
New AMD side channel attacks discovered, impacts Zen architecture - alanfranz
https://www.tomshardware.com/uk/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture
======
spectramax
I just wanted to say this about Intel vs AMD. Back when Intel was the
"underdog" it couldn't compete with Athlon/Opeteron CPUs from AMD with its
Pentium IV line, fan boys from both sides continually escalated the armchair
warfare on Slashdot and Anandtech forums when Intel finally came out with the
Conroe architecture that blew the competition away. I've seen this pendulum
swing from one side to the other and back. Putting Intel marketing (awful) and
AMD's marketing (awful again...), and their fan bases (toxic) aside, can we
acknowledge the fact that working on a computer architecture is an
extraordinarily complex task and that requires brilliant people all working
together? I'll defer this fascinating topic, which most software engineers and
tech enthusiasts are completely and utterly unaware of, to this talk by the
legendary chip designer (x86 spec coauthor, A4/A5/Zen/Tesla AI ASIC architect)
- Jim Keller and his interview with Lex Fridman:
[https://www.youtube.com/watch?v=Nb2tebYAaOA](https://www.youtube.com/watch?v=Nb2tebYAaOA)

Designing & manufacturing computer chips is hard af, having worked in
semiconductor manufacturing for over 12 years (primarily on the backend side
of the Fab).

Edit: Redacting some specifics

~~~
Causality1
I think people also need to accept the fact we're never going to engineer a
solution to human stupidity. If our society doesn't raise people to be good
users, no amount of hardening will stop systems from being compromised.

~~~
XMPPwocky
Like what?

I've written in-depth about why "don't click untrusted links" is unhelpful:
see
[https://xmppwocky.net/blog.py?page=22](https://xmppwocky.net/blog.py?page=22)

~~~
Nullabillity
That domain isn't resolving.

~~~
ZiiS
It is also and untusted link, so I feel could only be preaching to the choir.

~~~
Nullabillity
Right. Heh.

------
tuananh
AMD responds here [https://www.amd.com/en/corporate/product-
security](https://www.amd.com/en/corporate/product-security)

> We are aware of a new white paper that claims potential security exploits in
> AMD CPUs, whereby a malicious actor could manipulate a cache-related feature
> to potentially transmit user data in an unintended way. The researchers then
> pair this data path with known and mitigated software or speculative
> execution side channel vulnerabilities. AMD believes these are not new
> speculation-based attacks.

> AMD continues to recommend the following best practices to help mitigate
> against side-channel issues:

> Keeping your operating system up-to-date by operating at the latest version
> revisions of platform software and firmware, which include existing
> mitigations for speculation-based vulnerabilities > Following secure coding
> methodologies Implementing the latest patched versions of critical
> libraries, including those susceptible to side channel attacks Utilizing
> safe computer practices and running antivirus software

~~~
ItsTotallyOn
This is legal/PR mumbo jumbo. Nowhere in that statement does AMD say they have
patched this. instead, the make vague reference to previously-patched
vulnerabilities that are NOT the vuln in question.

Also, they say they 'believe' it isn't new, and that word is used for a reason
- it isn't legally binding. It is a lot different than saying "It isn't new."

Finally, the advice they give is akin to giving general advice for a Ford
vehicle: "Change the oil every 3500 miles."

Generalized statements that mean nothing.

This looks to be an intentionally obfuscated response.

~~~
altfredd
AMD does not "patch" Spectre. Spectre has to be patched by developers, who
execute untrusted code within the trusted address space (e.g. browser and OS
developers). I am taking AMD press release to mean, that this "attack" — note
how researchers consistently use this word instead of "vulnerability" — is
simply proof-of-concept for well known Spectre flaws or possibly even expected
behavior of the CPU cache (in non-SMT case).

Many Spectre-type flaws are essentially about an OS process reading/writing
it's own memory — which it is naturally expected to have access to. Of course,
browser developers weren't prepared for that, but they also were not prepared
for gzip-bombs...

I assume, that mitigations [1] suggested by AMD in 2018 are sufficient to
protect against this (and all other) Spectre flavors on AMD CPUs, in which
case there is really nothing new going on here.

1: [https://developer.amd.com/wp-
content/resources/90343-B_Softw...](https://developer.amd.com/wp-
content/resources/90343-B_SoftwareTechniquesforManagingSpeculation_WP_7-18Update_FNL.pdf)

~~~
fractaled
I'm pretty sure the issue with Spectre/Meltdown is about an OS process reading
_other_ processes' (or kernel) memory. These are fundamentally chip issues,
not developer issues.

See [https://googleprojectzero.blogspot.com/2020/02/escaping-
chro...](https://googleprojectzero.blogspot.com/2020/02/escaping-chrome-
sandbox-with-ridl.html).

~~~
altfredd
No, Spectre is always about reading your own memory. Your link is about
exploiting MDS aka Zombieload — a separate hyper-threading vulnerability,
specific to Intel CPUs.

------
DevKoala
The timing of this vulnerability release is hilarious. AMD had their financial
analyst conference on Thursday afternoon. The stock rallied after market hours
and ended positive on Friday while everything else tanked along with the US
economy. That’s how good of a bet AMD is right now.

These news are Intel sponsored.
[https://twitter.com/HardwareUnboxed/status/12360799707298652...](https://twitter.com/HardwareUnboxed/status/1236079970729865216)

Also the release does not quality as a new vulnerability vector like Spectre,
just a new attack against a previously mitigated vulnerability. It honestly
looks to me like anattempt to stop the AMD momentum.

FD: The fastest processor I own is a 16 core Xeon, and is great. However, I
have invested in AMD stock over the last year. I have a lot of respect for
Intel engineering, but the AMD roadmap just looks stronger between now and
2022.

~~~
GordonS
Someone from the research group says they've been funded by Intel for 2 years,
and have also published papers involving 10 Intel vulnerabilities during that
time.

[https://twitter.com/lavados/status/1236088594584014848?s=19](https://twitter.com/lavados/status/1236088594584014848?s=19)

~~~
DevKoala
Fair enough. The timing is still just perfect.

------
nieve
> The researchers also noted that unlike the Spectre and Meltdown
> vulnerabilities, the Take A Way exploits only leak a "few bits of metadata,"
> as opposed to providing full access to data (example of Meltdown exploit
> here).

Not good and leaked information about the manner in which a process is
accessing memory is probably useful to some attacker out there, but thankfully
it's not even in the same class as the actual memory content disclosure
vulnerabilities..

------
Thorrez
Different thread, about the paper:
[https://news.ycombinator.com/item?id=22514099](https://news.ycombinator.com/item?id=22514099)

------
ibotty
quick link
[https://mlq.me/download/takeaway.pdf](https://mlq.me/download/takeaway.pdf)

------
vbezhenar
It goes as I expected. As AMD gains more popularity and spotlight, more
researchers will probe their chips and more bugs will be uncovered. The only
reason Intel got so many vulnerabilities is their market position.

~~~
willis936
Do you have anything concrete to back up such a soft claim?

------
Google234
It’s interesting that the hundreds of AMD fans that seem to appear and gloat
in every similar Intel thread aren’t present.

~~~
craftinator
Lol, "fans". This is computer architecture design, not the NFL. We judge the
quality of the product, not jump on bandwagons (or we SHOULD). Both Intel and
AMD do amazing, extraordinarily complicated and difficult work, and we all
benefit from it, at the price of making those companies wealthy. I'm very glad
those two companies have different products, different approaches to computer
design. It gives us room to maneuver and compare. For a time, Intel did better
work. Now AMD is pushing the boundaries. Being a fanperson about them is just
ridiculous. They make each other better by having differing approaches. Please
don't encourage bandwagonism, or introduce it as a topic. It makes us all look
just a little bit dumber, and it's an overused rhetorical tactic.

~~~
hunta2097
I think confirmation bias has a lot to do with it. Some people stress that
they have invested in the "right" product.

They need to feel justified in their choice and it drives these crazy
positions on CPU/GPU/Motherboard vendor.

I'm just glad we still have multiple viable vendors to choose from.

~~~
Marsymars
FYI that's choice-supportive bias, not confirmation bias.

------
tylerl
I tried to read this 4 times. I really did.

But I couldn't get past "Take A Way".

Take... A... Way... Take a way. Take exactly one way. A way to take. I have
three ways, you get to take one. Need a way? Take a way! Feel free to take a
way from the way jar. Life finds a way... and then takes it.

~~~
loeg
It's British for takeout, carry-out, or whatever you want to call restaurant
food you pick up yourself.

~~~
GordonS
Not quite - it's "take away", not "take a way" as used in the article.

