Bug#886367: IMPORTANT: ARE they (Chip-Makers) creasy! -- Changing CPU/MMU-Microcodes MUST NOT BE POSSIBLE outside the secured HW-Factories!
Hi Felix Ok, I now understand your points. You have right, with the Firefox case; and this is GOOD NEWS for the SECURITY. AND if you argue with the one direction of microcode updates YOU have also right. ;) But who (which tech.) can/will stop a clever hacker doing forward updates on the microcode with his own/bad changes? If it is cryptographic (as described) it’s better than nothing, but an additional local button/process would secure it in advance. We will see today HOW now Microsoft & RedHat will PATCH/CHANGE the microcode with there Update capabilities! It’s better they be able to do it, than just an other app from any uncertainty sources. You help me a lot, to feel more secure now. THANKS! Kind regards Patrik ifs³ Consulting+Engineering Patrik Lori CTO, cert. Computer Engineer & MAS-BA Panoramastr. 6, 5625 Kallern, Switzerland Web:http://www.ifs3.com <http://www.ifs3.com/> Email: patrik.l...@ifs3.com <mailto:patrik.l...@ifs3.com> Mobile:+41 79 326 75 97 CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. If you are the intended recipient but do not wish to receive communications through this medium, please do advise the sender immediately. > Am 09.01.2018 um 02:25 schrieb Felix Winterhalter : > >> I’m very very sorry, that you think I’m NOT understanding „Spectre" and >> what this shows. - I understand this very well! ;) >> >> *FOR YOU:* >> *== >> * >> PLEASE look at the possibilities of the new *version 57.0.4 of Firefox*. >> *With this special created release (of this browser) you can PATCH the >> Microcode* *AGAINST Spectre > Let me stop you right there. This is simply not true at all. If you > would have read up on what exactly they changed in 57.0.4 of Firefox to > mitigate the Meltdown and Spectre attacks you might have seen that they > simply changed the resolution of the timing source you can get via the > javascript function performance.now() to be 20 µs. > > Since both Meltdown and Spectre rely on having accurate high resolution > timing information available to the process running the attack, this > effectively leads to those attacks no longer working from within Firefox. > > This has absolutely NOTHING whatsoever to do with microcode patching, > and so is absolutely irrelevant. > >> But in this case (Spectre) just a "bad website" can be used to reed data >> from other areas. This is possible because of some side-effect the current >> Microcode has. If we can FIX that with the special version (57.0.4) of >> Firefox, a hacker can change it back again with an other program and no one >> knows! - After this he just need a "bad website" to get datas AGAIN. > > This also fundamentally shows that you have not understood how microcode > updates work. You can't just "change it back" as microcode updates only > work in one direction, that is "the update applied needs to be newer > than the one already applied", the update revision is included in the > cryptographic signature of the microcode update. So you cannot just > apply old updates on top of new ones.
Bug#886367: IMPORTANT: ARE they (Chip-Makers) creasy! -- Changing CPU/MMU-Microcodes MUST NOT BE POSSIBLE outside the secured HW-Factories!
