AMD Releases Statement on Foreshadow Exploit

Discussion in '[H]ard|OCP Front Page News' started by Montu, Aug 16, 2018.

  1. Montu

    Montu [H]ard DCOTM x4

    Messages:
    7,804
    Joined:
    Apr 25, 2001
    AMD has released a statement about the Foreshadow exploit and says their processors aren't susceptible to this new speculative attack. This is good news for AMD and should make their data center customers breath a little easier. Intel better get some new processors out that aren't susceptible. Anyway, take a look at what they emailed to Kyle this morning.

    Statement from AMD on Foreshadow exploit.
    As in the case with Meltdown, we believe our processors are not susceptible to the new speculative execution attack variants called Foreshadow or Foreshadow-NG due to our hardware paging architecture protections. We are advising customers running AMD EPYC™ processors in their data centers, including in virtualized environments, to not implement Foreshadow-related software mitigations for their AMD platforms.
    From: GARY SILCOTT
    Sr. Manager | EESC Corporate Marketing
     
  2. M76

    M76 [H]ardness Supreme

    Messages:
    7,474
    Joined:
    Jun 12, 2012
    We believe? WTF does that mean? Either you know they are not, or you don't know. Or you know they are. Anything else is bullshit. So which is it?
     
  3. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    A lot of these exploits are incredibly hard to pull off without very precise and specific knowledge, even then, some of them still don't work without the exact right set of conditions. Trying to recreate those, especially on a consistent basis is even more rare. So basically what they are saying is they have yet to see a successful implementation of it on their systems. That due to the way they handle paging, it is ridiculously low percentage. A person might be able to pull off an attack if several thousand blue moons were to happen simultaneously. So they can't outright claim it is impossible.
     
  4. Uvaman2

    Uvaman2 2[H]4U

    Messages:
    2,461
    Joined:
    Jan 4, 2016
    Its called hedging, they probably tested it, but you can't test all imaginable scenarios, so let's say something somehow and unexpected happens then, had they given definitive statements its that more easy to sue.
     
    katanaD, N4CR, Stimpy88 and 10 others like this.
  5. pcgeekesq

    pcgeekesq [H]ard|Gawd

    Messages:
    1,269
    Joined:
    Apr 23, 2012
    [yawn] Social engineering is still a far greater security vulnerability than these speculative side-channel attacks.
    Have there been any reports of any real systems being compromised for a real loss by any of Spectre, Meltdown, Foreshadow or their ilk?

    All the hype is by and for people with too little knowledge of processor architecture and cryptosecurity to actually understand any of it.
     
  6. M76

    M76 [H]ardness Supreme

    Messages:
    7,474
    Joined:
    Jun 12, 2012
    By that definition nobody can claim anything definitely since quantum physics become known.
     
    N4CR, Stimpy88 and Kyle_Bennett like this.
  7. U-238

    U-238 Limp Gawd

    Messages:
    218
    Joined:
    Aug 14, 2008
    Which is why anybody who works in the tech industry and has any experience always says "should" instead of "will".
     
    ltron, N4CR, Stimpy88 and 7 others like this.
  8. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    Now you are being ridiculous. You can't have it both ways.

    To give an example. We had our vulnerability engineer use the code for spectre to execute the attack on Intel and AMD systems. The Intel system alone took him quite a bit of time and required exact knowledge of the chip in the system, root access to the box, some foreknowledge of the data on the box and a lot of trial and error writing the write algorithm for that specific use case. On the AMD system it took a lot longer to try and achieve the same thing. He also needed the exact chip, root access, even more precise knowledge of not only the data on the box but how it was structured and exponentially more time fiddling with the algorithm until he could get it to work. Even then he could not get it to work consistently on the AMD system. That was also only the one variant of Spectre which AMD admitted there may be some vulnerability to.

    Now you take this new situation where there are even more securities built in, the chances become exponentially smaller. So basically as far as AMD knows, it isn't actually possible. You would have to have something far less probable than a 500million dollar powerball lottery win to make it happen.
     
