... and there's the AMD suit

Subject: General Tech | January 18, 2018 - 03:27 PM |
Tagged: Intel, amd, spectre, meltdown, Lawsuit

The lawsuit against Intel was launched last week and yesterday a similar case was launched against AMD by a shareholder, alleging that the company knew about their vulnerability to Spectre and hid that information causing detrimental affects to stock prices.  There were several interesting points in the way the two cases differ, which The Register highlighted.  The first is the timing, Intel's case encompasses the time from 27 July 2017, to 4 January 2018 while AMD's lawsuit starts the day of their last end of year report, 21 February, 2017.  Not only does this encompass a longer period of time that the suit against Intel, it starts well before 1 June, 2017 when Project Zero first informed AMD of the vulnerability.  Also worth noting is that AMD's stock prices are higher than they were at the beginning of 2017 which makes any damage to share prices hard to demonstrate.

The various companies that are vulnerable to Spectre, Meltdown or both need to make right by this but it is somewhat interesting to see the disparity between these two specific cases.

11471-amd-logo-1260x709.jpg

"Responding to the class-action lawsuit, an AMD PR rep told The Reg: "We believe these allegations are without merit. We intend to vigorously defend against these baseless claims."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Intel Responds to Reboot Issues with Meltdown and Spectre Updates

Subject: Processors | January 18, 2018 - 01:17 PM |
Tagged: update, spectre, security, restart, reboot, processor, patch, meltdown, Intel, cpu

The news will apparently get worse before it gets any better for Intel, as the company updated their security recommendations for the Spectre/Meltdown patches for affected CPUs to address post-patch system restart issues. Specifically, Intel notes that issues may be introduced in some configurations with the current patches, though the company does not recommend discontinued use of such updates:

" Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations".

meltdown_spectre.png

Image credit: HotHardware

The recommendation section of the security bulletin, updated yesterday (January 17, 2018), is reproduced below:

  • Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week
  • Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner
  • Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations
  • We are working toward root cause
  • While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes
  • In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2”
  • Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors
  • As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability

Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors

  • Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users
  • NEW - Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations
  • NEW - We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users

Intel recommendations to end users

  • Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied
  • For PCs and Data Center infrastructure, Intel recommends that patches be applied as soon as they are available from your system manufacturer, and software vendors
  • For data center infrastructure, Intel additionally recommends that IT administrators evaluate potential impacts from the reboot issue and make decisions based on the security profile of the infrastructure

Intel has worked with operating system vendors, equipment manufacturers, and other ecosystem partners to develop software updates that can help protect systems from these methods. End users and systems administrators should check with their operating system vendors and apply any available updates as soon as practical.

The full list of affected processors from Intel's security bulletin follows:

  • Intel® Core™ i3 processor (45nm and 32nm)
  • Intel® Core™ i5 processor (45nm and 32nm)
  • Intel® Core™ i7 processor (45nm and 32nm)
  • Intel® Core™ M processor family (45nm and 32nm)
  • 2nd generation Intel® Core™ processors
  • 3rd generation Intel® Core™ processors
  • 4th generation Intel® Core™ processors
  • 5th generation Intel® Core™ processors
  • 6th generation Intel® Core™ processors
  • 7th generation Intel® Core™ processors
  • 8th generation Intel® Core™ processors
  • Intel® Core™ X-series Processor Family for Intel® X99 platforms
  • Intel® Core™ X-series Processor Family for Intel® X299 platforms
  • Intel® Xeon® processor 3400 series
  • Intel® Xeon® processor 3600 series
  • Intel® Xeon® processor 5500 series
  • Intel® Xeon® processor 5600 series
  • Intel® Xeon® processor 6500 series
  • Intel® Xeon® processor 7500 series
  • Intel® Xeon® Processor E3 Family
  • Intel® Xeon® Processor E3 v2 Family
  • Intel® Xeon® Processor E3 v3 Family
  • Intel® Xeon® Processor E3 v4 Family
  • Intel® Xeon® Processor E3 v5 Family
  • Intel® Xeon® Processor E3 v6 Family
  • Intel® Xeon® Processor E5 Family
  • Intel® Xeon® Processor E5 v2 Family
  • Intel® Xeon® Processor E5 v3 Family
  • Intel® Xeon® Processor E5 v4 Family
  • Intel® Xeon® Processor E7 Family
  • Intel® Xeon® Processor E7 v2 Family
  • Intel® Xeon® Processor E7 v3 Family
  • Intel® Xeon® Processor E7 v4 Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
  • Intel® Atom™ Processor C Series
  • Intel® Atom™ Processor E Series
  • Intel® Atom™ Processor A Series
  • Intel® Atom™ Processor x3 Series
  • Intel® Atom™ Processor Z Series
  • Intel® Celeron® Processor J Series
  • Intel® Celeron® Processor N Series
  • Intel® Pentium® Processor J Series
  • Intel® Pentium® Processor N Series

We await further updates and developments from Intel, system integrators, and motherboard partners.

