Read more.Quote:
But there could be performance impacts of between 5 and 30 per cent depending on task.
Printable View
Read more.Quote:
But there could be performance impacts of between 5 and 30 per cent depending on task.
If I receive a serious performance hit due to their blunder then I will be rightly furious and I can see some compensation claims coming their way. Although with that being said, on the flip side, if only Intel performance gets hampered with these fixes, then AMD have just closed the gap for free and the competition is back on!
Bittersweet.
So which modern Intel CPU's don't suffer from this then if, as suggested in the article, I wanted to go out and buy a new processor to avoid the flaw?
As it seems to cover the i7 8700K which is a recent chip the answer may be none!? That's a bit of a shocker.
I'm am heavily interested in the performance impact of Hypervisor Clusters. This could cripple or poison Intel in this market.
They all do, just newer CPUs have less of a perf impact.Quote:
Originally Posted by Kanoe
Up to 30 percent will kill some cpu's, my mums atom based tablet is slow enough as it is lol.... maybe this is intel's way to force upgrade old pc's, it's not like we have any other reason to upgrade these days.
They've seen how well it works for apple by using the software to 'slow down' their older models for the benefit of it's users of course so they're now having a go at it under the guise of a bug fix.
Then they've hardly picked a good time with AMD at it's highest point for well over a decade and generally offering better value for most mid-high end users (the likes who will have the most to lose from this), Ryzen 2 coming and presumably their APU lineup will be getting fleshed out too.Quote:
Originally Posted by LSG501
As advertisements go it would hardly be a great incentive to upgrade your Intel CPU for another Intel CPU.
30% is no joke. As someone who is on Sandybridge/Ivybridge/Haswell for my Workstation and Server/Gaming PC/Laptop this could have pretty significant ramifications for me if it hits workloads I use.
Goddamn it DDR4 memory manufacturers...
I wouldn't say gaming might be unaffected based on the Phoronix tests, a lot of those games tested are either GPU bound or they are benching in 4k (why on earth 4k when testing CPU performance?).
And for windows gaming I'd wait to see what Microsoft does when they patch it.
My 3570k is already flagged for a Ryzen replacement just waiting for DDR4 prices.
Hopefully this won't kill my performance too much as I need this to last another year at least.
Doesn't feel like a good time to be a PC owner but as I use it for productivity I have no other choice.
so consumers need a 30% refund from Intel strictly in Sterling Pounds.
Perhaps they will give you a free Pentium, they might have a few that are hard to sell now ;)Quote:
Originally Posted by lumireleon
I know the feeling. Sadly I probably need to wait longer too - I was considering getting a cheap i7 for my board to keep me going before this news. Might as well not bother now...Quote:
Originally Posted by Percy1983
Yeah I nearly pulled the trigger on a top end IVB Xeon which was going for a decent price, so I also know the feeling.Quote:
Originally Posted by cheesemp
Notice how the news creeps out after Black Friday, Xmas and Boxing day sales, pretty cynical... With Ryzen now a viable alternative on both mobile and desktop, I think I'll stick to AMD.
Quote:
Originally Posted by cheesemp
If everybody takes the same approach then the prices of i7 / Xeons from the last few generations could tank pretty hard. If your usage doesn't happen to be hit too badly by the issue then this could end up being a win. Not sure how long it will take for the 2nd hand market to adjust though, probably have to wait for the Zen+ launch at least...Quote:
Originally Posted by Biscuit
Maybe this is the true reason Intel pushed out so many CPU's this year. If this flaw had come out before the release of the latest series then they pretty much would have had to pull and redesign it.
The sad thing is that no matter how much amd improves intel still has a similar standing as Apple in the eyes of a normal consumer when it comes to pc's, plus it's not like most consumers are even going to know about this bug.Quote:
Originally Posted by this_is_gav
Under Linux the patch to keep full performance on AMD chips has yet to be accepted. Hopefully the Microsoft patch won't needlessly afflict us, or will be as easy to disable as the Linux workaround (a command line option in the boot options).Quote:
Originally Posted by The Hand
https://www.phoronix.com/scan.php?pa...inux-4.15-Test
ah thank you intel. I've been trying to put together a case to my wife as to why we need to upgrade our aging i7 to a ryzen system. Et voila, here it is. :D
Not much I can do about my laptop though. Just going to have to take a hit. And given how much the drop in i7 paired with NVMe appears to be in those preliminary tests, I'm rather worried what it will look like.
