Intel CPU Flaw

Sesshoumaru

Not sure if this is the right place for this, but worth a read if you're in the market for a new CPU:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

I've read a few sites now and it's not clear what the gaming / performance impact will be. But most sites seem to agree there will be a performance impact. Just not sure how much of an impact until Microsoft release security workarounds for this Intel CPU flaw.

Cuddlesworth

Sesshoumaru wrote: »

Not sure if this is the right place for this, but worth a read if you're in the market for a new CPU:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

I've read a few sites now and it's not clear what the gaming / performance impact will be. But most sites seem to agree there will be a performance impact. Just not sure how much of an impact until Microsoft release security workarounds for this Intel CPU flaw.

So far it looks like,

Could be a large performance hit to games. Not clear yet on how reliant games are on syscalls.

Performance hit scales down over generations, EG Haswell and onwards are hit less, expected single digits.

Amd are not effected.

It can't be fixed, only worked around. Which means any performance hit is here to stay.

Xenoronin

From a gaming point of view, looks like the patch will have negligible impact. Only Linux results out so far, but that's a pretty decent indicator. Day to day you probably won't see much difference. The main impact will be in the server space. Since this doesn't affect AMD, this might even tip some scales in their direction.

Sesshoumaru

Xenoronin wrote: »

From a gaming point of view, looks like the patch will have negligible impact. Only Linux results out so far, but that's a pretty decent indicator. Day to day you probably won't see much difference. The main impact will be in the server space. Since this doesn't affect AMD, this might even tip some scales in their direction.

Once Windows is patched I'm thinking there will be a lot of bench marking going on. But it's hard to say yet. I think it would depend on whether the game or application in question is more CPU dependent or GPU dependent. If you're playing a game now and the CPU is near maximum, it's possible your frame rates will drop. But who knows?

I work in IT and have been contacting hypervisor and server vendors we use. They've replied to say they are under embargo, so nothing to say yet on performance. Next few days will be enlightening.

-l-Z3k3-l-

Unfortunately everyone is under the Embargo, but from all the sources I've been checking, your typical home user will see negligible impact including gamers (still wouldn't you be pretty annoyed if you shelled out for a nice new 8700K system to find out you'll get a performance penalty)
However this will have a huge impact on Cloud providers and datacenters

There are a few benchmarks out there so far showing % hits on diff CPUs (8700K v 6800K etc)

Thing is, most of it is speculation at the moment, so until the embargo is lifted we won't truly know how much of a colossal **** up this is by Intel

Maybe AMD could capitalize on this

L

What's interesting is Intel's CEO recently sold all the stock he held bar his minimum required under their corporate bylaws.

Not a great vote of confidence that they're going to remain in a strong place anyhow - and then a month later this flaw becomes public knowledge.

deceit

Would be completely illegal if the ceo knew about this before sold the stock

wotzgoingon

I read on twitter that they are deliberately hampering AMD CPU's also even though they do not have a flaw. How true that is I don't know but I would not put it past Intel to pay off the likes of MS to do that.

ED E

If AMD have the balls...

Metric Tensor

Must do a benchmark in the next day or two!

Can anyone in the know give an idea of what type of programs would make most use of this sort of switching to the kernel syscall type activity?

.G.

Intel says its not just their stuff affected

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

iLikeWaffles

Wonder how much less bitcoin mining can't be done with that "Vulnerability"

Canis Lupus

iLikeWaffles wrote: »

Wonder how much less bitcoin mining can't be done with that "Vulnerability"

I thought mining was mainly done on GPUs?

ED E

It is.

yoshiktk

So NSA will have to use another backdoor?

Cuddlesworth

superg wrote: »

Intel says its not just their stuff affected



https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

AMD's response.

To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.

Linus has accepted AMD's code merge for the new kernels too. In which anything that isn't a Intel CPU is allowed to continue as normal.

There is also something not being said right now, which is that this flaw is pretty much guaranteed to be in Intels upcoming generation of chips and its way to late to change them. Its been there since the Pentium days.

