The other question is… how many other products being created by Intel is this bug present in? Could this issue be present for a year… or two before it is fixed at the hardware level?
At least on the CPU side, I’ve been there too. But imagine someone that just bought something X299…
Well, they patch an issue that does not exist on that platform and then complain about a performance hit … I would not trust those guys.
Some people have mentioned it going all the way back to Pentium III chips
Not that surprising. All of Intel’s architecture since Core trace their roots back to the PIII
Have a look at CVE-2017-5925.
The oldest I know of to be affectef for relatively certain is Westmere.
Which means they knew about their shit show and of course with no competition could ignore it.
To be fair the progression based model Intel have been pioneering does give the buyer a sense of pride and accomplishment.
It lists a few arm chips even.
What is going on…
I don’t know. It’s either very inaccurate or very scary.
https://nvd.nist.gov/vuln/detail/CVE-2017-5925#vulnConfigurationsArea
Current Description
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
States Intel in the description but lists a bunch of other CPU’s of which all are affected in varying degrees.
Just a reminder of something completely unrelated…
Linus has some interesting things to say about GRSecurities
+1000000000
That’s not highly suspicious at all.
Smart guys, know what they are talking about, but they want to make money on corporate fear/support., which is not terrible imho.
Not a problem with making money on fear. Smart people should be able to approach things with a level head.
What are the chances we see Intel open up some code in the near future???
slim to none.
Fuckwit made me snicker when I read it Not my 8350 I had plans
Seems Just like what happened with the Equifax ordeal. Didn’t their CEO’s dump stock a few days before the breaches ?