Question What is #1 on any list of CPU attributes?

[akamateau]

Tom's Hardware and other media sites are always making lists. Especially what is the best CPU to spend hard earned money on.

This question should help Tom's writers to better define these cpu's as consumers should determine what is important to them.

Intel sells cpu's the same way that Detroit used to sell cars. Intel is always trying to push the fastest and best performing silicon on to the consumer. Yet these cpu's like the cars sold by Detroit all had flaws that put the public at risk. Cars were poorly designed and unsafe.

Intel silicon is also poorly designed and unsafe. There is always a new vulnerability that exposes the consumer to malicious attack and loss of data.

Yet these vulnerabilities do not appear to cause any sense of outrage by the online media!

What good is the best performing CPU if it can not secure your data and passwords?

What good is producing so-called firmware "fixes" that never get applied or used during benchmarks?

 

[sizzling]

Most important to me is the benchmarks for the specific usage the consumer will use it for.

While not good security flaws come up it has to be taken in context. I highly expect most consumers make security mistakes that put their systems in far more danger than the risks caused by the cpu security flaws in the media. To exploit these flaws somehow you need to have give someone access to your system either physically or remotely.

 

[akamateau]

Most important to me is the benchmarks for the specific usage the consumer will use it for.

While not good security flaws come up it has to be taken in context. I highly expect most consumers make security mistakes that put their systems in far more danger than the risks caused by the cpu security flaws in the media. To exploit these flaws somehow you need to have give someone access to your system either physically or remotely.

"While not good security flaws come up it has to be taken in context."
That is what Intel keeps saying to you.
Intel has also been saying to you that their CPU's are secure.
If a lie is repeated enough times then it gains a truth all of it's own.
Your passworded data is on dozens of severs that are running on insecure Intel CPU's.

 

[sizzling]

"While not good security flaws come up it has to be taken in context."
That is what Intel keeps saying to you.
Intel has also been saying to you that their CPU's are secure.
If a lie is repeated enough times then it gains a truth all of it's own.
Your passworded data is on dozens of severs that are running on insecure Intel CPU's.

Intel hasn’t said that to me, I don’t think anyone has said it to me. It’s an opinion based on my own knowledge and experience. The way your posts are written it is clear you have an agenda you wish to voice. Personally I see bigger issues elsewhere, this just makes for a good story.

 

[USAFRet]

like the cars sold by Detroit all had flaws that put the public at risk. Cars were poorly designed and unsafe.

I'm guessing you never owned or drove Euro or Japanese cars from the 60's and 70'?

 

[ElectrO_90]

I'm guessing you never owned or drove Euro or Japanese cars from the 60's and 70'?

But they improved, look at them now, and look at Intel.
Still pushing the same crap silicon from 10+ years ALL with the same security flaws. Which shows Intel has less than little to try and crack their own security.

 

[USAFRet]

But they improved, look at them now, and look at Intel.
Still pushing the same crap silicon from 10+ years ALL with the same security flaws. Which shows Intel has less that little to try and crack their own security.

Apples and oranges.

The microcode exploits that have been found in the last couple of years are due to trying to boost user performance. Yes, exploits are found later. And patched.


As far as "they improved"?
Air bags, gas pedal getting stuck, purposely falsifying emission and fuel consumption results,.
Recall after recall after recall.

Sure, they 'improved'. And faults are still designed in and later fixed.
Not much different than a microcode or OS patch pushed.


Calling out only Detroit for crap cars is simply laughable.

 

[ElectrO_90]

Apples and oranges.

The microcode exploits that have been found in the last couple of years are due to trying to boost user performance. Yes, exploits are found later. And patched.


As far as "they improved"?
Air bags, gas pedal getting stuck, purposely falsifying emission and fuel consumption results,.
Recall after recall after recall.

Sure, they 'improved'. And faults are still designed in and later fixed.
Not much different than a microcode or OS patch pushed.


Calling out only Detroit for crap cars is simply laughable.

