New Intel CPU vulnerability

joepie91joepie91 OGServices Provider

Time to reset the "It's been __ days since the last Intel CPU vulnerability" counter!

We present CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. We show that despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data.

Moreover, unlike previous MDS issues, we show in our work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available. Finally, we empirically demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves.

Source

Microcode updates are supposedly already available. Best update ASAP, if you're running Intel and haven't yet... you know the drill.

«134

Comments

  • MikeAMikeA Hosting ProviderOG

    sigh..

    Thanked by (1)skorous
  • Meanwhile, @intel, "We are excited to announce that we are now making mediocre gpu."

    I don't think they make CPU anymore.

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • InceptionHostingInceptionHosting Hosting ProviderOG

    @clouvider Ryzen please.

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • MikeAMikeA Hosting ProviderOG

    @AnthonySmith said:
    @clouvider Ryzen please.

    "Ryzen is a desktop processor"

    Thanked by (4)cybertech poisson vyas mfs
  • InceptionHostingInceptionHosting Hosting ProviderOG

    @MikeA said: "Ryzen is a desktop processor"

    That's going to sadly be a stance that looses customers in 2020, really tired of all this crap.

    Thanked by (2)cybertech mfs

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • seriesnseriesn OG
    edited January 2020

    I am just happy to be almost xeon free. At this point, even opetrone feels better.

    Thanked by (1)cybertech
  • MikeAMikeA Hosting ProviderOG

    @seriesn said:
    even opetrone feels better.

    I don't know about that lol... Opterons are something...

  • MikeAMikeA Hosting ProviderOG
    edited January 2020

    @AnthonySmith said:

    @MikeA said: "Ryzen is a desktop processor"

    That's going to sadly be a stance that looses customers in 2020, really tired of all this crap.

    Yes, and I don't say the quotes to be a dick, but there's a fair market for them and it will just grow. It's why I got some of the Ryzen stuff immediately when the ASRR boards were more available (and it's the reason why OVH uses the ASRR boards for their new Ryzen line.) I've never had an issue with it, across any CPU I've ran and any common memory kits (including UDIMM.)

    I really don't want OVH and Hetzner to be the only ones to do it again. I would colo more if I didn't have to deal with shipping.

    Thanked by (2)cybertech vimalware
  • I knew Intel was going rapidly downhill when they decided to come up with Xeon Poo, Silver, Gold, Pee editions.

    Thanked by (2)vpsgeek vimalware

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • FranciscoFrancisco Hosting ProviderOG
    edited January 2020

    @AnthonySmith said:
    @clouvider Ryzen please.

    Got our first test ryzen node up the other day. Runs like a champ.

    I expect to do a full Vegas replacement inside the next 60 days.

    @joepie91 anyone have benchmarks to see the performance loss?

    Francisco

    Thanked by (2)Daniel isunbejo
  • @MikeA said:

    @seriesn said:
    even opetrone feels better.

    I don't know about that lol... Opterons are something...

    ?

  • @MikeA said:

    @AnthonySmith said:
    @clouvider Ryzen please.

    "Ryzen is a desktop processor"

    What about Epyc? Did it go off the ground?

  • Server market takes a long time to penetrate. From what I am hearing, it's slowly getting there due to Intel's inability to compete.

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • ClouviderClouvider Hosting ProviderOG

    @MikeA said:

    @AnthonySmith said:
    @clouvider Ryzen please.

    "Ryzen is a desktop processor"

    @AnthonySmith said:

    @MikeA said: "Ryzen is a desktop processor"

    That's going to sadly be a stance that looses customers in 2020, really tired of all this crap.

    Epyc.

    Thanked by (1)WSS
  • ClouviderClouvider Hosting ProviderOG

    @comi said:

    @MikeA said:

    @AnthonySmith said:
    @clouvider Ryzen please.

    "Ryzen is a desktop processor"

    What about Epyc? Did it go off the ground?

    It’s more expensive.

  • @Clouvider said:

    @comi said:

    @MikeA said:

    @AnthonySmith said:
    @clouvider Ryzen please.

    "Ryzen is a desktop processor"

    What about Epyc? Did it go off the ground?

    It’s more expensive.

    gotta milk that enterprise money

  • InceptionHostingInceptionHosting Hosting ProviderOG

    @Clouvider said: It’s more expensive.

    Ryzen.

    Thanked by (2)cybertech uptime

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • I really fancy trying out an Epyc server but no use for one (currently).

    I've got a Ryzen server but only as it's also got ECC RAM.

  • InceptionHostingInceptionHosting Hosting ProviderOG
    edited January 2020

    Ryzen is simply a better choice and ticks every box in this market segment especially and out performs/delivers over any intel server CPU in the same ballpark, I hate to say it especially as everyone knows how hard I ride the @clouvider train but sadly that train only seems to stop at intel stations now and I may need to consider another route.

    1 intel bug... ok, 2 hmm, 3, are you shitting me, 4,..... FOUR!!! ... oh fuck off intel.

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • @AntGoldFish speaks the truth.

