Latest Intel and AMD vulnerabilities a gentle reminder to switch to Apple silicon
A pair of vulnerabilities have been discovered impacting Intel and AMD CPUs, and they both affect generations of processors for those who haven't updated their systems yet.
Intel logo
The new threats are called "Downfall" and "Inception," and both rely on speculative execution in a similar way as the Meltdown and Spectre bugs, respectively. They are both described as being of "medium" severity, with Downfall impacting Intel chips and Inception targeting AMD processors.
Intel and AMD have both issued OS-level microcode software updates as of now, with both companies aiming to address both vulnerabilities. As reported by Ars Technica, the two companies have also confirmed that they have not identified any exploits that exist for either vulnerability.
However, it's important that manufacturers issue their own updates to address the issues once Intel and AMD make them available. Both Downfall and Inception are risks to consumer products, server CPUs, and workstations, any of which are equipped with years-old Intel or AMD processors.
Downfall
By all accounts, Downfall is the bigger of the two vulnerabilities. It's known as "CVE-2022-40982," and it's outlined by Google security researcher Daniel Moghimi. He describes it as such:
"The vulnerability is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This allows untrusted software to access data stored by other programs, which should not normally be accessible. I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution. To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques. You can read the paper I wrote about this for more detail."
Moghimi says Downfall is a "successor" to the Meltdown vulnerability, as they both rely on speculative execution to harm affected systems.
Intel says all processors based on Skylake, Kaby Lake, Whiskey Lake, Ice Lake, Comet Lake, Coffee Lake, Rocket Lake, and Tiger Lake are all impacted by Downfall, along with other processor generations as well. That means most chips produced from 2015 and newer are affected.
Intel haunted by Spectre
However, Intel's newest 12th- and 13th-generation chips based on Alder Lake and Raptor Lake are not affected. Meanwhile, Celeron, Pentium, and Apollo low-end CPUs are not affected, either.
Inception
Inception is also known as "CVE-2023-20569," and it's a descendent of the Spectre bug, and it's described as "Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
Security researchers at ETH Zrich's COSMEC group point out that this vulnerability can leak arbitrary data on a range of AMD processors, including Ryzen, EPYC, and Threadripper. The group has also published a proof-of-concept video showing off the vulnerability.
The good news is these vulnerabilities have been addressed by Intel and AMD, and neither appears to be as dangerous as the vulnerabilities they are descended from, Meltdown and Specter.
Might be a good time to upgrade to Apple silicon
Still, if nothing else, these widespread vulnerabilities are a gentle reminder that Apple has moved away from Intel in its choice of processors. The company is now all-in with Apple Silicon, meaning it doesn't need to worry about Intel or AMD vulnerabilities like these.
Apple silicon
It's worth noting that there are still some vulnerabilities that can pop up, even for Apple silicon. The "PacMan" flaw was an echo of Spectre and Meltdown in 2022, for instance, albeit one that did not seriously harm any computers out in the real world.
Read on AppleInsider
Comments
Now tell us why.
What? That makes no sense. I think you're missing a few details.
Before Apple adopted Intel processors, Mac OS (or OS X) ran on Motorola PowerPC chips.
Are you claiming that ARM chips (of which M-series chips are built) are actually built using Intel x86 architecture? Not true at all. ARM and x86 are entirely separate architectures. If your claim had any truth to it, Microsoft would not have had so much trouble rolling out their ARM-based Windows.
Rosetta translates executable code of applications, not the OS, that haven't yet been built for Apple silicon. That's the only role that Rosetta plays. macOS itself is not running ON Rosetta.
I don’t think iBiCCC understands the difference between a programming language and a compiler.
Whether the weight of x86 flaws and engineering compromises will eventually sink the platform before a fundamental shift in computing makes it moot remains to be seen. As of right now, it’s mostly propped up by the inertia of the software market and the knowledge base of engineers and developers. If either of those advantages falter, or a competing market need (power savings, heat dissipation, $$, etc) becomes paramount, x86 will fail in the market.
Either way, the premise is still sound: there are significant factors that make transitioning to Apple Silicon, and ARM generally (or other architectures), a good move for numerous market segments.
I contend that the final straw that broke the Apple-Intel relationship's back probably had more to do with Intel's inability to reliability deliver series-to-series incremental improvements at levels that Apple demanded to support their aggressive product growth strategy. Intel may have been happy with its pace of incremental improvements because they had so many other customers to feed. Many of those other customers were selling Wintel PCs across a wide spectrum of price-performance capabilities and were completely happy to tailor their products and release schedules to be only as good as what Intel allowed them to be. Not Apple.
Trying to get customers to upgrade based on small spec bumps is not a winning strategy. It's a me-too strategy that the Wintel market has exploited to perfection. Their customer base has been calibrated and conditioned to expect mediocrity. Intel and Microsoft have gladly obliged their customer's meager expectations. This left the Wintel OEMs to compete mostly on price, a strategy that works for fast food burgers and gas stations, but kind of sucks for selling durable goods with thin margins.
Apple didn't want to play this game, especially at a time when they were seeing their own A-series SoCs leapfrogging in performance from one series to the next. Plus, Apple was seeing their own SoCs approaching, and ultimately surpassing the performance of what Intel was making them wait much too long to obtain. There was a time when Intel helped buoy Apple's ambitions, especially in the PPC to x86 transition years, but it undoubtedly reached a point where Intel became an anchor slowing Apple down. Even though the M1 didn't completely cover every role Intel's processors filled, it achieved a critical mass of capability and performance for a critical mass of Apple customers.
Yeah, Apple left some things on the table in the process, like discrete GPUs, some huge memory model designs, and BootCamp. However, the net result and multifaceted benefits achieved with the move to Apple Silicon are probably well beyond anything Apple envisioned as a best-case outcome. Avoiding some of these latest security flaws that plague x86 are like having a few extra sprinkles on the winning cake's icing. Apple has been enjoying their cake since the first round of M1 Macs hit the market and things have only gotten better since then.
Can Intel, AMD, Nvidia, Qualcomm truly pull even to a motivated Apple who controls both OS and hardware design? That is the Apple disruption with the M-series introduction, (AMD and Nvidia, have to be recalibrating the wattage and MHz levels they currently use in general), and next year, Intel and Qualcomm in particular will have one more chip to contend with in the R1 coprocessor which wasn’t on their radar?
Right now Nvidia GPU’s on the surface are king, but that high power (wattage/MHz) can’t go on forever, Apple at some point M4, M5? will reach parity and will do it with lower wattage and MHz.
And this is why I am buying more Apple shares.
https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/