    N4CR, Ranma, BlueFireIce and 2 others like this.
  9. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    3,849
    Joined:
    Jan 30, 2005
    If you bought Intel processors, you'd want reimbursement not a new product from them that isn't susceptible. Its given that Intel is going to release processors that have been fixed.
     
  10. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    Huh? If it is a given that they will release processors that have been fixed, why wouldn't you want a new product from them? I mean I would completely understand if it wasn't a given that Intel was going to release processors that were fixed...
     
  11. ChadD

    ChadD I Love TEXAS

    Messages:
    3,099
    Joined:
    Feb 8, 2016
    More opportunity for AMD too make some headway in the lucrative markets Intel has owned for years.

    Years of Intels performance cheats are catching up with them.

    I know AMDs chips could have some other issue highlighted at some point... right now though I have to say. As the underdog and constantly behind player in the market its interesting that they have not chosen to take big ugly shortcuts to increase their single thread performance ect. To me it shows that the engineers run AMD... and the salesmen run Intel.

    Not checking permissions before using cache ect that has made Intel chips vulnerable to things like Meltdown and Fshadow is either incompetent or a level of greed that seems unwarranted. Intel has been in the drivers seat for years on performance, and still they felt the need to cheat basic good security practice to gain a few extra % points in performance. I would assume Intels engineers always knew the no look cache use was a mistake... I imagine they where either pushed to hard to hit targets, or their salesmen bosses know just enough about how the chips work to be dangerous. Just skip those checks.... mo speed, mo money.
     
    N4CR, Zuul and Darth Kyrie like this.
  12. ChadD

    ChadD I Love TEXAS

    Messages:
    3,099
    Joined:
    Feb 8, 2016
    Well it would seem now they have a history of fudging or ignoring logical secure design to win benchmarks for the sales team.

    If I was in charge of multi million dollar purchase orders that fact would concern me.
     
    Zuul likes this.
  13. jnemesh

    jnemesh Gawd

    Messages:
    934
    Joined:
    Jan 21, 2013
    We are YEARS away from Intel having chips that have this flaw eliminated. They will patch the SOFTWARE, but hardware fixes aren't done with a snap of the fingers.
     
    N4CR likes this.
  14. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    If you both read what I wrote, you would see I already acknowledged that. My confusion was clearly his choice of phrasing. He specifically said people would not consider replacing their Intel chip with another that it was a given was fixed...

    As far as years of ignoring logical secure design...this exploit was found recently and it is extremely hard to pull off, plus I don't know of any actual known exploits happening that have cost anyone anything. Meanwhile the very things that were exploited gave a decent performance boost. Sooo...not sure I can agree with that. But having these flaws found now, I would definitely feel better about using an AMD chip over an Intel chip for sure.
     
    jnemesh likes this.
  15. Jim Kim

    Jim Kim 2[H]4U

    Messages:
    2,669
    Joined:
    May 24, 2012
    If Kyle had posted this would it mean he was shilling for Team Green or Team Red. I get so confused.
     
  16. Meeho

    Meeho 2[H]4U

    Messages:
    3,895
    Joined:
    Aug 16, 2010
    They understand reduced performance after patching just fine.
     
  17. bugleyman

    bugleyman [H]ard|Gawd

    Messages:
    1,160
    Joined:
    Oct 27, 2010
    It means that they don't believe themselves infallible.

    Many, many people could stand to learn from their example.
     
  18. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    I would say for those that like to take every little thing and paint broad brushes, the current trend is towards him shilling for Team Red.

    Although I would be more inclined to say there is more good news lately coming out for the Red Team, and the reporting follows the news. Personally I would not be inclined to invest in Intel or buy one of their current chips if I were presently in the market for a new system or upgrade.
     
  19. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    The performance hit was drastically overplayed. The actual percentage of people affected by that was fairly negligible. For the people that were affected, like large database clusters, the performance hit was significant. But both the exploit and the peformance hit for the vast, vast majority of home users is a non-issue. It is more the bad press as a result of it. And if you were going to purchase a chip and between two choices AMD or Intel where top end performance isn't the most crucial, why not choose the one that is more secure?

