This Will Wreck Your PC

– Hey guys, this is Austin If you use a PC, it's time to listen up

Put your nerd pants on and let's take a little adventure into Danger Town There's a new group of exploits going around that can cause some serious damage to your PC So they take advantage of what is known as speculative execution, and it's similar to some of the bugs we saw last year, including Spectre as well as Meltdown Something as simple as visiting a website with malicious JavaScript or a little bit of a sketchy download could mean losing control over all kinds of stuff which should be very sensitive and private So I'm talking about passwords, encryption keys

As far as bugs go, this is about as bad as it gets Now I do want to stress that all this is theoretical right now, so researchers have found these vulnerabilities and a lot of them have been patched so it's not out in the wild But with these things, it's only a matter of time before a plane goes overhead, and they start to make it into the wild So last year brought us Spectre and Meltdown, and at first, it seemed like a major vulnerability But of course, they were patched before too much longer

However, at this point, it is very clear that this is a new class of things that everyone has to worry about It's no longer just software There's actual hardware vulnerabilities, which can cause major problems So this actually boils down to a few different vulnerabilities that were all announced at the same time So there's the super scary name of, oh god, do I have to say it? ZombieLoad, yes, ZombieLoad is something you have to be afraid of, or the much nicer name of MDS, because that sounds safe and generic

– I'm not, that's why I don't want to say it I don't want to say ZombieLoad So what separates this from traditional bugs that are much more software focused is that it of course is in hardware So there are some patches and some BIOS updates and stuff, and I'll get into that in just a minute, that helps to mitigate this But at the end of the day, we now live in a different era where hardware itself is being attacked on a very regular basis, which means that sure you can always download a new patch, but if there's something that's super fundamental to the actual hardware itself, it means, oh I need to buy a new processor or upgrade my computer

Now we're not quite to that point yet, but it is becoming a very scary time So we're definitely going to get into Nerd Town here, but the way that this all works is taking advantage of a feature known as speculative execution So essentially what this means is that modern processors, specifically on the Intel side, are always constantly trying to figure out what you're going to do before you actually do it So instead of saying, waiting for you to say, open Twitter, it might have portions of that loaded or on a much, much smaller scale, like little tiny bits and pieces But the issue here is a lot of times when it's wrong, it just throws out that data

Normally no problem, no harm, no foul, and your computer's faster However, people have found that you actually can take some of that junk data, which on a massive scale can end up being full of passwords or all kinds of stuff, and actually harvest it and then send it off to who knows where It's a really scary thing And the problem here is that it's taking advantage of very fundamental things which legitimately mean that we get a lot of performance out of our systems, or well, we lose a lot of performance if they're patched and deleted and removed Nothing like a bug, which not only can compromise your data but the only way to fix it is to make your computer way slower

That's not good That's not good at all Because this bypasses traditional software things such as antivirus as well as all kinds of different operating system level security features, what this means is it's just pulling data straight off of the CPU And while a lot of it is garbage, like I said, if you have enough of this stuff and you kinda parse through it, you can very regularly pull a lot of things that you absolutely do not want to get leaked This is something that is a big deal

So right now, this affects pretty much any Intel processor made in the last decade However, if you are using a phone with an ARM processor or if you have an AMD CPU, it actually doesn't seem to be affected just yet, but don't get too comfortable There are definitely more of these things that are coming in the future So Apple, Microsoft, and Google have all released patches, and a lot of the stuff is doing things like patching the JavaScript and patching the browsers themselves as well as operating system level tweaks, but at the end of the day, you still do need an actual BIOS update, which is coming from Intel, they've updated a lot of microcode, but still relies on your actual hardware vendor delivering a brand new BIOS update and for you to install it It's not as simple as turning on Microsoft Update and being done

You actually have to make sure that everything is properly updated from browser to OS to BIOS According to Intel, these patches mean that you're going to lose a little bit of performance So for the most part, it should be somewhere between three and nine percent which is certainly not insignificant However, according to Apple, it shouldn't be anything that's all that noticeable in a browser such as Safari, so it's kinda hard to say exactly how big of an impact this will have But there's no doubt that this is not speeding anything up

It's going to make things just a little bit slower However, that is not the full story So according to the security researchers who actually found this, that's actually not even going to do the entire fixing job that we need They actually recommend to turn off hyper-threading, and that is a big deal, as hyper-threading delivers a ton of performance to a CPU and if you lose that, well, you're losing like up to 40% of your processing power, so not good Now, according to Intel, this is not that big of an exploit where you have to turn off hyper-threading and lose that much performance

But Apple does disagree So while by default when you do all the most recent updates to macOS it still leaves it on, but they have introduced a feature where you can not only harden the code a little bit more but importantly you can turn off hyper-threading, which is great to make it a super, super secure system And then you say it's for people who are at elevated risk of keeping state secrets on your laptop or something, but it does mean that if you do it, you're going to lose a ton of performance And it just so happens that I have a MacBook in my bag that we can test with right now Yeah, see

You were wondering why I had the backpack on the whole time It's because I was waiting for it So to take advantage of this, you do need a Mac which is fully up to date with either Sierra, High Sierra, or Mojave What you can do is you can restart the system into recovery mode This is the point where I realize that my Mac is not up to date

So it turns out that trying to do a three gigabyte download while tethering is not the greatest idea, so it's the next day, I have my MacBook completely up to date now So we'll see if the security patch actually makes any kind of real difference to performance To do this, you will need to boot your Mac into recovery mode and then you'll need to put these two commands into Terminal, which I will have listed in the description But with that, we should now have multi-threading turned off So if I restart the system

So the way you tell if this actually worked is to open up System Report In the Hardware, you will see that Hyper-Threading now shows Disabled If you're running an earlier version of macOS, that won't even be an option So now, let's actually see how much performance we lose by hardening the system I just like saying hardening, it's just fun

So we'll let Geekbench do its thing Now I do want to stress this is not by any means a super scientific test, so obviously you would need to do this multiple times, I would want to use multiple systems I'm running on battery for consistency sake So take all of this stuff with a grain of salt But if hyper-threading makes as big of a difference as I know it should, it won't be like, oh it's like two percent off or something

We should be losing, again according to Apple, up to 40% of our multi-threading performance by doing something like this So our new score is 5,708 on single core which is basically identical And the multi score only went down to 23,000 as opposed to 25,000 So they had quoted a much, much bigger performance impact I almost feel like I want to spend more time with this because one slight advantage to this would be that, especially with the MacBooks, given how much they throttle, this actually might make a bigger difference

Okay, I feel like this is getting way outside the scope of this video, but even doing something like disabling hyper-threading in a very much best case scenario, not a big deal Wow, I'm legitimately really surprised That's crazy MDS and ZombieLoad are absolutely a new page in what will certainly be years of these brand new hardware vulnerabilities that everyone really needs to stay on top of My advice, as always, keep your operating system up to date, keep your browser up to date, and even pay attention to things like keeping your BIOS up to date

All of this stuff will make a big difference and just pay attention There's a lot of this stuff that will be coming out, and we will be doing as many videos as possible as these things kind of approach But I don't know It's not a good time for security There's a lot of really scary stuff that's coming up

And I know it's all fearmongering and stuff, but it is legitimately something to keep in mind, keep that stuff up to date, for real

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.