Disappointing. I guess I'll have to recommend Team Red from now on, even for those who have the extra money to spare.
Intel's share price has just fallen by nearly 4% and AMD's has just risen over 6% just on the NASDAQ opening a couple of minutes ago. It might be short lived but looks like this news is registering to a degree.
This is a little more than the usual cynical flip flopping that goes on with share prices though, I think it might have a longer life we commonly see.Quote:
Originally Posted by The Hand
Not all Intel CPUs are affected by this bug, it depends on the version of IME used afaik. Anyway, you can check if your CPU is one of those affected, https://downloadcenter.intel.com/download/27150
Thanks for the link. My system's not affected.Quote:
Originally Posted by Iota
Workstation: Not Vulnerable with a Gigabyte Z77-UD5 and E3 1230Quote:
Originally Posted by Iota
Gaming PC: Not Vulnerable with a ASRock Z77 Extreme4-M and i5 3570K
Some good news at least, my i5 Laptop is not affected, thanks for the link!Quote:
Originally Posted by Iota
Is the IME flaw not a completely separate issue to this? AFIAK the IME flaw needed a motherboard BIOS update to fix. This kernel flaw needs an OS patch to fix. I think you might have your wires crossed on this one.Quote:
Originally Posted by Iota
I could be wrong but isn't this tool testing for a different vulnerability, i.e. Management Engine issues, whereas this is a new vulnerability in the way the CPU handles cached Kernel memory during speculative execution.Quote:
Originally Posted by Iota
Just what I picked up from the el reg article
The Intel Management Engine bug isn't the same thing. Reading this article it seems the bug is likely to do with speculative execution. I've read elsewhere, but can't now find a source, that the speculative exection functions in Intel processors are largely unchanged since the Pentium II and all their processors dating back that far could be affected - truckload of salt required for that rumour though!Quote:
Originally Posted by Iota
First the IME bug and now this - not a good time for Intel. I seriously doubt this will have any long term impact though; Intel will continue to dominate the x86 market and this will be largely forgotten in a few months.
That appears to test for the management engine vulnerability, not this vulnerability.Quote:
Originally Posted by Iota
Edit: lol, from so many posts saying the same thing I guess it takes a few minutes to read that security advisory.
Damnit...
Ok, so this means I won't update anything since I don't have anything to hide from hackers.
Fine if you want to run the risk of your machine being used as a bot or remote mining! :)Quote:
Originally Posted by yeeeeman
:shocked2: :shocked2:Quote:
Originally Posted by yeeeeman
you won't update because you have nothing to hide...:shocked2: Why?Quote:
Originally Posted by yeeeeman
It appears that Intel CPUs since Westmere include something called PCID (Process-Context Identifier) that helps mitigate the effects to some extent - although the fixes have to consider this instruction set extension, and thus might be coming later than the "quick" fix that'll come out this month.
It seems the bug kills SSD performance massively, if you are a hard SSD user. Bad news for some.
So in actual fact, very few "core" chips are in the "you MUST upgrade" catagory, and those that are, are so old that really those people should be considering an upgrade anyway?Quote:
Originally Posted by sykobee
I suspect it kills all disk I/O massively, but it's less noticeable with hard drives as they're already slow.Quote:
Originally Posted by sykobee
So, if I ran that file and it says I'm vulnerable, what do I actually have to do to fix that?
