• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

"Downfall" Intel CPU Vulnerability Can Impact Performance By 50%

Joined
Jun 24, 2023
Messages
31 (0.06/day)
e3f4751a093df23c71a9e345da2ae70a.jpg
 
Joined
Aug 20, 2007
Messages
21,535 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Joined
Feb 1, 2019
Messages
3,659 (1.70/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
Joined
Jan 10, 2011
Messages
1,451 (0.28/day)
Location
[Formerly] Khartoum, Sudan.
System Name 192.168.1.1~192.168.1.100
Processor AMD Ryzen5 5600G.
Motherboard Gigabyte B550m DS3H.
Cooling AMD Wraith Stealth.
Memory 16GB Crucial DDR4.
Video Card(s) Gigabyte GTX 1080 OC (Underclocked, underpowered).
Storage Samsung 980 NVME 500GB && Assortment of SSDs.
Display(s) ViewSonic VA2406-MH 75Hz
Case Bitfenix Nova Midi
Audio Device(s) On-Board.
Power Supply SeaSonic CORE GM-650.
Mouse Logitech G300s
Keyboard Kingston HyperX Alloy FPS.
VR HMD A pair of OP spectacles.
Software Ubuntu 24.04 LTS.
Benchmark Scores Me no know English. What bench mean? Bench like one sit on?
This uptake in hardware vulnerabilities, and subsequent performance penalties from patches, makes me wonder if operating systems in general should shift towards a linux kernel "flavors" -like approach. Provide two kernels: Performance-oriented with only the most critical microcode patches, and standard/secure with everything locked down.

As an added bonus: Makes all those system hardening guidelines a little easier to maintain...

There are many many editing tools that heavily rely on AVX in some form, and there are whole range of applications for WS which will also will be impacted by the "fix".
To be fair, the vulnerability affects only one set of instructions in AVX2+. Explicit vectorization could forgo the op in favor of alternatives (and afaik, this was the better choice back in the early days).
Could pose problems to auto vectorization tho. But people don't typically expect that much performance out of them...

I'm not an expert, but I wonder if this feared performance loss could be itself mitigated by rewriting code to do manual loads instead of relying on the faulty ops.
 
Joined
Feb 1, 2019
Messages
3,659 (1.70/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
I'm not going to link malware, but you can find source code for examples on as mainstream sites as reddit:

https://www.reddit.com/r/javascript/comments/7ob6a2
Just realised, I cant actually disable meltdown as I am now on a CPU with a hardware mitigation. I am going to research what you said anyway for curiosity purposes but on my system its still mitigated.

Code:
Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False
 
Joined
Jan 11, 2022
Messages
911 (0.85/day)
was there a xeon rocketlake?

sounds like it's not that big a deal if it's just older hardware but new chips aren't vulnerable to it.
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
This uptake in hardware vulnerabilities, and subsequent performance penalties from patches, makes me wonder if operating systems in general should shift towards a linux kernel "flavors" -like approach. Provide two kernels: Performance-oriented with only the most critical microcode patches, and standard/secure with everything locked down.
Microsoft has been doing this for a very long time with Windows. Some mitigations for previous vulnerabilities are not active by default on consumer versions of Windows while being enabled on server editions.
To be fair, the vulnerability affects only one set of instructions in AVX2+. Explicit vectorization could forgo the op in favor of alternatives (and afaik, this was the better choice back in the early days).
Could pose problems to auto vectorization tho. But people don't typically expect that much performance out of them...

I'm not an expert, but I wonder if this feared performance loss could be itself mitigated by rewriting code to do manual loads instead of relying on the faulty ops.
I'm simplifying this a bit here. This vulnerability allows a malicious program using the AVX2 gather instructions to snoop other programs (within the same core, with or without HT) that utilize different types of AVX2 instructions. In modern systems there's many places those instructions are used, particularly around encryption, but not limited to it - SIMD reading, writing and memory copying are also affected. Basically high-performance code paths.
Everything using AES-NI instructions is potentially affected, and that's accelerating the AES cipher used in many protocols including HTTPS. BitLocker also uses it for disk encryption, so theoretically a malicious program could extract its encryption keys. Whether it can be achieved in practice, especially in consumer setting is another issue. On servers it's another can of worms, particularly in cloud or VM environment.

