Sign in / up

back to article Say hello to Downfall, another data-leaking security hole in several years of Intel chips

Googlers have lately found not one but two more security vulnerabilities in Intel and AMD processors that can be exploited to steal sensitive data from a vulnerable computer's memory. Specifically, there's one flaw in Intel components, and one in AMD. Both can be abused by malware running on a system, or a rogue logged-in user …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. heyrick Silver badge
    Happy

    Phew! That was a close call, but I'm pretty sure my 6502 is not vulnerable.

    20 0 Reply
    1. Jou (Mxyzptlk) Silver badge
      Reply Icon

      Isn't that just a speculation?

      26 0 Reply
  2. saltycupcakes

    Planned Obsolescence

    Part of me wonders if all of these chip vulnerabilities are planned obsolescence to force cloud providers to buy new chips or if its just a happy little accident for Intel/AMD

    8 0 Reply
    1. diodesign (Written by Reg staff) Silver badge
      Reply Icon

      Re: Planned Obsolescence

      I'm sure Intel wasn't complaining too much when the Meltdown-Spectre landed, and various banks and corporations ordered a load of new silicon to replace their insecure chips. Or so I heard.

      C.

      14 0 Reply
    2. John Savard
      Reply Icon

      Re: Planned Obsolescence

      It's definitely just a happy little accident.

      How do I know? These vulnerabilities are the result of a standard technique to improve computer performance that has been around for ages, out-of-order executiion. This was introduced with the IBM System/360 Model 91, which only handled floating-point instructions with OoO. That computer was succeeded with the Model 195, which added cache memory, another very successful performance-increasing innovation from the System/360 Model 85.

      So fast-forward decades later, after Moore's Law finally let that level of complexity be put on a microchip - and out came the Pentium Pro and the Pentium II, which, just like the 360/195, had cache on the chip, and OoO execution for the floating-point section. (And an advanced division algorithm, although not quite as fast as the one the 360/195 used.)

      So they were trying to make the best chip they could, using a proven way to increase performance... but which, sadly, had a weakness that could finally be uncovered in today's more hostile computing environment.

      0 0 Reply
      1. gnasher729 Silver badge
        Reply Icon

        Re: Planned Obsolescence

        The problem is not out of order execution at all. The problem is branch prediction and speculative execution. During speculative execution the old contents of registers that get modified must be stored _and protected against overwriting_ so that speculative execution can be undone. And that’s what both AMD with Zenbleed and now zingelt got wrong.

        1 0 Reply
  3. Anonymous Coward
    Facepalm

    Modern x86 architecture processors

    "They allow an attacker to violate the software-hardware boundary established in modern processors."

    503 Service Unavailable: No server is available to handle this request.

    0 2 Reply
  4. simonb_london

    Downfall

    Affects sound devices and GPUs to overdub German with unrelated English subtitles on any video resembling a WWII bunker.

    6 0 Reply
    1. John Savard
      Reply Icon

      Re: Downfall

      "Everyone with an AMD processor, leave the room."

      4 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Downfall

        "Everyone on a less than 14nm process, leave the room"

        FIFY

        0 2 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like