"The vulnerability uses Intel's SGX security enclave against the processor so it can be executed"

Hasn't Intel stopped using SGX?

Caring1"The vulnerability uses Intel's SGX security enclave against the processor so it can be executed"

Hasn't Intel stopped using SGX?

That's a negative, SGX is used for 4K/UHD blu-ray playback on computers which is also why this ain't working on AMD CPU/Graphics and Nvidia graphics.

Caring1"The vulnerability uses Intel's SGX security enclave against the processor so it can be executed"

Hasn't Intel stopped using SGX?

SGX is a hardware feature. They plan to stop using it with Tiger Lake iirc.

AleksandarKSGX is a hardware feature. They plan to stop using it with Tiger Lake iirc.

They properly won't if there isn't a replacement for 4K/UHD blu-ray it's depending on SGX for the encrypted playback from what I know.

I dropped it a couple of years back because it wasn't worth it because you could only play with on Intel CPU's that supported SGX and with Intel Onboard Graphics you couldn't even have a AMD or Nvidia card in the machine and the test and playback with fail.

There are two new vulnerabilities: CROSSTalk and SGAxe with only the latter using SGX.

CROSSTalk will be patched by microcode updates from Haswell to Comet Lake as denoted at Intel's site. Earlier models are vulnerable but WILL NOT be patched.

The worst case scenario is the RdRand instruction that gets its performance reduced by 97% as tested by Phoronix. Normal usage should not be affected apart from some cryptographic loads.

I'm a bit disappointed at the reporting quality for this issue on TPU...

It starts to feel as if Intel is plugging one hole only to discover a few new ones.

@Melvis - Thanks, loudest LOL I've had today :D

"...Intel-exclusive...", that line got me :roll:

"Intel-only" is another option for news post like this albeit less attractive

Intel-exclusive Security Vulnerability

Man, that harsh :laugh:

Where is the usual required access comments.

Do you need physical access, admin rights or the stupidest owner, is it remote execute possible etc.

All drama and little substance.

Do I smash my kaby lake CPU up or not? I dunno.

it's not funny anymore

hurakurait's not funny anymore

It is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.

XiGMAKiD"...Intel-exclusive...", that line got me

Yeah. This one too: "an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores."

I find it interesting how one knows how an attacker has always thought. :rolleyes:

And then of course, there's the big one where the title that claims CrossTalk is a security "vulnerability". No its not! :(

CrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,

we built CrossTalk, a profiler to inspect the behavior of complex (“microcoded”) x86 instructions beyond the CPU core boundaries.

evernessinceIt is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.

Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.

Bill_BrightCrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,
Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.

Sounds to me like you are basing your security recommendations off opinion.

Anyone with two hands can google a list of Intel vulnerabilities and see there are multiple remote access ones:

www.cvedetails.com/vulnerability-list/vendor_id-238/Intel.html

evernessinceSounds to me like you are basing your security recommendations off opinion.

LOL And what is the following?

evernessinceIt is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.

Where did you Google that?

And while you learn to Google, you might want to learn what the difference is between a "vulnerability", and malware that has been developed and released out into the wild that can successfully bypass all other security measures (Windows itself, the router, the firewall, the anti-malware program, the deadbolts on my door, my Rottweiler, and my Glock 17) to gain access to that vulnerability, and "IS" infecting and exploiting that vulnerability.

Just because there is a vulnerability, that does not mean it can, or has been exploited.

Bill_BrightYeah. This one too: "an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores."

I find it interesting how one knows how an attacker has always thought. :rolleyes:

And then of course, there's the big one where the title that claims CrossTalk is a security "vulnerability". No its not! :(

CrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,
Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.

The vulnerabilty in the cpu is exposed when using crosstalk hence the vuln was named after it's clearly explained following the link.

TotallyThe vulnerabilty in the cpu is exposed when using crosstalk hence the vuln was named after it's clearly explained following the link.

:( I understand and already explained what Crosstalk is and isn't. And you quoted me explaining it! You even included the source link to the Crosstalk tool I posted - but you still missed the point. :rolleyes:

Crosstalk is a tool used to expose the vulnerability IN A CONTROLLED ENVIRONMENT! The official name of the vulnerability is, "special register buffer data sampling" or "SRBDS", officially designated CVE-2020-0543.

My point was about illustrating how some in the IT Media love to attract attention to themselves and their bylines with sensationalized, exaggerated or even false headlines that inaccurately paint others in a bad light!

I will not go so far as to call it "fake news", because as noted, it is, more or less, explained correctly later on - or at least includes links to the accurate information. But such irresponsible [so called] "journalism" :twitch: :rolleyes: leads to fake news and rumormongering - and that disgusts me. The IT media (and tech sites like TPU) should be setting the records straight - not simply parroting and "spinning" stories with inaccuracies and exaggerations.

Is the vulnerability real? Yes! Of course? Absolutely! So are Spectre and Meltdown.

But are they being "exploited" by the bad guys? NO!!!!!!! And why? Because like so many vulnerabilities (in processors, operating systems, networks, etc.) the bad guy must have physical access to the computer (or, maybe, be granted specific remote access by an authorized user). And the bad guy must have root (admin) access to the computer. That is, he or she must be in your home, sitting at your computer desk, and have access to an admin account on your computer, or you consciously granted the bad guy remote and admin access to your computer. Then he or she must bypass or disable all your security measures and then install and run special malware on your computer that can then exploit that vulnerability for their evil deeds.

Now if that scenario is likely in your computing environment, then I would say you have much greater security concerns than SRBDS, Spectre or Meltdown - and for sure, you do need to be worried.

However, because such "exploitation" is unlikely, Intel sales are NOT being impacted by those vulnerabilities.

So I say again, "Just because there is a vulnerability, that does not mean it can, or has been exploited." What it does mean, however, is AS ALWAYS, users must "practice safe computing". That is we must:

[INDENT]Keep our computers, operating systems, and security programs updated and current,[/INDENT]
[INDENT]Avoid risky behavior like visiting illegal pornography, gambling, and filesharing sites, [/INDENT]
[INDENT]Avoid public "hotspots" with admin level accounts,[/INDENT]
[INDENT]Use strong and unique passwords and passphrases, [/INDENT]
[INDENT]Ensure other, less "security-aware" users of that computer don't have root/admin access to that computer,[/INDENT]
[INDENT]Avoid being "click-happy" on unsolicited downloads, attachments, links, and popups. [/INDENT]

But of course, those are the same precautions all users must take regardless the processor, browser, OS or security program we use.