I’m very very sorry, that you think I’m NOT understanding „Specter" and what this shows. - I understand this very well! ;) FOR YOU: == PLEASE look at the possibilities of the new version 57.0.4 of Firefox. With this special created release (of this browser) you can PATCH the Microcode AGAINST Specter! ==> So this shows, that there IS an easy way for doing Microcode changes in user-mode! AND this also demonstrate, that quite the same can be done to change the Microcode AGAIN WITHOUT to be sure the new (now may be hacked) code-change come from intel or NOT! —> AND to start this CHANGE you just click on a „special-button". If such is possible without asking for any system passwords THIS is a huge security problem !!! In such a case a „user" don’t know, what’s realy going on and ALL normal OS & FW - checks looks to be sending green flags! THIS IS CREASY DANGEROUS and should NOT be possible on any secure system! Whenever we change things, we trust on the SW-sources. THIS I UNDERSTAND VERY WELL. But in this case (Spectre) just a "bad website" can be used to reed data from other areas. This is possible because of some side-effect the current Microcode has. If we can FIX that with the special version (57.0.4) of Firefox, a hacker can change it back again with an other program and no one knows! - After this he just need a "bad website" to get datas AGAIN. PLEASE: Before you send me your next quick answer, PLEASE read my E-Mail very carefully and try to understand WHAT I’m talking about. IT IS SERIOUS and IMPORTANT. ==> I’m NOT talking about what Spectre does (this is clear); I’ afraid HOW we can patch the Microcode to let them NOT allow this AND how easy it will be to let them allow to enable this/such again. MEMO: Linus Torvalds is also very unhappy with the actual situation! http://www.pcgameshardware.de/CPU-Hardware-154106/News/Meltdown-Spectre-Linux-Linus-Torvalds-1247248/ <http://www.pcgameshardware.de/CPU-Hardware-154106/News/Meltdown-Spectre-Linux-Linus-Torvalds-1247248/> Kind regards Patrik ifs³ Consulting+Engineering Patrik Lori CTO, cert. Computer Engineer & MAS-BA Panoramastr. 6, 5625 Kallern, Switzerland Web:http://www.ifs3.com <http://www.ifs3.com/> Email: patrik.l...@ifs3.com <mailto:patrik.l...@ifs3.com> Mobile:+41 79 326 75 97 CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. If you are the intended recipient but do not wish to receive communications through this medium, please do advise the sender immediately. > Am 08.01.2018 um 21:09 schrieb Felix Winterhalter : > >> Sorry it’s NOT enough. Don’t worry I trust Intel for changing Intel CPUs; I >> trust AMD for changing AMD CPUs, etc. NO problem with that! - But >> >> SIMPLYFYED: >> How can Firefox 57.0.4 change the Intel CPU/MMU - Microcode if such change >> need a secret code signature and don’t know anything secured from my CPU? >> >> If a Browser-SW can change it (I hope this SW is running in user-mode), a >> "tarned Hacker-SW" can change it to !!! >> > I do not know where you got the impression that this is possible. As it isn't. > > The Meltdown and Specter vulnerabilities have nothing whatsoever to do with > putting "hacked microcode" or something like that on the CPU. I suggest you > read up on how these vulnerabilities actually work before posting messages > such as this or for that matter look up what exactly microcode IS as it seems > you have a bit of a misconception about the nature of it. > > In essence they use features that are already in the CPU in a way that allows > them to gain knowledge of privileged information. They don't put anything > malicious onto the CPU especially not something that would "stay there", > "hacker software", "malware" or anything of the sort. They use normal > operation features of modern CPUs in order to defeat higher level protection > mechanisms. >> For me this is NOT a trustful way for such an important change and need to >> be addressed very seriously to the HW manufactories. >> If your org can help for this, it’s great. >> > Sooo installing updates onto your system by downloading them is also not a > trustful way for updates to arrive? You want to chisel those onto your > harddrive manually? On Windows I think every user has the right to install > updates even ... which makes sense in a way. >
Bug#886367: IMPORTANT: ARE they (Chip-Makers) creasy! -- Changing CPU/MMU-Microcodes MUST NOT BE POSSIBLE outside the secured HW-Factories!
