Intel CPUs Impacted by New PortSmash Side-Channel Vulnerability

Intel processors are impacted by a new vulnerability that can allow attackers to leak encrypted data from the CPU's internal processes. From a report: The new vulnerability, which has received the codename of PortSmash, has been discovered by a team of five academics from the Tampere University of Technology in Finland and Technical University of Havana, Cuba. Researchers have classified PortSmash as a side-channel attack. In computer security terms, a side-channel attack describes a technique used for leaking encrypted data from a computer's memory or CPU, which works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU's processed data. Researchers say PortSmash impacts all CPUs that use a Simultaneous Multithreading (SMT) architecture, a technology that allows multiple computing threads to be executed simultaneously on a CPU core. [...] Researchers say they've already confirmed that PortSmash impacts Intel CPUs which support the company's Hyper-Threading (HT) technology, Intel's proprietary implementation of SMT.

Re:Still waiting on my remote root SSH exploit

[crow]

Those were big bugs, and they have real impacts. Not all impacts allow remote exploit. For home users, the impact is to change any remote exploit that gains user privileges into one that gains root privileges. That's important, but not a disaster.

Where the real disaster is is in virtualized systems. That class of exploits allows you to potentially hack from one VM into another running on the same physical hardware. That's a disaster for cloud providers, but fortunately, they have professional IT teams that can stay on top of required patches, to the extent that they are able to do so. Unfortunately many of the patches may need to be done inside the user-controlled VMs.

This sounds like a somewhat similar bug in that if you can execute on one hyperthread, you can figure out what is going on on the other one on the same core (or at least I suspect that's it--I didn't read the article). Again, that's bad for virtualized systems, but not that serious for most home users. It does potentially blow a big hole in the security for whole-disk encryption and things like that, which some people are going to be very concerned about.

Re:Still waiting on my remote root SSH exploit

[Seven+Spirals]

No, I'm not saying take no action, I'm saying don't tell me it's the end of computing unless it really is. Quit acting like all these *potential* vulnerabilities amount to anything but a "possible fear". They aren't fully-formed threats, they are nebulous bullshit until they can be shown to be something else. Also, this shit has been going on all through 2018 if it's so bad that we all need to prepare so much, then why haven't ANY of these flaws really resulted in 4/5ths of 5/8ths of FUCK ALL?

Re:AMD

[alvinrod]

Although no one has tested it, the article indicates that the people who discovered this vulnerability think that AMD's SMT implementation would also be vulnerable to this kind of attack. While that isn't a confirmation, it does appear as though this exploit is general enough that it wouldn't be specific to Intel. Hopefully they also disclosed this to AMD so that they had time to explore this for themselves and work on a fix if necessary.