Optimizing for AVX2/-512 brings very measurable increases in performance, so abandoning it is not really a solution. For example on my CPU AES-NI in VeraCrypt is able to achieve 16GB/s, but when disabled the performance tanks to 2.5GB/s. This decrease exceeds even the most pessimistic "up to 50%" impact of DOWNFALL mitigations.

was there a xeon rocketlake?
Yes, both "small server" Xeon-E and workstation Xeon-W, but no big chips.
sounds like it's not that big a deal if it's just older hardware but new chips aren't vulnerable to it.
Intel is still supporting Skylake Xeons launched in 2017 until the end of this year. There's a lot of hardware still in use since then, and most likely running earlier architectures.
The performance impact is really dependent on workload and the actual use cases - if you're using a rack of servers to convert video files in an isolated network segment then you can disable mitigations. If you are a cloud/server hosting facility then you have to enable them in order to avoid potential liability.
 
Joined
Jun 10, 2014
Messages
2,988 (0.78/day)
Processor AMD Ryzen 9 5900X ||| Intel Core i7-3930K
Motherboard ASUS ProArt B550-CREATOR ||| Asus P9X79 WS
Cooling Noctua NH-U14S ||| Be Quiet Pure Rock
Memory Crucial 2 x 16 GB 3200 MHz ||| Corsair 8 x 8 GB 1333 MHz
Video Card(s) MSI GTX 1060 3GB ||| MSI GTX 680 4GB
Storage Samsung 970 PRO 512 GB + 1 TB ||| Intel 545s 512 GB + 256 GB
Display(s) Asus ROG Swift PG278QR 27" ||| Eizo EV2416W 24"
Case Fractal Design Define 7 XL x 2
Audio Device(s) Cambridge Audio DacMagic Plus
Power Supply Seasonic Focus PX-850 x 2
Mouse Razer Abyssus
Keyboard CM Storm QuickFire XT
Software Ubuntu
Ok was hoping for some known in the wild examples, but understand why you wouldnt post the links. Will see if I can find anything out.
Most attack vectors for Spectre etc. rely on manipulating CPU registers to read/copy data that you shouldn't have access to. There is a tiny window of nanoseconds to read out this data. To my knowledge, most interpreted languages don't allow you to even manipulate CPU registers. I know of two main ways to execute a such attack, either you read out some "random" data which happened to be there, or you target a memory address and let the CPU prefetch it, time an attack and retrieve it before it's removed. Both of these examples would also require some bug in the interpreter. Now I haven't studied what is possible through WebAssembly, so something might be possible there... But if someone shows a loop in JavaScript leak some data from one variable to another, that's a JavaScript bug, not a CPU bug. (And I'm not surprised if there are plenty of ways to escape JavaScript's memory sandbox.)
 
Joined
Jan 10, 2011
Messages
1,451 (0.28/day)
Location
[Formerly] Khartoum, Sudan.
System Name 192.168.1.1~192.168.1.100
Processor AMD Ryzen5 5600G.
Motherboard Gigabyte B550m DS3H.
Cooling AMD Wraith Stealth.
Memory 16GB Crucial DDR4.
Video Card(s) Gigabyte GTX 1080 OC (Underclocked, underpowered).
Storage Samsung 980 NVME 500GB && Assortment of SSDs.
Display(s) ViewSonic VA2406-MH 75Hz
Case Bitfenix Nova Midi
Audio Device(s) On-Board.
Power Supply SeaSonic CORE GM-650.
Mouse Logitech G300s
Keyboard Kingston HyperX Alloy FPS.
VR HMD A pair of OP spectacles.
Software Ubuntu 24.04 LTS.
Benchmark Scores Me no know English. What bench mean? Bench like one sit on?
Microsoft has been doing this for a very long time with Windows. Some mitigations for previous vulnerabilities are not active by default on consumer versions of Windows while being enabled on server editions.
Somewhat similar but not quite what I had in mind. Server and PC Windows are de facto two separate platform. The kernel approach I had in mind applies to the same platform depending on the use case, say for example video editing (high performance) and office work (low performance), both cases [generally] apply to the PC (and I'm including workstations in the definition) platform rather than servers. If going by the Windows SKU scheme, they'd need a new Windows version or modify their existing home/pro structure.