It's also right now laughable for defending Intel who has issues because they never updated their core architecture for many years.
Which CPU has more flaws, AMD or Intel?
Who has made steps to change the physical architecture over just some code that hampers the speed of the cpu drastically.
Telling Apple uses to disable multithread... maybe that's why intel now release cpu's with no multi-thread to cover up their constant flaws.

 

[akamateau]

I'm guessing you never owned or drove Euro or Japanese cars from the 60's and 70'?

Apples and oranges.

The microcode exploits that have been found in the last couple of years are due to trying to boost user performance. Yes, exploits are found later. And patched.


As far as "they improved"?
Air bags, gas pedal getting stuck, purposely falsifying emission and fuel consumption results,.
Recall after recall after recall.

Sure, they 'improved'. And faults are still designed in and later fixed.
Not much different than a microcode or OS patch pushed.


Calling out only Detroit for crap cars is simply laughable.

I never said Detroit made "crap" cars. I only said they were unsafe. And they were. Hence the On September 9, 1966, the National Traffic and Motor Vehicle Safety Act became law in the U.S., the first mandatory federal safety standards for motor vehicles. Even before then since the 1920's everything from shatterproof safety glass to seat belts were promoted to develop safer cars. And this all began with "UNSAFE AT ANY SPEED"!

I wasn't calling out Detroit, I was comparing Detroit to Intel. And the computer industry in general.

Cars were sold on the basis of their performance at the track. Computers are sold based on their benchmark performance. However Federal Legislation created the North American Specification which does require more attention to safety features than ANY European or Japanese car.

Servers with Intel CPU's simply are not safe. They do not secure YOUR data. Data breaches have become commonplace so much so that they are not even reported like they used to be.

Intel CPU's have been demonstrated to be time and again "UNSAFE AT ANY SPEED"! The same vulnerability keeps coming up despite Intel's so-called patches.

 

[akamateau]

I'm guessing you never owned or drove Euro or Japanese cars from the 60's and 70'?

Stop acting like a child. So what if Euro and Japanese cars had flaws. THEY ALL DID.

 

[akamateau]

Intel hasn’t said that to me, I don’t think anyone has said it to me.

Were you born obtuse or do you work at it?

Yes I have an agenda. Everyone has an agenda. SO WHAT.

I am sick and tired of buying a product that puts my information at risk. The very same vulnerability keeps popping up regarding Intel branch prediction and look-ahead buffers.

Clearly Intel has been lying to the consumer when they say they have patched these security risks.

Intel has done no such thing!

What is the media for? An instrument to inform the public and create positive change or is the media just an unpaid shill for Intel?

The media does not benchmark Intel cpu's with ANY patched firmware!!

 

[tennis2]

Yeah! How dare Intel sell CPUs in 2008-2018 before the side channel attacks were even discovered......
Fact is, 8 and 9 series CPUs have been shored against many of these attacks. And you can't just change an architecture overnight.

On the topic of the thread - Multithreading requires loads of programming to scale well. Frequency is and always will be king because it requires zero effort from software to improve performance. Of course, just like back in the P4 days, frequency is getting harder and harder to increase, so AMD/Intel use smaller process nodes to pack more cores on a chip as a spec race and its up to the software devs to make them worthwhile. Still most applications don't scale past 6 cores, so have fun buying a 32 thread Ryzen 3xxx.

 

[akamateau]

The microcode exploits that have been found in the last couple of years are due to trying to boost user performance. Yes, exploits are found later. And patched.

The very same exploits keep popping up. Intel branch prediction and look ahead buffers are not secure.

Intel is fixing nothing. Do you seriously think that Intel is going to hamstring their high margin server cpu's just so they are secure?

One thing is certain. The media has consistently reported that these so-called patches will impact Intel cpu performance. Yet benchmarks have not shown that to be the case.

Somebody is lying.

The media does not benchmark Intel cpu's with ANY patched firmware!!

