Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • A note about the “new” Spectre NG revelations

    Home Forums AskWoody blog A note about the “new” Spectre NG revelations

    This topic contains 24 replies, has 13 voices, and was last updated by  walker 4 days, 6 hours ago.

    • Author
      Posts
    • #193908 Reply

      woody
      Da Boss

      Several of you have pinged me about the Spectre NG (variously, Specter V4, Spectre V4, Specter-NG, and enough alternatives to make Google search inter
      [See the full post at: A note about the “new” Spectre NG revelations]

      5 users thanked author for this post.
    • #193921 Reply

      anonymous

      Are most people here still holding off on installing any firmware from Intel? Sorry I’ve been out of the loop the past 2 months.

      • #193967 Reply

        jescott418
        AskWoody Lounger

        I upgraded in April after everything got ironed out. One of my older Haswell desktops from HP still waiting on firmware. This latest stuff with firmware just was released in beta from Intel to PC makers. Dell is thinking July or August for many models for firmware for Spectre 4 and that will not be enabled by default just included. Personally I would pass on it in case we have yet another batch of bad firmware. Basically both Microsoft and Google seem to feel the current fixes in the OS and the browser mitigation are enough. The new fix as I call it with firmware is said to slow PC by up to 8% according to Intel tests. As Woody says nothing in the wild that poises a threat to any of these variants so why slow your PC needlessly.

        • This reply was modified 3 weeks, 4 days ago by  jescott418.
        1 user thanked author for this post.
    • #193947 Reply

      anonymous

      The only thing that all the hoopla about Meltdown and the Spectre variants has accomplished is to convince me to defer a new PC purchase until the chip makers get their act together!  I guess I might be waiting for a long time…

      3 users thanked author for this post.
    • #193954 Reply

      anonymous

      I continue to check periodically the MS page for the 5/18 Secur.-only patch KB4103712; that’s the page with the recent new language re MS “…being aware of a problem…re network drivers being uninstalled…we are presently investigating this…blahblahblah…” It’s been TWO WEEKS for who-knows how many million Win 7 x-64 users; and they haven’t patched it yet. OH! BUT WAIT!!! Recently, MS added, at the top of that page, something I don’t recall ever seeing before on this type of “Help” article: A banner shilling…wait for it… A NEW PC WITH WINDOWS 10!!! Click on that banner once, and you’re off in another land. Translation: MS is, first, and foremost, a marketing machine, for just-good-enough software.

      3 users thanked author for this post.
      • #194011 Reply

        OscarCP
        AskWoody Lounger

        In the Master Patch Listed this security only update for Win 7, as well as the one for Win 7 IE 11, are both listed with the same comment, under “Issues being tracked”: “None so far.”

        Maybe someone here could clarify this point?  And thanks in advance to those who do.

         

    • #193961 Reply

      AlexEiffel
      AskWoody MVP

      Not sure about the theory concerning buying new computers. To me, this constant flux of new side-channels vulnerabilities just makes me want to not buy any computer until they have taken a good enough look at all of this new world of possibilities and include the protections in their chip design, which might take a while.

      But then again, maybe the marketing folks know that most people who would be scared might end up buying a newer computer to not suffer as much performance penalties thinking the new computer wouldn’t be affected by similar vulnerabilities.

      For me, it’s why buy a newer chip that might likely end up with new similar vulnerabilities discovered in a few months, instead of waiting for the dust to settle on this one and certainly not reward the companies responsible by buying another chip when it is really not clear that the whole issue has been investigated enough to lower significantly the risk of future similar issues.

      4 users thanked author for this post.
      • #194013 Reply

        OscarCP
        AskWoody Lounger

        And a new computer does not necessarily come with all the new and improved chips installed.

        • This reply was modified 3 weeks, 4 days ago by  OscarCP.
        1 user thanked author for this post.
      • #194051 Reply

        Noel Carboni
        AskWoody MVP

        Seems to me a lot of folks buy into the “Windows 10 is the most secure yet” hype and from there comes the purchase incentive to get a new system with Win 10 on it (and also because the old system sure seems to have gotten slow!)

