Intel Announces 'In-Silicon' Fixes For Meltdown And Spectre Coming This Year, 10nm Update

[Guest]

Intel will begin to ship products with "in-silicon" fixes for Meltdown and Spectre by the end of the year (Q4).

Intel Announces 'In-Silicon' Fixes For Meltdown And Spectre Coming This Year, 10nm Update : Read more

 

[jasonelmore]

I want one of those "new" CPU's with the in-silicon fix. Intel, I just purchased a 7900X 2 months ago, I expect to have this CPU swapped out for a comparable "in-silicon fix" model. If you will not offer replacements, we will sue. This chip is slower than the 4790K it replaced in day-to-day task. I can notice a huge difference just in desktop animation speed after the meltdown/spectre fixes.

Please offer silicon replacements, i'm asking nicely

 

[mwryder55]

"Krzanich stated that the company would continue to ship 10nm processors in the first half of 2017 and then kick into high-volume manufacturing in the second half of the year."
I think you meant 2018, not 2017.

 

[PaulAlcorn]

"Krzanich stated that the company would continue to ship 10nm processors in the first half of 2017 and then kick into high-volume manufacturing in the second half of the year."
I think you meant 2018, not 2017.

Good eye, fixed!

 

[reunicorn]

This chip is slower than the 4790K it replaced in day-to-day task... after the meltdown/spectre fixes.

Is your 7900X also slower than the 4790K with the patches applied on *both* processors? Because if the 4790K is only faster unpatched, it's not a fair comparison and I don't think you'd have any basis for a lawsuit.

 

[bit_user]

I want one of those "new" CPU's with the in-silicon fix. Intel, I just purchased a 7900X 2 months ago, I expect to have this CPU swapped out for a comparable "in-silicon fix" model.

Are you nuts? Of course they won't replace it.

If you will not offer replacements, we will sue.

Then join one of the class action lawsuits and be prepared to wait a years. When it's all said and done, maybe you get enough to buy a bigger aftermarket heatsink. Then, at least you can O/C to get back some performance.
; )

 

[boju]

Worried about performance don't update or patch bios. Be smart and avoid the obvious clicks. I doubt very much this bug would take an affect on anyone.

It took Google to discover this flaw and my speculation probably their ai program did it and not any human. Not that they'd admit that anyway.

 

[AgentLozen]

I thought this entire article was interesting. My favorite part was:

Krzanich also later stated that the company expects to continue developing its 14nm products in 2018, so we could see yet another round of 14nm processors (sigh).

This summarizes my feelings about the matter also. I'm wondering if Intel plans to follow the lead set by Broadwell and Skylake. That is - Cannon Lake might come out and be followed up with Ice Lake a month or two later. It feels like both CPUs have been baking in the over for a long time.

I'm looking forward to the -5% power consumption and +3% IPC improvement! Bring it on!

 

[jeremyj_83]

I am surprised that they are already able to implement in silicon fixed for Meltdown/Specter. That probably means that they have known about it for quite a while longer than they say. Also would explain why 10nm is so late, probably found out about the problem just as Alpha chips were coming out and decided to fix the problem right away, therefore delaying 10nm chips by 18 months or so.

 

[InvalidError]

I am surprised that they are already able to implement in silicon fixed for Meltdown/Specter.

Nothing that surprising there: since part of the microcode fix is to make the speculative execution less aggressive, baking the fix which already has a soft-fix into silicon or changing its behavior to something more difficult to exploit should be a pretty minor tweak.

I doubt mainstream CPUs designed primarily with speed in mind will ever be safe from side-channel exploits of one sort or another. Even specifically security-hardened CPUs aren't completely immune to side-channel exploits on their own and require software to go out of its way to scramble side-channel leaks. Guaranteeing security comes at a huge performance cost.

 

[wownwow]

From the clown-like Intel CEO:

Before: NO BUG, our chips operate as designed and intended.
Now: SILICON-BASED CHANGES, the products to be appear later this year.

What a dishonest, shameless CEO!

Intel keeps selling and launching faulty chips, what a dishonest, shameless company!

