-
Intel processor security flaw requires OS kernel level fix
Quote:
But there could be performance impacts of between 5 and 30 per cent depending on task.
Read more.
-
Re: Intel processor security flaw requires OS kernel level fix
If I receive a serious performance hit due to their blunder then I will be rightly furious and I can see some compensation claims coming their way. Although with that being said, on the flip side, if only Intel performance gets hampered with these fixes, then AMD have just closed the gap for free and the competition is back on!
Bittersweet.
-
Re: Intel processor security flaw requires OS kernel level fix
So which modern Intel CPU's don't suffer from this then if, as suggested in the article, I wanted to go out and buy a new processor to avoid the flaw?
As it seems to cover the i7 8700K which is a recent chip the answer may be none!? That's a bit of a shocker.
-
Re: Intel processor security flaw requires OS kernel level fix
I'm am heavily interested in the performance impact of Hypervisor Clusters. This could cripple or poison Intel in this market.
Quote:
Originally Posted by
Kanoe
So which modern Intel CPU's don't suffer from this then if, as suggested in the article, I wanted to go out and buy a new processor to avoid the flaw?
As it seems to cover the i7 8700K which is a recent chip the answer may be none!? That's a bit of a shocker.
They all do, just newer CPUs have less of a perf impact.
-
Re: Intel processor security flaw requires OS kernel level fix
Up to 30 percent will kill some cpu's, my mums atom based tablet is slow enough as it is lol.... maybe this is intel's way to force upgrade old pc's, it's not like we have any other reason to upgrade these days.
They've seen how well it works for apple by using the software to 'slow down' their older models for the benefit of it's users of course so they're now having a go at it under the guise of a bug fix.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
LSG501
Up to 30 percent will kill some cpu's, my mums atom based tablet is slow enough as it is lol.... maybe this is intel's way to force upgrade old pc's, it's not like we have any other reason to upgrade these days.
They've seen how well it works for apple by using the software to 'slow down' their older models for the benefit of it's users of course so they're now having a go at it under the guise of a bug fix.
Then they've hardly picked a good time with AMD at it's highest point for well over a decade and generally offering better value for most mid-high end users (the likes who will have the most to lose from this), Ryzen 2 coming and presumably their APU lineup will be getting fleshed out too.
As advertisements go it would hardly be a great incentive to upgrade your Intel CPU for another Intel CPU.
-
Re: Intel processor security flaw requires OS kernel level fix
30% is no joke. As someone who is on Sandybridge/Ivybridge/Haswell for my Workstation and Server/Gaming PC/Laptop this could have pretty significant ramifications for me if it hits workloads I use.
Goddamn it DDR4 memory manufacturers...
-
Re: Intel processor security flaw requires OS kernel level fix
I wouldn't say gaming might be unaffected based on the Phoronix tests, a lot of those games tested are either GPU bound or they are benching in 4k (why on earth 4k when testing CPU performance?).
And for windows gaming I'd wait to see what Microsoft does when they patch it.
-
Re: Intel processor security flaw requires OS kernel level fix
My 3570k is already flagged for a Ryzen replacement just waiting for DDR4 prices.
Hopefully this won't kill my performance too much as I need this to last another year at least.
Doesn't feel like a good time to be a PC owner but as I use it for productivity I have no other choice.
-
Re: Intel processor security flaw requires OS kernel level fix
so consumers need a 30% refund from Intel strictly in Sterling Pounds.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
lumireleon
so consumers need a 30% refund from Intel strictly in Sterling Pounds.
Perhaps they will give you a free Pentium, they might have a few that are hard to sell now ;)
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Percy1983
My 3570k is already flagged for a Ryzen replacement just waiting for DDR4 prices.
Hopefully this won't kill my performance too much as I need this to last another year at least.
Doesn't feel like a good time to be a PC owner but as I use it for productivity I have no other choice.
I know the feeling. Sadly I probably need to wait longer too - I was considering getting a cheap i7 for my board to keep me going before this news. Might as well not bother now...
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
cheesemp
I know the feeling. Sadly I probably need to wait longer too - I was considering getting a cheap i7 for my board to keep me going before this news. Might as well not bother now...
Yeah I nearly pulled the trigger on a top end IVB Xeon which was going for a decent price, so I also know the feeling.
-
Re: Intel processor security flaw requires OS kernel level fix
Notice how the news creeps out after Black Friday, Xmas and Boxing day sales, pretty cynical... With Ryzen now a viable alternative on both mobile and desktop, I think I'll stick to AMD.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
cheesemp
I know the feeling. Sadly I probably need to wait longer too - I was considering getting a cheap i7 for my board to keep me going before this news. Might as well not bother now...
Quote:
Originally Posted by
Biscuit
Yeah I nearly pulled the trigger on a top end IVB Xeon which was going for a decent price, so I also know the feeling.
If everybody takes the same approach then the prices of i7 / Xeons from the last few generations could tank pretty hard. If your usage doesn't happen to be hit too badly by the issue then this could end up being a win. Not sure how long it will take for the 2nd hand market to adjust though, probably have to wait for the Zen+ launch at least...
-
Re: Intel processor security flaw requires OS kernel level fix
Maybe this is the true reason Intel pushed out so many CPU's this year. If this flaw had come out before the release of the latest series then they pretty much would have had to pull and redesign it.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
this_is_gav
Then they've hardly picked a good time with AMD at it's highest point for well over a decade and generally offering better value for most mid-high end users (the likes who will have the most to lose from this), Ryzen 2 coming and presumably their APU lineup will be getting fleshed out too.
As advertisements go it would hardly be a great incentive to upgrade your Intel CPU for another Intel CPU.
The sad thing is that no matter how much amd improves intel still has a similar standing as Apple in the eyes of a normal consumer when it comes to pc's, plus it's not like most consumers are even going to know about this bug.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
The Hand
With Ryzen now a viable alternative on both mobile and desktop, I think I'll stick to AMD.
Under Linux the patch to keep full performance on AMD chips has yet to be accepted. Hopefully the Microsoft patch won't needlessly afflict us, or will be as easy to disable as the Linux workaround (a command line option in the boot options).
https://www.phoronix.com/scan.php?pa...inux-4.15-Test
-
Re: Intel processor security flaw requires OS kernel level fix
ah thank you intel. I've been trying to put together a case to my wife as to why we need to upgrade our aging i7 to a ryzen system. Et voila, here it is. :D
Not much I can do about my laptop though. Just going to have to take a hit. And given how much the drop in i7 paired with NVMe appears to be in those preliminary tests, I'm rather worried what it will look like.
-
Re: Intel processor security flaw requires OS kernel level fix
Disappointing. I guess I'll have to recommend Team Red from now on, even for those who have the extra money to spare.
-
Re: Intel processor security flaw requires OS kernel level fix
Intel's share price has just fallen by nearly 4% and AMD's has just risen over 6% just on the NASDAQ opening a couple of minutes ago. It might be short lived but looks like this news is registering to a degree.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
The Hand
Intel's share price has just fallen by nearly 4% and AMD's has just risen over 6% just on the NASDAQ opening a couple of minutes ago. It might be short lived but looks like this news is registering to a degree.
This is a little more than the usual cynical flip flopping that goes on with share prices though, I think it might have a longer life we commonly see.
-
Re: Intel processor security flaw requires OS kernel level fix
Not all Intel CPUs are affected by this bug, it depends on the version of IME used afaik. Anyway, you can check if your CPU is one of those affected, https://downloadcenter.intel.com/download/27150
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
Thanks for the link. My system's not affected.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
Workstation: Not Vulnerable with a Gigabyte Z77-UD5 and E3 1230
Gaming PC: Not Vulnerable with a ASRock Z77 Extreme4-M and i5 3570K
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
Some good news at least, my i5 Laptop is not affected, thanks for the link!
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
Is the IME flaw not a completely separate issue to this? AFIAK the IME flaw needed a motherboard BIOS update to fix. This kernel flaw needs an OS patch to fix. I think you might have your wires crossed on this one.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
I could be wrong but isn't this tool testing for a different vulnerability, i.e. Management Engine issues, whereas this is a new vulnerability in the way the CPU handles cached Kernel memory during speculative execution.
Just what I picked up from the el reg article
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
The Intel Management Engine bug isn't the same thing. Reading this article it seems the bug is likely to do with speculative execution. I've read elsewhere, but can't now find a source, that the speculative exection functions in Intel processors are largely unchanged since the Pentium II and all their processors dating back that far could be affected - truckload of salt required for that rumour though!
