• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Processors Hit with LVI Security Vulnerabilities, Mitigation Hits Performance Hard

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
A new class of security vulnerabilities affect Intel processors, which can cause them to leak out sensitive information if probed in a certain way, but that's not the worst news for Intel and its users. The software- or firmware-level mitigation for this vulnerability can inflict performance reductions "ranging from 2x to 19x," according to a report by The Register. A full mitigation for the new Load Value Injection (LVI) class of vulnerabilities requires Intel to redesign software compilers. The vulnerability is chronicled under CVE-2020-0551 and Intel-SA-00334. It is not a remote code execution threat, however, it puts multi-tenant machines, such as physical servers handling multiple tenants via virtual servers.

"LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim's fingerprints or passwords," the reasearchers write in the abstract of their paper describing the vulnerability. Anti-virus manufacturer BitDefender independently discovered LVI and shared its study with Intel. The company could publish its findings in February. Additional technical details are found in the group's website here.



Many Thanks to biffzinker for the tip.

View at TechPowerUp Main Site
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty. The program has clearly sprung up a cottage industry of security researchers (uni professors and their college grad minions) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties. The BBP has become a fountainhead of headache for CTOs and CIOs.

AMD is safer only because its market footprint is too small in the datacenter space, most of these side-channel attacks affect datacenters, and you can't hack AMD processors for rich bounties (it's similar to the "Macs don't get viruses" fallacy of the 1990s and 2000s).
 
Joined
Sep 24, 2008
Messages
2,688 (0.46/day)
System Name Dire Wolf IV
Processor Intel Core i9 14900K
Motherboard Asus ROG STRIX Z790-I GAMING WIFI
Cooling Arctic Liquid Freezer II 280 w/Thermalright Contact Frame
Memory 2x24GB Corsair DDR5 6667
Video Card(s) NVIDIA RTX4080 FE
Storage AORUS Gen4 7300 1TB + Western Digital SN750 500GB
Display(s) Alienware AW3423DWF (QD-OLED, 3440x1440, 165hz)
Case Corsair Airflow 2000D
Power Supply Corsair SF1000L
Mouse Razer Deathadder Essential
Keyboard Chuangquan CQ84
Software Windows 11 Professional
Err, but the whole point of the bug bounty program is for people to actively research and report vulnerabilities. You can't fix what you don't know. The cottage industry is an important part of what drives security research, both in CPUs and in other areas.

Hiding the issues won't help the computing world, because determined attackers will find (a subset of) them.
 
Joined
Apr 12, 2013
Messages
7,526 (1.77/day)
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty. The program has clearly sprung up a cottage industry of security researchers (uni professors and their college grad minions) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties. The BBP has become a fountainhead of headache for CTOs and CIOs.
That's ridiculous ~ you want your creditability down in the gutter, much like what many of us forum dwellers complain about, that's the one point plan that'll instantly teleport you over there. Killing BBP will spook more potential buyers especially in the enterprise segment!
 
Joined
Jul 5, 2013
Messages
27,720 (6.67/day)
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty.
I disagree. This is a difficult learning process for both Intel and AMD, but the fruits of the bounty programs are clear, software and hardware are getting more secure and less prone to being hacked by criminals, malintent entities and even governments.
The program has clearly sprung up a cottage industry of security researchers (uni professors and college grads) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties.
Nothing wrong with that. Been happening for decades, now they are just getting reward for their efforts, and rightly so.
 
Joined
Nov 18, 2010
Messages
7,530 (1.47/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
This is sad.

Bta should indeed tame down. Jesus(the living one) might see it.

No progress and development should be ceased because of hiding things down.

Black market will live further, now it is just more profitable to report it officially, before those things were sold to whoever did the offer...

If one cannot comprehend it, it is sad. The can of worms is open.
 
Last edited:
Joined
Dec 29, 2010
Messages
3,809 (0.75/day)
Processor AMD 5900x
Motherboard Asus x570 Strix-E
Cooling Hardware Labs
Memory G.Skill 4000c17 2x16gb
Video Card(s) RTX 3090
Storage Sabrent
Display(s) Samsung G9
Case Phanteks 719
Audio Device(s) Fiio K5 Pro
Power Supply EVGA 1000 P2
Mouse Logitech G600
Keyboard Corsair K95
Poor Intel right?
 
Joined
Jul 5, 2013
Messages
27,720 (6.67/day)
This is sad.

Bta should indeed tame down. Jesus(the living one) might see it.