People tolerate both well, what a beautiful world :-D

 

[InvalidError]

Intel keeps selling and launching faulty chips, what a dishonest, shameless company!

Side-channels are extremely difficult to protect against and even more difficult to predict. In all likelihood, more side-channel attacks will be discovered even in post-Meltdown/Spectre chips, such is the price of designing chips for performance instead of intrinsic security. If you want an intrinsically secure chip, you are going to pay a huge price in performance penalty.

Spectre variants being applicable to both ARM and AMD chips tells you that it isn't an issue specific to Intel architecture or even the x86 instruction set. Intel may have been the worst hit of the bunch in this round, but it isn't alone.

 

[sfhenm]

Agree with InvalidError. The best fix is with the hardware and is specifically associated with speculative execution (combined with virtualization). Side band access can, however, be limited with hardware based fences and separation of interrupt privileges, amongst other items. The less you do on the hardware side, the more convoluted schemes you need to employ in software to protect against sideband access. I will differ on the cost v. performance advantage of OOE (i.e. the reason for speculative execution), especially given the fact that the beneficial use of the speculative execution has been shown to be limited. The bad thing is that many of the architectures are so far down the path of OOE, they need to continue to pour good circuits at a poor performance to cost tradeoff.... and no, Intel is not the only one that can be impacted by sideband leaks. Other architectures are equally susceptible. The dangers should be lower in a private environment, as the attack needs to be injected in that environment to cause a return in the routine that allows access to other information in the cache... that doesn't belong to that user.

 

[bit_user]

That probably means that they have known about it for quite a while longer than they say. Also would explain why 10nm is so late, probably found out about the problem just as Alpha chips were coming out and decided to fix the problem right away, therefore delaying 10nm chips by 18 months or so.

They were given 6 months of notice, which is about 5.5 months before we learned of it.

All indications are that 10 nm has been slow to ramp, because it's hard. This is "real" 10 nm, unlike some of the marketing numbers bandied about by other fabs, which have virtually no basis in reality.

 

[wilsonjchan]

Where did Intel announce the delay of 3DXP DIMMs?

 

[Geef]

The ONE thing I hope they do is put something on the outside of the box of the new processors showing that its a hardware fix chip. I would hate to wonder until after I bought a new processor and opened it and then found out.

 

[InvalidError]

The ONE thing I hope they do is put something on the outside of the box of the new processors showing that its a hardware fix chip.

What is going to be outside of the box will probably be 9000-series model numbers.

 

[wownwow]

To clarify, as a CPU design, below is talking about Meltdown, the obvious of Intel's INTENTIONALLY not following the privilege levels/rings itself defined for x86!

From the clown-like Intel CEO:

Before: NO BUG, our chips operate as designed and intended.
Now: SILICON-BASED CHANGES, the products to be appear later this year.

What a dishonest, shameless CEO!

Intel keeps selling and launching faulty chips, what a dishonest, shameless company!

People tolerate both well, what a beautiful world :-D

 

[InvalidError]

Before: NO BUG, our chips operate as designed and intended.
Now: SILICON-BASED CHANGES, the products to be appear later this year.

What a dishonest, shameless CEO!

Side-channel attacks aren't caused by design flaws in the product, they are caused by people finding ways to exploit normal operation of the product to infer what is happening in unrelated processes. The chip is operating as designed and intended and hardware changes are required to invalidate the potential vulnerability. However, there is no guarantee that people won't successfully model the fixes and manage to find new side-channel attacks for them.

For as long as CPU and software execution flows remain relatively predictable, a necessity when optimizing for performance, there will be side-channel vulnerabilities: if something is predictable, it can be modeled and a sufficiently accurate model can potentially be used to compromise the CPU or algorithm. Some (potential) exploits are just worse than others.

 

[wownwow]

Simply questions:

1) Why did Intel define the privilege levels/rings for x86?
2) Why did Intel INTENTIONALLY not follow what it defined?

INTENTIONALLY not following the basic and critical stuff itself defined is not only the CEO's lying but the whole company is lying!

Selling the known faulty chips is even a lot more worse, but whatever as long as people tolerate and are happy.