    There is absolutely no reason to use Intel CPU at the moment. Mobile segment is slightly different and I favor Intel mobile over Ryzen mobile but that's a different story.

    P.S. Still replaced my Intel laptops with Ryzen ones.

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • @AnthonySmith said:
    Ryzen is simply a better choice and ticks every box in this market segment especially and out performs/delivers over any intel server CPU in the same ballpark, I hate to say it especially as everyone knows how hard I ride the @clouvider train but sadly that train only seems to stop at intel stations now and I may need to consider another route.

    1 intel bug... ok, 2 hmm, 3, are you shitting me, 4,..... FOUR!!! ... oh fuck off intel.

    Ryzen shows better performance, but AFAIK it is not generally more secure. This particular vulnerability affects Intel specifically, but speculative execution attack vector is present in AMD as well.

    Also, are there platforms with Ryzen and IPMI?

    Thanked by (1)Clouvider
  • ClouviderClouvider Hosting ProviderOG

    It’s simply not possible to deliver what you are looking for at a reasonable price, at scale, in these DCs at these power and space costs with Ryzen. Math doesn’t add up, nor it would if you calculated colo in the same locations. I’ll start with the lack of blade chassis followed by the power consumption, but really there is so much more limitations. Show me a blade chassis with Ryzen and we will happily look into it.

    Epyc is the way to go, wish more people were interested, or that AMD decided to make something between nothing and a very big server CPU, but that’s their choice and that’s why we have ordered another couple hundred of Intel CPUs to beef up the existing locations. Believe me, Il be the first one to jump to AMD after all I’ve been through with Intel as soon an actual alternative becomes available, there is none at the moment.

  • ClouviderClouvider Hosting ProviderOG
    edited January 2020

    @comi said:

    @AnthonySmith said:
    Ryzen is simply a better choice and ticks every box in this market segment especially and out performs/delivers over any intel server CPU in the same ballpark, I hate to say it especially as everyone knows how hard I ride the @clouvider train but sadly that train only seems to stop at intel stations now and I may need to consider another route.

    1 intel bug... ok, 2 hmm, 3, are you shitting me, 4,..... FOUR!!! ... oh fuck off intel.

    Ryzen shows better performance, but AFAIK it is not generally more secure. This particular vulnerability affects Intel specifically, but speculative execution attack vector is present in AMD as well.

    Also, are there platforms with Ryzen and IPMI?

    There are some. Choice is extremely limited though and from those majority are indeed aimed at workstations - not servers, as per their very own marketing.

    Thanked by (1)comi
  • Another day, another Intel CPU hacked. AMD gets more and more premium as days go by.

    The only people who would argue that Intel are the best would be those who recently purchased any quantity of Intel CPUs.

    Thanked by (1)vpsgeek

    Get the best deal on your next VPS or Shared/Reseller hosting from RacknerdTracker.com - The original aff garden.

  • cybertechcybertech OGBenchmark King
    edited January 2020

    Maybe at datacenter level the demand for Ryzen is not that much, so many can only rely on hetzner,rs,OVH etc

    And some enthusiast providers like extravm who own their hardware as well

    Don't know about blade but is that the answer to changing needs?

    I bench YABS 24/7/365 unless it's a leap year.

  • ClouviderClouvider Hosting ProviderOG
    edited January 2020

    @cybertech said:
    Maybe at datacenter level the demand for Ryzen is not that much, so many can only rely on hetzner,rs,OVH etc

    And some enthusiast providers like extravm who own their hardware as well

    Don't know about blade but is that the answer to changing needs?

    What do you want a provider to do when there are simply no suitable platforms, for the very reason that the CPU is not designed for this use case? This is not something that can be reasonably addressed at this level.

    Of course one can provide a custom “server” based on this CPU but it won’t be as functional nor as competitive as Intel platform in the enterprise setting.

    Really, google and have a look what metal is available to buy, you won’t be pleased with the result.

    You’re addressing your frustration with Intel to a completely wrong person.

  • ClouviderClouvider Hosting ProviderOG
    edited January 2020

    @dahartigan said:
    Another day, another Intel CPU hacked. AMD gets more and more premium as days go by.

    The only people who would argue that Intel are the best would be those who recently purchased any quantity of Intel CPUs.

    No one says no, EPYC is the answer, if you need the actual density and have a budget for that.

  • I have Cascade Lake with hyper-threading and virtualization turned off. Do I need to worry?

    Intel is no longer the best. Xeon has only 48x PCI3.
    EPYC has 128x PCI4, although I couldn't find a motherboard with more than four 16x PCI4 slots.

  • Intel still good for single tenant virtualization workloads right or ones with just a couple of trusted tenants?

  • @vimalware said:
    Intel still good for single tenant virtualization workloads right or ones with just a couple of trusted tenants?

    Yes. Not for providing commercial VPS services, or at least I would be concerned as an informed customer on mitigation measures. However, at this point, it might be less troublesome to switch and have peace of mind for a while. There seems to be some poor technical culture on Intel's end that resembles Boeing. Pick one of the few reliable AMD providers @seriesn @Delong @MikeA and move.

    Thanked by (1)Delong

    Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow

Sign In or Register to comment.