        The right thing is to be skeptical, and to hold off throwing money. Most folks I imagine will not care to be informed enough to do the right thing.

        -Noel

        6 users thanked author for this post.
    • #193972 Reply

      jescott418
      AskWoody Lounger

      This being a hardware issue, it won’t go away. Every few months we will see more proof of concepts on accessing this flaw and exploit it. Much that has already been done creates a difficult path for any of it to work for a hacker. Its probably why we have seen nothing trying to attack as yet. Plenty of easier targets in software and operating system, why bother with something more difficult? Probably why we have gone so long with this hardware and nobody has exploited it.

      3 users thanked author for this post.
      • #194007 Reply

        OscarCP
        AskWoody Lounger

        Jescott418 wrote: “This being a hardware issue, it won’t go away.

        Precisely, and for this additional good reason:

        There is an undeclared arms race between chip designers trying to redesign and innovate to make their chips more powerful, useful and versatile, and black hats looking for that exploitable new feature they can use for their evil ends.

        A feature that, intended to make things better by their designers, these never imagined it could be also exploited as a vulnerability.

        Unless and until they are designed by an all-knowing, all-nice god (or by self-aware, but benevolent AI), chips, like every other work of mortals, are always going to have weak spots that some people, somewhere, some time, will discover and figure out how to use for their own nefarious ends.

        So, where does this end? When computers, as we know them, are no longer in use. But don’t worry: something else will came along to keep nasty people busy making money and, or making trouble.

         

        2 users thanked author for this post.
    • #194019 Reply

      anonymous

      I have updated all my Windows 7 64 bit machines to April and I am still mainly using my oldest laptop a  C2D  because I prefer the 16 x 10 ratio screen.

      These Spectre threats are more of an issue for servers IMO.

      As for buying new hardware –  There is nothing on the market that interests me now and buying something with Windows 10 installed is an insult.

      Obviously your browser is basically your front door and making sure that is secure should keep you safe.

       

      3 users thanked author for this post.
      • #194054 Reply

        Ascaris
        AskWoody MVP

        As for buying new hardware – There is nothing on the market that interests me now and buying something with Windows 10 installed is an insult.

        That’s one way to look at it, but another’s to see it as a challenge, if you have the time and inclination to make it such.  That’s what it was when I bought the Dell laptop (Braswell, 11 inch TN, 4GB RAM) in December (2017) expressly for the purpose of putting Linux on it, since its non-upgradeable 32GB eMMC storage was too small for Windows (of any currently-supported flavor) anyway.

        I was not certain I could get it to work under Linux, but having had smashing success every time I’ve tried a Linux conversion/addition so far, I was hopeful.  Still, I made sure to buy from a vendor that offers a no restocking fee return policy if I wasn’t happy with it, just in case, but I didn’t need it.

        Mint runs very nicely on the little laptop, and while the thing would have earned my ire had I left Windows 10 on it (leaving it probably unable to update as so many of these “Chromebooks with Windows” are because of insufficient storage space), it has instead has become a beloved and worthy member of my “stable” of computers.

        FWIW, if anyone remembers my comment on the Flickergate thread, that same laptop is now back from Dell after being sent in for a flickering screen issue that looked (on the video I shot with my digital camera) worse than the flicker video Woody linked when describing the Surface Flickergate issues.  That doesn’t mean my flicker was actually worse than in the Surfaces, since it is difficult or impossible to tell how much of the flickering on the video is real and how much is an exaggeration of the issue that’s evident when using a video camera based on frames (as they are) to record an image displayed in frames on the laptop’s screen (as they also are).

        At any rate, the little Dell is back and the issue’s fixed to my satisfaction (in Dell’s words; they sent me an email to contact them if it wasn’t), so there’s a demonstration of how that’s done, Microsoft.  $180 laptop and Dell did better than you did with much more expensive Surfaces!

