I just wanted to say this about Intel vs AMD. Back when Intel was the "underdog" it couldn't compete with Athlon/Opeteron CPUs from AMD with its Pentium IV line, fan boys from both sides continually escalated the armchair warfare on Slashdot and Anandtech forums when Intel finally came out with the Conroe architecture that blew the competition away. I've seen this pendulum swing from one side to the other and back. Putting Intel marketing (awful) and AMD's marketing (awful again...), and their fan bases (toxic) aside, can we acknowledge the fact that working on a computer architecture is an extraordinarily complex task and that requires brilliant people all working together? I'll defer this fascinating topic, which most software engineers and tech enthusiasts are completely and utterly unaware of, to this talk by the legendary chip designer (x86 spec coauthor, A4/A5/Zen/Tesla AI ASIC architect) - Jim Keller and his interview with Lex Fridman: https://www.youtube.com/watch?v=Nb2tebYAaOA
Designing & manufacturing computer chips is hard af, having worked in semiconductor manufacturing for over 12 years (primarily on the backend side of the Fab).
Oh yes, totally. I have complete respect for Intel’s engineers. It’s their business department I’ve long had trouble with, but those engineers do truly astonishing, near zero bug work.
I think the culture is improving despite of cashing it out in the 90's and 2000's during the Ballmer / Jack Welsch era. Semiconductor industry hasn't done a good job of cultivating a good, positive company culture and making it less regimented. We need to make it cool to work in a semiconductor company. I can assure you that there are so many incredible challenges that exist - with good definition/funding to tackle them from materials to marketing (direly needs to revamped). Imagine running a portion of the world's most advanced manufacturing processes. Ultra high volume (thousands of wafer starts per week), mind you.
Wow. Those machines are something else altogether. I watched a chip making clip a while back and I recall that they talked about having to make strange patterns in the stencils (not sure what they’re called) to work around the way the light twists when it actually hits the die. I’ve probably got most of that wrong but is that still a thing with the addition of the water layer?
Yeah, they calculate the transfer function of the pattern and then pattern the mask to achieve the end result printed on the silicon substrate. With EUV lithography, it substantially reduced this pattern complexity.
> We need to make it cool to work in a semiconductor company.
I'm not sure I agree. If by 'cool' you mean along the lines of receiving respect and admiration from others because, while they don't really understand the actual specifics of what you do, they have a general idea and it's celebrated widely, then I don't think we want that happening in semi space.
It looks to me that it's happened already in software development, and I don't think the end result of that is net-positive.
I think that when people are passionate about what they do, and do it because they're passionate about it, the end results tend to be better than if they're doing it because other people will give them recognition.
I'm not saying this is something that happens all the time, and you can argue that I'm being elitest, snobby, or annoyed that the 'cool kids' have come into my playground and are playing with my toys, all of which would be valid positions to take. I do think that with all communities, they're very different when they have smaller appeal to when they have wider appeal.
Niche communities are not without their problems (and the toxicity that can happen in them cannot be understated), but I personally prefer them, and believe the output is generally of a higher quality, than communities with wider appeal.
> We need to make it cool to work in a semiconductor company.
I am not optimistic. "Semiconductor company" ==> high capitalization (expensive processes) ==> fertile ground for lawsuits and attacks.
As long as a slightest mistake has a potential to turn into multi-million-loss lawsuits, it will never be cool. Is it easy to be cool walking a tightrope between two skyscrapers? Not for many I'd guess.
BTW it is the same for non-semi companies (like OEMs), except that volumes of a given single product are generally lower, so mistakes are more bounded.
I think people also need to accept the fact we're never going to engineer a solution to human stupidity. If our society doesn't raise people to be good users, no amount of hardening will stop systems from being compromised.
Agreed. Wasting countless hours on the engineering end doesn't seem wise when those same hours could be spent doing something meaningful. This requires education on the user end. Education that will help them understand the world around them better so everyone wins in the end.
Those are wasted hours. We have to make stuff maximally safe AND educate users, because even that maximal safety/ergonomics/etc. is too little compared to how complex our world is.
I wouldn't use Underdog to describe Intel, they were never one in their x86 history. Always the TopDog.
Intel in the P4 era is a lot different to now. P4 was an engineering mistake. And it wasn't Cornoe that saved that, it was Pat Gelsinger's Pentium M or Banias / Dothan.
The current ( or past ) Intel issues isn't engineering, they have amazing engineers. It is lying. Blatant lies that were fed from Sales and Marketing all the way to their C-Level. That is what happen when a successful company were driven by Sales and Marketing people.
