Intel has already deployed a fix for this in the 13th and 14th gen by permanently damaging the chip and crashing. Checkmate hackers.
Researchers discover new security vulnerability in Intel processors
Submitted 2 months ago by Pro@programming.dev to technology@lemmy.world
Comments
domi@lemmy.secnd.me 2 months ago
kibiz0r@midwest.social 2 months ago
Another day, another speculative execution vulnerability.
boreengreen@lemm.ee 2 months ago
Intel gets punched again.
msage@programming.dev 2 months ago
Who, my good friend, fucking WHO still buys Intel for the servers? It sucks so hard, I don’t get it.
anzo@programming.dev 2 months ago
I bet other vendors implemented similar optimizations and have the same issues. That’s how it’s been in several occasions…
Cocodapuf@lemmy.world 2 months ago
Well personally, I’ve been having a bear of a time trying to get my Ryzen machine to run correctly. I’m starting to think there just aren’t good options
Krudler@lemmy.world 2 months ago
I feel pretty duh here. That’s a great point.
ObviouslyNotBanana@lemmy.world 2 months ago
Finally! I’ve been waiting to expose my processor
naeap@sopuli.xyz 2 months ago
Anyone having a link to a more technical (detailed) description?
This is quite novice orientated and I’d be very interested on how it actually works. Is there anything already disclosed?Cocodapuf@lemmy.world 2 months ago
This sounds just like Spector/heartbleed. Haven’t we learned our lesson with speculative computation? I guess not…
Well you know what they say, if it was a bad idea 10 fucking years ago, then let’s do it again!
jbk@discuss.tchncs.de 2 months ago
i mean just look at the performance hits with speculative execution off
Bogus007@lemm.ee 2 months ago
Intel has not learned, still making money on crap chips.
gedhrel@lemmy.world 2 months ago
With massive OOO pipelines, what’s the alternative?
Blackmist@feddit.uk 2 months ago
Can it be triggered from a browser?
Because if not, it’s another non-issue issue for most people.
I think after the last round of exploits, most of the browser makers made timers deliberately inaccurate enough to prevent it being used.
untakenusername@sh.itjust.works 2 months ago
average Intel moment
pastermil@sh.itjust.works 2 months ago
Thankfully my Thinkpads from the last decade are not affected.
SoftestSapphic@lemmy.world 2 months ago
He look the US is putting hardware level vulnerabilities in our chips just like China does.
We’re growing up so fast :'(
LodeMike@lemmy.today 2 months ago
The so-called BPRC (Branch Predictor Race Conditions) emerge during a brief period of a few nanoseconds when the processor switches between prediction calculations for two users with different permissions, explains Sandro Rüegge, who has been examining the vulnerability in detail over the past few months.
sunnie@slrpnk.net 2 months ago
No catchy name for the vulnerability? It can’t be that bad, then…
rockSlayer@lemmy.blahaj.zone 2 months ago
Let’s call it Son of Spectre
b3an@lemmy.world 2 months ago
Bond, James Bond. Junior.
x4740N@lemm.ee 2 months ago
Wasnt CVE recently shut down, maybe that’s why it has no catchy name
prettybunnys@sh.itjust.works 2 months ago
CVEs follow a naming convention, the exploit name is usually given by the researcher/hacker/whoever finds and documents it