XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Mon May 20, 2019 11:13 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 17 posts ] 
Author Message
PostPosted: Tue May 14, 2019 6:39 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15847
New secret-spilling flaw affects almost every Intel chip since 2011.

Supposedly 10.14.5 patches that.

https://techcrunch.com/2019/05/14/zombi ... rocessors/


Top
 Profile  
 
PostPosted: Tue May 14, 2019 9:05 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9997
Location: North of the State of Jefferson
I'm sure there will be more to come.

I'd be most concerned about shared environments with these flaws, but malicious software might, eventually, be able to use these techniques to steal encryption keys or passwords. I'm not, however, sure of the exact exploitability of this specific flaw. I still haven't read a really detailed breakdown and, considering the rate that speculative execution flaws are being discovered, I'm not trying too hard to keep up.

- Anonymous


Top
 Profile  
 
PostPosted: Wed May 15, 2019 6:33 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15847
Quote:
However, it appears that some Macs may see a 40% fall in performance if all the patches are applied. That’s bound to upset a lot of Mac owners, so let’s hope Apple and Intel work on further mitigations that reduce the impact to performance.

There will also be a security update for Macs running macOS Sierra and macOS High Sierra as well. iPhones and iPads are not affected.

Meanwhile, Google has also released patches to mitigate against ZombieLoad. While most Android devices run on ARM hardware and won’t be affected, any Android device using Intel hardware will need to apply the patches.

Chromebooks and Chrome OS devices will have already had the ZombieLoad patches applied. Google has also advised users of its Chrome web browser to make sure they install updates from their operating system – so Windows users and Mac users make sure you’ve got all the latest updates installed.

As we reported earlier, Microsoft has revealed that Windows 7 and XP are vulnerable to ZombieLoad, and it has released patches for all its operating systems which can be installed via Windows Update or from the Microsoft Support website.

Mozilla has also said that it is working on a long-term fix for its Firefox web browser for macOS, and Firefox Beta and Firefox Nightly versions have the patch already installed.

According to Mozilla, no action is needed for Windows and Linux users of Firefox.

https://www.mac4mac.co.uk/viewtopic.php ... 5&start=45


Top
 Profile  
 
PostPosted: Wed May 15, 2019 6:36 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10485
Location: Caught between the moon and NYC
Interestingly full mitigation for ZombieLoad requires disabling Hyperthreading, which is how Intel turns 2 cores into 4 threads. Or, on more recent systems, 1 core into 2 threads, because that's exactly what we wanted Apple, less threads. Admittedly the latest CPUs from Intel added 1 core to every tier but let's not forget they rolled each tier back 1 core (and only added cores because they - as usual - encountered trouble on the process shrink, so the extra cores was a stopgap way of giving people more performance and a reason to upgrade).

Side effect of disabling HT is each core is faster, but typically not as fast as when it's split up into more threads. In Pentium 4 days it was actually significantly faster if you disabled HT, but processes back then weren't as multithreaded as now and that was the first incarnation of HT with a lot of shared resources between threads, and for a while it looked like Intel had learned from their P4 fiasco.


Top
 Profile  
 
PostPosted: Fri May 17, 2019 8:41 am 
Offline

Joined: Thu May 15, 2008 8:05 pm
Posts: 411
This is just wonderful news since we still have three indispensable Mac Pro 5,1s.


Top
 Profile  
 
PostPosted: Fri May 17, 2019 2:00 pm 
Offline

Joined: Sat May 11, 2019 6:52 pm
Posts: 79
Far as I can see, cMP 5,1s fall outside the target. I have the 6 core Westmere, no Hyperthreading.


Top
 Profile  
 
PostPosted: Fri May 17, 2019 2:08 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10485
Location: Caught between the moon and NYC
To add insult to injury, it sounds like a number of systems Apple still currently supports, even those supported by Mojave, aren't going to receive any mitigations.

If I were a betting man, I'd say these systems are the ones Apple will be dropping support for in 10.15.


Top
 Profile  
 
PostPosted: Fri May 17, 2019 2:20 pm 
Offline

Joined: Sat May 11, 2019 6:52 pm
Posts: 79
Some youtuber got me excited saying he thinks there will be a big hug between the fruit and nVidia come WWDC. Which kinda/sorta says 10.15 will have nVidia support. WHICH means if they fully deprecate our cMPs with Nvidia cards... what's the point? These ARE the only fruity machines that can take 980s, 1080s, 2080s, etc. right (mmmm, new mac pro?)?


