a new intel-specific CPU vulnerability has been discovered: https://www.cyberus-technology.de/posts/2019-05-14-zombieload.html
- can be used to leak data between processes, hyperthreads, SGX enclaves, etc
- effects core and xeon CPUs
- CPUs with meltdown mitigations are less effected, but still vulnerable
- this is a hardware issue - OS independent
- can be mitigated by disabling hyperthreading
- proof of concept - one thread is able to access URLs typed into firefox (a different thread)
@lynnesbian Just as a source on this, since the article you linked makes no mention of it:
"The vulnerability affects most of the company’s processor SKUs, except the 8th and 9th generation chips, which Intel said includes hardware mitigations against this flaw."
@uint8_t @lynnesbian Yup. I 100% believe that they deliberately delayed it so they could use it for planned obsolescence purposes similar to Google's Play Services and Apple's iOS updates slowing down older systems for no reason other than to "encourage" users to buy new versions of the same hardware they bought 2 years ago.
But if Intel tells us about the problem when its current model line is already fixed, it's just an image loss, and does not necessarily steer revenue toward AMD.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!