        A less successful example also involved a Dell, though not by intent.  I mentioned this one in a post called something like “thoughts on modern laptop design” in rants, so I won’t retype the whole thing in an already long post.  The short short version is that Linux went on just fine, and worked perfectly, but as it was a gaming PC, I wanted to keep Windows around just in case there was something I wanted to try that required it.  Windows 10– no.  So I tried 8.1, and while I was able to overcome the hurdles thrown at me by Microsoft and Intel, I couldn’t get the Synaptics/Dell touchpad working flawlessly in Windows 8.1.  The Synaptics drivers simply didn’t work, and I tried several versions.  I would have been stuck using the generic “PS/2 HID-Compatible Mouse” driver, unable to access any of the touchpad’s advanced features.

        It was the last day of the return period, and because of that and some other issues (an overly sharp and painful edge right on the wrist-rest), I took it back.  It’s a shame, as hardware-wise (other than the driver issue, which didn’t exist at all in Linux), it was a heck of a machine.  If I had more time, I may have been able to do more to get the touchpad working properly, but I am not hopeful about that.

        It helps if you enjoy this stuff as I do.  It’s part of my recreational time to try to do things like this.  Necessary, if you’re going to have a Windows 10 free new PC, and fun, though not without its moments of frustration.

        4 users thanked author for this post.
    • #194055 Reply

      Noel Carboni
      AskWoody MVP

      Woody wrote:

      Oh. And it should go without saying that we haven’t yet seen one, single, solitary Meltdown or Spectre exploit in general use.

      Believe it or not this actually works in favor of the hypesters.

      When a real exploit gets out there, it will ultimately be detected. Antivirus / antimalware software will be coded to watch for it. Blacklists will block sites that serve it.

      It will be treated like any other malware.

      There will be nothing magic about it. It will not be somehow more virulent, less detectable, or more persistent – it’ll just be so much more malware. The world has already seen plenty of malware, and there are ways to deal with it.

      The best thing to do is to try not to let fear of the unknown influence decisions – unless the decision is to become more knowledgeable about that unknown.

      I remember growing up in the 1960s… People were worried about nuclear war. As schoolchildren we had drills where we got under tables or desks. Guess what? After all that upset (surprise! youngsters are scared of dying), all that wasted effort (honestly, it made no one any safer), all that shaping of young personalities into more suspicious, bigoted forms… The nuclear war never happened.

      Are we better off for having been scared of the unknown; of things we couldn’t control?

      Perhaps it’s a debate for another day, but I don’t feel my life was enriched by it.

      What I see in all this is no great actual threat, but a very real degradation of computing experiences and productivity.

      And what really scares me is that someone, somewhere in Marketing is no doubt planning more of these shenanigans.

      -Noel

      6 users thanked author for this post.
    • #194157 Reply

      EP
      AskWoody Lounger

      well woody, looks like Microsoft quietly released new revisions of the KB4090007, KB4091663, KB4091664 and KB4091666 updates recently to include new Intel Microcodes for Ivy Bridge and Sandy Bridge series of CPUs, which I was anticipating MS would do to deal with the new Spectre NG flaws.

    • #194267 Reply

      James Bond 007
      AskWoody Lounger

      I have upgraded the BIOS on my two Ryzen systems (Ryzen 5 1600X / Ryzen 5 1500X) with Gigabyte motherboards to recent versions, which supposedly have the Spectre CPU microcodes in place. I upgraded not because of the need to deal with Spectre, but for newer CPU support.

      For my recent Intel systems (X99 / Z270) I have not installed the Spectre BIOS updates yet as I believe there is no need to do so right now, and there are no useful new features in them. In fact Gigabyte, for some reason, still has not released the Spectre BIOS updates for the X99-UD4 revision 1.1, which I have several (Though the corresponding BIOS for the revision 1.0 board has been released. I wonder why that is.).

      Windows 8.1 x64 running on these systems is at April 2018 patch level, while Windows 7 x64 running on them is staying at December 2017 patch level.

