Plundervolt Intel microcode update potentially killing undervolting for security?

Discussion in 'Hardware Components and Aftermarket Upgrades' started by hfm, Dec 10, 2019.

  1. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,079
    Messages:
    20,412
    Likes Received:
    25,193
    Trophy Points:
    931
    Collecting data has always been an important component - if only to gain leverage to replicate and propagate - to know it's environment - or to confirm claimed intrusions. Data can take many forms and have many uses - immediate use on site and communicated elsewhere for long term use.

    Once past intrusion and marking coup - leaving their mark on the Victim's computer or account, in the beginning the payload was the replicant and means for propagation to the next Victim's computer.

    There are many means and motivations along the way to today. But data gathering was always a component as it is necessary to see what is out there and report back the findings.

    Today much of this is streamlined and simplified down to the goals and no trace is left behind in operation.

    Here's a brief history, there's so much more info out there, but it's a good review of early times to the current time of the article:

    Nov. 10, 1983: Computer 'Virus' Is Born
    IM ZETTER, 11.10.09 12:00 AM
    https://www.wired.com/2009/11/1110fred-cohen-first-computer-virus/

    "...Viruses have proliferated rapidly since then, and malware has become more sophisticated and more vicious. The motives of malware writers have changed as well – instead of doing annoying tricks to your computer to get attention, the majority of programs sit stealthily on your computer to steal data, siphon money from online bank accounts or turn your system into a zombie for spam-spewing botnets."

    And, that article was from 10 years ago... much has happened since then.
     
    Last edited: Dec 23, 2019
    hfm, joluke and Papusan like this.
  2. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,122
    Messages:
    10,604
    Likes Received:
    7,869
    Trophy Points:
    931
    I'll post reviews about D6 uCode which I found in Intel uCode repo at Github.
    I'm on D4 and my PC performance is bad when CPU usage is capped at 100%.
     
    Last edited by a moderator: Dec 23, 2019
  3. hfm

    hfm Notebook Prophet

    Reputations:
    1,872
    Messages:
    4,285
    Likes Received:
    1,981
    Trophy Points:
    231
    Especially this day and age where a lot of the extremely complicated vulns are found or used by criminal organizations or nation states for the purpose of data exfiltration or such activities. They have teams people that clock in and out from 9-5, it's a normal 40 hr a week job for them. Thankfully we have quite a few people around like Tavis Ormandy that can find some of these problems and facilitate them being patched.
     
  4. Just_Another_Day

    Just_Another_Day Newbie

    Reputations:
    0
    Messages:
    7
    Likes Received:
    4
    Trophy Points:
    6
    No it hasn't as I already stated with example.

    If that is supposed to be directed towards myself then FYI I'm not a teenager, in fact in 1983 I was already well past being a teenager and actually lived the moment.

    Seems you've made up your mind on this and that's fine, it's your prerogative and I sincerely hope your right that we won't see some CPU killing malware. Best of luck with that, I myself will continue to set my voltages as I want them and lock them afterwards without any special microcode and zero performance loss. I thought some others might want to do the same or at least comment on whether the locking still works on newer processors, seems I'm wrong. Oh well, my bad.

    P.S. Wishing all a Merry Xmas. :)
     
  5. hfm

    hfm Notebook Prophet

    Reputations:
    1,872
    Messages:
    4,285
    Likes Received:
    1,981
    Trophy Points:
    231
    The CPU will shut down before any damage occurs.
     
    hmscott likes this.
  6. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,079
    Messages:
    20,412
    Likes Received:
    25,193
    Trophy Points:
    931
    One example of an exception doesn't make a global definition. :)
    Well, I didn't say it wasn't a good idea to undervolt - it generally is a good idea - and I don't care either way about locking the voltage, because I don't think it's necessary.

    If it becomes the default to lock the voltage after tuning, why not? It's not been done because we haven't had a need for it for decades of undervolting.

    Why? Because we know from experience that overvolting causes instability and a halt to processor operation before the CPU will be damaged.

    Even if the CPU voltage was raised into the "danger zone" - high enough to be deleterious in the long term, that high voltage will show up as system instability when users game or run CPU intensive activities.

