
I feel stronger than ever that we need an open source version of Windows. ReactOS is getting there but it is time we all gave it some support. Latest version really looks good, works quite well, it just needs stability and fleshing out. I suppose what it really needs is cash. We all know how long it has taken to get to this stage.
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

User avatar
Tomaso
Board Warrior
Board Warrior
Posts: 1622
Joined: 2015-07-23, 16:09
Location: Norway

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Tomaso » 2018-01-09, 16:05

Microsoft halts security updates for select AMD devices:
https://www.ghacks.net/2018/01/09/micro ... d-devices/
Microsoft has reports of customers with some AMD devices getting into an unbootable state after installing recent Windows operating system security updates.
The investigation revealed that affected AMD chipsets did not “conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown”.
Microsoft halted update delivery for affected AMD processors as a consequence to work with AMD on a patch for affected devices that resolves the issue without putting devices in the boot loop.

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-10, 03:11

Microsoft reveals how Spectre updates can slow your PC down
https://www.theverge.com/2018/1/9/16868 ... c-slowdown
The good news is that for modern PCs running Windows 10, most consumers won’t notice a significant difference. If you’re on an older machine, particularly a Windows 7 or Windows 8 one, then there’s going to be some noticeable performance changes.
Sometimes I just have to wonder if this isn't just being used to simply push more people into W10. :think:

I mean think about it for a second. They don't even mention if it would make any difference depending on the speed
of the processor or memory amount or hard drive speed. Just age of the operating system and age of computer.

I guess the old saying still goes, never let a good crisis go to waste. :problem:

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-10, 03:14

Microsoft Says No More Windows Security Updates Unless AVs Set a Registry Key
https://www.bleepingcomputer.com/news/m ... istry-key/
According to an update added this week, Microsoft says that Windows users will not receive the January 2018 Patch Tuesday security updates, or any subsequent Patch Tuesday security updates, unless the antivirus program they are using becomes compatible with the Windows Meltdown and Spectre patches.
There is a problem where some anti-virus vendors are using techniques to bypass Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes. To be honest, some of the techniques are similar to ones used by rootkits — Kernel Patch Protection was introduced by Microsoft a decade ago to combat rootkits, in fact. Because some anti-virus vendors are using very questionable techniques they end up cause systems to ‘blue screen of death’ — aka get into reboot loops.
Very interesting. :coffee:

User avatar
yereverluvinuncleber
Lunatic
Lunatic
Posts: 323
Joined: 2017-12-06, 21:25

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by yereverluvinuncleber » 2018-01-10, 14:27

Raspberry PI - the only major platform unaffected. By major I mean? Well, it has a lot of users and now potentially, showing another strength, it may have many more... ARM Cortex in order execution CPUs in all the PIs.
My skills technical & otherwise: VMS system manager 20 years. Fault Tolerance, clustering, Vax, Alpha and ftSparc. DCL, QB45, VB.NET, VB6, PHP, Javascript. Graphic Design, Project Management, CMS Web Design. DOS and Windows admin since 1985. Quad Audio Electronics update and repair. Rebuilding classic cars and motorcycles. Artist in watercolours. Historian. There's more.

RJARRRPCGP
Lunatic
Lunatic
Posts: 400
Joined: 2015-06-22, 19:48
Location: USA (North Springfield, Vermont)
Contact:

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by RJARRRPCGP » 2018-01-10, 16:45

Thehandyman1957 wrote:Wow, well it took me about an hour but I finally nailed down that my Vishera AMD FX-8350 does not have P2P since it was
put out in 2012.
Vishera first debuted in 2012 and were manufactured to at least 2014 and probably 2015, if not 2016 as well.

So Vishera didn't exist in 2011, lol. 2011 was the year of the dreaded Zambezi version. You can tell they are the Zambezi version, if the models are called 8150, 8120 or 41xx...

hobbledehoy899

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by hobbledehoy899 » 2018-01-10, 18:04

Moonchild wrote:I'm glad I stick with AMD ;)
Off-topic:
I don't know if you can actually answer this, but the way you phrased that post would imply you could... What do you think of Ryzen and would you recommend it for reasons other than not being Intel chips?