No progress and development should be ceased because of hiding things down.

Black market will live further, now it is just more profitable to report it officially, before those things were sold to whoever did the offer...

If one cannot comprehend it, it is sad. The can of worms is open.
I think you're over-reacting just a little bit.
 
Last edited:
Joined
Mar 23, 2016
Messages
4,841 (1.53/day)
Processor Core i7-13700
Motherboard MSI Z790 Gaming Plus WiFi
Cooling Cooler Master RGB something
Memory Corsair DDR5-6000 small OC to 6200
Video Card(s) XFX Speedster SWFT309 AMD Radeon RX 6700 XT CORE Gaming
Storage 970 EVO NVMe M.2 500GB,,WD850N 2TB
Display(s) Samsung 28” 4K monitor
Case Phantek Eclipse P400S
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse Logitech G502 Hero
Keyboard Logitech G G413 Silver
Software Windows 11 Professional v23H2
Intel is unable to fix their current CPU's with a microcode update this time to flush the buffers.

microcode updates to flush affected buffers are no longer sufficient. Instead, complementary to existing Spectre software mitigations, LVI necessitates compiler patches to insert explicit lfence speculation barriers which serialize the processor pipeline after potentially every vulnerable load instruction. Additionally and even worse, due to implicit loads, certain instructions have to be blacklisted, including the ubiquitous x86 ret instruction.

The SGX enclaves are affected by LVI. The expected performance impact 2x-19x is for accessing a SGX enclave. If I understood it correctly.
 
Last edited:
Joined
Nov 18, 2010
Messages
7,530 (1.47/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
Intel is unable to fix their current CPU's with a microcode update this time to flush the buffers.



The SGX enclaves are affected by LVI. The expected performance impact 2x-19x is for accessing a SGX enclave. If I understood it correctly.

Hard to tell.

"In our current assessment, we believe that LVI is mainly only relevant to Intel SGX enclaves. However, in the academic paper we showed that none of the ingredients for LVI are unique to Intel SGX and LVI attacks can in principle apply to non-SGX traditional cross-process, cross-virtual-machine, or user-to-kernel environments."
 
Joined
Jun 18, 2015
Messages
341 (0.10/day)
Location
Perth , West Australia
System Name schweinestalle
Processor AMD Ryzen 7 3700 X
Motherboard Asus Prime - Pro X 570 + Asus PCI -E AC68 Dual Band Wi-Fi Adapter
Cooling Standard Air
Memory Kingston HyperX 2 x 16 gb DDR 4 3200mhz
Video Card(s) AMD Radeon 5700 XT 8 GB Strix
Storage Intel SSD 240 gb Speed Demon & WD 240 SSD Blue & WD 250 SSD & WD Green 500gb SSD & Seagate 1 TB Sata
Display(s) Asus XG 32 V ROG
Case Corsair AIR ATX
Audio Device(s) Realtech standard
Power Supply Corsair 850 Modular
Mouse CM Havoc
Keyboard Corsair Cherry Mechanical
Software Win 10
Benchmark Scores Unigine_Superposition 4K ultra 7582
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty. The program has clearly sprung up a cottage industry of security researchers (uni professors and their college grad minions) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties. The BBP has become a fountainhead of headache for CTOs and CIOs.

AMD is safer only because its market footprint is too small in the datacenter space, most of these side-channel attacks affect datacenters, and you can't hack AMD processors for rich bounties (it's similar to the "Macs don't get viruses" fallacy of the 1990s and 2000s).

If any , does this affect the regular Intel gamer or home user ?
 
Joined
Sep 6, 2013
Messages
3,329 (0.81/day)
Location
Athens, Greece
System Name 3 desktop systems: Gaming / Internet / HTPC
Processor Ryzen 5 5500 / Ryzen 5 4600G / FX 6300 (12 years latter got to see how bad Bulldozer is)
Motherboard MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2) / Gigabyte GA-990XA-UD3
Cooling Νoctua U12S / Segotep T4 / Snowman M-T6
Memory 32GB - 16GB G.Skill RIPJAWS 3600+16GB G.Skill Aegis 3200 / 16GB JUHOR / 16GB Kingston 2400MHz (DDR3)
Video Card(s) ASRock RX 6600 + GT 710 (PhysX)/ Vega 7 integrated / Radeon RX 580
Storage NVMes, ONLY NVMes/ NVMes, SATA Storage / NVMe boot(Clover), SATA storage
Display(s) Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) ---- 19'' HP monitor + BlitzWolf BW-V5
Case Sharkoon Rebel 12 / CoolerMaster Elite 361 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Keyboard CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Software Windows 10 / Windows 10&Windows 11 / Windows 10
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty. The program has clearly sprung up a cottage industry of security researchers (uni professors and their college grad minions) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties. The BBP has become a fountainhead of headache for CTOs and CIOs.

