1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AMD Zen 2 processors get hardware level Spectre protection

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Feb 1, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    36,089
    Likes Received:
    5,125
    GPU:
    AMD | NVIDIA
  2. fantaskarsef

    fantaskarsef Ancient Guru

    Messages:
    10,735
    Likes Received:
    2,904
    GPU:
    2080Ti @h2o
    Hardware fixed in 2019...

    ... so let's pray that nobody decides to get the exploit working on AMD systems in the next 12 to 18 months?
     
    cryohellinc likes this.
  3. thatguy91

    thatguy91 Ancient Guru

    Messages:
    6,648
    Likes Received:
    97
    GPU:
    XFX RX 480 RS 4 GB
    It's blocked in firmware and OS, if updated. This is referring to a hardware redesign.
     
  4. fantaskarsef

    fantaskarsef Ancient Guru

    Messages:
    10,735
    Likes Received:
    2,904
    GPU:
    2080Ti @h2o
    IF you have gotten the firmware for your CPU AND it works properly (which many have not).
    IF you updated your OS to have it "secure" (which I am not sure they have, did win7 get ALL the fixes?).
    IF you believe that those firmware and OS updates really help (did you read about what Torvals said about them?)

    This is a security issue, and as such I don't fancy hearing about IFs that last for 18 months. This whole issue was supposed to be taken care of in 6 to 7 months after being discovered (that time ended last week and we're not that much closer to having real fixes across all platforms and vendors than we were a month ago).
    More than enough time for any capable programmer to try and up their botnet right now via the IoT crap devices nobody patches. Or consoles. Or smartphones / tablets.
     
    386SX likes this.

  5. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    4,427
    Likes Received:
    1,354
    GPU:
    HIS R9 290
    The vast majority of Ryzen users right now are enthusiasts or are built/maintained by enthusiasts; I'm sure they've ran the updates by now.
    Due to the deliberate negligence of Windows 8 and older (by either MS or AMD - doesn't really matter who), pretty much all Ryzen users are on Windows 10, Linux, or FreeBSD and likely have their CPU up-to-date. If they're not, well, it wouldn't take much effort to temporarily boot another OS to patch their CPU if they're worried enough.
    To my recollection, Torvalds was only complaining about Intel's patch. So far, AMD has been pretty wary of having Intel's patches applied to them; a month ago they have requested their CPUs be blacklisted from some changes (at least in Linux, which is what Torvalds is all about).

    I agree that this issue should've been taken care of much sooner (or at least these companies should've had well-written and reviewed patches by now). But remember that only Intel is the one to really be worried about, due to the remote access - all other chip manufacturers don't seem to have that glaring issue, which includes ARM, MIPS, IBM, AMD, and Oracle.
    As for IoT devices, I'm sure exploiting the risks on them isn't worth anyone's time. All connected consoles are likely patched by now. Smartphones and tablets are the major ones to worry about, since many of them "can't" be updated.


    I don't think there's anything to worry about for upcoming CPUs from all brands. In general, I don't think there's anything to worry about for existing CPUs either, except maybe in smartphones.
     
  6. Noisiv

    Noisiv Ancient Guru

    Messages:
    6,655
    Likes Received:
    496
    GPU:
    2070 Super
    That is factually wrong and it's not what AMD said, at least not during the conference call. This is what Lisa said during conference call:

    As a reminder, we believe Meltdown is not applicable to AMD processors.

    For Spectre Variant 1, we continue actively working with our ecosystem partners on mitigations, including operating system patches that have begun to roll out. We continue to believe that Variant 2 of Spectre is difficult to exploit on AMD processors. However, we are deploying CPU microcode patches that in combination with OS updates provide additional mitigation steps. Longer term, we have included changes in our future processor cores, starting with our Zen 2 design, to further address potential Spectre like exploits. We continue to collaborate closely with the industry on these vulnerabilities and are committed to protecting AMD users from these and other security threats as they arise.



    Which is a step down from the "near zero risk" rhetoric which landed them a lawsuit, but apparently still vague enough to cause confusion.


    Can these new exploits be enabled remotely?
    No. Any malware using this side channel analysis method must be running locally on the machine. Following good security practices that protect against malware in general will also help to protect against possible exploitation until updates can be applied.
    https://www.intel.com/content/www/u...side-channel-analysis-and-intel-products.html
     
    fantaskarsef likes this.
  7. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    1,941
    Likes Received:
    1,241
    GPU:
    2 x GeForce 1080 Ti
    Yeah, I'm wary of my lone Intel system (although it should have been patched by now), but have no concerns about my AMD ones. I look forward to Zen 2 but not for the Spectre protection - it was Meltdown that caused all this panic, as it was the really serious threat, and it only affected Intel processors. It was only because Intel's PR tried to conflate Meltdown with Spectre that the latter was given any sort of limelight.
     
  8. Silva

    Silva Master Guru

    Messages:
    938
    Likes Received:
    312
    GPU:
    Asus RX560 4G
    Guess I'll wait for Zen2 then, hopefully the DDR4 crisis will be over by then.
     