    It's a self alerting problem - "hey, why has my PC started crashing?" or "hey, why has my CPU temperature gone into thermal throttling?"

    BTW, back in 1983 were you directly involved in exposing vulnerabilities, making defenses for them, and tracking and prosecuting intrusions? If not then maybe I've had a bit more experience in this than you have?

    I also didn't say you were young - as that hardly matters. There may be far more people my age that don't know what the history of viruses are - but being young is no substitute for experience.

    As time went by more and more people entered the internet and became more and more savvy, but few of them had direct experience with vulnerabilities and implementing mitigations for defenses for computer intrusions.

    Most people don't deeply explore the technical side of virus's, vulnerabilities, and overclocking deep enough to know what's what.

    It's taken decades for young people to be born into it so to speak after I started on vulnerabilities and mitigations. Even so they really won't know what's what any more than anyone else that doesn't directly work in the field - with enough hand's on in the defense of intrusions.

    I was fortunate in that I was directly involved in defense against intrusions with mitigations in the mid-70's onward, so I have a direct hands on knowledge of what's what with what was done back then through the present.

    I'm also certainly not saying overvolting can't cause problems, but more than likely it's going to cause instability long before it kills the CPU or does damage to any other support hardware.

    Every CPU is different, even if the range is known the exact window of instability can be much lower than other CPU's and those canaries will crash and alert the community on what to look out for and mitigations can be implemented quickly and distributed quickly through anti-virus and anti-malware distribution.

    For example Norton Updates every few hours and quicker through community updates. So scans to find the offending malware can be quickly done and the offending code quarantined. And, so do most other defenses these days.

    But, just because I can't see the need for it, that doesn't mean it wouldn't be fun to explore and do, so go for it. There's a lot of unneeded work going on out there, most of it in fact, but that's a good way to learn and gain experience for the things that really matter later on down the road.

    There may not be any choice coming up if Intel itself locks the voltage such that no one can change the voltage. Hopefully Intel will allow changing the voltage in the BIOS before the hand off to the OS. New CPU's will have built in firmware changes onboard, we won't be able to disable voltage locking, and that will change everything.

    Happy Holiday's :)
     
    Last edited: Dec 24, 2019
    Starlight5 and hfm like this.
  7. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,079
    Messages:
    20,412
    Likes Received:
    25,193
    Trophy Points:
    931
    Exactly. All the overvolting I've done over the years results in either thermal throttling making the setting useless - and immediately noticeable, or the CPU doesn't boot via protections or simply inability to function.

    But, there are examples of people that through constantly abusing the CPU through overvolting for overclocking where the CPU eventually fails. It's not happened to me, but I have seen it reported.

    I don't think that can be bottled into a payload that could do that with every CPU as it would need to be an automated fine tuning of voltage to constant and steady high voltage abuse over a long period - finding that sensitive point that would work enough to run but be too high to be safe for the CPU wouldn't be possible without a lot crashes and reboots.

    It wouldn't be something that would be triggered immediately causing a CPU to fail, it would need to happen over time. Enough people would notice the performance hit from thermal throttling, or get alarms for over temp, or get crashes from instability and alert the malware community to find a mitigation and deploy it.

    It's an interesting possibility, but in actual practice I don't think it's going to be an issue or cause mass CPU failures.
     
    Starlight5 and hfm like this.
  8. hfm

    hfm Notebook Prophet

    Reputations:
    1,872
    Messages:
    4,285
    Likes Received:
    1,981
    Trophy Points:
    231
    Yeah, overvolting to try to increase an overclock is a trial and error practice, as you say you'll see crashes and instability well before any damage occurs. Even if the overvoltage was set to a value where 99.999% of CPUs would still function, just run a little hotter, would probably never cause any damage even over years of use. And even then you'd have to have a huge table of CPU model numbers and even notebook/laptop model detection to figure out what that value should be for a specific case. Maybe if you targeted some very popular units like dell or apple.

    No one interested in building malware would waste their precious time with a project like this without some type of real payoff. Doing something like targeted data exfiltration or crypto-currency mining would actually have a payoff for your time spent.

    There's much easier ways of destroying someone's day with malware like erasing their data or encrypting it like the ransomware that bad actors are using. Doing that would be WAY easier than trying to fry a CPU.
     