Hope that your motherboard manufacturer has pushed out the update IME softwareQuote:
Originally Posted by Hoonigan
https://hexus.net/tech/news/mainboar...lnerabilities/
Yes, that might be the case. Intel back to 4% down and AMD up 7% now.Quote:
Originally Posted by Biscuit
Edit:
BBC News have finally got an article up:
http://www.bbc.co.uk/news/technology-42553818
"Intel did not respond to requests for comment"
Apologies. So there is now another hardware level bug with Intel CPUs? I guess we all now know why AMD CPUs have run slower, because they're actually doing things properly it seems. I definitely think I'll be upgrading to AMD next round.Quote:
Originally Posted by DanceswithUnix
My 2600k is doing just fine for everything I do with my PC :PQuote:
Originally Posted by Biscuit
I'm really glad I decided on ryzen.
It probably explains why the intel ceo sold 11 million in shares just last month....https://www.nystocknews.com/2017/12/...poration-intc/
That's a juicy story.. Yes great timing there! The Intel cpu security flaw story is the most read on the BBC news site now.Quote:
Originally Posted by outwar6010
..you don`t seriously mean- no, can`t be related surely...Quote:
Originally Posted by outwar6010
Well, if you don't mind the hackers gaining access to protected memory areas which hold secure data such as passwords, banking details etc, then you are correct. Why not post all that info on Twitter and save them the trouble of hacking you :PQuote:
Originally Posted by yeeeeman
Because then they won't be able to mine cryptocurrency at his expense :DQuote:
Originally Posted by s_ATI_sfied
Hmpf.. the 950 performs perfectly well thank you.. though maybe at -30% I could be persuaded to upgrade. X5680 here I come...Quote:
Originally Posted by Biscuit
Really could do with an overview of the type of tasks this affects. If they're everyday tasks that don't strain the CPU then it doesn't matter (to me), however if it's going to noticeably slow down tasks that already use up all the performance of the CPU then it's a bloody big deal!
"or go buy a new processor without the design blunder" such as? AMD only? Crikey
I don't feel like giving more money to the saudis
What a bizarre thing to say. AMD is a publicly traded American company - if you want to avoid giving money to a certain country at any point in the supply chain for whatever strange reason, you better avoid Intel too and go live in the woods or something. Certainly stay away from any plastics or petroleum products!
I said "considering", and I'm going to go out on a limb and suggest that the thought has crossed your mind even before this announcementQuote:
Originally Posted by kalniel
Sandybridge is post WestmereQuote:
Originally Posted by Iota
TBF it's probably not going to be as bad as 30%, or even 10%, in consumer workloads. The way I understand it at the moment (which is admittedly from skim-reading a couple of articles), this first round of patches is more of an emergency fix with the possibility of better-optimised workarounds coming later? A couple of demanding consumer workloads such as gaming and video encoding don't seem to be too badly affected according to Phoronix's tests, though of course they're Linux so it could be different on Windows.
I'm very interested to see this put to the test though! And furthermore, if any future patches do improve things, it's only fair to post updated results when they're available.
Story has been updated with an official response from Intel:
Intel has officially responded to the security flaw reports in an email to HEXUS and via its official Newsroom Blog. In a nutshell it has issued a denial of sorts, saying that any exploits via flaws are not unique to Intel products. It then mentions how it is working closely with the likes of AMD, ARM Holdings and several operating system vendors to solve the issues discussed in the news above. Below is an excerpt of the statement for your convenience, or you can digest the full Intel blog post at the link above.
"Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Snip
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers."
The cynic in me wonders if this is a damage limitation exercise given the volatility in the Intel share price.Quote:
Originally Posted by mtyson
On the other hand, there has been a lot of speculation about the effects of the patch and the risks of the ‘exploit’ and lets face it, bad news is good news for some media outlets - nothing like a bit of sensationalism to generate readers.
So it will be interesting to see what the real world effects are wh3n the patches are released - presumably next week.
Didn’t AMD come out when this story broke and state it didn’t affect their products?Quote:
Originally Posted by mtyson
How come it took them so many years to find this flaw ?
Probably because no-one was looking for it. I guess it was stumbled on by chance. There has been a lot of work recently in reverse engineering the Intel Management Engine and this could have come to light during that work (even though the two seem to be otherwise unrelated)Quote:
Originally Posted by OilSheikh
Lots of bugs have been around a long time. The shell shock bug was around for 30 years without causing problems, and was only discovered when other software advances started using that particular shell command in novel ways.