User avatar
Night Wing
Knows the dark side
Knows the dark side
Posts: 5146
Joined: 2011-10-03, 10:19
Location: Piney Woods of Southeast Texas, USA

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Night Wing » 2018-01-10, 19:44

Since I've got four computers with Intel processors, I decided this morning to install on the windows hard drives for each computer, Windows Update KB4056897 which is just the security fix for this vulnerability and avoid the Monthly bloated "stuff" of KB4056894. The install of KB4056897 went smoothly without any problems.

After a re-start of my computers, I decided to see if there was any slow down by working in some of my files on each windows hard drive in my four computers. Didn't notice any slow down. Since I don't have any spreadsheets, I wasn't expecting a slow down either.

As for my linux hard drives, I'm running the 4.10.0-38 kernel right now in linux Mint 18.3 (Sylvia). I'm going to hold off on installing the fix which is one of the 4.13 series of kernels (16, 17 19 & 21) because if I choose the wrong one, the linux hard drive may not boot.

I'm going to wait until Mint 19.0 (Tara) is released for Xfce in June (2018) since it will come with the 4.15 kernel and the install of Mint 19.0 will choose the correct kernel version number for me upon the installation of Mint 19.0 (Tara).
Linux Mint 21.3 (Virginia) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
MX Linux 23.2 (Libretto) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox
Linux Debian 12.5 (Bookworm) Xfce w/ Linux Pale Moon, Linux Waterfox, Linux SeaLion, Linux Firefox

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-11, 02:49

hobbledehoy899 wrote:
Moonchild wrote:I'm glad I stick with AMD ;)
Off-topic:
I don't know if you can actually answer this, but the way you phrased that post would imply you could... What do you think of Ryzen and would you recommend it for reasons other than not being Intel chips?
https://chefkochblog.wordpress.com/2018 ... -hole-too/
PSP was introduced in (2014) Mullins APU’s / (2015) Carizzo – Newer processors like Ryzen and Epyc also implemented it
This is what led me on the chase to see if my chip had the PSP. So it looks like Ryzen is not free from this defect.
But again, keep in mind that 1. AMD is going to allow you to disable this feature in the Bios. 2. An attacker has to have
physical contact with your computer to get this attack approach to even work.

So AMD is way better at this point than anything Intel has. ;)
Last edited by Thehandyman1957 on 2018-01-11, 03:29, edited 1 time in total.

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-11, 02:51

RJARRRPCGP wrote:So Vishera didn't exist in 2011, lol. 2011 was the year of the dreaded Zambezi version. You can tell they are the Zambezi version, if the models are called 8150, 8120 or 41xx...
Off-topic:
Yes, I learned about that chip while digging around to find out about mine. Glad I dodged that bullet too. :angel:

I got real lucky and blessed getting this particular computer. :thumbup:

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-11, 02:53

RJARRRPCGP wrote:Vishera first debuted in 2012 and were manufactured to at least 2014 and probably 2015, if not 2016 as well.
Yes, but the chip design was still the same so it still did not have PSP inside the chip even during the late years of manufacturing.

Oops, fixed it. :mrgreen:
Last edited by Thehandyman1957 on 2018-01-11, 03:28, edited 2 times in total.

hobbledehoy899

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by hobbledehoy899 » 2018-01-11, 03:19

Thehandyman1957 wrote:P2P
Off-topic:
Don't you mean PSP?

Thehandyman1957

Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Unread post by Thehandyman1957 » 2018-01-11, 03:30

hobbledehoy899 wrote:
Thehandyman1957 wrote:P2P
Off-topic:
Don't you mean PSP?
LOL well, I could blame it on my dirty glasses but I don't wear any. Oh well. :lol:

Perhaps a moderator can fix the first ones I messed up. :angel:
Last edited by Thehandyman1957 on 2018-01-11, 03:31, edited 1 time in total.

Locked