      As for the new “Variant 4” Spectre, well, I shall continue to wait and see. I wonder if Gigabyte and other motherboard manufacturers will continue to provide BIOS updates that mitigate these new vulnerabilities?

      Hope for the best. Prepare for the worst.

    • #194330 Reply

      anonymous

      I’m not saying that Microsoft, Intel, AMD, Qualcomm and others had a hand in bringing down the Meltdown/Spectre curtain. I am saying they stand to make a whole lotta money out of it, and added publicity doesn’t hurt one whit.

      Intel, AMD & Qualcomm should be forced to replace the defective hardware with new hardware that doesn’t have these defects at no cost to the consumer (e.g. like a car maker would be forced to do).

      This would guarantee that they don’t make any profit out of this fiasco.

      -lehnerus2000

      1 user thanked author for this post.
      • #194410 Reply

        Cascadian
        AskWoody Lounger

        Intel, AMD & Qualcomm should be forced to replace the defective hardware with new hardware that doesn’t have these defects at no cost to the consumer (e.g. like a car maker would be forced to do).

        This would guarantee that they don’t make any profit out of this fiasco.

        I need to push back on this. Halfway. This is in the realm of applying standards of today retrospective to accepted standards of old.

        Reference a comment from late January. This was in a reply chain, and is not exactly the metaphor you’ve started here.

        Anyone please correct my memory, but these side channel speculative queries are made possible by designs created to increase overall computational speed at a time when hard processor speeds were at a plateau. In danger of falling behind of Moore’s law, engineers created a work around that both marketing and consumers at all price points accepted, supported, and demanded more. When real advances came later, it would be silly to stop using this additional advantage for a superior overall performance rating. To fully put this now malicious genie back in the bottle has a price to be paid in performance.

        But I’m only pushing halfway. Because to market and profit unfairly, by pushing this vulnerability to the fore, is also bad practice. Creating the condition that if you do not address this possible exploit, then you are not performing due diligence in defense of your infrastructure. End consumers are less affected by this, but feel the vulnerability more sharply. The expensive loss would be an entity that holds others data in trust. That covers a very wide range of databases.

        • #194500 Reply

          anonymous

          I acknowledge the points you’ve posted.

          However Intel, AMD & Qualcomm continued to sell these defective products, after they were aware of the issues and AFAIK they are still selling them today.

          Disclaimer: I don’t consider a software patch to be a proper fix for a problem with hardware.

          Contrast this situation to the dodgy airbags issue. To fix the issue, the car makers aren’t allowed to say, “just buy a new car”. They have to replace the airbags, regardless of the age of the vehicle (these dodgy airbags were fitted to millions of vehicles over many years). The fact that software (and apparently CPUs) are not subject to the same rules as real products is why we constantly have to put up with quality and security issues.

          -lehnerus2000

          1 user thanked author for this post.
          • #194582 Reply

            Cascadian
            AskWoody Lounger

            Similarly, I agree with your additional points, especially that a software solution is an incomplete fix to a hardware problem. That is why new workaround exploits beget new patches ad infinitum.

            I think we look at this from different directions, and will not likely come to agreement. I am not trying to convince you. Just attempting to be better understood. You describe this as a safety flaw that is a liability on the manufacturer alone.

            I see this as an outdated performance enhancement that has proven to be unsafe. But it was known, acknowledged, and declared worthwhile at the time. Even when further advances brought performance past the point set by this workaround, consumers at all price points continued to demand more. And so this faulty method became the standard. when time has passed and memories fade does not suddenly create a liability out of a customer requested improvement. The manufacturer fulfilled the requested feature.

            I do not see exploding fuel tanks, unsafe at any speed bumpers, or Takata airbags here. I see pleasant comfortable features like ‘suicide’ doors that allow for a more natural egress from a rear seat, and convertible tops for all the fresh air you could want at low speeds. When these features were declared safety hazards the consumer lived with their purchase decision until they were ready to replace.