Which workloads, and define "average computer user". Also mitigated over time, in what manner? Software? Buying more Intel products with higher IPC?Quote:
Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
In light of what AMD has already stated, I assume Intel have asked them for advice on how to resolve the problem, seeing as AMD CPUs are not affected in the same way.Quote:
AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against.
I've read (no idea how true this is so please don't quote me) this may affect some non-x86 CPUs in a similar way. Intel's statement therefore doesn't necessarily contradict the ones from AMD or Linux commits.
Intel haven't said AMD are effected but have managed to drag their name into the story to make consumers unsure
No surprise there
More information released from Google.
https://security.googleblog.com/2018...-need.html?m=1
There's a lot going on with this story
https://www.wired.com/story/critical...ost-computers/
Quote:
On Wednesday evening, a large team of researchers at Google's Project Zero, universities including the Graz University of Technology, the University of Pennsylvania, the University of Adelaide in Australia, and security companies including Cyberus and Rambus together released the full details of two attacks based on that flaw, which they call Meltdown and Spectre.
"These hardware bugs allow programs to steal data which [is] currently processed on the computer," reads a description of the attacks on a website the researchers created. "While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs."
Although both attacks are based on the same general principle, Meltdown allows malicious programs to gain access to higher-privileged parts of a computer's memory, while Spectre steals data from the memory of other applications running on a machine. And while the researchers say that Meltdown is limited to Intel chips, they say that they've verified Spectre attacks on AMD and ARM processors, as well.
Hmmm, not exactly ... they stated that their products weren't vulnerable to the specific attack vector that the OS kernel patches were addressing. That doesn't mean they're not vulnerable to attacks that probe kernel memory in other ways.Quote:
Originally Posted by marshalex
Of course, the real issue here is that while the vulnerabilities are unpatched/unfixed, no company can talk about the details of any attack vector or potential mitigation, which means everything is necessarily vague and rumour-ish. So perhaps AMD do have similar vulnerabilities, and those are not addressed by the current patches - which means they will remain exploitable...
oh don't say that! if noones chips are ok we'll be forced to go back to more simple ones. So time to blow the dust off the old P4 and pentium M. knew I'd kept them for a reason.
And more https://www.nytimes.com/2018/01/03/b...ter-flaws.html
https://www.cnbc.com/2018/01/03/amd-...its-chips.htmlQuote:
According to the researchers, including security experts at Google and various academic institutions, the Meltdown flaw affects virtually every microprocessor made by Intel, which makes chips used in more than 90 percent of the computer servers that underpin the internet and private business operations.
The other flaw, Spectre, affects most other processors now in use, though the researchers believe this flaw is more difficult to exploit. There is no known fix it.
Beware of deliberately vague Intel damage control PR!Quote:
To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.
Read all three variants - they are *NOT* equally severe or exploitable, not even close.
AFAIK P4 and Pentium M were Out of Order processors, so are potentially vulnerable. Atoms prior to Bay Trail, OTOH, should be fine ;)Quote:
Originally Posted by ik9000
I've just been catching up on all that on twitter. Essentially both statements are true. There's an apparently Intel-specific exploit that's being patched, and a general OoO execution exploit that also affects AMD and ARM (and potentially VIA's Nano processors?). So, yes, some of the exploits do affect AMD and ARM, and yes, AMD is not vulnerable to the exploit that is being kernel patched.Quote:
Originally Posted by watercooled
Clear? ;)
Completely, the important bit I was trying to point out is they are different exploits and not of equal severity - and it seems like Intel are being deliberately vague to imply (yet not actually say, incorrectly) that AMD are equally vulnerable. AMD released an official response to it after the media jumped on Intel's statement.
Indeed, trying to make AMD guilty by association. Cheap trick.Quote:
Originally Posted by watercooled
BBC are now lumping AMD in with Intel in their reporting of the issues and are not making the distinction between the different vulnerabilities just to help add to consumer confusion. AMD can just never catch a break.
Welcome to Intel.Quote:
Originally Posted by spacein_vaderIndeed, trying to make AMD guilty by association. Cheap trick.Quote:
Originally Posted by watercooled
Official statement from AMD on what processors are effected by what variants, same from ARM, nothing from Intel so far.
