The serious bugs of Specter and Meltdown discovered recently in processors of AMD and Intel do not affect in any way the family consoles of Xbox such as Xbox One/One S and Xbox One X. The confirmation comes directly from Mike Ybarra of Microsoft.
Hmm, doesn't make sense considering specter pulls kernal level data direct from the CPU. I suspect mike ybarra is wrong, or maybe he just was referring to meltdowb, which would be the case anyway as that only effects intel CPUs.
AMD processors in general are immune to meltdown, at least as far as Google knows. They coulnd't get in that way. It's only specter that could affect AMD systems, and preventing it is a simple OS update. I'd sotra expect the Xbox to be either immune to both, or immune to meldown and easily patched to be immune to specter just based on the fact that it's AMD hardware, before even getting into architectural differences
I suppose assuming Java is the only implementation (it is not, that is just what other browsers are doing to resolve this short term bandaid basically) It also helps that the xbox one has a curated software library. The issue is, the vulnerability is not limited to java or manual downloads, it could accidentally be installed onto a flash drive, (unlikely, but possible) transmitted via Windows SMB, or other network sharing formats, making it a much bigger concern in conglomeration with a router that has been infected (much more common that you would expect) these things are not addressed in current windows patches, even the ones specifically for meltdown and spectre. However, what is being ignored even further is the reality that an infect phone or tablet are far more likely and can easily effect other devices on the network in quite a few easy ways, especially if you have certain interfacing software between your devices. Frankly, I don't think there is or will be a fix for spectre software-wise generally speaking, just being generally attentive.
Keep in mind that the CPUs in all the recent consoles are evolved versions of the AMD Steamroller/Piledriver/Bulldoz er architecture. I doubt they are even capable of speculative execution, which is probably why they are immune to Meltdown. Avoiding Specter would just be an OS patch. Heck, the console OS may have already been safe.
Actually Jaguar is more closely related to Athlon / Athlon II / Phenom.
Due more to the OS and software than the actual hardware. I'm sure the physical CPU's themselves are still vulnerable.
This, although it might be possible to actually take advantage of it on your own Xbox One using the developer mode and creating your own Xbox One app. That won't have any purpose as a hack / vulnerability for regular users though.
This is my point, I think obviously they are fully immune to meltdown due to hardware architecture, though I find it hard to believe they can fully discount spectre. I do think it is much more secured than it would be on a standard OS, but I can think of multiple ways it could still be implemented, though I HIGHLY doubt anyone would waste the time to target individual machines with spectre, especially individual machines that are more secure than a standard windows PC that has far more information potentially accessible. My only point is, I think the title of this article is wrong, specifically the word "immune," especially since even ybarra himself did not use that phrasing, because, it just isn't true. I think a far more accurate title would be to quote the tweet itself, not make a false conclusion and make your own title. Further, I would actually even go further and suggest that Xbox actually may be the most vunerable of the 3 consoles due to certain features it has and how they are implemented, though to be clear, they are all FAR more secure than a standard PC and frankly, I would say the risk is almost zero, for a well-informed user, even on a personal/individual windows PC.
Generally a bug which is started by software would only be executed if said software actually existed on the system. Since code that affects the hardware on the system has to be signed, it's highly unlikely that you'd ever see a bug like this come to the console since it'd be found during the "signing" process. Potentially, it could be initiated by a web browser intrusion, however, given the nature of the hypervisor implementation of OS related tasks on the system, it's highly unlikely it would crash the hardware, although it could potentially cause the system to crash as it shuts down to prevent damage. However, given the deeper software layer protection against the hypervisor, the application trying to run the malicious code would likely just be shut down first. I don't know the specific way that these bugs are sent to hardware, so can't say for sure, but I'd imagine that if the bug itself executes on standard hardware calls to the x86 processors from either CPU maker, then it's not immune. However, I can say that the symptoms are likely never to show up, because infection would never happen. I guess if the hardware itself is immune, or if it's just the nature of the OS and software layer that make it immune are pointless to actually consider, as the end result is that people are unlikely to have to face the bug on their systems. It can make for an interesting and informative technical discussion though.
amd is in a much better position at the moment, even the patch for intel and other cpu's(not amd) are bandaid fixes with more patches to come to improve the performance hits the initial patches will cause and chances are even the software patches can be hacked as well since now every hacker knows every thing they need to know to exploit it, we dont even know the extent of the damage that could be caused now that everyone hacker knows how to hack it and how to hack the fix, ryzen doesnt have this issue, they just need a patch to the os or from amd which should arrive jan 9th and its a simple fix with no degradation in performance, and if im not mistaken a amd tech found this issue in intel and other cpu's and let it out.. threadripper and the newest ones dont have neither problem and are fully secure and all future ryzen as well. all apple and imacs and iphones are affected, many android phones as well. intel screwed the pooch on this. amd ryzen is the way to go, you can get a 1800x for 350
AMD CPUs are vulnerable to Spectre. So far, it appears they're not vulnerable to Meltdown, which is the worse of the two. So there will be some impact to performance. How much remains to be seen, but it will most likely be less than Intel's hit. That's assuming that OS changes don't force both Meltdown and Spectre fixes on all 64-bit x86 CPUs. I'm sure Intel would love to talk Microsoft into that, and Microsoft in turn would probably love not to have to keep two separate code paths for this security functionality. So, we'll see what shakes.
Also immune to exclusive
Any opportunity to brag about their hardware and distract from their lack of exclusives I guess.
Glad about that!
In other news, Titanic is unsinkable and Kanye West is the Jesus of our time. This goes for any console: the moment you strut your arrogance is the moment you invite chaos. Don't be surprised if this sets off "hold my beer" moments across the world just to prove Ybarra wrong. It's a console. A piece of technology that connects to the internet. If you are willing to take this statement at face value, you are naive. This is not to say it will happen, but all it takes is someone with enough willpower and aptitude to take this as a challenge. Microsoft seems to have forgotten that satellites have been hacked. Exploiting vulnerabilities in an Xbox or a PlayStation are far likely to be much simpler work.
Well, it is AMD, which is so far claimed not to be vulnerable to Meltdown. However Spectre affects AMD CPUs, Spectre compromises virtualization, and the Xbox One uses virtualization. (OS runs in a hypervisor.) So . . . eh? Who knows? I have a feeling we're all wide open to all sorts of attacks all the time. By the time one hole is discovered and plugged, the dark underbelly of the webs is punching another with something still hidden from most of us. The security establishment is always playing catch-up.
Truth. Vulnerability patches are rarely ever preemptive and most often done in response to an identified issue. In this case, hackers will likely be searching to exploit the hardware in ways that may or may not involve Spectre. And I'm reasonably confident that there are hackers who will take this statement as a direct challenge.
Xbox uses virtualization, as does PS4, but at the same time, the ability to change system parameters, or protected files(which are pretty much everything on these systems), is highly controlled through multiple layers of virtualization. While not impossible, it'd take quite an effort to get one hypervisor to affect another hypervisor, which in turn would somehow affect extremely protected aspects of the system. It's not to say that it isn't possible, but the chances of it happening are slim to none, and would require quite a bit of knowledge of the inner workings of the OS and how the hypervisors are set up. Even well respected developers aren't given that information, and while it'd be possible to reverse engineer that stuff, the question remains, who is going to bother?
And Mike wouldnt lie XD
N4G is a community of gamers posting and discussing the latest game news. It’s part of NewsBoiler, a network of social news sites covering today’s pop culture.