    Starlight5 and hmscott like this.
  9. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,079
    Messages:
    20,412
    Likes Received:
    25,193
    Trophy Points:
    931
    tl;dr - "What is the issue?
    External Researchers informed Intel of a potential vulnerability that could impact the security of Intel® Software Guard Extensions (Intel® SGX). This issue may occur when using software that enables the user to alter voltage operating points.

    Affected Products:
    Intel® 6th, 7th, 8th, 9th & 10th Generation Core™ Processors. Intel® Xeon® Processor E3 v5 & v6 and Intel® Xeon® Processor E-2100 & E-2200 Families.

    How is this potential vulnerability mitigated?

    The BIOS updates mitigate the issue by locking voltage to the default settings.
    "
    _______________________
    Intel has been aware of and working on this since notified in June 2019:

    "Researchers from University of Birmingham, KU Leuven and TU Graz provided Intel with a Paper and Proof of Concept (POC) in June 2019 and researchers from Technische Universität Darmstadt and University of California provided a Paper and Proof of Concept (POC) in early August 2019. Intel subsequently confirmed each submission demonstrated this individually.

    Researchers from University of Maryland and Tsinghua University provided Intel with a Paper in late August 2019 describing this issue.

    Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available."
    https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html

    And, Intel says these products are affected:

    "Affected Products:
    Intel® 6th, 7th, 8th, 9th & 10th Generation Core™ Processors. Intel® Xeon® Processor E3 v5 & v6 and Intel® Xeon® Processor E-2100 & E-2200 Families."

    Which is pretty much all Intel CPU's we are using today and for the last decade, much like the Spectre and Meltdown, MDS etc etc etc.

    Intel lists the Vulnerability Details:

    "Vulnerability Details:
    CVEID: CVE-2019-11157
    CVSS Base Score: 7.9 High

    Description: Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."

    And Intel has already released the mitigation as a firmware update sent out to vendors to include in their next BIOS update, so it's out there and live now - the firmware mitigation could be included in future BIOS updates - and included in Microsoft Updates too:

    Intel® CPU Voltage Settings Modification Advisory, Disclosed December 10, 2019
    https://www.intel.com/content/www/us/en/support/articles/000055804/processors.html

    "General Q&A: (shortened)

    What is the issue?
    External Researchers informed Intel of a potential vulnerability that could impact the security of Intel® Software Guard Extensions (Intel® SGX). This issue may occur when using software that enables the user to alter voltage operating points.

    How is this potential vulnerability mitigated?
    The BIOS updates mitigate the issue by locking voltage to the default settings.

    Is this issue linked to any specific operating system (OS) type or is the issue independent of OS types and versions?

    This issue is independent of the OS type and version.

    Can I still overclock?
    Intel recommends you contact your system manufacturer to determine if your system supports overclocking.

    My system manufacturer does not have any update available yet, what should I do?
    Unfortunately, Intel cannot dictate nor control when our ecosystem partners release updated BIOS or driver files. We recommend that you request an estimate on when the update will be available."

    This vulnerability is only one of 11 advisories issued by Intel in December 2019:

    IPAS: SECURITY ADVISORIES FOR DECEMBER 2019
    https://blogs.intel.com/technology/2019/12/ipas-security-advisories-for-december-2019/

    Here's one of the sources of the discovery of the vulnerability:

    Undervolting allows attacks on Intel's secure enclaves
    Posted on 11 Dec 2019
    https://www.birmingham.ac.uk/news/l...allows-attacks-on-intels-secure-enclaves.aspx

    Sorry if I've repeated anything already posted, I'm trying to summarize after catching up, hopefully it helps someone else too.
     
    Last edited: Jan 1, 2020
    hfm, Vasudev, 0lok and 1 other person like this.
  10. Mr. Fox

    Mr. Fox BGA Filth-Hating Elitist

    Reputations:
    31,767
    Messages:
    36,119
    Likes Received:
    58,896
    Trophy Points:
    931
    No, there are a ton of people that plan to do the same thing. Security always takes a back seat to performance and functionality for me and many others. I also have no plans to stop using Windows 7 for as long as I can find driver support for my hardware.
     
    joluke, Papusan and Vasudev like this.
Loading...

Share This Page