Bartimaeus Posted January 3, 2018 Posted January 3, 2018 (edited) https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Apparently affects almost all modern Intel CPUs (from around the first Core generation to current ones). A bad enough security flaw that the Linux community as well as Microsoft are attempting to censor and obfuscate all discussion of it for the time being while they work on a fix. Makes it so that any old Javascript running on your browser can access your kernel memory and hijack your PC, I guess. A reddit discussion thread for more information: https://www.reddit.com/r/Games/comments/7nqgpb/intel_cpus_processor_design_flaw_may_cause_5_to/ Edited January 3, 2018 by Bartimaeus Quote How I have existed fills me with horror. For I have failed in everything - spelling, arithmetic, riding, tennis, golf; dancing, singing, acting; wife, mistress, whore, friend. Even cooking. And I do not excuse myself with the usual escape of 'not trying'. I tried with all my heart. In my dreams, I am not crippled. In my dreams, I dance.
Gorgon Posted January 3, 2018 Posted January 3, 2018 30 % performance hit ?. So, never update windows again ? Na na na na na na ... greg358 from Darksouls 3 PVP is a CHEATER. That is all.
Gorgon Posted January 3, 2018 Posted January 3, 2018 Time for a Ryzen build I guess. Na na na na na na ... greg358 from Darksouls 3 PVP is a CHEATER. That is all.
Bartimaeus Posted January 3, 2018 Author Posted January 3, 2018 (edited) 30 % performance hit ?. So, never update windows again ? I mean, if you're okay with any javascript you happen to run across while browsing being able to hijack your PC, sure. Note that this can include poorly curated ads... Edited January 3, 2018 by Bartimaeus Quote How I have existed fills me with horror. For I have failed in everything - spelling, arithmetic, riding, tennis, golf; dancing, singing, acting; wife, mistress, whore, friend. Even cooking. And I do not excuse myself with the usual escape of 'not trying'. I tried with all my heart. In my dreams, I am not crippled. In my dreams, I dance.
majestic Posted January 3, 2018 Posted January 3, 2018 (edited) 30 % performance hit ?. So, never update windows again ? Time for a Ryzen build I guess. The 30% figure is not a "ballpark" as it is stated in the news articles but comes from a benchmark doing nothing but the sort of calls that will experience a slowdown after the fixes. It is a worst case scenario that doesn't apply to real life application/consumers and much less gamers - games are already designed in a way that avoid the sort of instructions that will experience a performance hit. Do not forgo the update. There will still be a performance drop and it is both a security and PR disaster for Intel and just the sort of boost AMD could use to (finally, I guess) get more than a toe into the server market because that is the area that's most affected - both security and performance wise. It's an absolute nightmare for public cloud services (Amazon EC2/AWS, Microsoft Azure, etc.). Edited January 3, 2018 by majestic 3 No mind to think. No will to break. No voice to cry suffering.
Zoraptor Posted January 3, 2018 Posted January 3, 2018 From what I've seen the minimum hit is ~5% though, since everything does system calls including games. Not nearly as bad as the worse case but since it's a straight hardware fault the only true fix is to redesign the processor. And I suspect from the secret squirrel response that there wouldn't even be an option not to update short of air gapping anyway. Very good news for AMD though, it puts Ryzen on the same effective IPC as Intel already with a refresh coming that ought to have a decent potential boost to both IPC and overclock potential. Plus if Epyc does get a foot in the door for servers that's real money. Then again AMD does have their segfault issue as well.
