[HN Gopher] Intel Finds Bug in AMD's Spectre Mitigation - AMD Is...
___________________________________________________________________
Intel Finds Bug in AMD's Spectre Mitigation - AMD Issues Fix
Author : News-Dog
Score : 103 points
Date : 2022-03-12 13:49 UTC (9 hours ago)
(HTM) web link (www.tomshardware.com)
(TXT) w3m dump (www.tomshardware.com)
| nyanpasu64 wrote:
| The page now [EDIT: as of writing] points to a 404, and has been
| excluded from the Wayback Machine. However, it's still in Google
| Cache, which I've saved to
| https://web.archive.org/web/20220312144415/https://webcache.....
| The article might've been retracted for a reason though, IDK.
| News-Dog wrote:
| OP: I've deleted my browser-cache and checked at UTC 15:00
| 2022-03-12 ;
|
| <https://www.tomshardware.com/news/intel-amd-
| spectre-v2-vulne...>
|
| Opens fine for me here?
| mynameismon wrote:
| same here, loading fine on fresh load (opened it on my mobile
| earlier)
| nyanpasu64 wrote:
| It seems back up?
| tus666 wrote:
| Aww.
| jagger27 wrote:
| This kind of thing shows that Intel gives its STORM security team
| a lot of autonomy. The optics of this couldn't be better,
| honestly.
| phendrenad2 wrote:
| If they found a problem and didn't report it, and someone
| leaked that fact to the press, that would be some very bad
| optics indeed, autonomy or no.
| edlebert wrote:
| Ironic.
| flatiron wrote:
| In the article they explain it. People nudged intel to mitigate
| spectre like AMD. They looked into how they did it to learn
| more and found some flaws and responsibly disclosed them.
| bhawks wrote:
| So I've been hobbling my CPUs performance for the past 4 years
| with a mitigation that doesn't actually mitigate.
|
| Must be a day ending in y.
| _0ffh wrote:
| Oh, but it _does_ mitigate - just turns out it don 't mitigate
| _enough_.
| bhawks wrote:
| s/reservation/mitigation/ https://youtu.be/A-brgkkjnHc
|
| Jokes aside - I understand the difficulty to adequately
| defend against meltdown/spectre. When the exploits were
| released I was running a service which definitely needed
| protection from this type of attack. Ironically we had just
| finished a set of optimizations that would have reduced our
| cpu costs quite nicely, the mitigations ate all those wins
| and more.
|
| I guess I'm still bitter - I no longer own that system but it
| really frustrated me to hear that it apparently was still
| vulnerable to spectre style attacks.
| blibble wrote:
| I turned them all off on all my production servers
|
| they don't run arbitrary untrusted code and send a LOT of
| packets, those mitigations really hurt
| staticassertion wrote:
| I think that's the smart thing to do. Default to safe, let
| people evaluate their threat model and disable as needed.
|
| I'm curious, what options did you disable?
| secondcoming wrote:
| Add 'mitigations=off' to the kernel command line (assuming
| you're using linux)
|
| We did it for most of our GCP images
| landemva wrote:
| That works on bare metal you control. If you rent something
| with VM / hypervisor the mitigations are important to protect
| from other VMs on the machine.
| waych wrote:
| Mitigation between VMs is only effective when done from the
| hypervisor. Mitigations within a VM can only counter intra
| VM data leaks.
| TillE wrote:
| Right, I'm not sure Spectre is worth worrying about outside
| of big multi-user systems, or a web browser executing
| Javascript. Otherwise if you're executing untrusted code,
| you're in big trouble regardless.
___________________________________________________________________
(page generated 2022-03-12 23:01 UTC)