More Intel Vulnerablities Discovered

https://techcrunch.com/2019/05/14/zombieload-flaw-intel-processors/
TL;DR? Some more exploits are found in Intel chips that could be used to take your data. Provided someone manages to get the exploit to work well enough.

I'm not really concerned. A it's difficult to actually implement the exploits successfully, and it's pretty much like any other virus out there. You have to run it to get infected. Proper security techniques and you're fine.
AMD? Goodness knows how many undiscovered exploits they have as of late. Probably more than Intel ever has I bet thanks to their cheapness and hackiness. So milk it while you can AMD, your time is coming.

Comments

  • Honestly, I think we need to move away from x86 completely (from the Intel ME and AMD PSP to Meltdown/Spectre, and now Zombieload). However, the only viable option would be ARM unless POWER becomes more affordable or RISC-V moves beyond prototype stages. Not to mention the software compatibility issues associated with architectural changes.

  • In reality, modern alternative processors and architectures are powerful enough to allow virtualization of x86 instructions for the transition. For windows a WoW solution (already made somewat with 10), and I'm sure Linux users would just happily recompile everything anyways.
    Apple is already planning to move to arm on their pcs.
    So the journey is not too far off.

    I just wish Sparc would've been more available.

  • Meltdown and Spectre exploit critical vulnerabilities in Intel processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

    Meltdown and Spectre work on personal computers, mobile devices, and in the cloud and thus i recommend apps4rent as a cloud provider. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.

    Regards,
    Adrian

  • @yourepicfailure said:
    I'm not really concerned. A it's difficult to actually implement the exploits successfully, and it's pretty much like any other virus out there. You have to run it to get infected. Proper security techniques and you're fine.

    The biggest concern isn't necessarily end users getting infected, but rather VMs running in the cloud. The huge concern is that a malicious actor could spin up their own instance in a cloud platform and from there gain access to other tenants via exploiting the host CPU.

  • Yeah this,

    but the problem is finding a viable vector method and remote execution. It's difficult right now to get it to work correctly on a variety of machines and configurations. The exploit exists, but there's a reason nothing that uses it is around as of yet.

  • I can't see us ever moving away from x86. It's been tried many times in the past and nothing's changed. The sheer number of x86 PCs at this point would make the change very difficult. Emulation is sssllloooowwww. Apple moving to ARM is not a big deal. Remember, for many years they also used PowerPC and that never caught on outside the Apple fanbase. Apple computers remain a niche as they always have, so I can't see them having that large of an effect on systems made by other manufacturers.

    IBM also had a PowerPC ThinkPad. Again, not very popular and it was killed off pretty quickly.

  • I have no doubt Apple wants to move to ARM, but I also have no doubt that they'll lose a ton of users in that switch. I've heard a lot of stories over the years from people that switched to Macs citing one of the reasons they switched was because Apple switched over to Intel CPUs. So I wonder if those people will switch back when Apple moves to ARM.

  • @BlueSun said:
    I have no doubt Apple wants to move to ARM, but I also have no doubt that they'll lose a ton of users in that switch. I've heard a lot of stories over the years from people that switched to Macs citing one of the reasons they switched was because Apple switched over to Intel CPUs. So I wonder if those people will switch back when Apple moves to ARM.

    If Apple does switch to ARM, I'm gone. They would be making a big mistake the way I see it.

  • I'm so glad that the Itanic sunk. I'd hate to see the enormous x86 program library be rendered useless (or slow) by a change in architecture.

  • edited May 24

    Another problem is that most x86 emulators for non-x86 hardware were horrible until recently. You can’t run hundreds of VMs on servers without a decent emulator.

  • @Lenovo1984 said:

    @BlueSun said:
    I have no doubt Apple wants to move to ARM, but I also have no doubt that they'll lose a ton of users in that switch. I've heard a lot of stories over the years from people that switched to Macs citing one of the reasons they switched was because Apple switched over to Intel CPUs. So I wonder if those people will switch back when Apple moves to ARM.

    If Apple does switch to ARM, I'm gone. They would be making a big mistake the way I see it.

    With that said, they should've just stayed with PowerPC. At least that made their OS more rock solid back in the day.

  • edited May 25

    The reason for the switch was because Apple was pressing IBM to make faster PPC processors, and they never got PPC to be as powerful and energy efficient as Intel.

    A PowerBook G5 spent more energy than a PowerBook with an Intel with the same processing power.

  • edited May 25

    There never was a PowerBook G5, for the energy efficiency reason you stated above, as well as heat output (i wonder how it compared to mobile P4s)

  • Keep in mind that the general class of vulnerabilities that are popping up recently can potentially exist in any CPU. A lot of these exploit measuring subtle timing differences, something that hardware designers have not cared about since the 6502.

Sign In or Register to comment.