    The problem Intel has here is that there have been numerous of this extremely rare speculative and side channel attacks being revealed. Even though the vast majority of people won't be affected in the least by them, the bad press creates more paranoia. Even worse is now that AMD is coming out with newer chips that see a great boost in performance and then Intel flops on their demo...well... All those decades of built up market share and confidence start to fall away.
     
    auntjemima likes this.
  20. velusip

    velusip [H]ard|Gawd

    Messages:
    1,360
    Joined:
    Jan 24, 2005
    I certainly hope that everytime AMD claims "innocuous" that they are absolutely sure. Their turnaround time on testing these issues seem awfully fast.
     
  21. pcgeekesq

    pcgeekesq [H]ard|Gawd

    Messages:
    1,269
    Joined:
    Apr 23, 2012
    The day Kyle shills for any of AMD, Intel, NVidia, or any other competitor in the PC HW market will never come.
    Kyle's too [H]ard to shill.
    He's proven it many times over the years.
    And he'll die before he goes soft.
     
  22. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    True, although there was that one time he held an entire event for AMD Eyefinity... :D
     
  23. JosiahBradley

    JosiahBradley [H]ard|Gawd

    Messages:
    1,620
    Joined:
    Mar 19, 2006
    And I sleep better at night knowing our VM cluster is running on Epyc.
     
    Darth Kyrie likes this.
  24. thebufenator

    thebufenator Gawd

    Messages:
    987
    Joined:
    Dec 8, 2004
    Got a little bias going?

    In the thread about the Intel vulnerability you stated:


    o_O
     
    YeuEmMaiMai and Aluminum like this.
  25. M76

    M76 [H]ardness Supreme

    Messages:
    7,474
    Joined:
    Jun 12, 2012
    You obviously don't understand my stance. But you already made up your mind, or better yet you made up my mind.

    Yes I stated I don't care, as in I refuse to install the performance affecting patches (or I'd like to if I could) until it is demonstrated that this is a viable attack vector, that can and will be exploited by the common malware.

    This thread is entirely different, it is corporate bullshit. I have no love for intel, I happen to have an intel cpu now, becuase in 2016 where was AMD? Right, in the gutter. That doesn't mean I'm biased in any direction. I call out bullshit wherever I see it. I have virtually no brand loyalty, and I have a zero tolerance policy for bullshit.
     
  26. Meeho

    Meeho 2[H]4U

    Messages:
    3,895
    Joined:
    Aug 16, 2010
    "We are advising customers running AMD EPYC™processors in their data centers, including in virtualized environments, to not implement Foreshadow-related software mitigations"

    It can't get clearer than this. If they weren't as certain as practically possible that their CPUs aren't affected, they couldn't have afforded to make that sratement.
     
    Aluminum, N4CR and Darth Kyrie like this.
  27. jnemesh

    jnemesh Gawd

    Messages:
    934
    Joined:
    Jan 21, 2013
    It really doesn't matter how difficult it is to pull off...there is no way any large corporation is going to tolerate an unpatched security vulnerability. FULL STOP. They WILL install the patches, they WILL take a hit in performance...and if this keeps up like it has been, they will rethink their decision to stick with Intel long term. Security is a "BIG DEAL" for enterprise applications and server farms! They won't continue to accept continual patches, continual performance hits, and continual worry that the CPUs they are using are insecure BY DESIGN. They will simply move to another provider which ISNT affected.
     
  28. DedEmbryonicCe11

    DedEmbryonicCe11 [H]ard|Gawd

    Messages:
    1,512
    Joined:
    Jun 6, 2006
    Home-user here - I've only noticed sizeable drops in specific benchmarks but I have also noticed small drops in very common applications like 3DMark. I think we all understand this isn't a huge deal outside the business world but if I was hell-bent on beating specific records overclocking this would matter even though it's not "real-world" at all and purely an ego thing. Exactly why you see so many home-users stating that they will never apply the microcode updates because they accept the risk in return for an extra FPS here and there. Were AMD closer in single-threaded performance or tied in clockspeeds at the moment this could be a very big thing when it comes to the gaming/benchmarking crowd. Of course if Intel is still on top people will say "Meh" but future AMD products bring the possibility that the microcode updates are the deciding factor in which chip is faster in the fancy graphs that large numbers of semi-informed people base their purchases on.
     