    HitokiriX likes this.
  9. RzrTrek

    RzrTrek Ancient Guru

    Messages:
    2,285
    Likes Received:
    588
    GPU:
    RX 580 8GB ❤ 144hz
    I heard that it usually takes 3-5 years to make these kind of changes into silicon or perhaps they got their numbers wrong?
     
    Last edited: Feb 1, 2018
  10. kruno

    kruno Master Guru

    Messages:
    252
    Likes Received:
    67
    GPU:
    4890/1
    AMD is already pretty resilient to Spectre and have their secret sauce , memory encrypting, so i guess it probably doesn't take much of silicon change for them to implement that.
    And about 3-5 years , that is usually how long it takes to develop new arch , since they don't need to develop new arch , just apply some changes to already developed arch before it gets send to FAB for manufacturing they don't need 3-5 years.What i mean by that is that changes required to be done to CPU doesn't need whole new arch just couple tweaks to existing
     

  11. ZXRaziel

    ZXRaziel Member Guru

    Messages:
    125
    Likes Received:
    42
    GPU:
    Nvidia
    Not good enough , Intel will have the fix sorted this year according to he latest update . They all knew about the problem long enough imo to have this sorted in the next release , Ryzen+ in this case .
     
  12. JamesSneed

    JamesSneed Master Guru

    Messages:
    589
    Likes Received:
    200
    GPU:
    GTX 1070
    I understand the patches should have been out earlier and agree. But the folks here talking about Intel will have it fixed sooner or all the IF this IF that are not really on point. Intel has committed to fixing these vulnerabilities in Ice Lake which at best is end of 2018 not much sooner than AMD should have Zen 2. Intel also has the most exposure to the variants. The other thing on all the If this if that patches micro code etc the only other option is to buy a new CPU with the fixes. I just don't understand all the hate as AMD is the least impacted CPU vendor of the bunch because they focused on security with the Zen design and they will only be shortly behind Intel with new CPU's that have the fixes in the silicon.

    Personally I felt AMD and Intel commiting to fixes in Zen 2 and Ice Lake was pretty darn fast. Intel already has Ice Lake tape in ready so this is going to cost them a bit to go back and fix the design. This is also why i'm a little sceptical on their 2018 release date as it has to push them back a bit.

    Maybe I'm just a half glass full person but I thought this was positive to have both AMD and Intel committed to these design fixes on there next round CPU's.
     
  13. user1

    user1 Maha Guru

    Messages:
    1,386
    Likes Received:
    445
    GPU:
    hd 6870
    fantaskarsef likes this.
  14. sverek

    sverek Ancient Guru

    Messages:
    5,304
    Likes Received:
    2,159
    GPU:
    NOVIDIA -0.5GB
    So having a bit of sense not to click on every "DOWNLOAD" button on browser ruins all the fun?
    Damn you common senses!

    What took them too long to create simple damn virus with all info vulnerabilities information leaked.
    Anyway, I am just having fun watching people losing their mind over it.
     
    jaggerwild likes this.
  15. hijodeosiris

    hijodeosiris Active Member

    Messages:
    89
    Likes Received:
    10
    GPU:
    Gigabyte R9 280x
    Is there any way to know if my processor is affected by any of those?
     

  16. sverek

    sverek Ancient Guru

    Messages:
    5,304
    Likes Received:
    2,159
    GPU:
    NOVIDIA -0.5GB
  17. warlord

    warlord Ancient Guru

    Messages:
    2,370
    Likes Received:
    778
    GPU:
    Null
    I am bored with this Spectre/Meltdown noise and stuff. Perhaps tons of people should find new meaning in life. Boredom is harmful nowadays.
     
    jaggerwild likes this.
  18. sverek

    sverek Ancient Guru

    Messages:
    5,304
    Likes Received:
    2,159
    GPU:
    NOVIDIA -0.5GB
    Did you just bore yourself?

    Anyway, people just love drama! Be it politics, new exploits or a celebrity scandal!
    That how human being entertained themselves for ages!
    I mean just create a bit of noise and you got yourself a crowd! And it only snowballing afterwards!
     
  19. user1

    user1 Maha Guru

    Messages:
    1,386
    Likes Received:
    445
    GPU:
    hd 6870
    well the graph shows that the first malware appeared pretty much the day of release, and that the amount of unique samples( i assume means not from the same machine) has been growing exponentially, from around ~25 samples perday to about ~120 perday in less than 2 weeks
    the graph also shows how many unique malwares sampled perday, which for most of the graph has been an avg rate of ~10 new previously unknown malwares perday

    all i can say is that if you have java script enabled on an unpatched device, expect to get aids eventually(primarly info stolen from unpatched android and ios phones), the rate of growth is tremendous, only a matter of time before a trusted site ends up serving tainted ads from a compromised source.
     
  20. sverek

    sverek Ancient Guru

    Messages:
    5,304
    Likes Received:
    2,159
    GPU:
    NOVIDIA -0.5GB
    Yes, JS exploits are scary. But as far as you end up visiting the site you can't trust, there no much you can do. Only pray your browser detects the bad JS and stops it from executing on client side. That why Google been patching Chrome for a while now.

    Again, it's easier for virus to be executed while in binary and downloaded on disk, not poorly written in JS.
    That why vising shady sites with downloading prompting and pressing all download buttons are generally not a good idea.
     

Share This Page