The story I've heard was that P4 was a management mistake. Some engineers claimed they surely understood that the limits existed, but the management believed that the only thing that's sellable is a bigger number of GHz. So the engineers got the goal to make a processor architecture for 10 GHz, and apparently P4 was made for that (long pipelines) and it was known that on lower number of GHz the architecture performed worse. But 10 GHz was unachievable because physics can't be cheated (the chips would simply melt without some special cooling that was also not sellable), so P4 architecture was never driven with the clock speeds for which it was designed.
> We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.
> AMD continues to recommend the following best practices to help mitigate against side-channel issues:
> Keeping your operating system up-to-date by operating at the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities
> Following secure coding methodologies
Implementing the latest patched versions of critical libraries, including those susceptible to side channel attacks
Utilizing safe computer practices and running antivirus software
This is legal/PR mumbo jumbo. Nowhere in that statement does AMD say they have patched this. instead, the make vague reference to previously-patched vulnerabilities that are NOT the vuln in question.
Also, they say they 'believe' it isn't new, and that word is used for a reason - it isn't legally binding. It is a lot different than saying "It isn't new."
Finally, the advice they give is akin to giving general advice for a Ford vehicle: "Change the oil every 3500 miles."
Generalized statements that mean nothing.
This looks to be an intentionally obfuscated response.
AMD does not "patch" Spectre. Spectre has to be patched by developers, who execute untrusted code within the trusted address space (e.g. browser and OS developers). I am taking AMD press release to mean, that this "attack" — note how researchers consistently use this word instead of "vulnerability" — is simply proof-of-concept for well known Spectre flaws or possibly even expected behavior of the CPU cache (in non-SMT case).
Many Spectre-type flaws are essentially about an OS process reading/writing it's own memory — which it is naturally expected to have access to. Of course, browser developers weren't prepared for that, but they also were not prepared for gzip-bombs...
I assume, that mitigations [1] suggested by AMD in 2018 are sufficient to protect against this (and all other) Spectre flavors on AMD CPUs, in which case there is really nothing new going on here.
I'm pretty sure the issue with Spectre/Meltdown is about an OS process reading other processes' (or kernel) memory. These are fundamentally chip issues, not developer issues.
No, Spectre is always about reading your own memory. Your link is about exploiting MDS aka Zombieload — a separate hyper-threading vulnerability, specific to Intel CPUs.
The issue with Meltdown is about an OS process reading other processes' (or kernel) memory - this is caused by the CPU not enforcing its protection boundaries properly and is mitigated by CPU microcode or firmware updates.
The issue with Spectre is about an OS process (or kernel) reading its own memory - this is why in contrast to Meltdown it can't be fully fixed by CPU microcode or firmware updates, it requires mitigation in any code that enforces security boundaries, such as kernels or sandboxing VMs.
On the contrary, I think that first quote by AMD is very clear:
> ... a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.
They are explaining why they don't believe it is new, it's because they don't use a new speculative execution. AND if all the old ones were patched, all a customer would have to do to protect themselves is keep their system up to date.
Sure the PR statement isn't legally binding (as nearly all PR statements are designed), but they left a very clear explanation. It does not at all appear intended to mislead.
> Also, they say they 'believe' it isn't new, and that word is used for a reason - it isn't legally binding. It is a lot different than saying "It isn't new."
Yes, PR is covering their butts with believe. This is a response PR; it needs to go out within a couple of days tops, but within 24 hours of the report is best. That's not enough time to confirm the new claims or that the speculative claims are existing. This PR say, yes, we know about this; we triaged it, and we'll get back to you later; please stop calling about it.
Expect a more thorough response, with more certainty in probably a few weeks; although, I dunno AMDs usual timelines on this sort of thing.
Why would they need a quick PR response when this was disclosed months ago already? Wouldn't they have put in time to verify in that period, add me as this was disclosed responsibly?
The author does not claim that these attacks currently allow to break all processor securities.
He just points out that two new side channels are possible by exploiting AMD optimizations then it demonstrates their feasibility on already known and fixed attacks.
But beware, what is already known/fixed and requires to disable patches are the attack scenarios and not the 2 new side-channels described in the whitepaper!
Maybe there are unknown scenarios where they could be used, who knows?
Finally he suggests some countermeasures.
So, no, it's not a nothingburger at all.
It is a detailed research work that anticipates a potential issue, suggests solutions and explains undocumented processor features.
It's best not to gloat about things we are all vulnerable to.
My team at work has been snickering for two years about serious memory problems on a system our code partially replaces. I did not participate (see above).
Guess what I've spent the last few weeks working on? Go ahead, guess.
I'm quite certain that this is similarly to how there is little malware targeting Linux end-users. It's simply because Intel/Windows are the bigger platforms and therefore get more people looking at and targeting them.
