'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

BeerIsNotGood... said:
Jissis man I know it's problematic :erm:

Im just asking for a known patch/fix that does not come from ms..
Click to expand...

Intel produces CPUs, and there is no patch for hardware. Microsoft produces the operating system, and its impossible to get a patch for Windows that doesn't come from them. There is no 3rd party in between, and no anti-virus or other kind of permanent fix for Meltdown.

IMO the risk is still theoretical, so the usual precautions apply...
 
MidnightWizard said:
Question :
How does the von Neumann machine differ from the Turing Universal machine ?
Click to expand...

Turing machines are theoretical concepts invented to explore the domain of computable problems mathematically and to obtain ways of describing these computations.
The Von-Neumann architecture is an architecture for constructing actual computers (which implement what the Turing machine describes theoretically).
...
Click to expand...
https://stackoverflow.com/questions/2782014/turing-machine-vs-von-neuman-machine
GIYF
 
As I said in the thread much earlier and has been pointed out by at least one developers thoughts (which I've read).

Spectre and Meltdown are simply the straw that broke the camels back. Had it been the first incident, they would likely have patched it as the events before those two and moved on.

Currently many operating system allowed code that requires escalated privileges to be loaded into the memory space of a less privileged process. It prevented execution by hiding that space.

It is security through obscurity, if patched today with a work-around, to make it work, it will simply come back to haunt you tomorrow.

Which is why separating the two spaces was the choice taken with these patches.

Likely branch prediction with privileges checks will be introduced by CPU makers going forward. PCID is already a step in the direction of making the separation of your privileged memory easier to manage.

IMO the way forward is to make the switch cheaper rather than go back to the way things have been up until now.

The OS makers have forced the hand of the CPU makers, they can either conform and improve performance in the new world or lose out on sales.

The biggest buyers of CPUs are: Google, Amazon, Microsoft. They want secure CPUs, thus the market will follow IMO

MidnightWizard said:
Question :
How does the von Neumann machine differ from the Turing Universal machine ?
Click to expand...

I would say the two aren't directly comparable.

Von-Neumann architecture and a Turing machine are not really the same concept.

Turing machines are a way to test if a problem is computable.

Von-Neumann architecture is just a way to implement a general purpose computer.

There are other architectures (far less popular eg. modified Harvard architecture for AVR).

Von-Neumann architecture simply means you store you program code and the memory usable by the program in the same memory space.
Modified Harvard architecture on the other splits the two into two distinct spaces.

The security of a split memory space could theoretically be better. But it hasn't been tested because there aren't any Modified Harvard architecture CPUs on par with x86 or ARM (both Von-Neumann).

But in theory you wouldn't be able to use these sort of attacks where attempts to read memory for data can lead you into program code. But really is isn't quite as simple as that (for reasons to numerous to talk through here IMO)
 
Last edited:
Innovation

Gnome said:
I would say the two aren't directly comparable.

Von-Neumann architecture and a Turing machine are not really the same concept.

Turing machines are a way to test if a problem is computable.

Von-Neumann architecture is just a way to implement a general purpose computer.

There are other architectures (far less popular eg. modified Harvard architecture for AVR).

Von-Neumann architecture simply means you store you program code and the memory usable by the program in the same memory space.
Modified Harvard architecture on the other splits the two into two distinct spaces.

The security of a split memory space could theoretically be better. But it hasn't been tested because there aren't any Modified Harvard architecture CPUs on par with x86 or ARM (both Von-Neumann).

But in theory you wouldn't be able to use these sort of attacks where attempts to read memory for data can lead you into program code. But really is isn't quite as simple as that (for reasons to numerous to talk through here IMO)
Click to expand...
One hopes that this little "meltdown" will encourage the scientists at the big --and -- small chip makers to put on their thinking caps and come up with something really new and revolutionary.
The first step on the way to REAL AI ....
Lets see what 2018 brings
I have sort of a suspicion something already exists -- but -- is buried in a military underground super-computer complex
 
Last edited:
This is now almost like the Stage 3 that Elliot bluffed the red army with in Mr Robot. I will rather hold out before installing the current patches available to see how the tech news companies have rated them.
 
mercurial said:
Intel Hit With Three Class Action Lawsuits Related to Security Vulnerability
Click to expand...

A bit ridiculous IMO, the usual ambulance chasing lawyers! The only viable exploit at this stage is Meltdown, and it is an operating system oversight (relying solely on the CPU to preserve the integrity of kernel memory). Good luck suing M$ft for their buggy OS, and Linux for their free OS!?

CPUs don't come with a warranty specifying their performance, nor guarantee a vaguely implied level of security. This may be an interesting test case, but at present they are not regulated like other consumer products such as motor vehicles, that can actually harm people.
 
Gordon_R said:
A bit ridiculous IMO, the usual ambulance chasing lawyers! The only viable exploit at this stage is Meltdown, and it is an operating system oversight (relying solely on the CPU to preserve the integrity of kernel memory). Good luck suing M$ft for their buggy OS, and Linux for their free OS!?

CPUs don't come with a warranty specifying their performance, nor guarantee a vaguely implied level of security. This may be an interesting test case, but at present they are not regulated like other consumer products such as motor vehicles, that can actually harm people.
Click to expand...

Looks more like a CPU flaw...
Meltdown [27] is a related microarchitectural attack which exploits out-of-order execution in order to leak the target’s physical memory. Meltdown is distinct from Spectre Attacks in two main ways. First, unlike Spectre, Meltdown does not use branch prediction for achieving speculative execution. Instead, it relies on the observation that when an instruction causes a trap, following instructions that were executed out-of-order are aborted.
Second, Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection. Combining these issues, Meltdown accesses kernel memory from user space. This access causes a trap, but before the trap is issued, the code that follows the access leaks the contents of the accessed memory through a cache channel. Unlike Meltdown, the Spectre attack works on non-Intel processors, including AMD and ARM processors.
Furthermore, the KAISER patch [19], which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre
https://spectreattack.com/spectre.pdf
Click to expand...

And the performance part:
https://ark.intel.com/
Yeah, they do.

And in regards to security, here's a page on their site: https://www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html
 
Johnatan56 said:
Looks more like a CPU flaw...

And the performance part:
https://ark.intel.com/
Yeah, they do.

And in regards to security, here's a page on their site: https://www.intel.com/content/www/us/en/data-security/security-overview-general-technology.html
Click to expand...

I don't understand your links to the Intel website. Obviously there is a lot of information, but it is not clear whether this implies a warranty on every detailed specification.

Interpretations of this vulnerability differ, even amongst othewise knowledgeable observers. The Wikipedia entry puts the case in a more step-by-step fashion: https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)

If its solely a CPU problem, why are OS patches being rushed out?

Jokes aside, if something is known for three decades, it becomes a feature not a bug...

BTW, good luck explaining this to a layperson-jury, since most high-profile cases in the US are not decided by judges.

Off topic: In some ways it might be interesting to compare and contrast this with the Takata airbag recall, where a known vulnerability required a Federal regulator to trigger action.
 
Silly question - does this affect consoles in any way? The PS4 has AMD chips IIRC.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X