CRITICAL: Meltdown and Specter CPU Bugs

sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
I did not see a thread discussing this, so I post this in the hopes the mods pick up this story.

It has recently been disclosed that modern CPUs suffer from two critical CPU hardware bugs that allows an attacker to read kernel-protected RAM (i.e. all system RAM) from userspace. The exploits have been dubbed Meltdown and Specter. Both exploits are clever in that they exploit a feature called speculative execution--that is, modern CPUs try to guess at which instruction is next to be fetched, and then execute said instruction.

Meltdown is an Intel-specific problem Intel and ARM problem, and can and will be fixed on all major OSes soon, at a cost of up to 30% performance hit. Specter is more problematic as all CPUs that have speculative execution built in are vulnerable because the hardware engineers assumed (incorrectly!) that kernel memory was properly sequestered from userland processes at the hardware level.

What this all means is that as long as an attacker can run userland code, an attacker could use either bug to leak all kernel-mapped memory, leaking encryption keys, passwords, etc.

Meltdown will be fixed soon, while Specter requires new hardware. So everyone, update your phones, tablets, PCs, and be vigilant about what you do and download online.

Sources
https://www.nytimes.com/2018/01/03/business/computer-flaws.html
https://twitter.com/nicoleperlroth/status/948684376249962496

Update
Apparently certain ARM architectures are also vulnerable to Meltdown or a Meltdown-variant (as ARM calls it). The following architectures are affected: Cortex A75 (Meltdown); Cortex A72, Cortex A57, Cortex A15 (Meltdown-variant). Users with affected Cortex cores (cell phones mostly) are advised to update their OSes once security updates are rolled out.
Source: https://developer.arm.com/support/security-update
 
Last edited by sansnumen,
TotalInsanity4

TotalInsanity4

GBAtemp Supreme Overlord
Member
Level 20
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,814
Country
United States
sansnumen said:
I did not see a thread discussing this, so I post this in the hopes the mods pick up this story.

It has recently been disclosed that modern CPUs suffer from two critical CPU hardware bugs that allows an attacker to read kernel-protected RAM (i.e. all system RAM) from userspace. The exploits have been dubbed Meltdown and Specter. Both exploits are clever in that they exploit a feature called speculative execution--that is, modern CPUs try to guess at which instruction is next to be fetched, and then execute said instruction.

Meltdown is an Intel-specific problem, and can and will be fixed on all major OSes soon, at a cost of up to 30% performance hit. Specter is more problematic as all CPUs that have speculative execution built in are vulnerable because the hardware engineers assumed (incorrectly!) that kernel memory was properly sequestered from userland processes at the hardware level.

What this all means is that as long as an attacker can run userland code, an attacker could use either bug to leak all kernel-mapped memory, leaking encryption keys, passwords, etc.

Meltdown will be fixed soon, while Specter requires new hardware. So everyone, update your phones, tablets, PCs, and be vigilant about what you do and download online.

Sources
https://www.nytimes.com/2018/01/03/business/computer-flaws.html
https://twitter.com/nicoleperlroth/status/948684376249962496
Click to expand...
Meltdown has already been posted, but yes, Specter hasn't had a news slot yet
 
Xathya

Xathya

residence aparents trols of temps
Banned
Level 2
Joined
Aug 20, 2017
Messages
441
Trophies
0
Location
green hil zone
Website
knucklestheechidna.com
XP
184
Country
Australia
very cool and scares how it cans be unfounded fror 1995 year and then suden found and afect all the cpus and scare the worlds and force my servers to update the kernal on times off from work because ned to protec
 
sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
Xathya said:
very cool and scares how it cans be unfounded fror 1995 year and then suden found and afect all the cpus and scare the worlds and force my servers to update the kernal on times off from work because ned to protec
Click to expand...

Indeed it is very scary. What's more amazing is that like you say the bugs are over 20 years old. This is why bug bounty programs and white hat hackers are so important. It can be the difference between smooth sailing and disaster.
 
  • Like
Reactions: orangy57
sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
I just noticed that the official sources all use the British spelling "Spectre" instead of the American spelling "Specter". Oops.
 
the_randomizer

the_randomizer

The Temp's official fox whisperer
Member
Level 27
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,969
Country
United States
I should note that performance should not affect games and other similar programs. I/O stuff, workloads, benchmarks. Many sources reported games, emulators, etc as relatively unaffected by the OS patch.

If you wish to disable the patch without uninstalling, do the following:

https://support.microsoft.com/en-us...-to-protect-against-the-speculative-execution

To enable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

To disable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

So far, I've noticed no degradation in performance, even after using Source filmmaker.


TotalInsanity4 said:
Meltdown has already been posted, but yes, Specter hasn't had a news slot yet
Click to expand...

