Ow I agree , I was more thinking off do we actually know the patches will work? if I understand it correctly some of the spectre stuff are still being investigated if they can be patch properly , in that context is it ok to still sell/launch the product ? More like a moral question of it all.
Ow I agree , I was more thinking off do we actually know the patches will work? if I understand it correctly some of the spectre stuff are still being investigated if they can be patch properly , in that context is it ok to still sell/launch the product ? More like a moral question of it all.
- Sep 28, 2005
- 20,841
- 3,189
- 126
Welp i guess i'll be waiting for my 1 dollar check in the mail from the class action lawsuit? *sarcasm*
No but seriously, without seeing how much "performance hit" we actually get from accurate testing, I honestly think people are jumping the gun.
Changing entire systems over to AMD and EYPC, sure, for the small guys with 1-2 systems thats not a problem, however for a data center which has 1000+ systems, saying changing them over to EYPC is not even funny.
And even then they still wont do it because EYPC does not have enough data on how reliable / Durable the system is under constant load and live operations.
When a system is validated at a data center, they dont just say, here lets dump a few systems and just go with it.
They run a few systems on a isolated node for months, and then take note of the failure rates.
If it lives up to validation, then they incorporate it in the next node upgrade which then goes live.
Unfortunately AMD is not quite there yet in validation, so if this bug is as big as the guys on mega phones + soap boxes are making it out to be, then we can see a much larger problem at hand.
One in which im pretty sure Intel will probably do massive amounts of product recalls on, and in worst case scenario, we all get new cpu's, or free upgrades.
No but seriously, without seeing how much "performance hit" we actually get from accurate testing, I honestly think people are jumping the gun.
Changing entire systems over to AMD and EYPC, sure, for the small guys with 1-2 systems thats not a problem, however for a data center which has 1000+ systems, saying changing them over to EYPC is not even funny.
And even then they still wont do it because EYPC does not have enough data on how reliable / Durable the system is under constant load and live operations.
When a system is validated at a data center, they dont just say, here lets dump a few systems and just go with it.
They run a few systems on a isolated node for months, and then take note of the failure rates.
If it lives up to validation, then they incorporate it in the next node upgrade which then goes live.
Unfortunately AMD is not quite there yet in validation, so if this bug is as big as the guys on mega phones + soap boxes are making it out to be, then we can see a much larger problem at hand.
One in which im pretty sure Intel will probably do massive amounts of product recalls on, and in worst case scenario, we all get new cpu's, or free upgrades.
Which new CPU and/or upgrade to what? Do you suggest them supplying Epyc to customers? A hardware solution to Meltdown is a low level redesign. Unless already started, years needed.
- Jun 10, 2004
- 14,328
- 4,913
- 136
Intel would literally have to replace every single CPU manufactured for over a decade to address Meltdown. Which is why a product recall is a preposterous scenario.
- Sep 28, 2005
- 20,841
- 3,189
- 126
Why would they if the patch works?
Im not seeing what u guys are seeing...
If the patch works, and lets say the worst case scenario, its a 30% performance reduction, all intel needs to do is provide step ups, to clear that 30% performance reduction.
Why would they need to replace all the CPU's created?
The only time they would need to replace all the CPU's created would be if the patch proved uneffective and the exploit still existed.
And so far the reviews coming in doesn't show that big of a performance hit to the average user.
I honestly don't see why everyone is freaking out like the sky is falling, unless your the head IT or coordinator of a major company.
Im not seeing what u guys are seeing...
If the patch works, and lets say the worst case scenario, its a 30% performance reduction, all intel needs to do is provide step ups, to clear that 30% performance reduction.
Why would they need to replace all the CPU's created?
The only time they would need to replace all the CPU's created would be if the patch proved uneffective and the exploit still existed.
And so far the reviews coming in doesn't show that big of a performance hit to the average user.
I honestly don't see why everyone is freaking out like the sky is falling, unless your the head IT or coordinator of a major company.
Markfw
Moderator Emeritus, Elite Member
- May 16, 2002
- 25,542
- 14,496
- 136
I am sure I am not the only one that has run threadripper for MONTHS@100% load 24/7/365 since it came out, and thats without ECC, and at a higher speed. Its the exact chip as EPYC, but at a higher speed, so I am sure the testing is farther along than you may think. This is unlike previous Intel Xeons that are way different than their retail counterparts. The EPYC is simply the same amount of ccx's or MORE on the same platform (tr4/sp3 are really the same) with the same pin count. I am even running almost twice the ram speed that EPYC runs
Agreed.
A very precarious situation for Intel. All the elements of a perfect storm in regards their stock price. A resurgent AMD was bad enough, but this loss of performance and lawsuits will have big effect on the stock. People might now even question their other ventures away from mainstream CPUs.
Markfw
Moderator Emeritus, Elite Member
- May 16, 2002
- 25,542
- 14,496
- 136
I am not sure, but based on all I see the hit is serious for data center servers. If the data center is budgeted within 10% of its maximum, then they would need more servers to make up the difference, and overnight. The next few weeks will tell, so I won't be a doomsayer until it happens, but I am saying its seriously possible based on the data so far.