First the IME bug and now this - not a good time for Intel. I seriously doubt this will have any long term impact though; Intel will continue to dominate the x86 market and this will be largely forgotten in a few months.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
That appears to test for the management engine vulnerability, not this vulnerability.
Edit: lol, from so many posts saying the same thing I guess it takes a few minutes to read that security advisory.
-
Re: Intel processor security flaw requires OS kernel level fix
-
Re: Intel processor security flaw requires OS kernel level fix
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
yeeeeman
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
Fine if you want to run the risk of your machine being used as a bot or remote mining! :)
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
yeeeeman
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
:shocked2: :shocked2:
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
yeeeeman
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
you won't update because you have nothing to hide...:shocked2: Why?
-
Re: Intel processor security flaw requires OS kernel level fix
It appears that Intel CPUs since Westmere include something called PCID (Process-Context Identifier) that helps mitigate the effects to some extent - although the fixes have to consider this instruction set extension, and thus might be coming later than the "quick" fix that'll come out this month.
It seems the bug kills SSD performance massively, if you are a hard SSD user. Bad news for some.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
sykobee
It appears that Intel CPUs since Westmere include something called PCID (Process-Context Identifier) that helps mitigate the effects to some extent - although the fixes have to consider this instruction set extension, and thus might be coming later than the "quick" fix that'll come out this month.
It seems the bug kills SSD performance massively, if you are a hard SSD user. Bad news for some.
So in actual fact, very few "core" chips are in the "you MUST upgrade" catagory, and those that are, are so old that really those people should be considering an upgrade anyway?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
sykobee
It seems the bug kills SSD performance massively, if you are a hard SSD user. Bad news for some.
I suspect it kills all disk I/O massively, but it's less noticeable with hard drives as they're already slow.
-
Re: Intel processor security flaw requires OS kernel level fix
So, if I ran that file and it says I'm vulnerable, what do I actually have to do to fix that?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Hoonigan
So, if I ran that file and it says I'm vulnerable, what do I actually have to do to fix that?
Hope that your motherboard manufacturer has pushed out the update IME software
https://hexus.net/tech/news/mainboar...lnerabilities/
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Biscuit
This is a little more than the usual cynical flip flopping that goes on with share prices though, I think it might have a longer life we commonly see.
Yes, that might be the case. Intel back to 4% down and AMD up 7% now.
Edit:
BBC News have finally got an article up:
http://www.bbc.co.uk/news/technology-42553818
"Intel did not respond to requests for comment"
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
DanceswithUnix
That appears to test for the management engine vulnerability, not this vulnerability.
Edit: lol, from so many posts saying the same thing I guess it takes a few minutes to read that security advisory.
Apologies. So there is now another hardware level bug with Intel CPUs? I guess we all now know why AMD CPUs have run slower, because they're actually doing things properly it seems. I definitely think I'll be upgrading to AMD next round.
Quote:
Originally Posted by
Biscuit
So in actual fact, very few "core" chips are in the "you MUST upgrade" catagory, and those that are, are so old that really those people should be considering an upgrade anyway?
My 2600k is doing just fine for everything I do with my PC :P
-
Re: Intel processor security flaw requires OS kernel level fix
I'm really glad I decided on ryzen.
-
Re: Intel processor security flaw requires OS kernel level fix
It probably explains why the intel ceo sold 11 million in shares just last month....https://www.nystocknews.com/2017/12/...poration-intc/
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
outwar6010
That's a juicy story.. Yes great timing there! The Intel cpu security flaw story is the most read on the BBC news site now.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
outwar6010
..you don`t seriously mean- no, can`t be related surely...
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
yeeeeman
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
Well, if you don't mind the hackers gaining access to protected memory areas which hold secure data such as passwords, banking details etc, then you are correct. Why not post all that info on Twitter and save them the trouble of hacking you :P
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
s_ATI_sfied
Well, if you don't mind the hackers gaining access to protected memory areas which hold secure data such as passwords, banking details etc, then you are correct. Why not post all that info on Twitter and save them the trouble of hacking you :P
Because then they won't be able to mine cryptocurrency at his expense :D
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Biscuit
So in actual fact, very few "core" chips are in the "you MUST upgrade" catagory, and those that are, are so old that really those people should be considering an upgrade anyway?
Hmpf.. the 950 performs perfectly well thank you.. though maybe at -30% I could be persuaded to upgrade. X5680 here I come...