            I actually see a long view irony involved in villagers marching with torches and pitchforks against the manufacturers castle, demanding to hobble the high performance features the consumer demanded. I continue to advocate the unpopular view that new chipsets should be produced that admittedly underperform. But if the marketplace is fulfilled with both options, consumer demand can make clear to manufacturers how to proceed. Fast versus safe, options available for all.

            edit to add: Inserting an acknowledgement for those truly practical, practical engineers of applied theory. There is no ‘software’, it is all hardware existing in different charged states. Every change in code is a change in the current state of the hardware configuration at a very minute level.

            • This reply was modified 3 weeks, 1 day ago by  Cascadian. Reason: appended at end
            • #194668 Reply

              anonymous

              I think we look at this from different directions, and will not likely come to agreement. I am not trying to convince you. Just attempting to be better understood. You describe this as a safety flaw that is a liability on the manufacturer alone.

              I see this as an outdated performance enhancement that has proven to be unsafe.

              Thanks for your thoughtful replies.

              I agree that this isn’t a life-and-death safety issue per se. I used the car example as a lot of people would be familiar with Automotive Safety Recalls. Other safety recalls normally don’t receive much publicity (household goods).

              That said, if malicious hackers could corrupt medical equipment, then people could be injured or killed.

              It could also be argued that hackers using innocent people’s PCs for criminal activities could be considered a safety issue (indirectly). For example, using botnets to distribute terrorist materials and/or to facilitate money laundering, etc.

              -lehnerus2000

              1 user thanked author for this post.
    • #194346 Reply

      AlexEiffel
      AskWoody MVP

      Does that make you want to buy a new computer? You think we’re done with that kind of announcement?

      https://threatpost.com/intels-virtual-fences-spectre-fix-wont-protect-against-variant-4/132246/

       

    • #197604 Reply

      Microfix
      AskWoody MVP

      UPDATE: 13th June 2018

      Here’s the Status of Meltdown and Spectre Mitigations in Windows
      by Catalin Cimpanu at BleepingComputer

      Yesterday’s Patch Tuesday release included fixes for the latest Spectre vulnerability, known as Spectre variant 4, or SpectreNG…
      ..Only Windows 10, Windows Server 2016, Windows 7, and Windows Server 2008 R2 have received SpectreNG patches…

      continued reading below:

      https://www.bleepingcomputer.com/news/security/heres-the-status-of-meltdown-and-spectre-mitigations-in-windows/

      What! no patch for W8.1 for SpectreNG!

      | 2x Group A W8.1 | Group A+ Linux Hybrid | Group A W7 | Group W XP Pro |
        No problem can be solved from the same level of consciousness that created IT - AE
      3 users thanked author for this post.
      • #197657 Reply

        walker
        AskWoody Lounger

        @microfix:   This provides a whole lot of information.   Thank you so much for sharing it with us all!    🙂  🙂

    • #197636 Reply

      RetiredGeek
      AskWoody MVP

      Hey Y’all,

      I just did a new check and Dell published a new BIOS update (6/12/18) for my machine as well as MS publishing KB4284819 for the Spectre bug.

      Using this PowerShell code:

      [code]
      #Requires -Modules SpeculationControl, @{ ModuleName=”SpeculationControl”; ModuleVersion=”1.0.8″ }
      # Save the current execution policy so it can be reset

      $SaveExecutionPolicy = Get-ExecutionPolicy
      Set-ExecutionPolicy RemoteSigned -Scope Currentuser
      Import-Module SpeculationControl
      Get-SpeculationControlSettings
      # Reset the execution policy to the original state
      Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser
      [/code]

      I get the following results:  Note: Changed items in bold.

      Before Installing KB4284819

      Speculation control settings for CVE-2017-5754 [rogue data cache load]

      Hardware requires kernel VA shadowing: True
      Windows OS support for kernel VA shadow is present: True
      Windows OS support for kernel VA shadow is enabled: True
      Windows OS support for PCID performance optimization is enabled: True [not required for security]

      Speculation control settings for CVE-2018-3639 [speculative store bypass]

      Windows OS support for speculative store bypass mitigation is present: False

      Suggested actions

      * Install the latest available updates for Windows with support for speculation
      control mitigations.