Top
 Profile  
 
PostPosted: Fri May 17, 2019 3:12 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10485
Location: Caught between the moon and NYC
Westmeres appear to support HyperThreading.
https://everymac.com/systems/apple/mac_ ... specs.html
https://ark.intel.com/content/www/us/en ... l-qpi.html

In fact even the earlier Nehalem CPUs used in 2009 support HT.
https://everymac.com/systems/apple/mac_ ... specs.html
https://ark.intel.com/content/www/us/en ... l-qpi.html

That being said, since it's reported that this only affects CPUs made in 2011 and newer, it's certainly possible Westmeres lack the feature ZombieLoad depends on. HyperThreading may be a requirement to fully mitigate ZombieLoad, but HyperThreading itself isn't evidence of the flaw being present.

Or maybe reporting is wrong. Now if you pardon me, I need to go cough out a lung. :badteeth:


Top
 Profile  
 
PostPosted: Fri May 17, 2019 3:47 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15847
I read that it did affect 2009/2010 CPUs but Intel wasn't going to release any microcode for those.

Not where I read it, but...

https://www.cultofmac.com/625928/apple- ... d-exploit/

Looks like you were pretty much spot on MB. :D


Top
 Profile  
 
PostPosted: Sat May 18, 2019 8:41 am 
Offline

Joined: Sat May 11, 2019 6:52 pm
Posts: 79
Hmmm, I came to my conclusion because there was NO listing for Hyperthreading in the System Report... BUT after seeing my exact machine in one of MB's links, I even went and checked... yup, Activity Monitor sure does show 12 cores/threads.

Loved the bit about how they want to develop their own chips to be able to support older stuff that Intel seems unwilling to. Get real, they never support anything much over 3-4 years anyway, so if they HAD made that Westmere chip, they would never ever make some microcode for it to fully patch this particular vulnerability.


Top
 Profile  
 
PostPosted: Sat May 18, 2019 10:44 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15847
"What a deep voice you have!" "The better to greet you with", responds the wolf, "Goodness, what big eyes you have!" "The better to see you with", responds the wolf, "And what big hands you have!" "The better to grab you with", responds the wolf, and lastly, "What a big mouth you have" "The better to eat you with!"


Top
 Profile  
 
PostPosted: Sat May 18, 2019 11:08 am 
Offline

Joined: Thu May 15, 2008 8:05 pm
Posts: 411
Most Intel CPUs have supported Hyper-threading since the Pentium 4 days, the Westmere supports the additional vulnerable instructions placing them in a worse position.

It is all very frustrating how dependent we are on these old machines.


Top
 Profile  
 
PostPosted: Sat May 18, 2019 8:17 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10485
Location: Caught between the moon and NYC
Its almost like Apple hasn't been making the systems customers want since they stopped making the 2012. Overpriced as it was at the time, at least they were a good foundation.


Top
 Profile  
 
PostPosted: Sun May 19, 2019 5:11 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15847
Yep, they've basically gone to making Kleenex tissues.


Top
 Profile  
 
PostPosted: Sun May 19, 2019 8:33 am 
Offline

Joined: Sat May 11, 2019 6:52 pm
Posts: 79
601 wrote:
It is all very frustrating how dependent we are on these old machines.


We have no choice, they don't and most likely will never make a machine I'd want to buy (I'd be quite happy with a bit of a scaled down cMP, slots, upgrades for CPU & GPU (ANY GPU), T3 + USB 3.1 ports. NOT that complicated.


Top
 Profile  
 
PostPosted: Sun May 19, 2019 6:31 pm 
Offline

Joined: Thu May 15, 2008 8:05 pm
Posts: 411
Extremely affordable NVMe storage has made the 2013 Mac Pro a lot more tenable than it was at launch, but we're still extremely unenthusiastic about it.

At the end of the day our existing Mac Pro has 32.25TB of internal storage and another 12TB of attached storage.

If you're wondering.

Internal Drive Bays:
Drives 1 and 2: 3TB Toshiba drives in a 6TB Stripe used as a staging ground for backups.
Drives 3 and 4: 6TB Western Digital drives in a 6TB Mirror used for Time Machine backups.

Lower Optical Drive Bay:
2x Micron 2TB SSDs in a 2TB Mirror which are the primary boot drives.
2x Seagate 4TB drives in a 4TB Mirror which are used for local Time Machine backups.

Upper Optical Drive Bay:

A Western Digital 2TB drive which the SSD mirror is cloned to nightly.

mSATA Slot 1: 120GB SSD used for a bootable utility partition.
mSATA Slot 2: 128GB SSD used for caching AppStore and iCloud data.

Sonnet Fusion R400: 4x Toshiba 3TB drives.

We're spending money on everything but Apple products.

The temporary Mac Pros that replaced the Xserve last year are looking like they will be around for a long time to come.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 17 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group