Zombieload Affects Intel Processors

Forum Forums News News Zombieload Affects Intel Processors

This topic contains 8 replies, has 5 voices, and was last updated by oops May 17-11:52 am.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #21633
    Member
    Avatar
    VW

    After Meltdown, Spectre, and Foreshadow, we discovered more critical vulnerabilities in modern processors. The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them.

    Zombieload

    #21634
    Member
    Avatar
    skidoo

    I’m not sure it steals the data. Maybe it just borrows the data but forgets to return it?

    #21705
    Member
    Avatar
    VW

    Best to buy a new processor:

    Patches Often Slow Down Existing CPUs

    #21725
    Member
    linuxdaddy
    linuxdaddy

    I’m sure glad all of my newer cpus are AMD and not intel right now.

    AMD and ARM CPUs are unaffected by Zombieload, MDS-class vulnverabilities despite also utilising
     a simultaneous multithreading within their processors.

    as stated on
    https://www.pcgamesn.com/intel/zombieload-mds-vulnerability-security-patch-hyperthreading-mitigation-performance
    lol I never bought a new intel–since in the 90’s the pentium couldn’t add. I got an AMD-p75 instead.
    The intel ones I have are all from throw-aways. Maybe a good time to look at ARM and AMD for future purchases.

    Normal == 🙂
    depends on the surrounding crowd ?!

    #21729
    Member
    noClue
    noClue

    To make it short and easy understandable:

    As a home / hobby user, you’ve got nothing to worry about.

    Theoretically exploitable over the javaScript in web browser but, all web browser (‘all’ == Google Chrome & FireFox) developers are patching their browsers regularly.

    Professionals (== Linux servers) are having a seriuos problem.

    In case where multiple VM’s are running on the same host (== as good as always) and if ‘the bad guy’ starts his ‘hostile’ guest VM on the same server, it can read all (random) data of all other VM’s which run on the exact same processor core/thread in a given moment.

    https://www.heise.de/newsticker/meldung/Neue-Sicherheitsluecken-in-Intel-Prozessoren-ZombieLoad-4421217.html
    https://www.heise.de/ct/artikel/Updates-gegen-die-Intel-Prozessorluecken-ZombieLoad-Co-4422413.html

    Meltdown, Spectre and Co. are ‘running’ just as fine on AMD processor as well as on your Smartphones (Qualcomm) as well as almost every other hyperthreading processor ever made.

    Intel got a few culprits more just because they made the most efficient hyperthreading up to date.

    Additional Intel problem is IMEI — which is digged very deep in their products.

    After the last year’s hack and the one before it, there’s another one …

    https://www.heise.de/security/meldung/Viele-Intel-Rechner-brauchen-wieder-BIOS-Updates-4335118.html
    https://www.heise.de/security/meldung/Intel-fixt-teils-kritische-Luecken-in-UEFI-BIOS-ME-und-Linux-Grafiktreiber-4423912.html

    How strange is to be anything at all. (Alice in Wonderland)

    #21730
    Member
    linuxdaddy
    linuxdaddy

    yeah regular people aren’t the main targets …things like the
    cloud servers, data centers, and any online banking have alot to worry about
    with this … I just like to poke fun at intel now and then because they make
    some tradeoffs for speed instead of security that the others didn’t do.
    not saying any cpu is perfect just that the other ones were a little more
    responsible with security precautions.

    Normal == 🙂
    depends on the surrounding crowd ?!

    #21731
    Member
    noClue
    noClue

    Trade off (and the protection measure) == disabling hyperthreading

    It’s the same in case of any processor that’s using that technology.

    How strange is to be anything at all. (Alice in Wonderland)

    #21732
    Member
    linuxdaddy
    linuxdaddy

    How true,
    the other cpus exploits just haven’t been brought to light yet.
    Anytime there are multiple cores then the exploits are there when
    the cores interact with each other or the memory. no matter what
    cpu/architecture is running.

    Normal == 🙂
    depends on the surrounding crowd ?!

    #21734
    Member
    oops
    oops

    @linuxdaddy: “…the other cpus exploits just haven’t been brought to light yet.(interact with the memory)”
    … It ‘s probable. 😉

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.