Source: Intel

Podcast #483 - News from CES: Kaby Lake G, Zen+, and more!

Subject: General Tech | January 18, 2018 - 12:05 PM |
Tagged: Zen+, Vega, spectre, podcast, meltdown, Kaby Lake G, Intel, amd

PC Perspective Podcast #483 - 01/18/18

Join us this week for a recap of news from CES 2018! We talk about Intel's Kaby Lake G processor featuring Vega graphics, Zen+ CPUs, the performance impact of Meltdown and more!

You can subscribe to us through iTunes and you can still access it directly through the RSS page HERE.

The URL for the podcast is: http://pcper.com/podcast - Share with your friends!

Hosts: Ryan Shrout, Jeremy Hellstrom, Josh Walrath, Allyn Malventano

Peanut Gallery: Ken Addison

Program length: 1:52:54

Podcast topics of discussion:

  1. Week in Review:
  2. 0:42:20 Thanks to HelloFresh for supporting our podcast. Go to HelloFresh.com and use the code pcper30 to get $30 off your first week of deliveries.
  3. News items of interest:
    1. CES 2018
      1. AMD
      2. ASUS
      3. Lenovo
  4. 1:40:20 Picks of the Week:
    1. Ryan: GPU Price suck.
  5. Closing/outro
 

MSI motherboards BIOS versions with updated security microcode

Subject: Motherboards | January 17, 2018 - 09:56 PM |
Tagged: msi, spectre, meltdown, bios, update, security

MSI have released updated BIOS versions for their Z370 motherboards to protect against Meltdown and Spectre which you can grab here.

z370-20180110-1.jpg

These patches are live now, with new BIOS versions in the works for the renaming series, including all X299, 200, 100-series and X99 series including the various X, H and B sub-series motherboards.  The list is quite impressive, follow that link to see if your board will be getting an update in the near future.  The page lists the version number of the upcoming BIOS you will need, so keep an eye on this page and MSI for the official release.

unnamed.png

 

Source: MSI

Don't have a meltdown boss; I really do need a new phone

Subject: General Tech | January 17, 2018 - 02:02 PM |
Tagged: security, cellphones, spectre, meltdown

The fact that Spectre and Meltdown combined affect 72% of Android and Apple devices on the market offers a compelling reason to request a new work phone.  In many cases the devices being used in large enterprises are old enough that there is no patch coming, the story Slashdot linked to suggests almost 25% of the devices in use will fall into that category.  Since those devices have also missed out on numerous security features which were added in newer operating systems, you should have enough reasons to justify the expenditure.  The next time you are banking or dealing with a service provider in your own personal life you might want to peek at the phone they use and make sure they aren't endangering your own information.

old-cellphone.jpg

"Analysis of more than 100,000 enterprise mobile devices shows that just a tiny percentage of them have been protected against the vulnerabilities -- and some simply may never be protected. Security firm Bridgeway found that just 4 percent of corporate phones and tablets in the UK have been patched against Spectre and Meltdown."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

The Spectre of control system Meltdown

Subject: General Tech | January 16, 2018 - 02:33 PM |
Tagged: security, spectre, meltdown

The various patches released to ameliorate the damage which can be inflicted to computer systems is slowing down or crashing some systems, up to and including industrial control systems according to The Register.  These issues are not specific to Windows machines, many control systems run on Linux, the vulnerabilities stem from an architectural issue and so any operating system could suffer slowdowns.  Seeing your VMs slow down on Azure or AWS is rather frustrating, slow response from critical systems in a power plant could be much more than just an inconvenience.  The story also has a link to a compiled list of Meltdown patches if you would like to see what is currently in development.

meltdown-spectre-kernel-vulnerability.png

"Rockwell Automation revealed that the same patch had caused issues with Studio 5000, FactoryTalk View SE, and RSLinx Classic (a widely used product in the manufacturing sector). "In fairness [this] may be RPC [Remote Procedure Call] change related," said cybersecurity vulnerability manager Kevin Beaumont."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Google's 'free' Spectre patch

