Monthly Archives: July 2022

Article note: Oh great, the cheaper retpoline based mitigation for speculation attacks isn't adequate, so we get another 10-20% performance hit to mitigate better. What was the nominal generation-over-generation performance gain from adding all this complexity again?

Enlarge

Some microprocessors from Intel and AMD are vulnerable to a newly discovered speculative execution attack that can covertly leak password data and other sensitive material, sending both chipmakers scrambling once again to contain what is proving to be a stubbornly persistent vulnerability.

Researchers from ETH Zurich have named their attack Retbleed because it exploits a software defense known as retpoline, which chipmakers introduced in 2018 to mitigate the harmful effects of speculative execution attacks. Speculative execution attacks, also known as Spectre, exploit the fact that when modern CPUs encounter a direct or indirect instruction branch, they predict the address for the next instruction they’re about to receive and automatically execute it before the prediction is confirmed. Spectre works by tricking the CPU into executing an instruction that accesses sensitive data in memory that would normally be off-limits to a low-privileged application. Retbleed then extracts the data after the operation is canceled.

Is it a trampoline or a slingshot?

Retpoline works by using a series of return operations to isolate indirect branches from speculative execution attacks, in effect erecting the software equivalent of a trampoline that causes them to safely bounce. Stated differently, a retpoline works by replacing indirect jumps and calls with returns, which many researchers presumed weren’t susceptible. The defense was designed to counter variant 2 of the original speculative execution attacks from January 2018. Abbreviated as BTI, the variant forces an indirect branch to execute so-called “gadget” code, which in turn creates data to leak through a side channel.

Article note: *Raised Fist*

Enlarge (credit: Getty Images)

A number of course-altering US Supreme Court decisions last month—including the reversal of a constitutional right to abortion and the overturning of a century-old limit on certain firearms permits—have activists and average Americans around the country anticipating the fallout for rights and privacy as abortion “trigger laws,” expanded access to concealed carry permits, and other regulations are expected to take effect in some states. And as people seeking abortions scramble to protect their digital privacy and researchers plumb the relationship between abortion speech and tech regulations, encryption proponents have a clear message: Access to end-to-end encrypted services in the US is more important than ever.

Studies, including those commissioned by tech giants like Meta, have repeatedly and definitively shown that access to encrypted communications is a human rights issue in the digital age. End-to-end encryption makes your messages, phone calls, and video chats unintelligible everywhere except on the devices involved in the conversations, so snoops and interlopers can’t access what you’re saying—and neither can the company that offers the platform. As the legal climate in the US evolves, people who once thought they had nothing to hide may realize that era is now over.

Article note: It'll be interesting to see how that shakes out.

Article note: Refurb/Off-Lease/Last-Gen/Used upmarket computers are awesome, I was just posting about this. Especially on laptops, pay for a great chassis, do not pay for tiny generation-to-generation tweaks. Make sure you don't get into grossly power inefficient territory (which sometimes makes "server" market stuff unsuitable because of the different PM design), but, especially once you patch all the risky speculation tricks, the generation-over-generation gains have been pretty modest for a decade.

Article note: The OSNews take is _exactly_ what I was thinking when I saw this thing go by.

Article note: The incentives of content farming are a race to the bottom, where the splashiest most engaging title and preview, the most polished video, and the fastest output win, eventually forcing out any other content to the advantage of the people gaming the system. You know, like academic research.