Those that use computers for email and web browsing, buy one because they 'like the colour' and buy one because 'the helpful chap in PC World said it was the bestest ever and I needed it in my life'.Quote:
Originally Posted by Iota
Basically AMD have show themselves to be the least vulnerable from these and the vulnerability they do have will have a minimal performance risk, still no news on what specifically ARM is vulnerable to. But if Intel is the only company vulnerable to Meltdown then they are in a very big frying pan because:Quote:
Originally Posted by Corky34
"There is a critical security flaw in our processors meaning that unprivileged user applications can gain access to all privileged resources, even those on another VM in a Hypervisor stack and there needs to be nearly 1/3 of your processors performance carved out to fix it".
I'm sure Intel will recover, they always do. What will be frustrating is two things, testing and Benching of Intel chips need to be confirmed to be using the latest OS version with the Meltdown patch and hardcore Intel fanboiism might ignore that there was even an issue in the first place. Discussing it with one of my friends and he flat out disbelieves that fixing Meltdown will not cause any performance issues just because it's an Intel processor...
Seems so with AMD, ARM have listed what processors are vulnerable to what variants in the link i posted, to varying degrees it's the Cortex-R7, R8, A8, A9, A15, A17, A57, A72, A73, A75.Quote:
Originally Posted by Tabbykatze
Wow, I have an acute condition of baby brain, how did I not see the ARM link, my bad!Quote:
Originally Posted by Corky34
Processor fanboys aren't Intels problem, particularly as it seems light desktop work and gaming are going to be impacted only lightly performance wise. Their big issue is going to be the big cloud hosts and VM providers. Things like database writes and some heavy compute work gets the biggest performance hit and the likes of Amazon AWS and Microsoft Azure will feel the difference hugely. Their respective top teams will NOT write it down to experience just "because Intel". They'll be out for blood (and by blood I mean cash.) There'll either be some very big sueballs launched by them or more likely, some VERY deep and long lasting discounts on any new Intel kit they order.Quote:
Originally Posted by Tabbykatze
I imagine it would be big sueballs as discounts don't return their money there and then. If we take it as worst case then 30% of AWS and Azures performance was just destroyed in one single sweep. For a single PC, 30% is a lot but manageable but across billions of dollars of cloud infrastructure, I don't think discounts will cut it.Quote:
Originally Posted by spacein_vader
But that's the problem - they'll probably still order intel, so in terms of boosting AMD, it won't, not in the same way that switching camps would do.Quote:
Originally Posted by spacein_vader
Maybe refunds rather than discounts then. I imagine Intel would rather do that quietly with each big supplier than publically get sued by them.Quote:
Originally Posted by Tabbykatze
Yep, according to the beeb it affects all processors going back as far as 1994 - not sure which exploit and how true that is, but what would that even be? An old 286?Quote:
Originally Posted by scaryjim
There are some big assumptions here.Quote:
Originally Posted by spacein_vader
Database accesses are slowed down by going through the loopback 127.0.0.1 network stack because code is written to assume that is fast but bouncing off the kernel is now expensive. Attaching to a remote database server will include more work in the network stack, wire delays and fewer kernel transitions, so probably won't be impacted as much. So databases might be impacted on a case by case basis.
Phoronix showed compiling code to be hard hit, but on Windows it won't be. Why? Linux assumes reading lots of small files is cheap so that is what you do, on Windows it never was cheap so the compiler crunches all those little header file reads into pre-compiled headers resulting in magnitudes less filesystem access.
My gut feeling is that gaming is the other way around, Linux works differently and also has all sorts of porting crud in the way so won't be hurt much, but AIUI Windows will be hurt more as it has more of the driver in kernel space.
I got the impression that Windows fast track update already had the patch, are there not benchmarks floating around already?
The register claims that the windows patch is available here:
https://support.microsoft.com/en-us/...date-kb4056892
Since intel have known since june, it's odd that the 8700k is affected so badly. I smell a class action lawsuit...