Subject: General Tech | January 15, 2018 - 12:51 PM |
Tagged: google, spectre, retpoline, security

Google have released their own patch for the second Spectre vulnerability and claim that there is no noticeable performance hit after installation.  The patch isolates indirect branches from speculative execution, similar in effect to what the Microsoft patch does but without the extra trampoline overhead.  Intel responded to The Inquirer's contact and confirmed Google's patch is both effective and more efficient than the patch currently being distributed but do mention there is a microcode update which must also be installed for the patch to be fully effective.  This is good news for those who use Google and hint at updated patches for Spectre which might mitigate any performance hits it causes.

2014-03-31-11.14.26.jpg

"The fix, called 'Retpoline' uses software patches rather than disabling the affected CPU features, which Google claims resulted "in no performance degradation across the different mitigation techniques they have developed."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Inquirer

About that AV registry key needed for Meltdown and Spectre patches

Subject: General Tech | January 10, 2018 - 01:05 PM |
Tagged: meltdown, spectre, security, antivirus, patch

If you are curious about the details behind the registry key that your Antivirus program needs to create in order to receive Windows Updates, The Register describes its purpose here.  In essence, modern AV programs regularly access the kernel to look for suspicious activity and become quite upset when they are not allowed to access it after the patch places the kernel in isolation, upset enough to continually crash your computer.  Ensuring your AV software has updated itself to ensure that this does not occur before allowed the Windows patch to install is a good thing, however there is a serious problem with the way Microsoft decided to deal with the situation.  Until that key is present, you will not be able to install any new security patches; something which should be changed ASAP as it could help spread other infections simply because you had the temerity not to use Windows Defender.

windows-defender-scan-100017383-large.jpg

"Microsoft's workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of modern security tools."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Bold move Cotton; Intel promises patches by the end of the week

Subject: General Tech | January 9, 2018 - 12:52 PM |
Tagged: spectre, security, meltdown, krzanich, Intel

If you were worried about the reports you've heard of Athlon processors crashing after the Windows updates pushed to mitigate Spectre and Meltdown or about the performance hits these may cause certain workloads, consider the poor sysadmin that listened to Intel's keynote speech at CES.   Brian Krzanich has promised patches for 90% of the affected processors by the end of the week, with the remainder by the end of this month.   Such a quick response is wonderful from a security standpoint but one wonders how much stability and compatibility testing could have been done in just a few days.  The acronym for the Intel Product Assurance and Security team may be very appropriate for some companies.  Let us hope it does indeed go smoothly.

20160816-intel-ceo-brian-krzanich-01.jpg

"Krzanich has promised that the firm will patch "90 per cent" of affected processors made in the past five years by the end of this week, adding that the remaining 10 per cent would see fixes by the end of the month."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

NVIDIA addresses Spectre vulnerabilities

Subject: General Tech, Graphics Cards | January 5, 2018 - 02:59 PM |
Tagged: meltdown, spectre, geforce, quadro, NVS, nvidia, tesla, security

If you were wondering if NVIDIA products are vulnerable to some of the latest security threats, the answer is yes.  Your Shield device or GPU is not vulnerable to CVE-2017-5754, aka Meltdown, however the two variants of Spectre could theoretically be used to infect you. 

  • Variant 1 (CVE-2017-5753): Mitigations are provided with the security update included in this bulletin. NVIDIA expects to work together with its ecosystem partners on future updates to further strengthen mitigations.

  • Variant 2 (CVE-2017-5715): Mitigations are provided with the security update included in this bulletin. NVIDIA expects to work together with its ecosystem partners on future updates to further strengthen mitigations.

  • Variant 3 (CVE-2017-5754): At this time, NVIDIA has no reason to believe that Shield TV/tablet is vulnerable to this variant.

The Android based Shield tablet should be updated to Shield Experience 5.4, which should arrive before the end of the month.  Your Shield TV, should you actually still have a working on will receive Shield Experience 6.3 along the same time frame.

The GPU is a little more complex as there are several product lines and OSes which need to be dealt with.  There should be a new GeForce driver appearing early next week for gaming GPUs, with HPC cards receiving updates on the dates you can see below.

nvidia patch.PNG

There is no reason to expect Radeon and Vega GPUs to suffer from these issues at this time.  Intel could learn a bit from NVIDIA's response, which has been very quick and includes ther older hardware.

Source: NVIDIA