AMD is safer only because its market footprint is too small in the datacenter space, most of these side-channel attacks affect datacenters, and you can't hack AMD processors for rich bounties (it's similar to the "Macs don't get viruses" fallacy of the 1990s and 2000s).

Putting the head in the sand doesn't make the CPUs more secure. And the latest example with those two AMD vulnerabilities prove that Intel is paying for ANY security bug, not just for those in Intel CPUs. And if we consider that we have a dozen or even dozens of vulnerabilities of Intel CPUs already exposed, I guess most of those researchers will turn to AMD CPUs hoping to prove your point, that AMD CPUs are not as secured as people think or say. That means that it's not in Intel's best interest to stop financing those researchers now, now that almost all Intel CPUs vulnerabilities are exposed and researchers might turn to AMD CPUs. Except if of course AMD CPUs ARE in fact much more secure and even now a researcher will have more chances with an Intel CPU than an AMD CPU.
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
If any , does this affect the regular Intel gamer or home user ?
No, but if Intel decides to shove a mitigation down our throats via Windows 10 Cumulative Update or BIOS updates, it will cost performance all the same.

As I mentioned in many older threads, the problem is not the CVE discoveries, but the forced mitigations chipping away at performance. Even if by tiny bits.
 
Joined
Jul 7, 2014
Messages
97 (0.03/day)
Processor Ryzen 5600X
Motherboard MSI B450i
Cooling CM MasterLiquid Lite 120
Memory 16GB Crucial Ballistix
Video Card(s) EVGA 3060 Ti
Storage Kingston A2000 NVMe
Display(s) ViewSonic VX2758A-2K-PRO
Case SilverStone SG13
Audio Device(s) O2+ODAC
Power Supply Corsair RMx 550W
Mouse Mionix Castor
Keyboard Keychron K7
Software W10 Pro
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty.

Ah yes, security through obscurity, because that has ever worked before.

Everybody gangsta until a new wave of bitcoin ransomware.
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Everybody gangsta until a new wave of bitcoin ransomware.
Name a ransomware that leverages a CPU-level vulnerability. Bonus points for one that leverages a side-channel attack vector.
 
Joined
Jul 7, 2014
Messages
97 (0.03/day)
Processor Ryzen 5600X
Motherboard MSI B450i
Cooling CM MasterLiquid Lite 120
Memory 16GB Crucial Ballistix
Video Card(s) EVGA 3060 Ti
Storage Kingston A2000 NVMe
Display(s) ViewSonic VX2758A-2K-PRO
Case SilverStone SG13
Audio Device(s) O2+ODAC
Power Supply Corsair RMx 550W
Mouse Mionix Castor
Keyboard Keychron K7
Software W10 Pro
It is now in the toolkit of malware writers so why wouldn't they use it.

And trying to shift the blame on researchers is ridiculous, all of these attacks stem from a single decision Intel made about deferring access checks in speculation to chase cheap performance gains and now they are getting punished for it.
 
Joined
Oct 15, 2019
Messages
585 (0.31/day)
As I mentioned in many older threads, the problem is not the CVE discoveries, but the forced mitigations chipping away at performance. Even if by tiny bits.
How insane can you get? If no bug bounties are present, the findings could be sold on the black market instead. Now the work is effectively incentivized making the black marked angle a lot more difficult to pursue.

The mitigations are important in this scheme, as otherwise we will end up with machines that have publicly known vunerlabilities. You don’t find malware using these exploits, as the vunerlabilities are typically fixed at the time the research papers are released.

Also, no-one is forcing you to use the mitigations, so stop complaining! Just install linux and disable them, problem solved. Most of the windows mitigations can also be disabled if you like living on the edge.
 
Joined
Sep 17, 2014
Messages
22,437 (6.03/day)
Location
The Washing Machine
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling Thermalright Peerless Assassin
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
I figured it out. CVE actually stands for Corona Virus for Electronics.

It gets the elderly architectures first.
 
Joined
Nov 18, 2010
Messages
7,530 (1.47/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
Also, no-one is forcing you to use the mitigations, so stop complaining! Just install linux and disable them, problem solved. Most of the windows mitigations can also be disabled if you like living on the edge.

