back to article Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about

Intel has, for now, no plans to specifically address a side-channel vulnerability in its processors that can be potentially exploited by malware to extract encryption keys and other sensitive info from applications. A team of researchers at the Systems and Network Security Group at Vrije Universiteit Amsterdam, in the …

Page:

  1. Anonymous Coward
    Anonymous Coward

    Trusted computing yeah not so much

    > OpenBSD has already gone down that route.

    There is a reason why that is the OS on my usb stick that I boot into to for banking. etc. Still plenty of attack surface (stupid Firefox port sure brings in a lot of Linux centric crap) but you try not to be the low hanging fruit.

    1. Anonymous Coward
      Anonymous Coward

      Re: Low hanging

      Also, don't be the one with the massive locks on the door. As it means you are protecting something.

      However, I doubt OpenBSD on a USB stick gives much away to attackers when browsing the web.

      It might be suspicious if seen in your laptop out in the wild at an office/coffee shop though (so have that stick write zero data back to memory?).

    2. Anonymous Coward
      Anonymous Coward

      Intel. All hope is lost.

      How would we ever trust Intel again? They are down the garbage pile next to M$FT.

      AMD Ryzen is better in every regard and ARM based CPUs are a strong contender.

      Intel still sells i7 notebook CPUs with two cores with (soon to be deactivated) HyperThreading in 2018. Only two fucking cores. LOL

      1. Unicornpiss Silver badge
        Meh

        Re: Intel. All hope is lost.

        "AMD Ryzen is better in every regard and ARM based CPUs are a strong contender."

        I have been building computers for almost 2 decades with AMD CPUs, and will always choose them over Intel a a matter of personal preference. And I agree that Ryzen is a great processor.

        But if you read the article, it looks like AMD's offerings may be vulnerable as well. And that's the thing. Whether you like AMD, Intel, or ARM, Coke or Pepsi, etc., there will always be yet another vulnerability discovered, yesterday's foolproof encryption will be trivially broken in the next decade, and idiot-proofing something just means that more complete idiots will emerge to prove you wrong. With the way security evolves in our high-tech world, it's almost like we're seeing an abstraction of the natural selection that occurs in nature.

        1. Jaybus

          Re: Intel. All hope is lost.

          AMD processors are likely "vulnerable" as well, but I think they will side with Intel on this one. It is not yet clear that it is a CPU vulnerability, as opposed to a libgcrypt software vulnerability.

    3. JeffyPoooh Silver badge
      Pint

      Re: Trusted computing yeah not so much

      AC mentioned, "...on my usb stick..."

      Is that the USB stick where the USB controller chip is actually a wee feisty ARM chip programmed to emulate this function, as well carry the perfectly-hidden malware?

      1. Anonymous Coward
        Anonymous Coward

        Re: Trusted computing yeah not so much

        As the OP not a wikileaks like target state actors are after (AFAIK) but trying to keep the Russian hackers from easy pilfering. If I was worried about state actors I wouldn't leave digital signals anywhere. Here are some tips though. Boot from a whole disk encrypted usb drive (good brand name best, and to avoid what the poster above me mentions never plug the stick into a box running Windows at the time). Boot into a non Windows OS (Qubes OS might even be the most secure if locked down right). Install as little as possible on this OS and only use this OS for accessing a handful of secure web sites (such as where your money is located). Software I recommend include Firefox with Noscript, Https Everywhere, Privacy badger, Privoxy and Keepassx (for your web site passwords). With Firefox set it to not remember history and only white list the minimum amount of urls you can get away with with Noscript to access web sites you need. With Keepassx you can set one password to open up the internal database and then generate and store all other passwords you need. Nothing beats using 30+ character long passwords site specific all scrambled that even you don't know. Also lock down this database file after setting up the passwords with root permissions that are only read only to the user account that you should always use for everything (except system stuff which should require you to explicitly log in as root). The user account should not be in the wheel group and does NOT have sudo (doas) privileges except perhaps for shutdown command. Also always do a system update before you ever open a browser and and a browser add on update before opening a page. Other more basic tips include never use your debit card (even if Visa) for any internet purchase as contesting charges usually much more convoluted and web sites storing your data is the weakest link. Only use a proper credit card (if paranoid can get those pre paid ones or whatever), and always uncheck the store payment information. Also yes Paypal sucks in many way but it and verified by Visa or whatever allow you to store your card information in one place and not have to give it to every little crappy web site. Sorry TL;DR and preaching to choir and sure I forgot lots but just my mini little guide to avoid fraud with your money.