For a VM provider epyc offers more cores per dollar, and supports more memory, and AMD hasn't been shipping systems with this glaring bug for months.Quote:
Originally Posted by ik9000
Agreed, the main issue is that there is little/no optimisations for AMDs product sector at the moment. But this might spark developers to more aggressively push to optimise for AMD because of this.Quote:
Originally Posted by ik9000
Should this invalidate all those intel benchmarks then? and if not then all the benchers are going to be trying to use the old o/s's prior to the fix to get that extra little bit out of it.
Whats the rules on those sort of things? are there any?
Is it me or is anandtech.com surprisingly silent on this at the moment? Apart from a small twitter thread suggesting it probably isn't that bad (not entirely anandtech's comments) there doesn't seem to be much on their website that I can find. Odd no?
not sure, but I'll be benchmarking my systems intensively this weekend at stock and OC before installing any patches so I can do a compare and contrast once the patches are installed. I'm most concerned about my laptop which I paid a good whack for to get something that could handle low-latency sound recording. If that suffers I will not be amused.Quote:
Originally Posted by rabidmunkee
Not all that odd really. :pQuote:
Originally Posted by ik9000
Surely, you don't mean... you don't do you? Not anandtech, surely?Quote:
Originally Posted by Biscuit
Basically the benches still apply but they could be invalidated by this update. Because of the uncertainty of the performance metrics being untainted by the Kernel Page Isolation then taking any Intel benchmark prior to the patch at face value would be a bad idea. I would imagine all the major testers and benchers are wondering if they're going to have to re-do all of their benchmarks just to update their scoreboards.Quote:
Originally Posted by rabidmunkee
Because if games are going to be relatively unaffected, that's one thing but users don't always use their computers for one thing. I use my computer for compiling, video editing and manipulating databases as well as games so actually this patch could affect me a lot (using AMD so unlikely). Benchmarks these days aren't just games, i mean both Hexus and TTL have game benchmarks in but they are not the main part of the review any more. It's all the sisoft, PCMark and other raw curnchable data benches.
To me, I will be looking at every benchmark and subtracting ~25% from the performance on Intel vs AMD as a ballpark until its confirmed how much of an impact is where.
Can I get a cheer from everyone who looks at anandtech for impartial reviews.....Quote:
Originally Posted by ik9000
https://i.ytimg.com/vi/_QR9QP0Rjsc/maxresdefault.jpg
Heh, only for the last two years or so. But I literally pushed the button last night (though immediately regretted not going for a x5675 instead, but oh well :p)Quote:
Originally Posted by Biscuit
Turn around on silicon is slow. Months to prove a fix, then 3 months for production silicon at the new mask rev level to turn up in the market place.Quote:
Originally Posted by Xlucine
There's a Youtube video giving some before & after benchmarks following the emergency Windows patch:
https://www.youtube.com/watch?v=_qZksorJAuY
Edit!
As they mention in the video, they don't look at server loads in their assessment, but I think that won't be too much of a concern for most people on this Forum...
No drop in games performance then, nice.
Not on the 8700k, at least. I guess it's possible other Intel CPUs may be more seriously affected...Quote:
Originally Posted by DanceswithUnix
Thats what I was thinking. Be interesting to see how Core2 and Gen1-Gen3 Core i chips have been affectedQuote:
Originally Posted by MrJim
This got me thinking - anyone have a reasonable guess as to how easy this will be to fix in new processors? New stepping, new model or entirely new architecture to sort it out? Mainly wondering how the Intel roadmap is likely to be affected - can they afford to release their next batch of CPUs (Cannonlake?) with the problem still there on the basis that OS updates have kind of, sort of fixed it anyway?Quote:
Originally Posted by DanceswithUnix
I would suspect because they're already in their final stages, Intel will continue with their deployment because in actuality these issues don't affect the commercial market too much anyway. However, on the Server and Corporate side of things, I expect a large lashback against Intel and Intel may have to actually hold back their server arm to fix these flaws. No company wants to buy a processor with a potential 30% speed dump in their applications or run a security risk.Quote:
Originally Posted by Lanky123