Subject: Processors | March 18, 2019 - 08:38 AM | Jim Tanous
Tagged: spoiler, speculation, spectre, rowhammer, meltdown, amd
AMD has issued a support article stating that its CPUs are not susceptible to the recently disclosed SPOILER vulnerability. Support Article PA-240 confirms initial beliefs that AMD processors were immune from this specific issue due to the different ways that AMD and Intel processors store and access data:
We are aware of the report of a new security exploit called SPOILER which can gain access to partial address information during load operations. We believe that our products are not susceptible to this issue because of our unique processor architecture. The SPOILER exploit can gain access to partial address information above address bit 11 during load operations. We believe that our products are not susceptible to this issue because AMD processors do not use partial address matches above address bit 11 when resolving load conflicts.
SPOILER, one of the latest in the line of speculative execution vulnerabilities that have called into question years of processor architecture design, describes a process that can expose the mappings between virtual and physical memory. That's not a complete issue in and of itself, but it allows other attacks such as Rowhammer to be executed much more quickly and easily.
The research paper that initially disclosed SPOILER earlier this month states that Intel CPUs dating as far back as the first generation Core-series processors are affected. Intel, however, has stated that the vulnerabilities described in the paper can be avoided. The company provided a statement to PC Perspective following our initial SPOILER reporting:
Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research.
Subject: General Tech | January 5, 2015 - 04:06 PM | Jeremy Hellstrom
Tagged: Tegra X1, tegra k1, tegra, nvidia, maxwell, speculation
Now that you have read Josh's article detailing the new Maxwell based Tegra X1 you might be wondering what products it could appear in, apart from an updated Shield. DigiTimes has a theory based on the current lawsuits against Samsung Electronics and Qualcomm which claim that those companies have infringed several fairly basic patents which NVIDIA holds including object texture, lighting, shading, GPGPU and vertex operators. If the lawsuits were successful the cost of purchasing chips from those two competitors could increase making the new Tegra X1 a more financially attractive product, even with the associated costs of changing hardware. If the power and performance expectations of the new mobile Maxwell chip are met then NVIDIA's new chip could also become a more attractive alternative for vendors as it could well outpace the next generation of chips from Qualcomm and Samsung regardless of the outcome of the lawsuits. If you like speculation you can peek in at DigiTimes posting here.
"To find new outlets for its GPU business, Nvidia has started licensing its GPU architecture to other application processor (AP) designers. Kepler was the first GPU platform Nvidia offered for licensing and its latest-generation Maxwell will also become available for licensing later."
Here is some more Tech News from around the web:
- Breathe New Life Into Payphones with Asterisk @ Hack a Day
- Nest Will Now Work With Your Door Locks, Light Bulbs and More @ Slashdot
- By the power of Xbox, WE HAVE THE POWER! - Leakers publish One's SDK @ The Register
- Windows market share figures are all over the shop as XP grows five percent @ The Inquirer
- Sony grovels, offers freebies after PlayStation network spent Xmas TITSUP @ The RegisterE
- KitGuru Annual Awards 2014
Subject: Processors | January 25, 2013 - 06:11 PM | Jeremy Hellstrom
Tagged: haswell, Intel, overclocking, speculation, BCLK
hardCOREware is engaging in a bit of informed speculation on how overclocking the upcoming Haswell chips will be accomplished. Now that Intel has relaxed the draconian lock down of frequencies and multipliers that they enforced for a few generations of chips, overclockers are once again getting excited about their new chips. They talk about the departure of the Front Side Bus and the four frequencies which overclockers have been using in modern generations and then share their research on why the inclusion of a GPU on the CPU might just make overclockers very happy.
"This is an overclocking preview of Intel’s upcoming Haswell platform. We have noticed that they have made an architectural change that may be a great benefit to overclockers. Check out our thoughts on the potential return of BCLK overclocking!"
