[–]▶ No.889931>>889971 >>890093 >>890594 >>899987 [Watch Thread][Show All Posts]
>Researchers have discovered a new side-channel attack method that can be launched against devices with Intel processors, and the patches released in response to the Spectre and Meltdown vulnerabilities might not prevent these types of attacks.
>The new attack, dubbed BranchScope, has been identified and demonstrated by a team of researchers from the College of William & Mary, University of California Riverside, Carnegie Mellon University in Qatar, and Binghamton University.
[http://archive.is/zCbUG] https://www.securityweek.com/intel-cpus-vulnerable-new-branchscope-attack
[http://archive.is/5i2S3] https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/
▶ No.889937
Intel CPUs could be Facebook on a chip levels of giving your data away, and Intel PR could make it all go away.
▶ No.889964>>889966 >>890074
From the Arse article, Intel says
>We believe close partnership with the research community is one of the best ways to protect customers and their data, and we are appreciative of the work from these researchers.
I read it as
>We can't be bothered to spend any of our billions on actual security so thanks guyz
▶ No.889966>>899757
>>889964
I read it as “The goyim know!!!”
▶ No.889971>>889978 >>898337
>>889931 (OP)
Garbage OP. You didn't even explain what it is.
To say it simply, this attack allows you to determine if a path (branch, if statement, etc) is taken or not in the victim program.
You can think of this as vaguely similar to a power analysis attack where you can see the processor using more power when it takes a branch.
Unlike spectre which extracted memory contents, this only extracts the knowledge if a branch is taken or not. This could be used further in a more complicated attack similar to how spectre used the cache as its side channel.
▶ No.889978>>890065 >>890096 >>890578 >>898337
>>889971
So it sounds like an easy fix that can be patched in microcode without any issues
▶ No.890062>>890081 >>898077
it doesn't matter anymore. the goyim are now desensitized to these security problems.
▶ No.890065>>890069 >>890095 >>890268
>>889978
Just as long as every motherboard manufacturer puts out a firmware update for all their products
▶ No.890069
▶ No.890074
>>889964
>We can't be bothered to spend any of our billions on actual security so thanks guyz
That's exactly how open source was sold to corporates, so what did you expect.
▶ No.890081>>890316 >>890467 >>898329
>>890062
I got my nazi arm patch. All the cool kids are getting them.
▶ No.890093>>890116 >>898337
>>889931 (OP)
>nonstop coverage of security issues with all the ree ree ree panic everyone can bring to bear
>none of them effect anyone other than people who use hypervisors and sandboxes
▶ No.890095
>>890065
>for all their products
Released only in the last year. There is no support for "old" hardware.
▶ No.890096
>>889978
>loading proprietary (((microcode)))
▶ No.890116>>890121 >>890485 >>890583
>>890093
>he doesn't use hypervisors or sanboxes
What are you doing on /g/
▶ No.890121
>>890116
not getting hacked apparently
▶ No.890268
>>890065
CPU microcode is further patched by the OS early during boot. As long as Intel puts out a patched µcode, normalfags will get it through Winjews Update.
▶ No.890316>>890467
>>890081
You say this ironically, but Allwinner chink ARM sbcs are a thousand times more trustworthy than IIsraeltel.
▶ No.890467>>890484
>>890081
Noooo goy!
>>890316
They're vulnerable to Spectre and have more devices like the (((Ethernet))) and (((Wifi))) on the bus.
▶ No.890484>>890490
>>890467
Spectre depends on the chip. And some boards send SATA over USB2, in which case there's no DMA. Some boards do the same with Ethernet. It's probably for cost-cutting reasons, but the side-effect is firmware has to do memory ops through the CPU, instead of having full access to everything.
▶ No.890485
▶ No.890490>>890509
>>890484
>hand waving ensues
So which boards are immune to Spectre and also don't have the botnet devices on the bus again? You sound very learned on the subject.
▶ No.890509
>>890490
Look for boards with Cortex-A7, there's tons of them. There's at least one Banana Pi with such CPU that has SATA isolated via USB2. And there was a thread on 4chan yesterday where some dude was talking about his ODROID that has Ethernet on USB2. He said it was slow, but good enough to run as a basic NAS/backup server. I don't know if you can find a board with both devices isolated on the stock model, but it's easy enough to add your own USB device for SATA or Ethernet. Here's a basic comparison list (doens't have full details, but it's a start):
https://en.wikipedia.org/wiki/Comparison_of_single-board_computers
▶ No.890578
>>889978
You're ignoring the fact that the microcode is proprietary and that only Intel themselves can provide an update for it. The microcode should be released as free software along with the keys and worked on for improvement.
