CacheOut is the Latest Speculative Execution Attack for Intel Processors

lexluthermiester · Jan 30, 2020

Steevo said:
So if AMD can do it with a tenth the budget does that make them awesome or Intel that shitty?

Flawed premise. You are assuming that the engineers are careless, that security testing was not done and that the qualification stage of R&D fails to double and triple check engineering samples.

These vulnerabilities are being discovered by methods the engineers never conceived of, let alone could have predicted and prevented.

trparky · Jan 30, 2020

lexluthermiester said:
You are assuming that the engineers are careless

I wouldn't go so far as to say that they were careless, I'd go more with the idea that they were rushed by upper management to push a product out faster with less validation.

I read a Reddit post that was written by a person who worked on the Centaur x86 chip. He mentioned that he knew people who worked at Intel back in 2014 and many of Intel's upper management wasn't happy with the engineering departments rather glacial pace at validating new hardware to be shipped to end-users so they pushed the engineering departments to go faster. Unfortunately, I think the whole industry is paying for that mistake right now. Slow and steady wins the race.

https://www.reddit.com/r/hardware/comments/ep0lf4/_/fenxd69
I don't know if I should believe fully in what that guy said but knowing how upper management of some companies is monumentally stupid I wouldn't put it past them for making such a stupid move. I fully believe in the idea of failing upwards. Those who can, do; those who can't, manage.

R-T-B · Jan 30, 2020

These vulnerabilities are incredibly clever, timing based vulnerabilities.

Think of it this way: in binary logic a cpu problem can only be true or false. A program makes a request for data it has no rights too. It is (correctly) told to screw itself. Thing is, someone figured out it takes slightly longer when the value is "false" for the processor to return the "fudge off" command. Guess what you can now reliably infer from that? Yep, the complete boolean. And you can do it again and again...

Would you have ever considered this as an engineer? It's basically the "I can tell when you are lying" problem in computer form.

System Name	My Ryzen 7 7700X Super Computer
Processor	AMD Ryzen 7 7700X
Motherboard	Gigabyte B650 Aorus Elite AX
Cooling	DeepCool AK620 with Arctic Silver 5
Memory	2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s)	XFX AMD Radeon RX 7900 GRE
Storage	Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s)	Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case	Lian Li LANCOOL II MESH C
Audio Device(s)	On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply	MSI A850GF
Mouse	Logitech M705
Keyboard	Steelseries
Software	Windows 11 Pro 64-bit
Benchmark Scores	https://valid.x86.fr/liwjs3

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	64GB (2x 32GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11 Enterprise IoT 2024

CacheOut is the Latest Speculative Execution Attack for Intel Processors

lexluthermiester

trparky

R-T-B