Intel claims CPU security flaw not unique to its chips, implies ARM and AMD chips could be...

Posted:
in Current Mac Hardware edited January 2018
Intel has responded to reports of a wide-reaching kernel memory security issue, saying that it is an industry-wide issue, and not specific to Intel -- but the company fails to quantify specifically what it is doing to solve the problem.




Following initial reports of a problem with how Intel's X86 architecture fails to properly secure kernel memory, Intel issued a statement on Wednesday afternoon about the matter. In its declaration on the matter, Intel declares that AMD and ARM processors are subject to the same bug -- despite AMD having already denied that it is afflicted.

Intel's statement in its entirety is as follows:
Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a "bug" or a "flaw" and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices -- with many different vendors' processors and operating systems -- are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.
Despite Intel explicitly denying that it is a bug in its statement, Apple, Microsoft, and others are already dealing with the problem. Apple has already at least in part rectified the issue in macOS High Sierra 10.13.2 from December, with Microsoft apparently having a patch in the works for Windows 10.

Intel's statement also seems at least partially contrary to claims that performance would be impacted, and cloud computing venues such as Amazon EC2, Microsoft Azure, and Google Compute Engine would feel the impact most severely.

Update: More details have emerged about the trio of exploits that appear to have been combined for the original reporting from Tuesday night. Two of the vulnerabilities called "Meltdown" and "Spectre" can be executed on nearly every X86 device produced since 1997. Contrary to Intel's statement, one researcher informed ZDNet that an attacker could likely steal "any data on the system" but if the researcher was talking about drive or RAM contents wasn't clear.

Multiple watchdogs see no evidence of any exploits being used now, or in the past. However, on Wednesday, proof-of-concept code was revealed.

ARM has confirmed that the Cortex-A family is affected, but the Cortex-M chip found in "internet of things" devices is not.

"The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants," AMD said in a statement. "Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time."
«13

Comments

  • Reply 1 of 49
    ivanhivanh Posts: 578member
    It’s nothing new or a secret. It was there since 8086 and 8088 in the kernel. It was used by many governments on 80386 and onwards and as a back-door for decades. Fix it? No way.
  • Reply 2 of 49
    I don't care if every CPU is compromised.. I still want a replacement or a refund.
    viclauyycnapoleon_phoneapartarthurbarepressthis
  • Reply 3 of 49
    Mike WuertheleMike Wuerthele Posts: 6,257administrator
    ivanh said:
    It’s nothing new or a secret. It was there since 8086 and 8088 in the kernel. It was used by many governments on 80386 and onwards and as a back-door for decades. Fix it? No way.
    Considering the flaw was introduced with 64-bit CPUs in 2003 or so, I suspect you may be thinking of something else.
    edited January 2018 chiabkkcanuckracerhomie3arthurbaxzucornchipmuthuk_vanalingamrepressthiswatto_cobrafastasleep
  • Reply 4 of 49
    wood1208wood1208 Posts: 2,541member
    By the time some hacker understands how to exploit the flaw, patch is already in place. No foul No harm!!.
    watto_cobra
  • Reply 5 of 49
    wood1208 said:
    By the time some hacker understands how to exploit the flaw, patch is already in place. No foul No harm!!.
    Except the hit to performance.
    napoleon_phoneapartarthurbarepressthis
  • Reply 6 of 49
    wood1208 said:
    No foul No harm!!.
    I rather inane comment.

    cornchiprepressthiswilliamlondon
  • Reply 7 of 49
    Mike WuertheleMike Wuerthele Posts: 6,257administrator
    wood1208 said:
    By the time some hacker understands how to exploit the flaw, patch is already in place. No foul No harm!!.
    Except the hit to performance.
    Doesn't appear to be one on the Mac. What appears to be most of the fix was implemented in 10.13.2.
    cornchiprepressthiswatto_cobra
  • Reply 8 of 49
    I watched Intel's CEO interview live ( https://www.cnbc.com/2018/01/03/intel-ceo-brian-krzanich-on-security-flaw.html ) and I would characterize it as damage control, with little substance.  AMD has already rebuked Intel's statement  ( https://www.cnbc.com/2018/01/03/amd-rebukes-intel-says-flaw-poses-near-zero-risk-to-its-chips.html ).

    There is MUCH more to this story (Intel claims this was uncovered by Google "a couple of months ago", but Apple had a fix out Dec 6th (OS X 10.3.2)).  In the Interview Intel's CEO seemed to the scold the press for highlighting an unfortunate leak by a Linux programmer (who posted his findings on GitHub).   

