Report Claims Eight New Spectre-Class Vulnerabilities Impact Intel And ARM Processors

Status
Not open for further replies.

modeonoff

Respectable
Jul 16, 2017
892
3
1,985
0
I spent a month going back and forth between Intel and AMD. While I was going to place the orders for components to build a 8700K system today, I read such announcement. Now I am thinking of just getting a cheap 8400 CPU and wait until Intel release a new CPU with all these bugs removed at hardware level at the end of the year. Don't know if there will be delay again. If I go ahead and build a Threadripper system, I have to worry about potential compatibility issues of some software libraries.
 

stdragon

Commendable
Apr 5, 2018
1,551
3
1,660
196
Effectively dumping the cache already took a big hit. I can't see how much worse it could get performance wise. Famous last words, I know.

Hopefully this is just a hypothetical issue patched with a microcode update.
 

RCaron

Prominent
Mar 28, 2017
16
0
510
0
AMD CPU's allocate memory differently. To be vulnerable a hacker would have to predict or search each of the memory allocations in an AMD machine. There are millions. This is like searching for a needle in a haystack.

On an Intel machine, the answer is helpfully provided on a silver platter, you don't have to go looking.

That's the difference.

When AMD says they're vulnerable, they mean that yeah technically if you searched through the entire memory bank you may be able to find the exploit. TECHNICALLY, even though it's really difficult and nobody would do it because well, Intel is an easier target and there are more Intel's around. It's like running from a Bear.. no need to run faster than the slowest person. With respect to Spectre, Intel is the slowest person.

“It is much more difficult on all AMD CPUs, because BTB entries are not aliased - the attacker must know (and be able to execute arbitrary code at) the exact address of the targeted branch instruction.” https://www.reddit.com/r/Amd/comments/7o2i91/technical_analysis_of_spectre_meltdown/
 

modeonoff

Respectable
Jul 16, 2017
892
3
1,985
0


One problem with going for the Threadripper is that I have not seen evidence that it is compatible with 64GB RAM running at 3200C14. At best, I have seen 32GB RAM listed in QVL of G.Skill and motherboard manufacturers only.
 

wownwow

Prominent
Aug 30, 2017
33
0
530
0
The amazing world has accepted the "OS KERNEL RELOCATION" as the intended design (according to the Intel CEO) for Intel processors, what else could be an issue and couldn't be accepted :-D
 

stdragon

Commendable
Apr 5, 2018
1,551
3
1,660
196
I'm throwing down purely a guess here, but given the fact executed code in a VM could reach out to other VMs and the host itself, I'm betting a flaw in the way Hyper Threading is handled.
 

TripleHeinz

Reputable
Aug 29, 2014
106
3
4,715
9
We'll never know but it would be very interesting if CPU companies make an experiment and try their latest architechtures without branch prediction algorithms and focus only in a ultra fast, ultra smart cache hierarchy for serializing instructions. That way they can focus only in executing instructions (much like a gpu does) and they would solve all these side channel attacks, but how much slower would it be? more cores would benefit from executing effective instructions instead of spending cycles in false positives. My own curiosity.

I had a similar experience as a developer in the D3D9 era. In the end, in most scenes, it was faster and better to draw the entire frame, with all the objects shown in the screen even if partially visible rather than to perform the "Z-test" to filter which individual pixel would be drawn in the screen.
 

stdragon

Commendable
Apr 5, 2018
1,551
3
1,660
196


You mean like Intel's previous NetBurst architecture found in the Pentium 4 (Willamette)? There's a reason it was abandoned by Intel back in 2006. It hit a brick-wall of sorts in scalability. Hence, we're in Core series.

There are many problems that inherently can't be solved with parallelization; so sacrificing core complexity for more cores on the same die won't help in many instances. In fact, modern CPUs are already well balanced in this regard - single threaded execution needs vs executing multiple threads (cores and HT) simultaneously.

I couldn't tell you what the solution is. But the corners being cut in security are finally coming home to roost. Do not be surprised if there's a weird stagnation or even a drop in performance for awhile until new standards and processing optimization paradigms are devised. We might be in a bad valley in performance for awhile until all this shakes out in the end.
 

hannibal

Distinguished
Apr 1, 2004
2,165
5
19,815
14
We were expecting to Meltdown and spectre fixed prosessors somewhere 2019... how long we have to wait prosessors that Are fixed for Spectre NX? 2020 or even more?
Situation does not seems to be bright...
 

modeonoff

Respectable
Jul 16, 2017
892
3
1,985
0
I was a very enjoyable experience to build a computer over 10 years ago. Now it is the opposite as prices keep increasing and products often get out of stock. Moreover, as systems get more complicated and manufacturers are rushing products, we see all sorts of compatibility issues.
 
May 2, 2018
5
0
10
0
This is what happens when the whole world rely on one country for their CPU and computer design ... It is time the EU , Japan , China to make their own CPU and stay away from US products and designs. USA will spy on everyone using their technology Granted.

The business will take a huge hit , for changing the infrastructure , but it will be safer on the long run.

The Vulnerabilities are intentional.

 

valeman2012

Distinguished
Apr 10, 2012
1,218
11
19,315
21
MERGED QUESTION
Question from valeman2012 : "Intel Kaby Lake/Coffee Lake Spectre- NG"

So more CRITICAL Security Vulnerability were found Intel Processors. How many more performance loss we going get

I only looking at the Performance for the Kaby Processors and Coffee Lake Processors.
http://www.guru3d.com/news-story/intel-has-to-delays-patches-for-new-spectre-ng-vulnerabilities.html

I feel like my Intel i5 7600 (security patched) going become -5% weaker performance than Intel i5 6600 (non security patched)

if that the case i looking get some money back from Intel.

 

stdragon

Commendable
Apr 5, 2018
1,551
3
1,660
196
LOL! Yeah, you might get a fifteen dollar check in the mail from a class action settlement. Meanwhile, the lawyers involved will be extremely stressed out over having to choose the next color and leather interior options for their next BMW.

Bwahahaha!!
 

TripleHeinz

Reputable
Aug 29, 2014
106
3
4,715
9
Is there any public number for real successful Spectre and Meltdown attack rates? So far, to me, all this seems almost theorical and all this hasle plus breaking patches for something intangible...

...until one day I turn on my pc and nothing shows in the screen, that day I will regret making this post LOL.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS