Jump to content

Disabling Spectre/Meltdown/Zombieload mitigation's (PLUGIN AVAILABLE)


Recommended Posts

Posted
On 10/9/2019 at 8:33 PM, Squid said:

mitigations=off  Plugin updated a week or so ago to reflect this

Worked great without any need for modifications after the update to 6.8.0 RC1! Thanks Squid for running with this!

  • 3 months later...
Posted (edited)

New Intel vulnerability found dubbed "Cache Out":

https://www.pcworld.com/article/3516302/new-cacheout-attack-targets-intel-processors-with-a-fix-arriving-soon.html

 

Intel Processors affected (Intel CPU Skylake/Cascade Lake onward. Broadwell and earlier are seemingly not affected). AMD seemingly not affected:

https://software.intel.com/security-software-guidance/insights/processors-affected-l1d-eviction-sampling

 

No mitigation created yet, so time will tell how it's addressed.

Edited by cybrnook
  • 1 year later...
Posted (edited)

Installed it and using it. But take care: by using a webbrowser (in a VM too) it's possible to leak senstive data. Javascript attacks do exist. Browsers have their own prevention mechanisms, which might not be enough in every case.

Edited by duketwo
Posted
1 hour ago, duketwo said:

Installed it and using it. But take care: by using a webbrowser (in a VM too) it's possible to leak senstive data. Javascript attacks do exist. Browsers have their own prevention mechanisms, which might not be enough in every case.

 

can you give an example where such VM Browser Leak is / was exploited and what data is being compromised (random temporary host dram bits / cpu cache fragments?) ?

Is that really a serious threat with a modern and updated browser I must worry ?

  • Upvote 1
  • 2 years later...
Posted

Is this still valid given newer kernels and if so (I'd be using it) is it also worth me downgrading my BIOS to match?? I assume cos there is nothing I need in F5 I could safely go to F3 and use this Plugin to restore my performance???

 

F5 6.27 MB Aug 27, 2019 Update CPU Microcode to address a potential security vulnerability in CPUs, see more: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

 

F4 6.27 MB May 22, 2019 Update CPU Microcode to address a potential security vulnerability in CPUs, see more: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

 

F3 6.26 MB Mar 28, 2019 Update iRST to improve Optane compatibility with future 9th Gen CPU   * Please update the lastest iRST driver version

 

 

Posted
21 minutes ago, Mainfrezzer said:

Depends on which vulnerabilities your CPU is affected with. The plugin will tell you that tho. For bios, it depends. If you're affected by specter, 2019 bios will mostly have the fix in it.

 

but isnt the point to NOT have the fix cos each fix cuts performance by a few %%% points??  Or are you telling me that BIOS mitigations DONT cost performance?  If by going back from F5 to F3 (see above) I avoid two BIOS fixes I should (at the cost of security) regain a few %%% performance

Posted (edited)
3 hours ago, methanoid said:

 

but isnt the point to NOT have the fix cos each fix cuts performance by a few %%% points?? 

well, yes. But in case of spectre anything from i would say, mid to late 2018 till now certainly will have the fix so you would need an even older bios. thats what i meant.

Edited by Mainfrezzer
  • Like 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...