Sorry it’s NOT enough. Don’t worry I trust Intel for changing Intel CPUs; I trust AMD for changing AMD CPUs, etc. NO problem with that! - But SIMPLYFYED: How can Firefox 57.0.4 change the Intel CPU/MMU - Microcode if such change need a secret code signature and don’t know anything secured from my CPU? If a Browser-SW can change it (I hope this SW is running in user-mode), a "tarned Hacker-SW" can change it to !!! For me this is NOT a trustful way for such an important change and need to be addressed very seriously to the HW manufactories. If your org can help for this, it’s great. P.S: Linus Torvalds is also very unhappy with this actual situation! http://www.pcgameshardware.de/CPU-Hardware-154106/News/Meltdown-Spectre-Linux-Linus-Torvalds-1247248/ <http://www.pcgameshardware.de/CPU-Hardware-154106/News/Meltdown-Spectre-Linux-Linus-Torvalds-1247248/> Kind regards Patrik ifs³ Consulting+Engineering Patrik Lori CTO, cert. Computer Engineer & MAS-BA Panoramastr. 6, 5625 Kallern, Switzerland Web:http://www.ifs3.com <http://www.ifs3.com/> Email: patrik.l...@ifs3.com <mailto:patrik.l...@ifs3.com> Mobile:+41 79 326 75 97 CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. If you are the intended recipient but do not wish to receive communications through this medium, please do advise the sender immediately. > Am 08.01.2018 um 19:43 schrieb Felix Winterhalter : > >> Second: I’m not willing to accept, that CPU/MMU - Microcode can be changed >> just by some OS/SW-Updates without any physical and local interventions or >> with a secret „ONE WAY“ passwords/ticket directly coming from the >> manufacture company. Otherwise "very bad hackers" are able to change the >> critical CPU/MMUs - Microcode to prepare some „spyglass-situation|attacks“, >> which NO uper-layered "Security-SW or OS“ ever can detect. >> This is a very bad situation (even if this exist many years ago). >> > > You appear to have the impression that microcode updates are completely > unsigned code that anyone can modify. You might find this an interesting read: > > http://inertiawar.com/microcode/ <http://inertiawar.com/microcode/> > > It explains how microcode updates work in general and specifically how they > work on Intel chips. You cannot simply perform arbitrary microcode updates on > a system. And microcode updates will only load if they are newer than the one > already applied. So you cannot just load an older insecure version of > microcode if an update has already been applied by either the bios or the > kernel. Microcode updates only increase security, they could only decrease it > if Intel released a microcode update that introduced a weakness and signed > that. At the point where you don't trust your vendor on that level anymore > you might as well give up on any sort of proprietary hardware that needs any > sort of binary blobs, which some decide to do. > >> INFO: >> It looks HPE has realized this serious security thread and developed a >> special ILO-Chip hat help to solve this real problem. >> siehe: >> http://www.zdnet.de/88300819/schutz-vor-firmware-attacken-hpe-sichert-proliant-server-ab/?_ga=2.128992076.1543857168.1515237773-947033226.1515237773&inf_by=5a50b18d671db879058b47d8 >> >> <http://www.zdnet.de/88300819/schutz-vor-firmware-attacken-hpe-sichert-proliant-server-ab/?_ga=2.128992076.1543857168.1515237773-947033226.1515237773&inf_by=5a50b18d671db879058b47d8> >> 👍 >> >> >> >> I hope other HW manufactures (DELL, IBM, CISCO, Oracle, etc.) are asap. also >> have/providing some solution for this problem. >> > The link you have provided shows that HPE wants to make sure its firmware, > i.e. UEFI and components are secured. They do not talk about preventing > microcode updates, which I don't think this provides as those are CPU > features directly. I'm not sure if those can be disabled by the > chipset/mainboard as its basically just a special instruction sent to the CPU > (pretty sure they can't be prevented by that). >
Bug#886367: IMPORTANT: ARE they (Chip-Makers) creasy! -- Changing CPU/MMU-Microcodes MUST NOT BE POSSIBLE outside the secured HW-Factories!
STOP, STOP, STOP -> ALL THIS "Microcode-Patch" Infos! = If Intel, AMD, ARM, .. now communicating, that they can change the CPU/MMU-Microcode outside there secured factories; they send (with this) very dangerous messages to all hackers. Hackers can use "the same procedure" to do the oposit of these patches! Changing CPU/MMU-Microcodes MUST NOT BE POSSIBLE outside the secured HW-Factories! Otherwize, we are all in great new SECURITY-DANGER! I hope the CPU/MMU-Microcode - Patch can NOT be manipulated or canceled afterwards !!! Kind regards Patrik ifs³ Consulting+Engineering Patrik Lori CTO, cert. Computer Engineer & MAS-BA Panoramastr. 6, 5625 Kallern, Switzerland Web:http://www.ifs3.com <http://www.ifs3.com/> Email: patrik.l...@ifs3.com <mailto:patrik.l...@ifs3.com> Mobile:+41 79 326 75 97 CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. If you are the intended recipient but do not wish to receive communications through this medium, please do advise the sender immediately.