-
Re: Intel processor security flaw requires OS kernel level fix
Really could do with an overview of the type of tasks this affects. If they're everyday tasks that don't strain the CPU then it doesn't matter (to me), however if it's going to noticeably slow down tasks that already use up all the performance of the CPU then it's a bloody big deal!
-
Re: Intel processor security flaw requires OS kernel level fix
"or go buy a new processor without the design blunder" such as? AMD only? Crikey
I don't feel like giving more money to the saudis
-
Re: Intel processor security flaw requires OS kernel level fix
What a bizarre thing to say. AMD is a publicly traded American company - if you want to avoid giving money to a certain country at any point in the supply chain for whatever strange reason, you better avoid Intel too and go live in the woods or something. Certainly stay away from any plastics or petroleum products!
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
kalniel
Hmpf.. the 950 performs perfectly well thank you.. though maybe at -30% I could be persuaded to upgrade. X5680 here I come...
I said "considering", and I'm going to go out on a limb and suggest that the thought has crossed your mind even before this announcement
Quote:
Originally Posted by
Iota
My 2600k is doing just fine for everything I do with my PC :P
Sandybridge is post Westmere
-
Re: Intel processor security flaw requires OS kernel level fix
TBF it's probably not going to be as bad as 30%, or even 10%, in consumer workloads. The way I understand it at the moment (which is admittedly from skim-reading a couple of articles), this first round of patches is more of an emergency fix with the possibility of better-optimised workarounds coming later? A couple of demanding consumer workloads such as gaming and video encoding don't seem to be too badly affected according to Phoronix's tests, though of course they're Linux so it could be different on Windows.
I'm very interested to see this put to the test though! And furthermore, if any future patches do improve things, it's only fair to post updated results when they're available.
-
Re: Intel processor security flaw requires OS kernel level fix
Story has been updated with an official response from Intel:
Intel has officially responded to the security flaw reports in an email to HEXUS and via its official Newsroom Blog. In a nutshell it has issued a denial of sorts, saying that any exploits via flaws are not unique to Intel products. It then mentions how it is working closely with the likes of AMD, ARM Holdings and several operating system vendors to solve the issues discussed in the news above. Below is an excerpt of the statement for your convenience, or you can digest the full Intel blog post at the link above.
"Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Snip
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers."
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
mtyson
Story has been updated with an official response from Intel:
Intel has officially responded to the security flaw reports in an email to HEXUS and
via its official Newsroom Blog. In a nutshell it has issued a denial of sorts, saying that any exploits via flaws are not unique to Intel products. It then mentions how it is working closely with the likes of AMD, ARM Holdings and several operating system vendors to solve the issues discussed in the news above. Below is an excerpt of the statement for your convenience, or you can digest the full Intel blog post at the link above.
<snip>
The cynic in me wonders if this is a damage limitation exercise given the volatility in the Intel share price.
On the other hand, there has been a lot of speculation about the effects of the patch and the risks of the ‘exploit’ and lets face it, bad news is good news for some media outlets - nothing like a bit of sensationalism to generate readers.
So it will be interesting to see what the real world effects are wh3n the patches are released - presumably next week.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
mtyson
Story has been updated with an official response from Intel:
Intel has officially responded to the security flaw reports in an email to HEXUS and
via its official Newsroom Blog. In a nutshell it has issued a denial of sorts, saying that any exploits via flaws are not unique to Intel products. It then mentions how it is working closely with the likes of AMD, ARM Holdings and several operating system vendors to solve the issues discussed in the news above. Below is an excerpt of the statement for your convenience, or you can digest the full Intel blog post at the link above.
"Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Snip
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers."
Didn’t AMD come out when this story broke and state it didn’t affect their products?
-
Re: Intel processor security flaw requires OS kernel level fix
How come it took them so many years to find this flaw ?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
OilSheikh
How come it took them so many years to find this flaw ?
Probably because no-one was looking for it. I guess it was stumbled on by chance. There has been a lot of work recently in reverse engineering the Intel Management Engine and this could have come to light during that work (even though the two seem to be otherwise unrelated)
Lots of bugs have been around a long time. The shell shock bug was around for 30 years without causing problems, and was only discovered when other software advances started using that particular shell command in novel ways.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
Which workloads, and define "average computer user". Also mitigated over time, in what manner? Software? Buying more Intel products with higher IPC?