SIMD reading, writing and memory copying are also affected.
All articles I've read only mention gather instructions. Nothing I've passed mentions anything about traditional load/store instructions.

No one is arguing the benefits of vectorization in general, but there are more ways to skin this cat.
I did contest benefits of compiler auto-vectorizations in typical scenarios. Applications that do benefit from SIMD tend to have explicit implementations, no?
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
All articles I've read only mention gather instructions. Nothing I've passed mentions anything about traditional load/store instructions.
Gather instructions are always used on the attacking side. The DOWNFALL whitepaper has a list of affected victim instructions. In case of Tiger Lake 850 instructions leaked data in HT environment.
No one is arguing the benefits of vectorization in general, but there are more ways to skin this cat.
I did contest benefits of compiler auto-vectorizations in typical scenarios. Applications that do benefit from SIMD tend to have explicit implementations, no?
It doesn't really matter if they are manual or automatic optimizations when, with the test suite from the paper, 53% of tested AVX2/-512 instructions leak data.
Another issue is that most programs use libraries for high performance code, often without even knowing if they are using vectorized code or not internally. You're not rolling your own AES code, or at least you shouldn't ;), you use OpenSSL or even rely on the operating system in case of Windows/macOS. Those in turn are often vectorized/using hardware instructions like AES-NI in order to increase performance and save power.
 
Joined
Nov 22, 2020
Messages
79 (0.05/day)
Processor Ryzen 5 3600
Motherboard ASRock X470 Taichi
Cooling Scythe Kotetsu Mark II
Memory G.SKILL 32GB DDR4 3200 CL16
Video Card(s) EVGA GeForce RTX 3070 FTW3 Ultra (1980 MHz / 0.968 V)
Display(s) Dell P2715Q; BenQ EX3501R; Panasonic TC-P55S60
Case Fractal Design Define R5
Audio Device(s) Sennheiser HD580; 64 Audio 1964-Q
Power Supply Seasonic SSR-650TR
Mouse Logitech G700s; Logitech G903
Keyboard Cooler Master QuickFire TK; Kinesis Advantage
VR HMD Quest 2
Most attack vectors for Spectre etc. rely on manipulating CPU registers to read/copy data that you shouldn't have access to. There is a tiny window of nanoseconds to read out this data. To my knowledge, most interpreted languages don't allow you to even manipulate CPU registers. I know of two main ways to execute a such attack, either you read out some "random" data which happened to be there, or you target a memory address and let the CPU prefetch it, time an attack and retrieve it before it's removed. Both of these examples would also require some bug in the interpreter. Now I haven't studied what is possible through WebAssembly, so something might be possible there... But if someone shows a loop in JavaScript leak some data from one variable to another, that's a JavaScript bug, not a CPU bug. (And I'm not surprised if there are plenty of ways to escape JavaScript's memory sandbox.)
As was linked upthread, it is possible to do this in JS.

However, browsers quickly mitigated it by reducing the resolution of the timers that Sprectre relied on for its side channel, making data extraction impractical.

All the info you need about this is in the Wikipedia article.
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
However, browsers quickly mitigated it by reducing the resolution of the timers that Sprectre relied on for its side channel, making data extraction impractical.
It's always a game of cat-and-mouse. Here's a paper analyzing those browser mitigations and finding them lacking in certain areas, a short excerpt:
SharedArrayBuffer have been disabled by default in Chrome 60 and Firefox 57.0.4 to mitigate Spectre. With the introduction of mitigations to transient execution attacks, they have been reimplemented. They are available by default in Firefox 79 with COOP/ COEP, and by default in Chrome 68. SharedArrayBuffer based timers are, by far, the most powerful timer available in browsers.
[...]
The offered resolution is sufficient to implement all known timing attacks. In addition, they have a very low measurement overhead and do not need amplification. An attacker using SharedArrayBuffer to build a covert channel can achieve an ideal bit rate of 50 Mbit/ sec on both browsers. This is 800 000 times higher than with performance.now() on Firefox 81 without COOP/ COEP, and 2000 times higher than Chrome 84 and Firefox 81 with COOP/COEP.
 
