Two Hard-to-Detect Spectre Flaws Found for Intel, Arm Processors

Status
Not open for further replies.

stdragon

Commendable
Apr 5, 2018
1,551
1
1,660
196
So...the flaw isn't HW, but rather a fundamental philosophy in computing within the relm of computer science. NICE! *slow clap*

You can't fix what hasn't been implemented.
 

DerekA_C

Prominent
Mar 1, 2017
177
0
690
1
I like how they say it may affect AMD just to try and throw crap at AMD's major successes in the last year. Something tells me I doubt AMD is affect. Intel kept doing the same thing over and over and it is now biting them in the butt.
 

stdragon

Commendable
Apr 5, 2018
1,551
1
1,660
196
Sandboxing wouldn't do squat. In fact, these Spectre exploits hit cloud based hosting providers hard. That's because running malicious code in one VM that exploits this can snoop the RAM of the underlying physical host and gain access to the contents of another VM.

Basically, speculative execution, and hyper threading by extension is fundamentally flawed. In fact, OpenBSD now disables HT all together. No more beating around the bush.
 

Christopher1

Distinguished
Aug 29, 2006
652
0
19,010
5
The problem with getting rid of 'speculative execution' is that it is part of what makes computers today so fast: Information is 'kept in memory' and when the processor needs it? It just pulls it out of memory if it is needed within a reasonable amount of time.

If we have to go back to "Program uses memory and then all data is flushed!" expect computers to get much much slower.

One person on PCWorld was talking about a 50% decrease in computing speed.
 

stdragon

Commendable
Apr 5, 2018
1,551
1
1,660
196
Intel stated across the board integer performance loss anywhere from 2% to 8% after patching Spectre v4 with microcode. Meaning, it's irregardless if the process is in kernel or user land. However, Coffee Lake CPUs (8th gen) are currently seeing anywhere from 1% to 3% hit.

I'm not sure if Intel's numbers are on average against all the Core series with the oldest being the worst, or just pre-Haswell where INVPCID for PCID (Process Context ID) isn't available.
 
Status
Not open for further replies.

ASK THE COMMUNITY