I thought Meltdown was only posted in the Xbox section, and not PC section?
 
Last edited by the_randomizer,
jDSX

jDSX

Well-Known Member
Member
Level 9
Joined
Jun 15, 2015
Messages
1,202
Trophies
1
Age
33
Location
Lost woods
XP
1,696
Country
United States
the_randomizer said:
I should note that performance should not affect games and other similar programs. I/O stuff, workloads, benchmarks. Many sources reported games, emulators, etc as relatively unaffected by the OS patch.

If you wish to disable the patch without uninstalling, do the following:

https://support.microsoft.com/en-us...-to-protect-against-the-speculative-execution

To enable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

To disable the mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 3 /f

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f

So far, I've noticed no degradation in performance, even after using Source filmmaker.




I thought Meltdown was only posted in the Xbox section, and not PC section?
Click to expand...


Safe to say 30% is more like 3% right?
 
the_randomizer

the_randomizer

The Temp's official fox whisperer
Member
Level 27
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,969
Country
United States
jDSX said:
Safe to say 30% is more like 3% right?
Click to expand...

I don't know, I didn't do extensive tests on my Core i7 4470, but I tested Dolphin with multiple games, but all ran 100% speed, tested Source Filmmaker, which is CPU intensive, no impact there. IDK. But again, I/O, networking, workload related things would be impacted the most, if at all. And again, I provided the link to those who're adventurous enough to disable the patch with a regedit if it does kill performance that badly. So far, I've seen no such degradation. But, I installed the OS patch anyways, and it seems to be running good as before.
 
Last edited by the_randomizer,
sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
the_randomizer said:
I don't know, I didn't do extensive tests on my Core i7 4470, but I tested Dolphin with multiple games, but all ran 100% speed, tested Source Filmmaker, which is CPU intensive, no impact there. IDK. But again, I/O, networking, workload related things would be impacted the most, if at all. And again, I provided the link to those who're adventurous enough to disable the patch with a regedit if it does kill performance that badly. So far, I've seen no such degradation.
Click to expand...

Google just gave us a great gift called Retpoline, which is Google's implementation of a Spectre mitigation that Google claims will have negligible performance cost ~5%. Read more here https://support.google.com/faqs/answer/7625886
 
  • Like
Reactions: Xzi
the_randomizer

the_randomizer

The Temp's official fox whisperer
Member
Level 27
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,969
Country
United States
sansnumen said:
Google just gave us a great gift called Retpoline, which is Google's implementation of a Spectre mitigation that Google claims will have negligible performance cost ~5%. Read more here https://support.google.com/faqs/answer/7625886
Click to expand...

And how does it work? I'm more worried about Meltdown, hence why I installed the hotfix for Windows on MS's site today, OS is running fine and my tests indicate no drop in performance. Like I said before, the only real worry is I/O workload-related tasks, Linux CLI-related things, are going to experience it the most, if at all. Games, emulators, 3D software, are unaffected. Cloud-based services could also suffer performance dips.

I'm surprised nothing has happened in the 22 years this exploit's been around.

Edit: Also from the article:

The personal computers used by consumers are also vulnerable, but hackers would have to first find a way to run software on a personal computer before they could gain access to information elsewhere on the machine. There are various ways that could happen: Attackers could fool consumers into downloading software in an email, from an app store or visiting an infected website.
Click to expand...

In other words, don't download anything without knowing if it's truly legit, be careful, that hasn't changed.
 
Last edited by the_randomizer,
sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
the_randomizer said:
And how does it work? I'm more worried about Meltdown, hence why I installed the hotfix for Windows on MS's site today, OS is running fine and my tests indicate no drop in performance. Like I said before, the only real worry is I/O workload-related tasks, Linux CLI-related things, are going to experience it the most, if at all. Games, emulators, 3D software, are unaffected. Cloud-based services could also suffer performance dips.

I'm surprised nothing has happened in the 22 years this exploit's been around.
Click to expand...

Google's Retpoline is pretty technical and requires some understanding of assembly language to appreciate fully. To simplify it, Google claims that Retpoline allows branching instructions to be isolated from speculative execution by manually filling in where the return address is going to be for any branch that executes a return instruction at the end.
 
  • Like
Reactions: the_randomizer
the_randomizer

the_randomizer

The Temp's official fox whisperer
Member
Level 27
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,969
Country
United States
sansnumen said:
Google's Retpoline is pretty technical and requires some understanding of assembly language to appreciate fully. To simplify it, Google claims that Retpoline allows branching instructions to be isolated from speculative execution by manually filling in where the return address is going to be for any branch that executes a return instruction at the end.
Click to expand...