No the cannot be disabled already for a year+. Those are baked permanently in the kernel.

Your provided solution doesn't make sense much either.
 
Joined
Aug 13, 2009
Messages
3,215 (0.58/day)
Location
Czech republic
Processor Ryzen 5800X
Motherboard Asus TUF-Gaming B550-Plus
Cooling Noctua NH-U14S
Memory 32GB G.Skill Trident Z Neo F4-3600C16D-32GTZNC
Video Card(s) Sapphire Radeon Rx 580 Nitro+ 8GB
Storage HP EX950 512GB + Samsung 970 PRO 1TB
Display(s) HP Z Display Z24i G2
Case Fractal Design Define R6 Black
Audio Device(s) Creative Sound Blaster AE-5
Power Supply Seasonic PRIME Ultra 650W Gold
Mouse Roccat Kone AIMO Remastered
Software Windows 10 x64
At this point I think the only way Intel can fight these vulnerability discoveries is by killing the bug bounty program, or significantly reducing the bounty. The program has clearly sprung up a cottage industry of security researchers (uni professors and their college grad minions) bruteforcing Intel processors for vulnerabilities that they can write papers on (earn citations), report back to Intel, and claim the cash bounties. The BBP has become a fountainhead of headache for CTOs and CIOs.

AMD is safer only because its market footprint is too small in the datacenter space, most of these side-channel attacks affect datacenters, and you can't hack AMD processors for rich bounties (it's similar to the "Macs don't get viruses" fallacy of the 1990s and 2000s).
You forgot to take the brain pill today or what?
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
How insane can you get? If no bug bounties are present, the findings could be sold on the black market instead. Now the work is effectively incentivized making the black marked angle a lot more difficult to pursue.

Bug Bounty Program provides a legitimate way of making money and paying taxes. Selling exploits on the dark web isn't something you can write in your income-tax filing, resume, or PhD application (not sure about its legality). I doubt there would be half as many cybersec researchers without the program (legit means of making money and earning academic citations).

A different kind of cyber-sec researchers are funded by Wall Street (hedge fund managers or those holding shorting positions against tech companies, remember CTSFlaws?).

The mitigations are important in this scheme, as otherwise we will end up with machines that have publicly known vunerlabilities. You don’t find malware using these exploits, as the vunerlabilities are typically fixed at the time the research papers are released.

All that BBPs without permanent non-disclosure clauses end up achieving is giving malware writers ideas so they can go after the vast majority of computers that stay unpatched or rarely patched.

Also, no-one is forcing you to use the mitigations, so stop complaining! Just install linux and disable them, problem solved. Most of the windows mitigations can also be disabled if you like living on the edge.
These mitigations are made part of cumulative updates that include other fixes or feature updates, and eventually become part of Windows codebase with each version. The manner in which they're distributed makes them a ramthroat.
 
Joined
Oct 15, 2019
Messages
585 (0.31/day)
No the cannot be disabled already for a year+. Those are baked permanently in the kernel.

Your provided solution doesn't make sense much either.
Well then use the old kernel until the new one is faster with mitigations than the old one without mitigations. Gentoo works as well, if you wish to have better control over what security patches you wish to have in your computer. As for windows you can use inSpectre tool to make your computer less safe. Easy.

Bug Bounty Program provides a legitimate way of making money and paying taxes. Selling exploits on the dark web isn't something you can write in your income-tax filing, resume, or PhD application. I doubt there would be half as many cybersec researchers without the program (legit means of making money).
You are absolutely correct! Without this the same easy exploits could be achievable to black hats, who now have much harder time than before due to having to beat a bunch a researchers to the party.

also, please refrain from the ”security through obscurity” -fallacy.
 
Last edited:
Joined
Nov 18, 2010
Messages
7,530 (1.47/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
Well then use the old kernel until the new one is faster with mitigations than the old one without mitigations. Gentoo works as well, if you wish to have better control over what security patches you wish to have in your computer. As for windows you can use inSpectre tool to make your computer less safe. Easy.

Refrain from commenting if you do not have a clue about windows ecosystem.

Linux is not a magic bullet either way regarding to CPU flaw exposure.
 
Joined
Oct 15, 2019
Messages
585 (0.31/day)
Refrain from commenting if you do not have a clue about windows ecosystem.

Linux is not a magic bullet either way regarding to CPU flaw exposure.
Do you imply that the inspectre tool does not work? You can also make hardware changes to limit the number of mitigations that are loaded when the OS starts.
 
Top