majestic Posted January 3, 2018 Posted January 3, 2018 From what I've seen the minimum hit is ~5% though, since everything does system calls including games. Not nearly as bad as the worse case but since it's a straight hardware fault the only true fix is to redesign the processor. And I suspect from the secret squirrel response that there wouldn't even be an option not to update short of air gapping anyway. Very good news for AMD though, it puts Ryzen on the same effective IPC as Intel already with a refresh coming that ought to have a decent potential boost to both IPC and overclock potential. Plus if Epyc does get a foot in the door for servers that's real money. Then again AMD does have their segfault issue as well. Barti's reddit link has game benchmarks for Linux showing no decrease in frame rate after the fix. Since system calls are mostly IO operations that makes sense. It also won't measurably affect latency times in online games because the bottleneck is the lag on the line, not the actual packet processing. We're not going to see a 5% measurable performance decrease in actual gaming in my opinion - but I might be wrong and extrapolating from Linux gaming isn't exactly a safe bet for a Microsoft patch. What I'm really looking forward to is our databases at work dropping a 10+% in performance over night. Yay. Blargh. It's only good news for AMD if they can deliver. I doubt they can cover a spike in demand considering that their production capacity is rather limited right now. But here's to hoping they can pick up some of Intel's slack - a bit of competition would be good for us. No mind to think. No will to break. No voice to cry suffering.
Gorgon Posted January 3, 2018 Posted January 3, 2018 I am considering just not using my windows tablet for internet though. I can get things on and off it with USB sticks. Na na na na na na ... greg358 from Darksouls 3 PVP is a CHEATER. That is all.
Malcador Posted January 3, 2018 Posted January 3, 2018 What I'm really looking forward to is our databases at work dropping a 10+% in performance over night. Yay. Blargh. I am looking forward to using this as a reason for client's systems running slow when they file tickets with me. Would be interesting to hear more on how this bug went undetected for so long. Why has elegance found so little following? Elegance has the disadvantage that hard work is needed to achieve it and a good education to appreciate it. - Edsger Wybe Dijkstra
Gorgon Posted January 3, 2018 Posted January 3, 2018 Well, maybe certain people knew. Like intelligence agencies. You can sell an exploit like that for a lot of money. The moment it's public, it's worthless though. Remember the theories around the last round of wannacry ransomware. Na na na na na na ... greg358 from Darksouls 3 PVP is a CHEATER. That is all.
Malcador Posted January 3, 2018 Posted January 3, 2018 Well, seen that Intel discovered this as of Nov 2017 or 8 months ago (though in both cases it's '"Some say.." tier of FOAF BS). Some tests with pre- and post-patch are out (in German though) https://www.hardwareluxx.de/index.php/news/hardware/prozessoren/45319-intel-kaempft-mit-schwerer-sicherheitsluecke-im-prozessor-design.html https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/ 2 Why has elegance found so little following? Elegance has the disadvantage that hard work is needed to achieve it and a good education to appreciate it. - Edsger Wybe Dijkstra
Gorgon Posted January 3, 2018 Posted January 3, 2018 Doom loses 10 fps near as i can tell. It's not the end of the world I guess. Na na na na na na ... greg358 from Darksouls 3 PVP is a CHEATER. That is all.
Malcador Posted January 3, 2018 Posted January 3, 2018 All of this makes me wish I did better in my Computer Architecture classes. Then I might be earning big money Why has elegance found so little following? Elegance has the disadvantage that hard work is needed to achieve it and a good education to appreciate it. - Edsger Wybe Dijkstra
Zoraptor Posted January 3, 2018 Posted January 3, 2018 Doom loses 10 fps near as i can tell. It's not the end of the world I guess. Yeah, it's basically in the 3-5% reduction range for games (well, the four games tested, and not in GPU limited scenarios like 4k) which isn't great but also isn't a catastrophe except PR wise. 1
majestic Posted January 3, 2018 Posted January 3, 2018 Doom loses 10 fps near as i can tell. It's not the end of the world I guess. Yeah, it's basically in the 3-5% reduction range for games (well, the four games tested, and not in GPU limited scenarios like 4k) which isn't great but also isn't a catastrophe except PR wise. Indeed. Guess I was wrong, although technically not even Battlefront dropped by a full 5%, but it's close enough. They should probably test SWTOR. That game has a nightmarish amount of disk usage - enough to make people claim that it killed their SSDs. No mind to think. No will to break. No voice to cry suffering.