If only the same could be done to mitigate Meltdown, but luckily, I can revert if it does adversely affect performance, and ultimately in the end, I don't think most consumers will be adversely affected; if they went 22 years without anything major happening, I don't see it being an issue in the foreseeable future. Is it something to be made aware of? Certainly, it's good to be informed, but at the same time, I just don't want everyone to mass panic. It's a shame that I know nothing of pure ASM code.
 
sansnumen

sansnumen

Well-Known Member
OP
Member
Level 8
Joined
Aug 4, 2017
Messages
323
Trophies
0
XP
1,362
Country
United States
the_randomizer said:
If only the same could be done to mitigate Meltdown, but luckily, I can revert if it does adversely affect performance, and ultimately in the end, I don't think most consumers will be adversely affected; if they went 22 years without anything major happening, I don't see it being an issue in the foreseeable future. Is it something to be made aware of? Certainly, it's good to be informed, but at the same time, I just don't want everyone to mass panic. It's a shame that I know nothing of pure ASM code.
Click to expand...

I would suggest that you do not revert the hotfix for Meltdown. There are already proof-of-concepts floating around that exploit Meltdown. People that don't accept the patch for Meltdown are at risk of identity theft, ransomware, stolen passwords for things like email and bank accounts. Meltdown is very serious and should be treated as such!
 
  • Like
Reactions: the_randomizer
the_randomizer

the_randomizer

The Temp's official fox whisperer
Member
Level 27
Joined
Apr 29, 2011
Messages
31,284
Trophies
2
Age
38
Location
Dr. Wahwee's castle
XP
18,969
Country
United States
sansnumen said:
I would suggest that you do not revert the hotfix for Meltdown. There are already proof-of-concepts floating around that exploit Meltdown. People that don't accept the patch for Meltdown are at risk of identity theft, ransomware, stolen passwords for things like email and bank accounts. Meltdown is very serious and should be treated as such!
Click to expand...

I won't, I'm just saying it's an option, hopefully, the mitigation/patch can be updated in such a way to not kill performance permanently, you know? So far, all seems good on my end. MS actually did something right for a change.


Dumbass hackers -_-
 
Last edited by the_randomizer,
zoogie

zoogie

playing around in the end of life
Developer
Level 24
Joined
Nov 30, 2014
Messages
8,560
Trophies
2
XP
15,000
Country
Micronesia, Federated States of
Last edited by zoogie,
  • Like
Reactions: TotalInsanity4
Joe88

Joe88

[λ]
Global Moderator
Level 18
Joined
Jan 6, 2008
Messages
12,736
Trophies
2
Age
36
XP
7,419
Country
United States
i'm just waiting for the class action lawsuit
and ces is right around the corner too...

also I'd like to point out that there has been no different in my cinebench scores pre and post update, so the whole 30% thing is bs
 
Last edited by Joe88,
  • Like
Reactions: Friendsxix
MasterControl90

MasterControl90

Well-Known Member
Newcomer
Level 2
Joined
Dec 18, 2017
Messages
92
Trophies
0
Age
34
Location
Italy
Website
www.capslocktech.com
XP
237
Country
Italy
Sadly this is not a bullshit, just not well explained.
For us, normal users, we will see no difference and all the benchmark around of both actual software and hardware benchmarks are showing pretty much no difference. If we speak about games specifically, if you run a game at about 150fps you will drop to 145fps worst case scenario in a cpu bounded game with no gpu and bus bottlenecks, so nothing to panic about. What will have serious problems are big data center with a lot of different and simultaneous calls happening: going back to games specifically, Epic Games showed a graph where they compared 3 of their data centers for their game fortnite hosting for thousands of players, the results? 1 of the 3 data centers was updated to fix meltdown security hole and the general cpu usage was indeed around 30% higher than the other 2...

In a nutshell for us users this patch means nothing, while enterprises with huge data centers will be all the sudden forced to upgrade their infrastructure which, at the same time, in the future can hurt users that relies a lot on cloud and remote services.
Is it clear enough now guys? :P
 
  • Like
Reactions: CallmeBerto and Kioku

Site & Scene News

Go to forum More news

Popular threads in this forum

Zippo says Sonic heroes remake might happed

Hacking Gaming Homebrew Homebrew app  SUYU Discord get deleted

Rumor  Switch 2 Official Name Could Have Been Revealed by Youtube

Hero Shooter GUNDAM EVOLUTION revived in private server project following End of Service

"Apple has lifted its restriction on retro game emulators on the iOS App Store"

Mario Maker 1 Deemed 100% after Final Level revealed to be hacked

Pokemon Fan Game Community Site, Relic Castle, has been DMCA'd

Mig switch flashcard clones are coming

General chit-chat
Help Users
  • No one is chatting at the moment.
    SylverReZ @ SylverReZ: https://www.youtube.com/watch?v=uLN9qrJ8ESs