Here are some more Processor articles from around the web:
- Intel Core i7-3960x vs. i7-3970x@Bjorn3D
- Intel Core i3-3220 v. Intel Core i3-3225 Review @ MissingRemote
- Desktop CPU Comparison Guide @ TechARP
- Testing Memory Speeds on AMD's A10-5800K Trinity APU @ Legit Reviews
- AMD A10 5700K APU @ Guru of 3D
Subject: Editorial | July 20, 2011 - 06:10 PM | Jeremy Hellstrom
Tagged: vpro, TPM, speculation, security, mcafee, intel txt, Intel, infineon, amt
Not too long ago the tech world was buzzing with the news that Intel had aquired McAfee for $7.68 billion. This gave them the knowledge base to start thinking about putting antivirus technology directly onto their chips, which seemed far more likely than an Intel branded software antivirus product. When Intel CTO Justin Rattner started talking about technology that resembled the failed attempts at digital rights management, such as Microsoft's Palladium, or the Trusted Platform Module, aka TPM, a different idea was promoted with its own acronyms; Intel Active Management Technology (AMT) and Intel Trusted Execution Technology (Intel TXT). This theory was lent credence by the mention of Intel's vPro and a desire by Intel to move security to the top of their list of priorities. By integrating security software directly into vPro architecture, it might not even be necessary to place antivirus code directly on their hardware. Adding optimization to product architecture that Intel trusts absolutely, as they made it themselves, and the overall level of security on an Intel based virtual machine would be greatly increased.
Then Intel went and muddied the water with the $1.9 billion purchase of Infineon Technologies AG’s wireless business, which doesn't own manufacturing facilities but does own the intellectual property and patents for chips providing wireless communication. Suddenly some discarded theories about the purchase of McAfee seemed valid again. One possibility that was bandied about was the idea of Intel moving into ARM territory in the cell phone business. With Intel's new focus on low power chips, with Atom being the starting point, the idea of Intel moving into providing secure CPUs appropriate for cell phones and tablets became much more believable. With the current rise of viruses targeted at those mobile platforms and the vulnerabilities present in Android and Windows based phones having hardware based antivirus, or at least optimized hardware, makes a lot of sense.
It also differentiates them from ARM, who has more market experience making ultra low power chips but certainly does not own an antivirus vendor. The security concerns with cell phones and tablets will continue to increase at the same pace as the capabilities of the devices increase. Where once bluejacking was the biggest concern of a cell phone user, a smart phone user can browse the world wild web and expose themselves to all sorts of nastiness, including more than just the nastiness they intended to browse for. A hardware solution would leave more processing power for the user; running Norton 360 on a cell phone or tablet would chew up a lot of cycles.
Today those muddied waters were stirred up even more as Intel announced it is planning to buy Fulcrum Microsystems, maker of high end 10Gbps and 40Gbps ethernet switches. This purchase would support the theory decided before the purchase of Infineon's wireless group; that Intel is taking a serious look at a total TPM ecosystem. In order to truly trust your platform you need to do more than secure your endpoints. If your server is running AMT or Intel TXT, then you can be assured that any virtual machine running on it can be trusted. As well, if both the server and client are running processors capable of Intel's TPM (sounds so much better that DRM, eh?) again both machines can be considered trusted platforms.
That does not help with trusting data which has been transferred over a WAN, or in some cases even a LAN. Data transfer allows an attacker a means of entry, or at least a way of denying data transfer. With a trusted platform, any data which does not match what is expected by the receiving machine will be prevented from running, so a successful man in the middle attack might not allow remote code execution or privilege escalation but would certainly act as a DoS attack as the TPM client refuses to accept the incoming data. Once the routers and switches involved in the data transfer are secured with the exact same TPM specifications, the entire route is protected and can all be considered part of the same Trusted Platform. The network devices would reject any code injection attempted on the data during transfer, allowing data to flow freely inside a LAN as well as customized WANs.
Returning to the secure cell phone theory, we can now consider the possibility of a TPM compliant cell phone thanks to the theoretical integration of Intel processors into your phone and tablet. Now you would be able to include your mobile communications into your TPM ecosystem. Properly implemented that security and not only will you challenge ARM 's market share by out-securing them, you could topple RIM's share of the business market as a BlackBerry may be handy to the sales team but they are a nightmare for the IT/IS security team. Nothing is perfect but that would be a huge step towards defeating the current attack vectors that effect business systems. So far Intel is not saying much, so all we can do is speculate ... which is fun.