I think it is important to warn people that hasty changes remain risky. Those who worry a lot about security should recall that Puppies on the Raspberry Pi are immune.
Meltdown and Spectre patches stop bricking AMD
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
Meltdown and Spectre patches stop bricking AMD
It appears that Microsoft's debacle with patches for Meltdown and Spectre will no longer brick machines with AMD processors. Meanwhile, more Intel systems have a problem with rebooting. Fixes are scheduled "real soon now".
I think it is important to warn people that hasty changes remain risky. Those who worry a lot about security should recall that Puppies on the Raspberry Pi are immune.
I think it is important to warn people that hasty changes remain risky. Those who worry a lot about security should recall that Puppies on the Raspberry Pi are immune.
Re: Meltdown and Spectre patches stop bricking AMD
Aren't Puppies on old AMD chips immune also? I mean, for example, people who still are running the Athlon/Sempron families from around 2011 and back? None of those families of chips are listed as affected by either Meltdown and/or Spectre 1/2. Thus, are they (when paired with a Pup) not just as "immune" as the Raspberry Pi with a Pup? Or is this a faulty assumption?? Thanks.prehistoric wrote: Those who worry a lot about security should recall that Puppies on the Raspberry Pi are immune.
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
Even old Athlons from some years back had speculative execution, and AMD's own site says they are vulnerable to Spectre variant 2.
Here's what Wikipedia says about Spectre:
Some processors that went in my junk box years ago, when faster replacements using the same socket became available, are known vulnerable. I'm afraid the reason nobody has precisely found the point where this vulnerability entered production machines is simply because nobody has time to consider hacking them, while working desperately to patch vulnerabilities in recent machines.
The difference between Athlons, Durons and Semprons is not as great as you might think. At least some Semprons were simply drop-outs from Athlon production with some cache disabled. In the case of multicore Athlons I have found it possible to enable cores that were not considered functional. A friend has been running 4-cores of a chip sold as 3-core for years now. I got things to work reliably by carefully considering memory timing, carefully adjusting voltages and not attempting to overclock at all. I tested reliability with computations of Pi running to many millions of digits, or even billions, taking many hours. AMD can't afford to tweak and test each chip that way, so they leave considerable margin in their designs.
Are any of you out there still running Durons?
Added: I'm fairly sure that chips capable of running 64-bit x86 code are vulnerable to Spectre. AMD introduced this, and Intel later licensed the design when their approach to 64-bit processing, Itanium, failed in the marketplace.
Here's what Wikipedia says about Spectre:
The problem with this exploit is that it does not depend on the kind of page protection fault seen in Meltdown, only on accessing memory beyond array bounds. (Intel and AMD use very different memory management and protection mechanisms, but array access is almost the same.) Way, way back there was a decision to exempt array access from strict bounds checking to gain speed, with the idea that protection mechanisms would be applied to prevent information from leaking. It is possible that some processors which do fetch the forbidden data are not vulnerable to the side channel attack, or it may be that nobody has figured out how to do this yet.In Spectre[14], the attacker does not rely on such fault mechanisms, and rather targets another user process in a more general way. Spectre relies on branch (mis)prediction to speculatively perform a fetch from an array cell, even though the preceding branch noticed that the fetch would go beyond the end of the array. It starts off by training the branch prediction machinery of the processor to make a faulty prediction, across a process boundary, and then manipulates the target process into executing part of its own code which actually touches the speculative branch. Once again, what it touched is leaked via a cache timing side channel. In this case, the entire address space of the target process can be read even though it is outside of allowed memory limits.
Some processors that went in my junk box years ago, when faster replacements using the same socket became available, are known vulnerable. I'm afraid the reason nobody has precisely found the point where this vulnerability entered production machines is simply because nobody has time to consider hacking them, while working desperately to patch vulnerabilities in recent machines.
The difference between Athlons, Durons and Semprons is not as great as you might think. At least some Semprons were simply drop-outs from Athlon production with some cache disabled. In the case of multicore Athlons I have found it possible to enable cores that were not considered functional. A friend has been running 4-cores of a chip sold as 3-core for years now. I got things to work reliably by carefully considering memory timing, carefully adjusting voltages and not attempting to overclock at all. I tested reliability with computations of Pi running to many millions of digits, or even billions, taking many hours. AMD can't afford to tweak and test each chip that way, so they leave considerable margin in their designs.
Are any of you out there still running Durons?
Added: I'm fairly sure that chips capable of running 64-bit x86 code are vulnerable to Spectre. AMD introduced this, and Intel later licensed the design when their approach to 64-bit processing, Itanium, failed in the marketplace.