• Hosted by Branzone
  • PayPal Donate

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign | Pe

Submitted by: SINep @ 08:23 PM | Wednesday, January 3, 2018 | (url: https://www.there...)

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features such as PCID to reduce the performance hit. Your mileage may vary.

Best case: 17% slowdown
Worst case: 23% slowdown
The Register (@TheRegister) January 2, 2018

Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated the flaw is in the Intel x86-64 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.

Details of the vulnerability within Intel's silicon are under wraps: an embargo on the specifics is due to lift early this month, perhaps in time for Microsoft's Patch Tuesday next week. Indeed, patches for the Linux kernel are available for all to see but comments in the source code have been redacted to obfuscate the issue.

However, some details of the flaw have surfaced, and so this is what we know.


01-04-18 - 10:45 PM
Dang. They knew since last june.

01-04-18 - 11:51 PM
Yup.. heard an interview from one of the folks credited with uncovering it, who said that he noted before the exploit was announced, that AWS were using these patches that were deliberately costing them CPU cycles, and wondering why they'd be deliberately costing themselves more money like that, which is what got him looking at it.. So it's certainly been "known" by some for a while, even if not publicly announced.
01-05-18 - 12:52 AM
What about things like cars?
01-05-18 - 06:48 AM
generally you don't let other people run code on your car
01-05-18 - 07:21 AM
Originally posted by DMAUL  
generally you don't let other people run code on your car

fuck off, you don't know me
01-05-18 - 08:52 AM
Originally posted by DMAUL  
generally you don't let other people run code on your car

True, but all this shit is connected. Just curious really. Seems like this could have big impacts on the internet of things.
01-05-18 - 09:44 AM
your momma is vulnerable to side channel attacks
01-05-18 - 05:27 PM
For Google Chrome users

Here's how to turn on Site Isolation:

[*]Copy chrome://flags/#enable-site-per-process and paste it into the URL field at the top of your Chrome web browser, and then hit the Enter key.

[*]Look for Strict Site Isolation, then click the box labelled Enable.

[*]Once done, hit Relaunch Now to relaunch your Chrome browser.
01-05-18 - 05:35 PM
MS pushed out by force the patch for this last night/today
01-05-18 - 05:38 PM
There is major patching panic setting in at work
01-05-18 - 07:17 PM
Originally posted by Fling  
What about things like cars?

Geohotz already ruined his AI career by battling Elon Musk
01-06-18 - 03:52 AM
These patches may cause machines to slow down by up to 30 percent due to changes introduced to protect kernel memory. Initial speculation suggests this may increase the cost of cloud computing and that general end users should not notice performance degradation.

There we have it. Just when Adobe etc has basically forced everything onto a cloud based platform - here comes the price hike.
Even if there is absolutely no effect on performance, no one will ever be able to tell if there really was or not. Perfect excuse to hike the rates: 'Sorry, not our fault, blame intel, We had to buy faster hardware.'
01-06-18 - 10:23 AM
Would this explain why it takes so fricken long to view the contents in another drive? I get sick and tired when i open file explorer, click on another drive and watch that green bar of death take its fricking time. REEEEEEEE!
01-06-18 - 10:56 AM
I believe i just got the update. No sooner did i write the above post did M$ want my PC to reboot due to an update. :wet:
01-06-18 - 12:29 PM
Originally posted by samUwell  
I believe i just got the update. No sooner did i write the above post did M$ want my PC to reboot due to an update. :wet:


Login to comment.