 

[USAFRet]

Code is written.
Exploit is found.
Exploit is "published", to the extent of "It will impact 'whatever'.
Patch is released.
Subsequent testing does not show any measurable impact.

Rant determination is that the subsequent testing is not done on patched hardware, firmware, and software.

May we assume you have proof that "the media" is not testing after the patch?
Anything at all?

 

[USAFRet]

Or maybe, just maybe...the initial screeching about loss of performance was simply to sell clicks and eyeballs.

Just maybe the sky is NOT falling.

 

[geofelt]

Reality check...
So far as I know, the intel vulnerability can not be taken advantage of unless a malicious program has entered your pc.
If you have malicious software infecting your system, that is where your problem lies.
Forget stealing info, you are exposed to ransomware.

 

[sizzling]

Whats the point of this thread? If you had come here to have reasonable discussion and gather opinion then fair enough, however you have reacted poorly to 2 people who share a different opinion about the statements you have made suggesting you are not here for a reasonable discussion. To me you are sounding like some end of the world conspiracy theorist. If you want an intelligent discussion then you may want to rethink you approach.

 

[ex_bubblehead]

The very same exploits keep popping up. Intel branch prediction and look ahead buffers are not secure.

Intel is fixing nothing. Do you seriously think that Intel is going to hamstring their high margin server cpu's just so they are secure?

One thing is certain. The media has consistently reported that these so-called patches will impact Intel cpu performance. Yet benchmarks have not shown that to be the case.

Somebody is lying.

The media does not benchmark Intel cpu's with ANY patched firmware!!

As a wise man once said, "Those who can, do. Those who cannot, criticize." We await the arrival of your CPU design. Let's see what you can do.

 

[akamateau]

Code is written.
Exploit is found.
Exploit is "published", to the extent of "It will impact 'whatever'.
Patch is released.
Subsequent testing does not show any measurable impact.

Rant determination is that the subsequent testing is not done on patched hardware, firmware, and software.

May we assume you have proof that "the media" is not testing after the patch?
Anything at all?

The flaws are ALL HARDWARE. Not microcode. Microcode can ameliorate the flaw somewhat but as is being shown, the flaw will not go away until the hardware is redesigned.

"Only New CPUs Can Truly Fix ZombieLoad and Spectre"
https://www.howtogeek.com/415018/only-new-cpus-can-truly-fix-zombieload-and-spectre/

A negative can never be proved. But what is true, NO BENCHMARK piece has been written that states at the beginning the microcode patches are being executed. In fact IF YOU were to read ANY written benchmark piece regarding Intel CPU's you will find ZERO mention of ANY security vulnerability patch being IN PLACE during the Benchmark run.

The point of this Forum Thread was to light a small fire. Not to argue with individuals.

Why is Intel silicon loaded with bugs, exploits and vulnerabilities?

 

[USAFRet]

The point of this Forum Thread was to light a small fire. Not to argue with individuals.

Well, you seem to be doing a bangup job with the second half of that statement.

 

[TJ Hooker]

Servers with Intel CPU's simply are not safe. They do not secure YOUR data. Data breaches have become commonplace so much so that they are not even reported like they used to be.
[...]
Your passworded data is on dozens of severs that are running on insecure Intel CPU's.

Have you actually seen any where side channel/speculative execution vulnerabilities were confirmed to have been exploited for a data breach? All the recent data breaches were basically results of crappy IT security or general negligence from what I remember.

Even if a list of passwords was compromised, as long as the people running the site were using basic security best practices like only storing salted+hashed passwords (not plaintext passwords), it wouldn't really be a big deal.

 

[TJ Hooker]

But what is true, NO BENCHMARK piece has been written that states at the beginning the microcode patches are being executed. In fact IF YOU were to read ANY written benchmark piece regarding Intel CPU's you will find ZERO mention of ANY security vulnerability patch being IN PLACE during the Benchmark run.

https://www.tomshardware.com/reviews/amd-ryzen-5-2600x,5579.html
"AMD Ryzen 5 2600X Review: Spectre Patches Weigh In"

Edit: https://www.phoronix.com/scan.php?page=article&item=mds-zombieload-mit&num=1
"The Performance Impact Of MDS / Zombieload Plus The Overall Cost Now Of Spectre/Meltdown/L1TF/MDS"

 

[tennis2]

Haha yeah, any reputable tech review site mentions that info.