Joined
Feb 1, 2019
Messages
3,659 (1.70/day)
Location
UK, Midlands
System Name Main PC
Processor 13700k
Motherboard Asrock Z690 Steel Legend D4 - Bios 13.02
Cooling Noctua NH-D15S
Memory 32 Gig 3200CL14
Video Card(s) 4080 RTX SUPER FE 16G
Storage 1TB 980 PRO, 2TB SN850X, 2TB DC P4600, 1TB 860 EVO, 2x 3TB WD Red, 2x 4TB WD Red
Display(s) LG 27GL850
Case Fractal Define R4
Audio Device(s) Soundblaster AE-9
Power Supply Antec HCG 750 Gold
Software Windows 10 21H2 LTSC
Most attack vectors for Spectre etc. rely on manipulating CPU registers to read/copy data that you shouldn't have access to. There is a tiny window of nanoseconds to read out this data. To my knowledge, most interpreted languages don't allow you to even manipulate CPU registers. I know of two main ways to execute a such attack, either you read out some "random" data which happened to be there, or you target a memory address and let the CPU prefetch it, time an attack and retrieve it before it's removed. Both of these examples would also require some bug in the interpreter. Now I haven't studied what is possible through WebAssembly, so something might be possible there... But if someone shows a loop in JavaScript leak some data from one variable to another, that's a JavaScript bug, not a CPU bug. (And I'm not surprised if there are plenty of ways to escape JavaScript's memory sandbox.)
Yep, thats the conclusion I had already reached, difficult to do in the wild.
 
Joined
Aug 20, 2007
Messages
21,535 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Just realised, I cant actually disable meltdown as I am now on a CPU with a hardware mitigation. I am going to research what you said anyway for curiosity purposes but on my system its still mitigated.

Code:
Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False
Yeah honestly the original meltdown only applies to like skylake and older. Maybe Rocket Lake too, I'm not entirely sure anymore, the whole thing is just a wild table of "if this then" that could drive anyone insane lol.

My advice would be to trust your OS vendor unless it really is just a gaming and local code execution rig. In that case, feel free to turn them off.
 
Joined
Jul 5, 2013
Messages
28,215 (6.74/day)
Intel is not longer a company that I respect. :(
-1 for engineering shortcuts.

Booo.
Seriously? :wtf: These kinds of things are not sloppy engineering. No design team is thinking about loop-holes or whacky ways to exploit what they're creating. They're designing the fastest and most efficient way to do the things they're trying to do. These things are not intentional and are not a sign of incompetence.

Come on people, you're all smart enough to know how things work. See sense.

Only a question of time until somebody triggers this from Javascript or Web assembly, so it is relevant to everybody surfing the web.
My guess is no. If it is possible from a remote vector, the difficulty will be high, if not extreme.
 
Last edited:

freeagent

Moderator
Staff member
Joined
Sep 16, 2018
Messages
8,821 (3.86/day)
Location
Winnipeg, Canada
Processor AMD R7 5800X3D
Motherboard Asus Crosshair VIII Dark Hero
Cooling Thermalright Frozen Edge 360, 3x TL-B12 V2, 2x TL-B12 V1
Memory 2x8 G.Skill Trident Z Royal 3200C14, 2x8GB G.Skill Trident Z Black and White 3200 C14
Video Card(s) Zotac 4070 Ti Trinity OC
Storage WD SN850 1TB, SN850X 2TB, SN770 1TB
Display(s) LG 50UP7100
Case Fractal Torrent Compact
Audio Device(s) JBL Bar 700
Power Supply Seasonic Vertex GX-1000, Monster HDP1800
Mouse Logitech G502 Hero
Keyboard Logitech G213
VR HMD Oculus 3
Software Yes
Benchmark Scores Yes
Seriously?
Anything to get the edge on the competition, who are we to say if shortcuts were made or not?

I am sure some concessions were made throughout product development on the entire Core line, from the first to the 14th.

What exactly they were, only someone on the inside could say.. But if a mitigation takes a certain product line back a gen or two..
 