In light of what AMD has already stated
Quote:
AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against.
, I assume Intel have asked them for advice on how to resolve the problem, seeing as AMD CPUs are not affected in the same way.
-
Re: Intel processor security flaw requires OS kernel level fix
I've read (no idea how true this is so please don't quote me) this may affect some non-x86 CPUs in a similar way. Intel's statement therefore doesn't necessarily contradict the ones from AMD or Linux commits.
-
Re: Intel processor security flaw requires OS kernel level fix
Intel haven't said AMD are effected but have managed to drag their name into the story to make consumers unsure
No surprise there
-
Re: Intel processor security flaw requires OS kernel level fix
-
Re: Intel processor security flaw requires OS kernel level fix
There's a lot going on with this story
https://www.wired.com/story/critical...ost-computers/
Quote:
On Wednesday evening, a large team of researchers at Google's Project Zero, universities including the Graz University of Technology, the University of Pennsylvania, the University of Adelaide in Australia, and security companies including Cyberus and Rambus together released the full details of two attacks based on that flaw, which they call Meltdown and Spectre.
"These hardware bugs allow programs to steal data which [is] currently processed on the computer," reads a description of the attacks on a website the researchers created. "While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs."
Although both attacks are based on the same general principle, Meltdown allows malicious programs to gain access to higher-privileged parts of a computer's memory, while Spectre steals data from the memory of other applications running on a machine. And while the researchers say that Meltdown is limited to Intel chips, they say that they've verified Spectre attacks on AMD and ARM processors, as well.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
marshalex
Didn’t AMD come out when this story broke and state it didn’t affect their products?
Hmmm, not exactly ... they stated that their products weren't vulnerable to the specific attack vector that the OS kernel patches were addressing. That doesn't mean they're not vulnerable to attacks that probe kernel memory in other ways.
Of course, the real issue here is that while the vulnerabilities are unpatched/unfixed, no company can talk about the details of any attack vector or potential mitigation, which means everything is necessarily vague and rumour-ish. So perhaps AMD do have similar vulnerabilities, and those are not addressed by the current patches - which means they will remain exploitable...
-
Re: Intel processor security flaw requires OS kernel level fix
oh don't say that! if noones chips are ok we'll be forced to go back to more simple ones. So time to blow the dust off the old P4 and pentium M. knew I'd kept them for a reason.
-
Re: Intel processor security flaw requires OS kernel level fix
And more https://www.nytimes.com/2018/01/03/b...ter-flaws.html
Quote:
According to the researchers, including security experts at Google and various academic institutions, the Meltdown flaw affects virtually every microprocessor made by Intel, which makes chips used in more than 90 percent of the computer servers that underpin the internet and private business operations.
The other flaw, Spectre, affects most other processors now in use, though the researchers believe this flaw is more difficult to exploit. There is no known fix it.
https://www.cnbc.com/2018/01/03/amd-...its-chips.html
Quote:
To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.
Beware of deliberately vague Intel damage control PR!
Read all three variants - they are *NOT* equally severe or exploitable, not even close.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
ik9000
oh don't say that! if noones chips are ok we'll be forced to go back to more simple ones. So time to blow the dust off the old P4 and pentium M. knew I'd kept them for a reason.
AFAIK P4 and Pentium M were Out of Order processors, so are potentially vulnerable. Atoms prior to Bay Trail, OTOH, should be fine ;)
Quote:
Originally Posted by
watercooled
... Beware of deliberately vague Intel damage control PR!
Read all three variants - they are *NOT* equally severe or exploitable, not even close.
I've just been catching up on all that on twitter. Essentially both statements are true. There's an apparently Intel-specific exploit that's being patched, and a general OoO execution exploit that also affects AMD and ARM (and potentially VIA's Nano processors?). So, yes, some of the exploits do affect AMD and ARM, and yes, AMD is not vulnerable to the exploit that is being kernel patched.
Clear? ;)
-
Re: Intel processor security flaw requires OS kernel level fix
Completely, the important bit I was trying to point out is they are different exploits and not of equal severity - and it seems like Intel are being deliberately vague to imply (yet not actually say, incorrectly) that AMD are equally vulnerable. AMD released an official response to it after the media jumped on Intel's statement.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
watercooled
Completely, the important bit I was trying to point out is they are different exploits and not of equal severity - and it seems like Intel are being deliberately vague to imply (yet not actually say, incorrectly) that AMD are equally vulnerable. AMD released an official response to it after the media jumped on Intel's statement.