▶ No.890583>>890698
>>890116
Getting massive IPC boosts due in large part to increasingly sophisticated parallel branch prediction hardware
▶ No.890594>>890664 >>898078
>>889931 (OP)
>AMD/ Intel start war between each other to find security flaws in the other's products
>constantly patching hardware exploits
>more security all around
▶ No.890664
>>890594
More like,
>AMD actually patches exploits
>Intel adds 1 new exploit per patch
>Intel runs out of AMD flaws+Israeli cybersecurity experts
>Intel loses marketshare
>Intel abandons its inhouse iGPUs in favor of AMD
>with the iGPU desktop market now under full control of AMD normalfag vidya devs begin to optimize for AMD hardware
>nVidia crashes with no survivors, gets bought out by Nintendo after losing its entire discrete GPU market share in a matter of years
It'll never happen but a man can dream.
▶ No.890698
>>890583
>Intel claws their way to 20% performance gains over the course of 15 years
<loses it all in a day when their shitty branch prediction is exposed
JUST
▶ No.897764>>898337
Is Trump forcing these disclosures behind the scenes?
▶ No.898077
>>890062
the goyim are LARPing about how cache is so important so we can't even begin to discuss disabling cache (which has been a thing since the year after CPUs started using branch prediction and caching)
▶ No.898078
>>890594
that's not how it works. otherwise security vulnerabilties in software wouldn't exist
▶ No.898087>>898337 >>898345 >>899963
>>890624
tl;dr but see retarded stuff about "hurr durr intel has vulns it's AMD time". branch prediction / cache side channels aren't intel specific. they are just as common in AMD CPUs.
▶ No.898329
>>890081
I just got my 3b+ and it's noticeably faster all around compared to the 3b.
This thing is faster than my Thinkpad T60 even with 1/3rd the ram.
▶ No.898337>>899813
>>889971
>>889978
>>890093
>>898087
Salty Intel Pajeetsteins.
>>897764
Yes because all our adversaries have them anyway.
▶ No.898345
>>898087
nope you're just too much of a politics-oriented faggot to understand anything. i (898087) haven't bought anything aside from AMD for 11 years
▶ No.898359
This is actual news, stop sage bombing the thread you nigger.
Intel's swirling in the bowl.
▶ No.899757
>>889966
This, now they'll have to add another backdoor in the next revision.
The backdoors are mandated by law.
▶ No.899813
>>898337
Free Pajeetsteine
▶ No.899942>>899962
I have a Nehalem processor, is it vulnerable to this?
▶ No.899962
>>899942
I think so anon, it uses speculative execution. Some first-gen Atoms might be immune though.
▶ No.899963
>>898087
AMD isn't vulnerable to this attack.
▶ No.899987>>900056
>>889931 (OP)
I can't upgrade my kernel to patch the spectre vulnerability due to it fucking up when opening my encrypted partition.
Now this?
▶ No.900056>>900060
>>899987
Time to back-up your bullshit and reinstall. Maybe switch to OpenBSD, it seems to be immune to some of this shit because of proactive security.
▶ No.900060
>>900056
BSDs are immured because they already used Page Table Isolation from the beginning because they figured it was just common sense and then built their OS around that.
▶ No.900099>>900310
Affordable RISC-V workstations when?
▶ No.900310>>900324
>>900099
A couple years at least. For now get a Pi.
▶ No.900324>>900816 >>900883 >>911074
>>900310
He's going to get a Pi and fucking hate it because no matter how hard you try to push tranny chunk shit its simply not a proper replacement for conventional desktop and never will be. You're comparing 2 very different types of machines. And you're hurting your own cause with this shit.
RISC-V really can't come soon enough. Or even whatever processors Apple is hoping to build in-house by 2020
▶ No.900816
>>900324
>being this mad about the Pi
Stay cucked.
▶ No.900883
>>900324
If you think Apple won't backdoor and vendorlock their CPUs you're delusional
▶ No.911074
>>900324
Did you just assume her gender?