Lol, "fans". This is computer architecture design, not the NFL. We judge the quality of the product, not jump on bandwagons (or we SHOULD). Both Intel and AMD do amazing, extraordinarily complicated and difficult work, and we all benefit from it, at the price of making those companies wealthy. I'm very glad those two companies have different products, different approaches to computer design. It gives us room to maneuver and compare. For a time, Intel did better work. Now AMD is pushing the boundaries. Being a fanperson about them is just ridiculous. They make each other better by having differing approaches. Please don't encourage bandwagonism, or introduce it as a topic. It makes us all look just a little bit dumber, and it's an overused rhetorical tactic.
> This is computer architecture design, not the NFL.
Why would this be the one topic about which people aren't tribal? There are people with Intel tattoos, same with AMD. They're frequently called "team blue" and "team red". People like to pick sides and belong to camps, and that's not changing.
I'm here, I just think that if you are comparing this to a real vulnerability like specter or meltdown you are making a mount Fuji out of an ant hill.
It leaks some metadata, not exactly an afternoon romp through your memory like the last few Intel bugs they've found this year.
Take... A... Way... Take a way. Take exactly one way. A way to take. I have three ways, you get to take one. Need a way? Take a way! Feel free to take a way from the way jar. Life finds a way... and then takes it.
I don't understand your point. Caches (other the trivial ones) are organized into "ways". A given access will map into one of the ways of a set. The title is punning on "take a way" and "takeaway".
The joke is that way prediction involves reading one way of a cache, not from the way jar, but from a set. Caches are divided into sets and ways in CPUs.
> The researchers also noted that unlike the Spectre and Meltdown vulnerabilities, the Take A Way exploits only leak a "few bits of metadata," as opposed to providing full access to data (example of Meltdown exploit here).
Not good and leaked information about the manner in which a process is accessing memory is probably useful to some attacker out there, but thankfully it's not even in the same class as the actual memory content disclosure vulnerabilities..
The timing of this vulnerability release is hilarious. AMD had their financial analyst conference on Thursday afternoon. The stock rallied after market hours and ended positive on Friday while everything else tanked along with the US economy. That’s how good of a bet AMD is right now.
Also the release does not quality as a new vulnerability vector like Spectre, just a new attack against a previously mitigated vulnerability. It honestly looks to me like anattempt to stop the AMD momentum.
FD: The fastest processor I own is a 16 core Xeon, and is great. However, I have invested in AMD stock over the last year. I have a lot of respect for Intel engineering, but the AMD roadmap just looks stronger between now and 2022.
Someone from the research group says they've been funded by Intel for 2 years, and have also published papers involving 10 Intel vulnerabilities during that time.
It goes as I expected. As AMD gains more popularity and spotlight, more researchers will probe their chips and more bugs will be uncovered. The only reason Intel got so many vulnerabilities is their market position.
62 comments
[ 3.3 ms ] story [ 136 ms ] threadDesigning & manufacturing computer chips is hard af, having worked in semiconductor manufacturing for over 12 years (primarily on the backend side of the Fab).
Edit: Redacting some specifics
Perhaps videos such as these are shining a positive light on the entire semiconductor goodwill: https://www.youtube.com/watch?v=f0gMdGrVteI
Jim talks about it at this mark in this presentation: https://youtu.be/Qnl7--MvNAM?t=784
https://youtu.be/NGFhc8R_uO4
Just amazing. I wish a newer video explaining more recent technologies was available.
I'm not sure I agree. If by 'cool' you mean along the lines of receiving respect and admiration from others because, while they don't really understand the actual specifics of what you do, they have a general idea and it's celebrated widely, then I don't think we want that happening in semi space.
It looks to me that it's happened already in software development, and I don't think the end result of that is net-positive.
I think that when people are passionate about what they do, and do it because they're passionate about it, the end results tend to be better than if they're doing it because other people will give them recognition.
I'm not saying this is something that happens all the time, and you can argue that I'm being elitest, snobby, or annoyed that the 'cool kids' have come into my playground and are playing with my toys, all of which would be valid positions to take. I do think that with all communities, they're very different when they have smaller appeal to when they have wider appeal.
Niche communities are not without their problems (and the toxicity that can happen in them cannot be understated), but I personally prefer them, and believe the output is generally of a higher quality, than communities with wider appeal.
I am not optimistic. "Semiconductor company" ==> high capitalization (expensive processes) ==> fertile ground for lawsuits and attacks.
As long as a slightest mistake has a potential to turn into multi-million-loss lawsuits, it will never be cool. Is it easy to be cool walking a tightrope between two skyscrapers? Not for many I'd guess.
BTW it is the same for non-semi companies (like OEMs), except that volumes of a given single product are generally lower, so mistakes are more bounded.
