Friday, January 12, 2018

Intel Official Meltdown and Spectre Performance Decrease Spreadsheet

Intel Benchmark Table*



























Note: The data above is based on multiple runs and expected system benchmark variation is assumed to be +/- 3%. So 3% margin of error is huge for a system.


This number means nothing however without knowing the Confidence Interval.



*Get Full Spreadsheet PDF here
http://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Blog-Benchmark-Table.pdf

Intel Official Release :
https://newsroom.intel.com/editorials/intel-security-issue-update-initial-performance-data-results-client-systems/


Thursday, January 11, 2018

Amazon Phishing Email: Please verify your details

For the record, this is an Amazon phishing email attempt that is recently going around. What to do?  Report them, go to the bottom of page.

From: Amazon.ca [sales@derbyhotels.com]
Subject:  Please verify your details
Sent : Jan 10, 2018
Hello,
Based on your recent activity, a part of your details are missing or has been modified. To avoid any delays of your orders or account suspension, follow the link to update and verify your details.
Amazon Help Center Spam Link points to http://www.monduz.com/js/jquery.poptrox.php 
If needed, update your information with the card issuer
This can happen when you sign in for the first time on a new computer, phone or browser, when you use your browser's incognito or private browsing mode or clear your cookies.
 
Thank you for shopping at Amazon.ca,
  Amazon Customer Service


Microsoft SmartScreen 

Here's how the link look like in Outlook.com, it's wrapped in a SmartScreen forwarding URL that check for the validity and security of the link

https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.monduz.com%2Fjs%2Fjquery.poptrox.php&data=02%7C01%7C%7C9b8440e87fbb48ed2d6908d5586e5917%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636512153313293326&sdata=JjO2V1Gk9vdAxHR77mg9QDQUBTXCrjCf7N8gTJUDryI%3D&reserved=0

The actual link is 

http://www.monduz.com/js/jquery.poptrox.php


Here's how the phishing site looks

At the time of reporting this Microsoft's SmartScreen, reported this unsafe  and we get this screen. Protecting us from damage.





















IE is better than Google for phishing detection
If by chance you navigate to http://www.monduz.com/js/jquery.poptrox.php 


Google Chrome will let you to the site, where as in IE you get the above.

Using 
Microsoft's Internet Explorer the built-in SmartScreen will give you the above website unsafe message.

In Chrome, there's no such restrictions and the site looks like this. 






















How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the amazon.ca site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from amazon.ca.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 

Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.

Tuesday, January 9, 2018

Meltdown and Spectre Windows fix cause performance slowdown especially on Windows 7



As detailed today by Terry Myerson, Executive Vice President of the Windows and Devices Group.


1) With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.

2) With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.




3) With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.

4) Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

"For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation," Myerson said.

"Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel," the Microsoft exec added.

Based on the companys tests with Sysmark 2014 SE, 8th-generation Core platforms with an SSD inside will see a performance impact of 6 percent or less, Intel said, with specific test results showing a range from between 2 and 14 percent. The company said it did not have a comprehensive picture of how the patches would affect server workloads.²

Sources:
https://www.bleepingcomputer.com/news/microsoft/microsoft-performance-dip-on-old-windows-versions-due-meltdown-and-spectre-fixes/

² https://www.pcworld.com/article/3245742/components-processors/microsoft-tests-show-spectre-patches-drag-down-performance-on-older-pcs.html