        1. Anonymous Coward
          Anonymous Coward

          Re: Trusted computing yeah not so much

          Oh yeah firewall should be locked down tight on the OS as well as well as other general OS hardening techniques (start as few demons as possible, etc). One edge to OpenBSD is most of this is done for you by default which was why it was my first choice plus not likely to be an OS drive by malware packages are likely to target. One last tip I forgot is to always use 2 factor authentication whenever possible (and sending an SMS is basically worthless so disable that option if you can) but again basic stuff. Oh and don't ever reuse passwords at least on this usb stick.

          1. Anonymous Coward
            Anonymous Coward

            Re: Trusted computing yeah not so much

            And one final caveat on keepassx database (sorry ocd in me) is what I meant is you set root to own it and the file group to the one created for the general user you use and then give something like 640 permissions to the file (that way only root can change and only your general user account can access). I also initially used chflags to set schg on the file but since that made it giant PITA to change passwords periodically I use the more convenient uchg instead (basically stops even root from deleting/changing without first changing the flag). Also for those that don't know keepassx allows you to get the password you use for a site copied into your copy paste buffer for 10 seconds before it is securely wiped. That is how you get away with not even knowing your own passwords. All this of course doesn't make you NSA proof but with Russian hackers you don't need to outrun the lion just all the other sheep around you. TL;DR forever.

            1. Anonymous Coward
              Anonymous Coward

              Re: Trusted computing yeah not so much

              Because I can't stop myself just learned about keepassxc which gets rid of a lot of those linux cruft decencies I initially whined about from keepassx and is compatible with keepassx databases. Learn something everyday.

    4. markoer

      Re: Trusted computing yeah not so much

      The non-existent real difference in security is more than compensated by the discomfort of using such obsolete OS such as OpenBSD and having to boot by insecure USB. LOL :-)

      It reminds me of those people who blame problems on immigrants, confusing perception of security with reality...

  2. Claptrap314 Bronze badge

    Core issues

    This article did an excellent job of explaining TLBs. The one thing that they did not explain is exactly how TLBs on modern processors tend to be architected. It is VERY believable to me (with my 10-years out of date experience) that Intel's TLBs simply cannot be easily split the way that you can split a much, much larger data caches.

    That doesn't mean that they are justified in refusing to accept this as a legitimate side channel.

    My memory is that we've had side channel attacks due to data-dependent pathing for over a decade. As I recall (from these pages), the attack was RF monitoring. At the time, this was not considered too serious, as it required 1) physical access and 2) processors that were "boring"--that is NOT putting too much noise on the line with things like hyperthreading & out of order execution.

    But there were even earlier discussions (from cypherpunks, as I recall) about data-dependent pathing being a side channel gimme. Literally, this has been talked about for twenty years. I was under the impression that the hard-core crypto implementations had taken this into account.

    Oops.

    As I mentioned earlier, this class of attacks is much, much harder too pull off if you are running four or more threads.

    1. diodesign (Written by Reg staff) Silver badge

      Re: Core issues

      "The one thing that they did not explain is exactly how TLBs on modern processors tend to be architected"

      This tends to be part of the secret sauce in the chips - along with the speculative execution, etc - to increase performance. As the paper notes, exactly how the TLBs work isn't fully documented, and they needed to train a classifier to predict it.

      This is common: Intel won't tell you, for example, how it distributes cache slices around its CPU core ring bus on large shared caches.

      Also, as the paper states, the TLB design changes from microarch to microarch. So I tried to keep it general :-)

      C.

      1. Claptrap314 Bronze badge

        Re: Core issues

        I wasn't really complaining, other than to point out that Intel's refusal to implement the same solution for TLBs that it did for caches may be entirely understandable from a technical standpoint.