Malcador Posted January 4, 2018 Posted January 4, 2018 Hm, so right now there are two vulnerabilities - Meltdown and Spectre. The Intel one is Meltdown and is more urgent. https://meltdownattack.com/ 1 Why has elegance found so little following? Elegance has the disadvantage that hard work is needed to achieve it and a good education to appreciate it. - Edsger Wybe Dijkstra
LadyCrimson Posted January 4, 2018 Posted January 4, 2018 May not be that related, but things like this are why I've never been very happy with the world going more and more completely computer/electronic-storage dependent. Wouldn't take much for all that info to be lost. Backup and backup and physical hardcopy as much as possible, man. Also, it's why I don't use the "cloud," at least in terms of modern usage of the term. More and more I want to retreat from it but it's such a part of the world now it's impossible to do so completely unless you want to go mountain-man. I didn't see it linked to, so I'll just add this general-report forbes article to it. Probably has nothing too different, but never hurts to read more perspectives, especially for non-techie people. https://www.forbes.com/sites/thomasbrewster/2018/01/03/intel-meltdown-spectre-vulnerabilities-leave-millions-open-to-cyber-attack/#5f0170bd3932 ...at any rate, a small drop in gaming performance isn't something I'm likely to notice on a personal level, if I must endure it at some point. It'll be interesting to see how this all pans out in the long run. And kinda makes me glad I (still) haven't built a new PC yet so I can wait and see before doing so. “Things are as they are. Looking out into the universe at night, we make no comparisons between right and wrong stars, nor between well and badly arranged constellations.” – Alan Watts
Keyrock Posted January 4, 2018 Posted January 4, 2018 Contrary to what AMD would like you to believe, AMD chips are also affected by the Meltdown and Spectre security exploits, as are ARM chips. This is very far reaching. The Linux kernel has already had a couple preliminary patches made available (FOSS is agile like that), presumably Windows and Apple engineers are testing patches as I write this. RFK Jr 2024 "Any organization created out of fear must create fear to survive." - Bill Hicks
Sarex Posted January 4, 2018 Posted January 4, 2018 http://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked,1.html "because they filled mommy with enough mythic power to become a demi-god" - KP
Zoraptor Posted January 4, 2018 Posted January 4, 2018 That doesn't look bad at all. If (and it's a big if) the rumours about meltdown requiring some further fixing are true it might still get worse but at the moment it certainly doesn't look significant for the average desktop user. Contrary to what AMD would like you to believe, AMD chips are also affected by the Meltdown and Spectre security exploits, as are ARM chips. This is very far reaching. The Linux kernel has already had a couple preliminary patches made available (FOSS is agile like that), presumably Windows and Apple engineers are testing patches as I write this. Everyone and everything (nearly) is effected by Spectre, even including RISC chips. The only source I've seen for everyone being effected by Meltdown though is Intel FUD trying to conflate the two issues. Everything else says it's Intel specific. 2
Malcador Posted January 5, 2018 Posted January 5, 2018 Following this on Reddit with the typical fanboys and inability to read and conclusion jumping has been fun. I guess we are lucky it is hard to exploit Spectre 2 Why has elegance found so little following? Elegance has the disadvantage that hard work is needed to achieve it and a good education to appreciate it. - Edsger Wybe Dijkstra
AwesomeOcelot Posted January 6, 2018 Posted January 6, 2018 Reddit and The Register, not the best places to go to get a reasonable perspective on breaking tech news.
injurai Posted January 7, 2018 Posted January 7, 2018 I wonder how many millions of jump statements just got inserted into all my binaries...
Jozape Posted January 8, 2018 Posted January 8, 2018 (edited) It needs to be pointed out that this isn't a "kernel" flaw: the kernel is software e.g. Linux. Intel only makes the CPU and its microcode. The flaw is in the CPU but its being mitigated -- at a substantial cost -- by Linux. Epic Games' Fortnite's servers experienced much more than a 30 or even 50 percent slowdown btw, so these slowdowns aren't just theoretical. https://www.epicgames.com/fortnite/forums/news/announcements/132642-epic-services-stability-update Edited January 8, 2018 by Jozape
injurai Posted January 23, 2018 Posted January 23, 2018 Did this affect the performance on personal machines or just server architecture?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now