Oh, and by the way, I retired from a large company that had data centers with floor space literally measured in square miles, and we were at 90% a lot of the time, so I know of what I speak, and they were ALL Intel processors, except the few IBM P7,P8 and P9's. I guess there were a few mainframes in there too.
Last edited:
goldstone77
Senior member
- Dec 12, 2017
- 217
- 93
- 61
https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html
Note from the SUSE Security Team
SUSE is aware of the Spectre Attack named side channel attack and will be publishing updates.
Intel has a fix for Spectre
https://www.suse.com/security/cve/CVE-2017-5715/
Note from the SUSE Security Team
SUSE is aware of the Spectre Attack named side channel attack and will be publishing updates.
Intel has a fix for Spectre
Last edited:
do you mean intel will provide firmware that automatically overclock ? to offset the loss ?? that was crazy and if the power budget exceeded then the electricity cost will jump considerably
goldstone77
Senior member
- Dec 12, 2017
- 217
- 93
- 61
They also have a patch for Spectre that affect branch chain speculation. AMD has a patch that reads that it is disabling branch chain prediction. We don't know how much that will affect performance on top of the patch Intel had to implement for Meltdown. This could potentially be serious, since this was something implemented right after the 486 processors to improve speed!
https://xem.github.io/minix86/manual/intel-x86-and-64-manual-vol3/o_fe12b1e2a880e0ce-273.html
8.3 SERIALIZING INSTRUCTIONS
So now Intel says Spectre (variant 1+2) is fixable after Google and CERT said it was not.
Hopefully there will be a follow up on this.
Hopefully there will be a follow up on this.
goldstone77
Senior member
- Dec 12, 2017
- 217
- 93
- 61
amd6502
Senior member
- Apr 21, 2017
- 971
- 360
- 136
Is the list for Meltdown exclusively (not Meltdown or Spectre)?
Edit: according to wiki anything with speculative execution (even in-order atom does speculative execution) _might_ be vulnerable to Meltdown.
https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
Wiki currently states that pre-2013 Atom should be OK.
Last edited:
goldstone77
Senior member
- Dec 12, 2017
- 217
- 93
- 61
Personally, I'd rather have a secure system. If the flaw is significant to cause harm to the consumer than they should be compensated. I'll take a new free secure CPU please. Thank you.
sandorski
No Lifer
- Oct 10, 1999
- 70,099
- 5,639
- 126
SpaceBeer
Senior member
- Apr 2, 2016
- 307
- 100
- 116
goldstone77
Senior member
- Dec 12, 2017
- 217
- 93
- 61
That's what it says. Intel has also done something with branch prediction as well. We don't know what kind of performance implication this will have, but theoretically it could be substantial since this was originally implemented to increase performance right after the 486 processor.
not disabling all branch prediction, just specific that can lead to vulnerability.
that's why amd said the performance lost is negligible
DigDog
Lifer
- Jun 3, 2011
- 13,473
- 2,108
- 126
i'm gonna side with cpu manufacturers saying "it works as intended".
in other news, Lamborghini willingly released their latest car knowing full well at launch that the tires it comes equipped with are subject to a defect where if an attacker lays spikes in front of the oncoming vehicle, the tires can be punctured.
Also locks that can be opened, the chassis is susceptible to fires when covered in gasoline, and the windshield will shatter if simply struck with an 8-pound hammer.
a vulnerability is not a defect. the FDIV floating point bug was a defect. in common market products, you might have a slim chance if it was proven that a manufacturing company skipped common tests for common vulnerability, such as a company that produces roof tiles and does not test them for rain.
when it comes down to research-based technology, you just don't have a chance. unless you prove that they *knew* the vulnerability existed and went into production anyway ...
in other news, Lamborghini willingly released their latest car knowing full well at launch that the tires it comes equipped with are subject to a defect where if an attacker lays spikes in front of the oncoming vehicle, the tires can be punctured.
Also locks that can be opened, the chassis is susceptible to fires when covered in gasoline, and the windshield will shatter if simply struck with an 8-pound hammer.
a vulnerability is not a defect. the FDIV floating point bug was a defect. in common market products, you might have a slim chance if it was proven that a manufacturing company skipped common tests for common vulnerability, such as a company that produces roof tiles and does not test them for rain.
when it comes down to research-based technology, you just don't have a chance. unless you prove that they *knew* the vulnerability existed and went into production anyway ...
Last edited:
coercitiv
Diamond Member
- Jan 24, 2014
- 6,187
- 11,855
- 136
Which CPU manufacturers other than Intel are claiming it works as intended?
Car analogies, always the best way to misrepresent what is happening in the IT industry.
DigDog
Lifer
- Jun 3, 2011
- 13,473
- 2,108
- 126
Welcome to AnandTech Forums, where you need to type in single sentences to avoid confusing people.
TRENDING THREADS
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 9K
-
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 7K
-
Facebook
Twitter