[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: amd64 running on Intel Celeron and Pentium? (was: [SECURITY] [DSA 5113-1] firefox-esr security update)

On Thu, Apr 14, 2022 at 02:34:22PM +0200, Elmar Stellnberger wrote:
On Wed, Apr 13, 2022 at 03:11:04PM -0400, Michael Stone wrote:
On Wed, Apr 13, 2022 at 08:18:30PM +0200, Levis Yarema wrote:
> What about Spectre /Meltdown? P3/P4/Pentium M systems don´t have that? Core 2
> systems to my knowledge can.

There's no reason to believe netburst systems are not affected by any of the
cpu issues identified in the past few years, but they are obsolete and
unsupported so nobody is making official statements about them. These
systems also lack a number of security features present in modern CPUs;
picking an ancient chip for "security reasons" is likely misguided. Also, in
the context of this thread, note that the most recent Core 2 processor was
released in 2010.

 AFAIK there is just no official statement of Intel about Pentium
III, IV and M CPUs. That may also be because they want(ed) people
to buy newer machines. Nonetheless I would be in wonder if
nobody at all had ever tested these CPUs for Spectre and
Meltdown. The issue itself wasn´t discovered by Intel either.

There's a general class of problems related to how CPUs handle various checks while executing out of order or speculative instructions. The specifics of how to exploit the vulnerabilities varies in different CPU implementations, and new techniques are identified pretty regularly. Previous-gen atom processors weren't affected by most of this because they were strictly in-order. (Intel still supports those, and has issued "not vulnerable" statements for many of the CPU problems.) The netburst (pentium 4) architecture, by contrast, was out-of-order and had a huge pipeline (some even supported hyperthreading, which has been a whole bag of problems in itself.) It's really hard to believe that intel managed to get everything right 25 years ago in netburst and then just forgot how to do it with later generations. More plausibly, nobody is spending a lot of time researching how to exploit flaws in an architecture that is functionally obsolete. There's been a lot of wild speculation that Pentium 4 was some kind of high point for "secure" CPUs, but that's coming from internet pontificators rather than serious researchers.

Reply to: