[ad_1]
If you're in a panic as to how to disable Intel's Hyper-Threading feature to prevent ZombieLoad, the latest Spectrum-like processor security exploit, then take a deep breath: Intel's official recommendations do not actually recommend that. Bad news? Nothing we tell you will make you feel better.
ZombieLoad is similar to previous "secondary channel" attacks, which cause Intel processors to spit potentially sensitive information that would otherwise be kept confidential by the processor. This feat touches most Intel chips and can be used on Windows, MacOS and Linux, said ZombieLoad researchers. ARM and AMD based processors are not affected.
"While programs normally only see their own data, a malicious program can exploit the filler buffers to get their hands on the secrets currently being handled by other programs running," the researchers said. discoverers of the exploit. "These secrets can be user-level secrets, such as browser history, website content, user keys and passwords, or system-level secrets, such as disk encryption keys. "
ZombieLoad The ZombieLoad logo.
Intel does not disagree with the capabilities of the exploit, but with the magnitude of the risk incurred by ZombieLoad. Intel has also decided to name the Microarchitect Data Data Sampling, or MDS exploit. It's a lot less scary.
"The MDS techniques rely on a sample of data from small structures in the CPU that have been filtered using a locally run speculative run-side channel," the company said. "The practical operation of MDS is a very complex undertaking. MDS does not in itself provide an attacker with a way to choose which data has leaked. "
Intel said that the operating system, firmware, and hardware solutions solve many of the problems.
"Micro-Architectural Data Sampling (MDS) is already being addressed at hardware level in many of our recent 8th and 9th generation Intel Core processors, as well as in the 2nd generation Intel Xeon Scalable processor family," he said. said the company in a statement. "For the other affected products, mitigation is available via microcode updates, associated with corresponding operating system updates and hypervisor software available from Microsoft." aujourd & # 39; hui. We have provided more information on our website and continue to encourage everyone to keep their systems up-to-date, this is one of the best ways to stay protected. "
Gordon Mah UngIntel officials also made an effort to point out that the ZombieLoad research team and other players in the PC industry had implemented fixes prior to the disclosure of the exploit.
"We would like to thank the researchers who have worked with us and our industry partners for their contribution to the coordinated disclosure of these issues."
Disable hyper-threading?
The simplest solution, according to ZombieLoad discoverers, in a document detailing the exploit, is to disable Hyper-Threading Technology on Intel processors:
"While ZombieLoad loses values loaded into logical cores, direct attenuation disables the use of Hyper-Threading. Hyper-threading improves the performance of some workloads by 30-40%. "
But Intel said it was not necessarily the only solution for all PC users. In fact, Intel said it was really up to each customer to decide what to do. If the reliability of the software can not be guaranteed, then yes, you may want to disable Hyper-Threading. If your software comes only from Microsoft Store or your IT department, you are probably ready to leave Hyper-Threading. For all the others, it really depends on your degree of casualness.
"Because these factors vary greatly from one client to the other, Intel does not recommend disabling Intel HT, and it is important to understand that this does not provide protection against MDS by itself," Intel said in a statement.
IntelUntil now, feedback from operating system vendors has split.
Google has released patches for Chrome OS that basically disable Hyper-Threading on the affected Chromebooks. People who want to reactivate it can do it themselves, said Google.
Apple has released updates for MacOS Mojave and said that security-sensitive people can turn off Hyper-Threading if they wish, but that the company does not seem to disable the default feature.
Microsoft announced the introduction of software patches to alleviate the problem, but added that customers should also obtain updated firmware from the manufacturers of their computers.
Some operating system vendors have decided to leave Hyper-Threading or not to end users, the threat of ZombieLoad is obviously not as serious as it seemed Tuesday morning. There are still no known examples of the exploit used in a real attack.
IntelIntel said its tests show little difference in performance compared to software and firmware mitigation patches.
Cutting short to Hyper-Threading or turning it off completely would be a blow to the performance of Intel processors. You would not believe it in the documentation provided by Intel.
The company tested its firmware and software and reported that it had a relatively small impact on performance after it was applied. This is not really surprising. For the most part, the fixes to the original exploits of Specter and Meltdown consisted mainly of a storm in a teapot, except under certain workloads.
Losing hyper-threading would be huge
Where we would like vehemently to disagree with Intel is of the opinion that disable Hyper-Threading is not a big deal. On the same page, Intel shows an unprecedented attitude if HT is disabled.
IntelIntel's tests on desktops and laptops with Hyper-Threading technology turned off provide a fairly optimistic view of performance. We do not agree. Strongly.
Our problem with Intel's insincere demonstration of Hyper-Threading is that it does not use particularly multithreaded workloads. If Intel's tests used Blender or Cinebench tests or other multicore processors, you'd see a nerve with such a huge, immediate performance that you'd start to watch.
To emphasize the value of hyper-threading, the main difference between a $ 500 Core-i9 9900K and a $ 375 Core i7-9700K is hyper-threading. Disabling hyper-threading on an Intel processor is an epic punch for those who need multi-threaded performance.
Do not panic
The only real asset is for those who have the latest and best Intel processors. As stated by the company, many of its recent 8th and 9th generation processors have already implemented hardware fixes. There is therefore no reason to disable Hyper-Threading on a Core i9-9900K. The danger of ZombieLoad apparently only concerns PCs with slightly older processors. Owners of these systems will need to rely on firmware and software updates to mitigate the risks, and that there are no known attacks exploiting the ZombieLoad exploit yet.
[ad_2]
Source link