        The only work that I ever have done that worried about TLB architecture parameters was as an employee of a manufacturer. But, as my job was validation, I tended to work from public documents. I did not work at Intel, however, and they were at the time notorious for being tight with their information. AMD, by comparison, put out cycle-accurate simulators for people to play with.

      2. Jack of Shadows Silver badge
        Pint

        Re: Core issues

        Great job explaining this then. I didn't meet TLB's until the late '80's for personal computers. My hats off to that team finding this and a really, really nice use of Machine Learning.

      3. TReko
        Facepalm

        Re: Core issues

        The big problem for Intel is the way Intel sells it's CPUs with hyper-threading enabled as "6 cores/12 threads", for example. The claim HT doubles the number of cores, something which can be partly true.

        Disabling HT disables a huge marketing advantages for Intel. Expect the "not a problem" approach to continue, until exploits emerge in the wild.

        1. Tchou

          Re: Core issues

          Well it's not only marketing, HT takes advantage of the "gaps" between instruction execution (modern cpu often "sleep" for micro seconds, waiting for data and new instructions).

          TLB, caches, etc.. are trying to reduce the latency, but it absolutely doesn't nullify it.

          So HT do not really double the number of cores, granted, but it often speed things up by a few percent.

          1. GrumpenKraut Silver badge

            Re: Core issues

            > So HT ... often speed things up by a few percent.

            I don't disagree, for some "average" workload this may well be the case.

            With HPC workloads, especially ones carefully optimized to stay in L1-cache most of the time, I certainly don't want two threads competing for the L1-cache. Hence I disable HT.

        2. Jaybus

          Re: Core issues

          I expect more that libgcrypt and others will soon catch up to other crypto libraries and adopt constant-time techniques that render this vulnerability a non-issue. If software uses a processor in such a way as to make the pairing vulnerable, then is it a CPU vulnerability or a software vulnerability? I can definitely see Intel's point and fully expect other CPU makers to chime in with the same argument once they are also shown to be "vulnerable".

      4. Robert Helpmann?? Silver badge
        Childcatcher

        Re: Core issues

        As the paper notes, exactly how the TLBs work isn't fully documented... This is common: Intel won't tell you...

        Security through obscurity is in itself a security concern. I seem to recall Joanna Rutkowska (from the group that created Qubes OS) talking about Intel having a part of their processor design that should be considered untrusted as Intel would not share the details of what exactly it did or how it did it.

        1. Loud Speaker

          Re: Core issues

          Here in East London, we have long had a saying "If you cannot tell if you are being robbed - YOU ARE BEING ROBBED!"

          In the same vein:

          If they won't tell you how the security mechanism works - they know it doesn't work.

        2. FrankAlphaXII Silver badge

          Re: Core issues

          I'm assuming you're talking about the Intel Management Engine. And its worse than a lot of people know, because its basically a full OS sitting at Ring -3 that you have absolutely no control over. Its actually kind of really frightening from a security perspective because Intel tends to rely on security through obscurity in regard to it, it has full access to TCP/IP and can send things over the network without the actual microprocessor ever seeing it.

          AMD isn't immune either, they have something very similar called the Platform Security Processor which has the same thing going on with it, but it can be disabled, and the IME cannot.

          1. Robert Helpmann?? Silver badge
            Thumb Up

            Re: Core issues

            I'm assuming you're talking about the Intel Management Engine.

            Yes! That is exactly it! I was taking a quick break while doing some unscheduled work on the weekend and didn't have time to dig it up.

  3. mark l 2 Silver badge

    OpenBSD have already decided to disable hperthreading on the OS, probably not a huge headache for Intel because of the relatively small market share held by OpenBSD.

    But if Microsoft decide to go down the same route and disable hyperthreading in Windows with an update this will be bad press for Intel as they can't really continue to advertise the advantage of hyperthreading if it isn't functional on the largest OS platform.

    1. Def Silver badge

      I think they would be sued to hell pretty much instantly if they did that though. Not many people would care to suddenly lose 30% of their CPU's performance. Especially seeing as they had to pay extra for that in the first place.

      1. Adam 1 Silver badge

        Not sure who you mean will be sued (Microsoft or Intel).