I've written in-depth about why "don't click untrusted links" is unhelpful: see https://xmppwocky.net/blog.py?page=22
Intel in the P4 era is a lot different to now. P4 was an engineering mistake. And it wasn't Cornoe that saved that, it was Pat Gelsinger's Pentium M or Banias / Dothan.
The current ( or past ) Intel issues isn't engineering, they have amazing engineers. It is lying. Blatant lies that were fed from Sales and Marketing all the way to their C-Level. That is what happen when a successful company were driven by Sales and Marketing people.
The story I've heard was that P4 was a management mistake. Some engineers claimed they surely understood that the limits existed, but the management believed that the only thing that's sellable is a bigger number of GHz. So the engineers got the goal to make a processor architecture for 10 GHz, and apparently P4 was made for that (long pipelines) and it was known that on lower number of GHz the architecture performed worse. But 10 GHz was unachievable because physics can't be cheated (the chips would simply melt without some special cooling that was also not sellable), so P4 architecture was never driven with the clock speeds for which it was designed.
> We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.
> AMD continues to recommend the following best practices to help mitigate against side-channel issues:
> Keeping your operating system up-to-date by operating at the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities > Following secure coding methodologies Implementing the latest patched versions of critical libraries, including those susceptible to side channel attacks Utilizing safe computer practices and running antivirus software
Also, they say they 'believe' it isn't new, and that word is used for a reason - it isn't legally binding. It is a lot different than saying "It isn't new."
Finally, the advice they give is akin to giving general advice for a Ford vehicle: "Change the oil every 3500 miles."
Generalized statements that mean nothing.
This looks to be an intentionally obfuscated response.
Many Spectre-type flaws are essentially about an OS process reading/writing it's own memory — which it is naturally expected to have access to. Of course, browser developers weren't prepared for that, but they also were not prepared for gzip-bombs...
I assume, that mitigations [1] suggested by AMD in 2018 are sufficient to protect against this (and all other) Spectre flavors on AMD CPUs, in which case there is really nothing new going on here.
1: https://developer.amd.com/wp-content/resources/90343-B_Softw...
See https://googleprojectzero.blogspot.com/2020/02/escaping-chro....
The issue with Spectre is about an OS process (or kernel) reading its own memory - this is why in contrast to Meltdown it can't be fully fixed by CPU microcode or firmware updates, it requires mitigation in any code that enforces security boundaries, such as kernels or sandboxing VMs.
> ... a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.
They are explaining why they don't believe it is new, it's because they don't use a new speculative execution. AND if all the old ones were patched, all a customer would have to do to protect themselves is keep their system up to date.
Sure the PR statement isn't legally binding (as nearly all PR statements are designed), but they left a very clear explanation. It does not at all appear intended to mislead.
Yes, PR is covering their butts with believe. This is a response PR; it needs to go out within a couple of days tops, but within 24 hours of the report is best. That's not enough time to confirm the new claims or that the speculative claims are existing. This PR say, yes, we know about this; we triaged it, and we'll get back to you later; please stop calling about it.
Expect a more thorough response, with more certainty in probably a few weeks; although, I dunno AMDs usual timelines on this sort of thing.
So, no, it's not a nothingburger at all.
It is a detailed research work that anticipates a potential issue, suggests solutions and explains undocumented processor features.
My team at work has been snickering for two years about serious memory problems on a system our code partially replaces. I did not participate (see above).
Guess what I've spent the last few weeks working on? Go ahead, guess.
So AMD vs Intel is very personal for them.
In general, AMD processors have fewer issues. Is that bad? Why bring others down instead of bring yourself up.
They need to feel justified in their choice and it drives these crazy positions on CPU/GPU/Motherboard vendor.
I'm just glad we still have multiple viable vendors to choose from.
Why would this be the one topic about which people aren't tribal? There are people with Intel tattoos, same with AMD. They're frequently called "team blue" and "team red". People like to pick sides and belong to camps, and that's not changing.
But I couldn't get past "Take A Way".
Take... A... Way... Take a way. Take exactly one way. A way to take. I have three ways, you get to take one. Need a way? Take a way! Feel free to take a way from the way jar. Life finds a way... and then takes it.
Not good and leaked information about the manner in which a process is accessing memory is probably useful to some attacker out there, but thankfully it's not even in the same class as the actual memory content disclosure vulnerabilities..
These news are Intel sponsored. https://twitter.com/HardwareUnboxed/status/12360799707298652...
Also the release does not quality as a new vulnerability vector like Spectre, just a new attack against a previously mitigated vulnerability. It honestly looks to me like anattempt to stop the AMD momentum.
FD: The fastest processor I own is a 16 core Xeon, and is great. However, I have invested in AMD stock over the last year. I have a lot of respect for Intel engineering, but the AMD roadmap just looks stronger between now and 2022.
https://twitter.com/lavados/status/1236088594584014848?s=19