Joined
Apr 6, 2021
Messages
1,131 (0.84/day)
Location
Bavaria ⌬ Germany
System Name ✨ Lenovo M700 [Tiny]
Cooling ⚠️ 78,08% N² ⌬ 20,95% O² ⌬ 0,93% Ar ⌬ 0,04% CO²
Audio Device(s) ◐◑ AKG K702 ⌬ FiiO E10K Olympus 2
Mouse ✌️ Corsair M65 RGB Elite [Black] ⌬ Endgame Gear MPC-890 Cordura
Keyboard ⌨ Turtle Beach Impact 500
Seriously? :wtf: These kinds of things are not sloppy engineering. No design team is thinking about loop-holes or whacky way to exploit what they're creating. They're designing the fastest and most efficient way to do the things they're trying to do. These things are not intentional and are not a sign of incompetence.

Come on people, you're all smart enough to know how things work. See sense.

Engineers are just humans, and humans make errors. Period. ;) I guess the only solution would be chips (and software/firmware) designed by AI. Because machines don't make errors.

Also humans are influenceable, manipulable, corrupt and ideology driven. Just ask yourself, would you pass on a truckload of cash from a GOV agency just for slipping in an exploitable bug?

 
Joined
Feb 3, 2023
Messages
217 (0.32/day)
It requires local privileged access. If an attacker has that, the battle is already lost, so big whoop. Secure your damn systems.
 
Joined
Aug 20, 2007
Messages
21,535 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
It requires local privileged access.
I keep hearing privileged but is there anywhere actually saying/confirming that? Sounds to me like you just need to be able to execute code.
 
Joined
Feb 3, 2023
Messages
217 (0.32/day)
I keep hearing privileged but is there anywhere actually saying/confirming that? Sounds to me like you just need to be able to execute code.
True, it's a PR:L but also an AV:L, so you need at least authenticated local user access. In serious environments you shouldn't allow users to run arbitrary and unverified code. As far as home users who tend to ignore security: It's a side-channel attack. They're difficult to execute efficiently and there is a myriad of easier ways to get what you want - hell, some users will actually give you their bank password if you ask politely, therefore I say it's a "storm in a glass" situation. A lot of noise, realistically not a problem.
 
Joined
Oct 27, 2009
Messages
1,190 (0.22/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
Downfall requires admin access? and will only be relevant in use cases where multiple unconnected users share machines, ie shared server environments. So generally, it's not an issue.

There has been a trend towards security at hardware or other levels, when these are rarely (never?) exploited in the real world anyway. The best hacking tools are social engineering, user and configuration error and generally the human element. Not hardware!
So an issue for every single cloud server...
 
Joined
Nov 26, 2021
Messages
1,703 (1.52/day)
Location
Mississauga, Canada
Processor Ryzen 7 5700X
Motherboard ASUS TUF Gaming X570-PRO (WiFi 6)
Cooling Noctua NH-C14S (two fans)
Memory 2x16GB DDR4 3200
Video Card(s) Reference Vega 64
Storage Intel 665p 1TB, WD Black SN850X 2TB, Crucial MX300 1TB SATA, Samsung 830 256 GB SATA
Display(s) Nixeus NX-EDG27, and Samsung S23A700
Case Fractal Design R5
Power Supply Seasonic PRIME TITANIUM 850W
Mouse Logitech
VR HMD Oculus Rift
Software Windows 11 Pro, and Ubuntu 20.04
So an issue for every single cloud server...
Downfall also relies on SMT as the attacker should be running on the same core as the victim. These cloud providers should stop running programs from different customers on the same cores.
 
Joined
Jul 5, 2013
Messages
28,215 (6.74/day)
Engineers are just humans, and humans make errors. Period.
Exactly. But they're also NOT clairvoyant. There are times when it is impossible to see a problem coming until it's already behind you.

So if I seemed a bit harsh earlier. I'm sorry. The problem is that, some are implying something clumsy, careless or nefarious actions when ALL of these exotic and crazy vulnerabilities in the last 7 years came about from experimentation with the hardware in ways that no one designing said hardware ever planned for, imagined or could have predicted.

We can't lay the blame at their feet and scream "Why did you do this?!?!". It just doesn't work that way.
 
Last edited:
Top