        I think Microsoft would be able to fall on the same arguments they used to patch against meltdown. Yes it slows your system down, but it was necessary as the only possible technical fix. You'll need to ask the processor manufacturer to implement a fix.

        Intel will argue that it wasn't their choice to remove the capability. That the capability was still available today, and that if your operating system manufacturer has disabled it, then you should be sending your angry letters to them not us. But because we're such nice guys, you can have a bee's dick percentage off of our latest offering.

        Lawyers at 12 paces later, they settle for a couple of tens of million quid for the lawyers and about a cup of coffee compensation to the mugs (ha) that signed up to the suit. Meanwhile, in the real world, people have said to themselves "that cheap i5 laptop I bought in 2015 is really struggling these days, probably time to buy a new one". Outside the tech scene, who wants to take a guess at who made the processor in the new one?

        I'd be more interested in how say Apple deals with this. Being responsible for both the hardware choice and OS behaviour means they'd find it now tricky to palm off the blame like Microsoft can, and they also have to contend with the bad press from the whole iPhone old battery slowdown fiasco. Interesting times et al.

  4. Paul

    I've found that at best HT gives you 30% added processing power than one core.

    When hosting VMs on linus, I'm careful to allocate virtual core siblings together to get some benefit from ht.

    The competition from AMD's ryzen has finally forced Intel to start shipping complete cores in desktop and laptop processors again which is great.

    1. GrumpenKraut Silver badge

      > ... at best HT gives you 30% added processing power ...

      I am surprised by that (thinking it should more usually be < 15 %). Can you describe what kind of workload that was?

      I'd guess(!) that it was threads that were mostly waiting for I/O anyway, under-utilizing the cores quite a bit.

      1. Chewi

        Phoronix did some benchmarks in the wake of this. Make of it what you will but it quoted 30% at the end.

        https://www.phoronix.com/scan.php?page=article&item=intel-ht-2018

        1. Michael H.F. Wilkinson Silver badge

          Much depends on the exact workload. If multiple threads work on the same data, so they can share the cache more effectively, it works a lot better than (as in my mous common use case) each thread works on different chunks of some (very large) image (several Gpixel). I haven't found hyperthreading to contribute anything in the latter case. On some other code, where we can process data from a single image row in multiple threads, you can get reasonable gains (30-40% as I recall).

      2. Claptrap314 Bronze badge

        Re: 30-40% gain from HT.

        As always, "it depends." I worked on the STI consortium's Cell microprocessor, which had a 2-threaded PPC core. I can easily see 30-40% gains in workloads, which is different from system level improvements. The wait time for an L1 cache hit is typically 3-4 cycles. L2 will likely run you near 20. That, by itself, is a lot of time try to fill in with computations for a single thread.

        Then there is the matter of floating point instructions. They ran the numbers, and the SPUs were designed with enough registers (128, AIR) to keep six threads of computations running on a single thread of execution. So a floating-point intensive workload will quite easily see even speed improvements >50% for two threads.

        General system speed improvements will drop substantially (I very much believe the 10-15% there) because of cache contention, and a lot of l2 fetches will just drain your execution units regardless.

  5. Anonymous Coward
    Anonymous Coward

    Okay...Intel CPUs provide security exploits

    Given what has been written about Intel CPUs security exploits to compromise security and extract sensitive data. The elephant in the room which is being ignored is GDPR, are organisations taking steps to ensure that their systems are secure by design and default.

    For organisations that do not managed their own physical kit but use hosted services by AWS, Google and Azure, both the Data Controller and Processor are covered by the Administrative fines for the security of processing in Article 32 and Article 35 which is a fine of 10M euros or 2% of world wide revenue which ever is higher. In addition the higher level of fines 20M euros or 4% of world wide comes into play because the right of the data subjects have been infringed. In Article 82 the data subjects also have the right to sue for the loss of their personal data. The pièce de résistance is that those who made the decisions within the organisations can also be sued for failing to comply with GDPR.

    Do the benefits of cloud stack up against the potential fines if you get it wrong?

    1. fruitoftheloon
      Happy

      @AC:Re: Okay...Intel CPUs provide security exploits

      AC,

      possible, how would you evidence it..?