      BTIHardwarePresent : True
      BTIWindowsSupportPresent : True
      BTIWindowsSupportEnabled : True
      BTIDisabledBySystemPolicy : False
      BTIDisabledByNoHardwareSupport : False
      KVAShadowRequired : True
      KVAShadowWindowsSupportPresent : True
      KVAShadowWindowsSupportEnabled : True
      KVAShadowPcidEnabled : True
      SSBDWindowsSupportPresent : False
      SSBDHardwareVulnerable :
      SSBDHardwarePresent : False
      SSBDWindowsSupportEnabledSystemWide : False

      After Installing KB4284819

      PS> G:\BEKDocs\Scripts\Query-SpeculationControlSettings.ps1
      Speculation control settings for CVE-2017-5715 [branch target injection]
      For more information about the output below, please refer to https://support.microsoft.com/en-in/help/4074629

      Hardware support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is enabled: True

      Speculation control settings for CVE-2017-5754 [rogue data cache load]

      Hardware requires kernel VA shadowing: True
      Windows OS support for kernel VA shadow is present: True
      Windows OS support for kernel VA shadow is enabled: True
      Windows OS support for PCID performance optimization is enabled: True [not required for security]

      Speculation control settings for CVE-2018-3639 [speculative store bypass]

      Hardware is vulnerable to speculative store bypass: True
      Hardware support for speculative store bypass mitigation is present: False

      Windows OS support for speculative store bypass mitigation is present: True
      Windows OS support for speculative store bypass mitigation is enabled system-wide: False

      BTIHardwarePresent : True
      BTIWindowsSupportPresent : True
      BTIWindowsSupportEnabled : True
      BTIDisabledBySystemPolicy : False
      BTIDisabledByNoHardwareSupport : False
      KVAShadowRequired : True
      KVAShadowWindowsSupportPresent : True
      KVAShadowWindowsSupportEnabled : True
      KVAShadowPcidEnabled : True
      SSBDWindowsSupportPresent : True
      SSBDHardwareVulnerable : True
      SSBDHardwarePresent : False
      SSBDWindowsSupportEnabledSystemWide : False

      After Dell BIOS Flash to 1.0.16

      PS> G:\BEKDocs\Scripts\Query-SpeculationControlSettings.ps1
      Speculation control settings for CVE-2017-5715 [branch target injection]
      For more information about the output below, please refer to https://support.mic
      rosoft.com/en-in/help/4074629

      Hardware support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is present: True
      Windows OS support for branch target injection mitigation is enabled: True

      Speculation control settings for CVE-2017-5754 [rogue data cache load]

      Hardware requires kernel VA shadowing: True
      Windows OS support for kernel VA shadow is present: True
      Windows OS support for kernel VA shadow is enabled: True
      Windows OS support for PCID performance optimization is enabled: True [not requi
      red for security]

      Speculation control settings for CVE-2018-3639 [speculative store bypass]

      Hardware is vulnerable to speculative store bypass: True
      Hardware support for speculative store bypass mitigation is present: True
      Windows OS support for speculative store bypass mitigation is present: True
      Windows OS support for speculative store bypass mitigation is enabled system-wide: False

      BTIHardwarePresent : True
      BTIWindowsSupportPresent : True
      BTIWindowsSupportEnabled : True
      BTIDisabledBySystemPolicy : False
      BTIDisabledByNoHardwareSupport : False
      KVAShadowRequired : True
      KVAShadowWindowsSupportPresent : True
      KVAShadowWindowsSupportEnabled : True
      KVAShadowPcidEnabled : True
      SSBDWindowsSupportPresent : True
      SSBDHardwareVulnerable : True
      SSBDHardwarePresent : True
      SSBDWindowsSupportEnabledSystemWide : False

      HTH 😎

      May the Forces of good computing be with you!

      RG

      PowerShell & VBA Rule!
      Computer Specs

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: A note about the “new” Spectre NG revelations

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.