• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."

Intel Hyper-Threading Accused of Being a Security Threat

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

Hitman928

Golden Member
Apr 15, 2012
1,931
746
136
That was a case where they were recommending to temporarily disable HT when the flaw was discovered. However a microcode update was able to fix it later on and HT could be re-enabled without consequence.

In the case of the L1TF flaw every Intel processor on the planet with HT cannot be mitigated with a microcode update or software update. The only way to mitigate the L1TF flaw completely is to disable HT in BIOS forever. HT needs a completely new architecture to fix it and most likely even the newest Intel 9000 series processors are affected.
That's not entirely true. It can be mitigated, but not in a VM environment where each instance cannot be guaranteed to be safe. So for cloud providers, yeah, there's no mitigation (except turn off HT), but for end users, there are microcode / OS updates available for mitigation.
 
Last edited:

maddie

Platinum Member
Jul 18, 2010
2,802
1,376
136
I think your intentionally muddying the waters, these flaws most likely have been known for years and years, far too simple for those expert engineers at intel to not notice, they left it in for a reason, they have the most R&D, the most engineer's, the most experience with speculative execution and SMT.

They said cascade lake was pulled from tape in and fixed for some vulnerabilities in two weeks!.

That tells you they more than likely knew and had hardware contingency plan just 'in case' or for future product's, the R&D had already been done for this fix and put on ice.
That is why you can't just give intel a free pass and say AMD/ARM/Intel are all the same.

Just my opinion.
Are you sure about the fix being a hardware one versus microcode? If they knew, had a fix ready, and didn't use it until compromised, then I see many lawsuits.
 

french toast

Senior member
Feb 22, 2017
943
745
106
Are you sure about the fix being a hardware one versus microcode? If they knew, had a fix ready, and didn't use it until compromised, then I see many lawsuits.
Anandtech interview: Lisa Spelman;
"We will continue to make good decisions on this – it was the right decision to stop a product, get the mitigation in, take the couple of weeks hit, and move on. We will continue to do that too."
Ian Cutress;
"IC: Are you saying that it took two weeks to fix and design in hardware?"
"LS: It certainly took longer than that, but if you look at the intercept of our product flow, we held back the tape-in until we had the IP in place

https://www.anandtech.com/show/13204/an-interview-with-lisa-spelman-vp-of-intels-dcg-discussing-cooper-lake-and-smeltdown

Edit; Now these vulnerabilities were known officially by Intel by mid/late last year...cascadelake is a Q3/4 2018 launch, how much time would they have had to look into, design, test and put into silicon these hardware fixes before tape in, tapeout, testing and validation, = launch 2018??.
Very very suspicious if you ask me.
 
Last edited:
  • Like
Reactions: DarthKyrie

Markfw

CPU Moderator, VC&G Moderator, Elite Member
Super Moderator
May 16, 2002
18,612
5,905
136
Anandtech interview: Lisa Spelman;
"We will continue to make good decisions on this – it was the right decision to stop a product, get the mitigation in, take the couple of weeks hit, and move on. We will continue to do that too."
Ian Cutress;
"IC: Are you saying that it took two weeks to fix and design in hardware?"
"LS: It certainly took longer than that, but if you look at the intercept of our product flow, we held back the tape-in until we had the IP in place

https://www.anandtech.com/show/13204/an-interview-with-lisa-spelman-vp-of-intels-dcg-discussing-cooper-lake-and-smeltdown

Edit; Now these vulnerabilities were known officially by Intel by mid/late last year...cascadelake is a Q3/4 2018 launch, how much time would they have had to look into, design, test and put into silicon these hardware fixes before tape in, tapeout, testing and validation, = launch 2018??.
Very very suspicious if you ask me.
Intel has been doing "dirty" and illegal things since they tried to shut out AMD many years ago. Unfortunately, I have been like everyone else, buying their stuff, since it was the only decent hardware for the last 10 years until last year.
 

dualsmp

Golden Member
Aug 16, 2003
1,616
26
91
That's not entirely true. It can be mitigated, but not in a VM environment where each instance cannot be guaranteed to be safe. So for cloud providers, yeah, there's no mitigation (except turn off HT), but for end users, there are microcode / OS updates available for mitigation.
Theo de Raadt recommends CVE-2018-3620 have HT disabled, so I'm not sure Intel is forthcoming with all information. Theo also predicts there will be more "artifacts" of the L1TF bug in the future.

https://marc.info/?l=openbsd-tech&m=153431475429367&w=2
 

french toast

Senior member
Feb 22, 2017
943
745
106
Intel has been doing "dirty" and illegal things since they tried to shut out AMD many years ago. Unfortunately, I have been like everyone else, buying their stuff, since it was the only decent hardware for the last 10 years until last year.
Exactly. That's why we shouldn't give them the benefit of the doubt when things are suspicious, trust is earned and easily lost...too many times have we seen this type of crud from them.

Saying that we can all admit they make brilliant processors and for along time they were the only worthwhile option, i have criticised them in the past but the continued improvement to the 14nm process leading to what we expect the i9 to become, they deserve some credit.
Wish they would cut the crud out though, they don't need to do it.
 
Last edited:
  • Like
Reactions: ZGR

wahdangun

Senior member
Feb 3, 2011
995
124
106
Does anyone experience some error in VM like "critical problem" ? After new patch ? I'm using hyper v windows server 2012 r2.

It's make my VM paused and some VM can't change state.
 

ASK THE COMMUNITY

TRENDING THREADS