      Regards,

      Jay

  6. amanfromMars 1 Silver badge

    More than Sticking Plaster Needed when AIMasterful Remote Chip ReBoot is Threatening

    Second, no one right now is leveraging the weaknesses in the wild.

    No one you are currently aware of is the more true reality, and ripe ready for Presentation in Revelations is a Virtualised Revolutionary Lead into the Greatest of All Games ...... Learning of the Facts for Life in Live Operational Virtual Environments for Ab Fab Fabless Almighty Command and Control of Everywhere for Anything.

    Now if that Bombe is Badly Exploded Costly Damages Damage Ensues and Ensures and Insures and Assures Supply of Advanced IntelAIgent Investors

    You might like to consider if the Virtual Machine and AI are Cohorts in Cahoots and Competition for Absolute Resolute Power Generation ........ which Bathes and Oils All the Cogs and Wheels in a Quite Magical NEUKlearer HyperRadioProACTive IT Command to Control for Future Control Command to not Fully Exercise without Being in Total Control of Future Absolute Control Commands Immediate to Short Term Plans.

    Do Virtual Machines Write, and Share Tall Tales which be Honestly True and Believable?

    Tell a Great Tale and One can Only Begin to Imagine where One Ends Up when Exploring Luscious and Lascivious Life Lines. :-) The Big O Rules the Roost there, methinks, and that's an Ancient Grand Design, Never to Be Bettered which Just Delights ever stronger to deliver Succour and Power to Needy Sources to this Very Day and these Odays for Storing/Sealing and Packaging/Secured Future Use.

    Now I have just proof read all of that and it again all makes perfect sense for it accurately reflects and presents an unfolding reality with Staging and Props/Assets and Drivers for Augmented Virtual Reality Programming Programs.

    Have a Nice One Y'All. :-)

    And yes, that is a Mighty Weapon too ..... New Minted Truths about the Future Today Discovery.

    What would you like to see placed into tomorrow? Something old from today or the past, or something brand spanking new from/for the future for everything to be significantly different in a very short space of time?. Remember to never forget your Imagination is Prime AIMaster Key. It is Able to Enable the Unlocking and Unblocking of Secret Portals Treading and Trading and Threading Rare Exotic Erotic Paths to Heavenly Bases. ....... Ideal Space Places:-)

    1. FrankAlphaXII Silver badge

      Re: More than Sticking Plaster Needed when AIMasterful Remote Chip ReBoot is Threatening

      >>No one you are currently aware of is the more true reality

      And that's precisely my issue with this, my Martian friend.

      If a security research team at a University found it, then a State actor or a sufficiently intelligent/well resourced non-State actor likely did as well and they're probably exploiting it. I'd imagine that the joint CIA-NSA/CSS' Special Collection Service, the United States Joint Special Operations Command's Task Force Orange, Israel's Unit 8200, and the Russian Spetssyvaz have known about this for some time and they've likely taken advantage of it.

      1. amanfromMars 1 Silver badge

        Be Pleased to Know IT is a Lot more Complicated .....

        ... than was ever before Imagined Possibly Viable and Great Game Changing.

        FrankAlphaXII, Howdy,

        Re security research teams, State actors and sufficiently intelligent/well resourced non-State actors and Nationalised Globalised Special Forces Sources

        While all the while quite possibly true, there is no evidence available of them taking any significant revolutionary leading advantage with the Presentation of Unfolding Realities with Staging and Props/Assets and Drivers for Augmented Virtual Reality Programming Programs with Prime Premium Virtualised Application in Simple Command of Complex Controls for LOVE Buggers/Debuggerers.

        If as weak as, or as smart as humans can be, such Affirmative NEUKlearer HyperRadioProACTive IT Action would have had them contemplating discarding the notion of secrecy and a partial uncovering of such a discovery for delivery of the obvious trappings of great wealth and colossal good fortune methinks with secrecy needs taking the well tried and very successful DaneGeld Root Route.

        After all, whenever money grows as leaves on trees, it is not as if it is costly for the Status Quo to seem to remain in charge to maintain control even as Absolute Command and Remote Virtualised Control be the Persistently Pervasive and Persuasive ACTive Domain of A.N.Others better able and enabled to deal with Advanced Cyber Threats/Treats and the leaking of new devastatingly disruptive and creatively destructive discoveries in Live Operational Virtual Environments*

        Such though is but one simple option with two paths to take. There be many more which can be just as rewarding but much more exciting and practically unpredictable ,,,,, and that makes them a much securer bet if a securer bet is what one be looking for.