Indeed, trying to make AMD guilty by association. Cheap trick.
-
Re: Intel processor security flaw requires OS kernel level fix
BBC are now lumping AMD in with Intel in their reporting of the issues and are not making the distinction between the different vulnerabilities just to help add to consumer confusion. AMD can just never catch a break.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
spacein_vader
Quote:
Originally Posted by
watercooled
Completely, the important bit I was trying to point out is they are different exploits and not of equal severity - and it seems like Intel are being deliberately vague to imply (yet not actually say, incorrectly) that AMD are equally vulnerable. AMD released an official response to it after the media jumped on Intel's statement.
Indeed, trying to make AMD guilty by association. Cheap trick.
Welcome to Intel.
-
Re: Intel processor security flaw requires OS kernel level fix
Official statement from AMD on what processors are effected by what variants, same from ARM, nothing from Intel so far.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Iota
define "average computer user".
Those that use computers for email and web browsing, buy one because they 'like the colour' and buy one because 'the helpful chap in PC World said it was the bestest ever and I needed it in my life'.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Corky34
Basically AMD have show themselves to be the least vulnerable from these and the vulnerability they do have will have a minimal performance risk, still no news on what specifically ARM is vulnerable to. But if Intel is the only company vulnerable to Meltdown then they are in a very big frying pan because:
"There is a critical security flaw in our processors meaning that unprivileged user applications can gain access to all privileged resources, even those on another VM in a Hypervisor stack and there needs to be nearly 1/3 of your processors performance carved out to fix it".
I'm sure Intel will recover, they always do. What will be frustrating is two things, testing and Benching of Intel chips need to be confirmed to be using the latest OS version with the Meltdown patch and hardcore Intel fanboiism might ignore that there was even an issue in the first place. Discussing it with one of my friends and he flat out disbelieves that fixing Meltdown will not cause any performance issues just because it's an Intel processor...
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Tabbykatze
Basically AMD have show themselves to be the least vulnerable from these and the vulnerability they do have will have a minimal performance risk, still no news on what specifically ARM is vulnerable to....
Seems so with AMD, ARM have listed what processors are vulnerable to what variants in the link i posted, to varying degrees it's the Cortex-R7, R8, A8, A9, A15, A17, A57, A72, A73, A75.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Corky34
Seems so with AMD, ARM have listed what processors are vulnerable to what variants in the link i posted, to varying degrees it's the Cortex-R7, R8, A8, A9, A15, A17, A57, A72, A73, A75.
Wow, I have an acute condition of baby brain, how did I not see the ARM link, my bad!
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Tabbykatze
I'm sure Intel will recover, they always do. What will be frustrating is two things, testing and Benching of Intel chips need to be confirmed to be using the latest OS version with the Meltdown patch and hardcore Intel fanboiism might ignore that there was even an issue in the first place. Discussing it with one of my friends and he flat out disbelieves that fixing Meltdown will not cause any performance issues just because it's an Intel processor...
Processor fanboys aren't Intels problem, particularly as it seems light desktop work and gaming are going to be impacted only lightly performance wise. Their big issue is going to be the big cloud hosts and VM providers. Things like database writes and some heavy compute work gets the biggest performance hit and the likes of Amazon AWS and Microsoft Azure will feel the difference hugely. Their respective top teams will NOT write it down to experience just "because Intel". They'll be out for blood (and by blood I mean cash.) There'll either be some very big sueballs launched by them or more likely, some VERY deep and long lasting discounts on any new Intel kit they order.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
spacein_vader
Processor fanboys aren't Intels problem, particularly as it seems light desktop work and gaming are going to be impacted only lightly performance wise. Their big issue is going to be the big cloud hosts and VM providers. Things like database writes and some heavy compute work gets the biggest performance hit and the likes of Amazon AWS and Microsoft Azure will feel the difference hugely. Their respective top teams will NOT write it down to experience just "because Intel". They'll be out for blood (and by blood I mean cash.) There'll either be some very big sueballs launched by them or more likely, some VERY deep and long lasting discounts on any new Intel kit they order.