Cuddlesworth

Email from Linus on Intels response, based on them just claiming all CPU's have this issue without any proof. This is hilarious. Would love to see the emails floating around Microsofts cloud division.

Why is this all done without any configuration options?

A *competent* CPU engineer would fix this by making sure speculation
doesn't happen across protection domains. Maybe even a L1 I$ that is
keyed by CPL.

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you ****
forever and ever, and never fixing anything"?

Because if that's the case, maybe we should start looking towards the
ARM64 people more.

Please talk to management. Because I really see exactly two possibibilities:

- Intel never intends to fix anything

OR

- these workarounds should have a way to disable them.

Which of the two is it?

Linus

L

Well, this just keeps getting more interesting. Intel knew about this back in June - their CEO decided to sell up in October.

Well hello Ryzen so

ED E

Its probably bad that when I read Linus I think Sebastian before Torvalds....

SickBoy

ED E wrote: »

Its probably bad that when I read Linus I think Sebastian before Torvalds....

smacl

Metric Tensor wrote: »

Must do a benchmark in the next day or two!

Can anyone in the know give an idea of what type of programs would make most use of this sort of switching to the kernel syscall type activity?

At a guess virtualization / running VMs would suffer badly, similarly running a large number of processes accessing shared resources using kernel level syncs such as mutexes. I doubt mining would be affected as that is more likely to be GPU based rather than CPU. Services and device drivers are also more likely to hit the kernel than applications.

smacl

ED E wrote: »

Its probably bad that when I read Linus I think Sebastian before Torvalds....

Hey, at least its not Van Pelt :pac:

Sesshoumaru

A good video from Sophos

https://nakedsecurity.sophos.com/2018/01/04/fckwit-the-video/

iLikeWaffles

https://www.youtube.com/watch?v=d7ILCoU9d4k

ED E

2008/W7/W8.1/2016 boxes are yet to update but the W10 unit is seeing pretty much on par perf in CB R15 (217 -> 216).

Metric Tensor

Is it out already? Didn't get a chance to run a before benchmark and it may be automatically on my W10 skylake by now.

.G.

windows 10 update was released two days ago but I haven't got it yet. Apparently there's some issue with the fix not being compatible with some AV programs.

Edit:- actually it was just done a while ago, wasn't when I checked last.

iLikeWaffles

Unless people know how to take advantage of this vulnerability there is not really a whole lot to worry about for the average user. The way I see it is depending on your caution with downloading stuff at the minute on an Intel chip there is more chance of winning the lotto 10 times consecutively than having your personnel data fall into the hands of someone who can use it against you.

All the big servers will get the patch anyway because of the volume of traffic of the servers so server side your personal data is secure otherwise they'd already be hacked if it was a well known flaw that more than one somebody could take advantage of.

The video I posted there is interesting because it explains it in an easy to understand way. When I first heard about this bug I was suspicious that it was just some PR thing for AMD. That question is still there, Fact is that AMD are not susceptible, Okay how so? For average users, most would be on windows or mac, how many would be on Linux where the AMD bug only occurs on some version that has been configured to allow the bug, So AMD are only vulnerable on a specially configured version of Linux that allows the bug... :rolleyes:

If that means its Intels way of showing that AMD is susceptible its just shady. Kind of like letting your dolly fall out of the pram seeing that your mates dolly hasn't fallen and grabbing it and throwing it on the ground while no one is watching and then saying look his dolly fell out too.

ED E

Interestingly MS pushed a reboot for that update without approval for Server 2016. That's pretty unheard of.

BloodBath

Intel knew about it when they designed the backdoor back in the pentium days. He only sold because he knew the story was about to break mainstream news.

It's been no secret for a long time that these things had back doors designed into them. If you google you will find articles about this exploit from years ago. Yet all intel chips made since then still have the vulnerability. Why is that?

The leaked NSA hacking tools that made use of this exploit were also known about for over 2 years as well. These tools have been available online to anybody yet nobody was warned about the security issues. Why is that?

There should be a criminal case brought against Intel and the NSA.