    Intel also notes how the "industry" is working together to provide software fixes - without noting that those don't solve the hardware problem.  And if not carefully tailored to fix the kernel issues on an individual chip basis the software fixes could cause serious issues for non-affected chips (including Apple's and AMD's - remember that virtual OS can be chip agnostic). 


    StrangeDaysbestkeptsecretrepressthis
  • Reply 9 of 49
    So Intel is in high ground now?
  • Reply 10 of 49
    "I don't have a drug problem because you're an alcoholic!" -Intel
    StrangeDaysRayz2016bestkeptsecretrepressthiswatto_cobra
  • Reply 11 of 49
    volcanvolcan Posts: 1,799member
    AMD denies its processors have the same vulnerability.

    Email from Tom Lendacky SMTS Software Engineer - ‎AMD

    From Tom Lendacky <>
    Subject [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors
    Date Tue, 26 Dec 2017 23:43:54 -0600

    AMD processors are not subject to the types of attacks that the kernel
    page table isolation feature protects against.  The AMD microarchitecture
    does not allow memory references, including speculative references, that
    access higher privileged data when running in a lesser privileged mode
    when that access would result in a page fault.

    Disable page table isolation by default on AMD processors by not setting
    the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI
    is set.

    Signed-off-by: Tom Lendacky <[email protected]>
    ---

    xzubestkeptsecretrepressthiscornchipwatto_cobra
  • Reply 12 of 49
    Someone from the ARM consortium has apparently confirmed that they're affected.
  • Reply 13 of 49
    wood1208 said:
    By the time some hacker understands how to exploit the flaw, patch is already in place. No foul No harm!!.

    Except over a billion Android devices that will never see a patch to fix this.
    jkichlinechiaarthurbaAnilu_777magman1979williamlondoncornchipwatto_cobra
  • Reply 14 of 49
    edited January 2018 dewmexzuemoellerwatto_cobra
  • Reply 15 of 49
    I don't care if every CPU is compromised.. I still want a replacement or a refund.
    I’m curious on what grounds you actually may have the right to either of the two. Apart from commons sense of course, just I don’t think IBM (or the OEM for that matter) promised the absence of this particular flaw. So you’re in the arena if “general quality expectations” relate to state of the art etc. I suppose? 
    Any legal insight into this would be welcome. 
    watto_cobra
  • Reply 16 of 49
    dewmedewme Posts: 3,809member
    Intel's response is a bit vague but it almost sounds like CPU features put in place to allow kernel mode debug tracing and monitoring may be susceptible to nefarious hacking? I do know that companies like Intel (and pretty much all product manufacturers) are very adamant about never using or allowing words like "defect" and "flaw" to be used in association with their products, both internally and externally. This is due to product liability concerns and forced transparency of Title 21 CFR Part 11 regulations in certain industries. No surprise at all that Intel is getting out in front of this and squashing those words from the developing narrative. 

    I'm willing to give Intel the benefit of the doubt and take a wait-and-see approach. They do seem to have some pretty sharp business and engineering minds in their ranks. Let's see what they will do in conjunction with their OS vendor partners.

    Just my opinion, but I've always found that the least productive and most damaging reaction to anything that like this is panic. Panic coupled with a lack of data, speculation, and insufficient understanding of the issue will most certainly latch the Bozo Bit and cause normally stable people to do really stupid things, like wrapping their PC in tin foil and burying it in the backyard, or reverting to using an abacus as their only computing device. Hopefully the media won't run amok with this like they so often do with anything Apple related.  
    watto_cobra
  • Reply 17 of 49
    dewmedewme Posts: 3,809member
    Very interesting. 

    This guy kind of speculated about this exact vulnerability several months ago. https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/
  • Reply 18 of 49
    lkrupplkrupp Posts: 9,452member
    I don't care if every CPU is compromised.. I still want a replacement or a refund.
    Then lawyer up, dude. Wanting and getting are not related.
    StrangeDayswatto_cobra
  • Reply 19 of 49
    dws-2dws-2 Posts: 267member
    better headline: "Intel deflects blame"
    monstrositywatto_cobra
  • Reply 20 of 49
    foggyhillfoggyhill Posts: 4,767member
    wood1208 said:
    By the time some hacker understands how to exploit the flaw, patch is already in place. No foul No harm!!.
    What? You think these things are actually getting fixed in most machines? dream on, you'll get tens of millions of compromised machne essentially forever.

    watto_cobra
Sign In or Register to comment.