This thread was poorly named. Nothing what I expected to be talking about when I clicked in.

 

[spencer.cleaves2]

Came to read what peoples opinions were on different performance factors for CPUs. Stayed to read the juicy Intel drama lol

 

[Solandri]

I never said Detroit made "crap" cars. I only said they were unsafe. And they were. Hence the On September 9, 1966, the National Traffic and Motor Vehicle Safety Act became law in the U.S., the first mandatory federal safety standards for motor vehicles. And this all began with "UNSAFE AT ANY SPEED"!

As one of my favorite early Internet personas once said, "Insisting on absolute safety is for people without the balls to live in the real world." There is no such thing as "unsafe at any speed" because there is no such thing as "safe". There is always some risk. Even if you designed cars so that they could never crash into each other, so the passengers were completely shielded and cushioned in the event of a single-vehicle accident, passengers would still be at risk of being injured due to things like a meteor striking the car.

Safety isn't a binary yes/no thing. It's a continuous scale of trade-offs. You can gain additional safety, at the expense of price, performance, comfort, fuel consumption, etc. Or you give up safety to gain performance, comfort, fuel economy, lower price, etc. Pretending that there's some universal threshold of safety which "everyone knows" should be met is, quite frankly, childish. (Unfortunately a large portion of the population doesn't seem capable of reasoning beyond childlike levels, which is why Ralph Nader had to deliberately frame his argument from a binary yes/no right/wrong perspective in order to get enough public support for the changes in auto safety standards.)

Likewise, the "flaws" in Intel's CPUs aren't because of right/wrong design philosophy. They're trade-offs made between security and performance. If you need that security, then you probably want to avoid the affected Intel processors in favor of AMD. If you don't need the security, then you'll probably want to use Intel's processors over AMD's because of their superior performance. Different strokes for different folks. No one size fits all solution. Evaluate what you gain and what you give up in the trade-off, and pick the solution which works best for your particular application.

Edit: I'll throw in this story because it demonstrates why it's important to understand that safety is a trade-off. United Airlines flight 232 crashed in 1989, but more than half the people survived thanks to a fantastic job by the flight crew.
https://en.wikipedia.org/wiki/United_Airlines_Flight_232

One of the passengers was a lap child. That's an infant who doesn't have a paid ticket, and is held in the parent's lap throughout the flight. When preparing for the crash landing, the head stewardess followed airline procedure and instructed the parents to put the lap child underneath the seat in front, like you do luggage. The parents survived. The child did not.

The stewardess was so racked with guilt that she led a two-decade campaign to prohibit lap children aboard planes. If an infant is required to be in an infant car seat when in a car, then they should also be required to be in the same type of infant seat when aboard a plane. After two decades of campaigning and lobbying, she finally got a hearing in front of the FAA. After listening to her and others' testimony, the FAA carefully considered the issue, and ruled against her. Lap children would still be allowed aboard planes.

Think about that for a minute before reading on. Stupid? A travesty of justice? The airlines must have bribed the FAA officials? Here's why the FAA decided as they did.

Travel by airliner is much safer than travel by car. If you require infants be in a special seat aboard a plane, then that would require the parents to pay for an extra seat when flying. The expense of an extra plane ticket would cause many parents to choose to drive instead of fly. And that would mean a lot more children would die in car accidents than would've died if they'd flown. So while it was unfortunate that this one lap child died, that one child's death was the price for saving roughly 90 children from death in car accidents (you're about 90x more likely to die in a car crash than an airliner crash). So the FAA decided it was better to keep the lap child policy in place, in order to save children's lives.