I imagine it would be big sueballs as discounts don't return their money there and then. If we take it as worst case then 30% of AWS and Azures performance was just destroyed in one single sweep. For a single PC, 30% is a lot but manageable but across billions of dollars of cloud infrastructure, I don't think discounts will cut it.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
spacein_vader
or more likely, some VERY deep and long lasting discounts on any new Intel kit they order.
But that's the problem - they'll probably still order intel, so in terms of boosting AMD, it won't, not in the same way that switching camps would do.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Tabbykatze
I imagine it would be big sueballs as discounts don't return their money there and then. If we take it as worst case then 30% of AWS and Azures performance was just destroyed in one single sweep. For a single PC, 30% is a lot but manageable but across billions of dollars of cloud infrastructure, I don't think discounts will cut it.
Maybe refunds rather than discounts then. I imagine Intel would rather do that quietly with each big supplier than publically get sued by them.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
scaryjim
AFAIK P4 and Pentium M were Out of Order processors, so are potentially vulnerable. Atoms prior to Bay Trail, OTOH, should be fine ;)
Yep, according to the beeb it affects all processors going back as far as 1994 - not sure which exploit and how true that is, but what would that even be? An old 286?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
spacein_vader
Processor fanboys aren't Intels problem, particularly as it seems light desktop work and gaming are going to be impacted only lightly performance wise. Their big issue is going to be the big cloud hosts and VM providers. Things like database writes and some heavy compute work gets the biggest performance hit and the likes of Amazon AWS and Microsoft Azure will feel the difference hugely. Their respective top teams will NOT write it down to experience just "because Intel". They'll be out for blood (and by blood I mean cash.) There'll either be some very big sueballs launched by them or more likely, some VERY deep and long lasting discounts on any new Intel kit they order.
There are some big assumptions here.
Database accesses are slowed down by going through the loopback 127.0.0.1 network stack because code is written to assume that is fast but bouncing off the kernel is now expensive. Attaching to a remote database server will include more work in the network stack, wire delays and fewer kernel transitions, so probably won't be impacted as much. So databases might be impacted on a case by case basis.
Phoronix showed compiling code to be hard hit, but on Windows it won't be. Why? Linux assumes reading lots of small files is cheap so that is what you do, on Windows it never was cheap so the compiler crunches all those little header file reads into pre-compiled headers resulting in magnitudes less filesystem access.
My gut feeling is that gaming is the other way around, Linux works differently and also has all sorts of porting crud in the way so won't be hurt much, but AIUI Windows will be hurt more as it has more of the driver in kernel space.
I got the impression that Windows fast track update already had the patch, are there not benchmarks floating around already?
-
Re: Intel processor security flaw requires OS kernel level fix
The register claims that the windows patch is available here:
https://support.microsoft.com/en-us/...date-kb4056892
Since intel have known since june, it's odd that the 8700k is affected so badly. I smell a class action lawsuit...
Quote:
Originally Posted by
ik9000
But that's the problem - they'll probably still order intel, so in terms of boosting AMD, it won't, not in the same way that switching camps would do.
For a VM provider epyc offers more cores per dollar, and supports more memory, and AMD hasn't been shipping systems with this glaring bug for months.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
ik9000
But that's the problem - they'll probably still order intel, so in terms of boosting AMD, it won't, not in the same way that switching camps would do.
Agreed, the main issue is that there is little/no optimisations for AMDs product sector at the moment. But this might spark developers to more aggressively push to optimise for AMD because of this.
-
Re: Intel processor security flaw requires OS kernel level fix
Should this invalidate all those intel benchmarks then? and if not then all the benchers are going to be trying to use the old o/s's prior to the fix to get that extra little bit out of it.
Whats the rules on those sort of things? are there any?
-
Re: Intel processor security flaw requires OS kernel level fix
Is it me or is anandtech.com surprisingly silent on this at the moment? Apart from a small twitter thread suggesting it probably isn't that bad (not entirely anandtech's comments) there doesn't seem to be much on their website that I can find. Odd no?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
rabidmunkee
Should this invalidate all those intel benchmarks then? and if not then all the benchers are going to be trying to use the old o/s's prior to the fix to get that extra little bit out of it.