    NoOther likes this.
  29. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    And yet large corporations are still buying Intel chips. And yes, it does matter how hard the vulnerability is to pull off. And yes corporations do tolerate unpatched security vulnerabilities. It is actually written into Risk Management frameworks...
     
  30. thecold

    thecold Limp Gawd

    Messages:
    170
    Joined:
    Nov 12, 2017
    You mean like when they said they weren't affected by spectre?
     
  31. ChadD

    ChadD I Love TEXAS

    Messages:
    3,099
    Joined:
    Feb 8, 2016
    They said they where not effected by Meltdown... which is true. Not sure I remember them ever saying specter was something they where 100% free off... perhaps I'm wrong though.
     
    N4CR likes this.
  32. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    They initially made the claim and then walked it back later. I also took them to task over their initial claim. I don't think the scenarios are the same here though. Spectre involved 3 variants, only one of which they were partially vulnerable to. As far as I can tell, this particular vulnerability is just one variant. So I don't see an issue with this statement at this time.

    EDIT: Apparently it is two variants? But they call both out specifically.
     
    ChadD likes this.
  33. polonyc2

    polonyc2 [H]ardForum Junkie

    Messages:
    15,164
    Joined:
    Oct 25, 2004
    AMD never lets an opportunity pass to stick it to Intel...
     
    Darth Kyrie likes this.
  34. thebufenator

    thebufenator Gawd

    Messages:
    987
    Joined:
    Dec 8, 2004
    Remember when Wannacry went crazy? Remember how Microsoft had already released a patch more than a month prior?

    Yeah, I don't think you are setting yourself up for success by refusing to patch.
     
  35. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    Just to be clear before some misinformation gets out there, this is nothing like the Wannacry vulnerability. These attacks are incredibly hard to do even when you are an expert and know everything about the system you are trying to do it on and have complete root access...
     
  36. SvenBent

    SvenBent 2[H]4U

    Messages:
    2,221
    Joined:
    Sep 13, 2008
    its a scientific rule that you can't prove a negative.
    So not bullshit. just a more technical correct way than normal ppl would put it.
     
    Darth Kyrie likes this.
  37. M76

    M76 [H]ardness Supreme

    Messages:
    7,474
    Joined:
    Jun 12, 2012
    There is zero similarity between that vulnerability and this one. Speculative execution is as it's name suggest speculative. So the exploit using it is also highly speculative. It is very unlikely an attacker could get to valuable information even when successfully using these. And there is a very good chance AV software could detect the exploits using behaviour analysis and heuristics. Unless the malware / virus disguises itself very well, which means it will be even less effective at phishing valuable data. Everything about these exploits screams to me that they're possibly viable for highly specialized attacks against known targets, but not against random home users who don't run virtual machines on their home cloud service. Because they don't have a home cloud serivce. And once the malware is inside there is no need to rely on speculative execution anyway. And speculative execution won't get the malware trough the threshold it seems to me.
     
  38. thebufenator

    thebufenator Gawd

    Messages:
    987
    Joined:
    Dec 8, 2004
    Did you not see the java based exploits for web browsers? No code required on the target machine, just need to browse to a bad page. Or be redirected unknowningly.
     
    N4CR likes this.
  39. NoOther

    NoOther [H]ardness Supreme

    Messages:
    6,675
    Joined:
    May 14, 2008
    Just to be clear that is not at all what speculative execution means. The vulnerability takes advantage of an Intel process called speculative execution... The vulnerability will always take advantage of speculative execution... The malware is generally code that is executed in Javascript (or another language, but this is how it was presented). If the javascript has root access to the system it will run and take advantage of the chip's vulnerabilities, namely speculative execution.

    These are difficult specifically because they are hard for anti-malware and anti-virus to detect. You can read about it here.
     
  40. _l_

    _l_ I Am A Cock

    Messages:
    1,178
    Joined:
    Nov 27, 2016
    well then, it fits right in with just about everything we see and read and hear online ... with the exception of some of the threads/posts made here at [H] :barefoot:
     
    pcgeekesq likes this.