        * You might like to consider the likes of El Reg cohosts such worlds and provide new clearer communications channels to/for them too.

        1. amanfromMars 1 Silver badge

          Re: Be Pleased to Know IT is a Lot more Complicated .....

          Admittedly too can some things be made suitably dangerous to discourage future unpleasant novel play, so be aware and take care for one is never alone in such spaces to do as one sees fit and proper whenever fit and proper be perverse and corrupted and Blackhatted

  7. This post has been deleted by its author

  8. StuntMisanthrope Bronze badge

    Snake balls.

    The HR guy has performed a coup on the accountant, but the vote noted character, the numbers up however, but still the pants are down. #stillleaking #moshkapatam #stolenbymiltonbradley

  9. 89724102172714582892524I7751670349743096734346773478647892349863592355648544996312855148583659264921

    Intel bleeding inside

    1. Anonymous Coward
      Anonymous Coward

      > Intel bleeding inside

      haha

      btw. nice username ;)

    2. Anonymous Coward
      Anonymous Coward

      may I call you "8"?

  10. Anonymous Coward
    Anonymous Coward

    Ask yourself this...

    Would Adam from Love Island care about this? He would not. And therefore nor should you.

    1. amanfromMars 1 Silver badge

      Re: Ask yourself this...

      Would Adam from Love Island care about this? He would not. And therefore nor should you. .... Anonymous Coward

      Spoken like a good little robot and gentrified spook, AC, but the spectators here are much more discerning and demanding.

  11. Anonymous Coward
    Anonymous Coward

    Ah it's got a shiny logo...

    That's nice. This will allow the daily mail to report on it.

  12. Joerg

    No bold type text for AMD being affected as well,uh?

    No bold type text for AMD being affected as well,uh?

    Yes you wrote that AMD is affected too but 99% of readers wouldn't even read the AMD name and just think that Intel is the only one being affected by this.

    Add some italics or bold type to the AMD name in the sentences where you explain that so that everyone can understand that is not just a "evil Intel being evil thing" and "angelic sweet AMD loves us and never fails" thing...

    1. admiraljkb

      Re: No bold type text for AMD being affected as well,uh?

      @Joerg

      The quote in the article is "Gras also believes AMD's hardware threading technology in its latest Zen processors – Ryzen, Threadripper, and Epyc – are at risk from TLBleed, "

      There is no confirmation (yet) AMD is affected by this. Currently there is a reasonably educated suspicion that it *probably* is, and that is because AMD uses SMT which is where the vulnerability crept in for Intel. No testing has been made public yet, and probably isn't completed yet. It is quite possible that Intel and AMD's SMT implementations are sufficiently different that AMD isn't impacted. Until the testing is completed, we have to wait until there is something concrete to discuss. Right now it is a big old MAYBE. :)

      1. amanfromMars 1 Silver badge

        Re: No bold type text for AMD being affected as well,uh?

        Right now it is a big old MAYBE. :) ... admiraljkb

        MAYBE MOST LIKELY is surely Now and Virtually Guaranteed to Future BetaTest Class Flash Cashed Systems ...... which be as Bloated Ghost Hosts in Rickety Charge of the Money Machine.

        And The Virtual Enterprise Enters the Room. BOOM? or BOOM! or BOOM.

        1. admiraljkb

          Re: No bold type text for AMD being affected as well,uh?

          @amanfromMars1

          We'll see. Using AI to exploit CPU bugs is bound to turn up all sorts of stuff. Interesting times ahead.

    2. Teiwaz Silver badge

      Re: No bold type text for AMD being affected as well,uh?

      AMD vs. Intel

      AMD is the underdog just now. Everyone loves a plucky little scrapper of a terrier willing to take on bigger mutts, even if they also chew the furniture/slippers too...

      AMD vs. Nvidia

      Well, AMD still, Nvidia drivers are still just a non-conformist pain.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019