Whats the rules on those sort of things? are there any?
not sure, but I'll be benchmarking my systems intensively this weekend at stock and OC before installing any patches so I can do a compare and contrast once the patches are installed. I'm most concerned about my laptop which I paid a good whack for to get something that could handle low-latency sound recording. If that suffers I will not be amused.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
ik9000
Is it me or is anandtech.com surprisingly silent on this at the moment? Apart from a small twitter thread suggesting it probably isn't that bad (not entirely anandtech's comments) there doesn't seem to be much on their website that I can find. Odd no?
Not all that odd really. :p
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Biscuit
Not all that odd really. :p
Surely, you don't mean... you don't do you? Not anandtech, surely?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
rabidmunkee
Should this invalidate all those intel benchmarks then? and if not then all the benchers are going to be trying to use the old o/s's prior to the fix to get that extra little bit out of it.
Whats the rules on those sort of things? are there any?
Basically the benches still apply but they could be invalidated by this update. Because of the uncertainty of the performance metrics being untainted by the Kernel Page Isolation then taking any Intel benchmark prior to the patch at face value would be a bad idea. I would imagine all the major testers and benchers are wondering if they're going to have to re-do all of their benchmarks just to update their scoreboards.
Because if games are going to be relatively unaffected, that's one thing but users don't always use their computers for one thing. I use my computer for compiling, video editing and manipulating databases as well as games so actually this patch could affect me a lot (using AMD so unlikely). Benchmarks these days aren't just games, i mean both Hexus and TTL have game benchmarks in but they are not the main part of the review any more. It's all the sisoft, PCMark and other raw curnchable data benches.
To me, I will be looking at every benchmark and subtracting ~25% from the performance on Intel vs AMD as a ballpark until its confirmed how much of an impact is where.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
ik9000
Surely, you don't mean... you don't do you? Not anandtech, surely?
Can I get a cheer from everyone who looks at anandtech for impartial reviews.....
https://i.ytimg.com/vi/_QR9QP0Rjsc/maxresdefault.jpg
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Biscuit
I said "considering", and I'm going to go out on a limb and suggest that the thought has crossed your mind even before this announcement
Heh, only for the last two years or so. But I literally pushed the button last night (though immediately regretted not going for a x5675 instead, but oh well :p)
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Xlucine
Since intel have known since june, it's odd that the 8700k is affected so badly. I smell a class action lawsuit...
Turn around on silicon is slow. Months to prove a fix, then 3 months for production silicon at the new mask rev level to turn up in the market place.
-
Re: Intel processor security flaw requires OS kernel level fix
There's a Youtube video giving some before & after benchmarks following the emergency Windows patch:
https://www.youtube.com/watch?v=_qZksorJAuY
Edit!
As they mention in the video, they don't look at server loads in their assessment, but I think that won't be too much of a concern for most people on this Forum...
-
Re: Intel processor security flaw requires OS kernel level fix
No drop in games performance then, nice.
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
DanceswithUnix
No drop in games performance then, nice.
Not on the 8700k, at least. I guess it's possible other Intel CPUs may be more seriously affected...
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
MrJim
Not on the 8700k, at least. I guess it's possible other Intel CPUs may be more seriously affected...
Thats what I was thinking. Be interesting to see how Core2 and Gen1-Gen3 Core i chips have been affected
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
DanceswithUnix
Turn around on silicon is slow. Months to prove a fix, then 3 months for production silicon at the new mask rev level to turn up in the market place.
This got me thinking - anyone have a reasonable guess as to how easy this will be to fix in new processors? New stepping, new model or entirely new architecture to sort it out? Mainly wondering how the Intel roadmap is likely to be affected - can they afford to release their next batch of CPUs (Cannonlake?) with the problem still there on the basis that OS updates have kind of, sort of fixed it anyway?
-
Re: Intel processor security flaw requires OS kernel level fix
Quote:
Originally Posted by
Lanky123
This got me thinking - anyone have a reasonable guess as to how easy this will be to fix in new processors? New stepping, new model or entirely new architecture to sort it out? Mainly wondering how the Intel roadmap is likely to be affected - can they afford to release their next batch of CPUs (Cannonlake?) with the problem still there on the basis that OS updates have kind of, sort of fixed it anyway?
I would suspect because they're already in their final stages, Intel will continue with their deployment because in actuality these issues don't affect the commercial market too much anyway. However, on the Server and Corporate side of things, I expect a large lashback against Intel and Intel may have to actually hold back their server arm to fix these flaws. No company wants to buy a processor with a potential 30% speed dump in their applications or run a security risk.