Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

Page 24 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
C

csbin

Senior member
Feb 4, 2013
838
351
136
s_1d9f31e54dd6468b9e10e8fca687091b.jpg
 
goldstone77

goldstone77

Senior member
Dec 12, 2017
217
93
61
hnizdo said:
Only in Crystaldiskmark alone.Not in ATTO. I have near zero influence on my rig (Win10pro, 8700k, 960Pro 1TB).
Click to expand...
The last storage focused test I ran was ATTO Disk Benchmark and here we find something interesting. These are all sequential tests so the 4K results here won’t necessarily reflect what we saw previously and they clearly don’t. However as the file size grows to 16 kilobytes we start to see a noticeable drop in performance with the update. The drop off isn’t as significant as the 4K read results seen previously but we are seeing up to a 9% reduction in throughput.
Click to expand...
https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/
Here is the link to the article.
 
CatMerc

CatMerc

Golden Member
Jul 16, 2016
1,114
1,149
136
DigDog said:
ok, i did NOT have that information.

Was it Google that knew, or Intel? If Google's research team knows but they had not disclosed it yet, Intel might still be able to save themselves.
Click to expand...
Google knew and informed the entire industry to mitigate this.
 
N

noneis

Junior Member
Mar 4, 2017
21
29
91
Spectre #2
- Intel pre-Skylake needs retpoline mitignation (very low performance hit)
- For Intel Skylake an newer retpoline is not enough -> perfromance hit incoming (according to Intel IBRS is "horribly slow")
- AMD doesn't need retpoline, lfence is enough.

source: https://twitter.com/never_released
 
  • Like
Reactions: DarthKyrie
LTC8K6

LTC8K6

Lifer
Mar 10, 2004
28,520
1,575
126
Waiting out this gen of chips has proved to be the right course of action.

Those who waited can wait some more, and then be able to build their new system without any of these vulnerabilities.

Hopefully. :)

If your system is a few years old and you have been waiting, then wait a little longer for the next gen of chips before spending
your hard earned money.
 
  • Like
Reactions: lightmanek
zinfamous

zinfamous

No Lifer
Jul 12, 2006
110,568
29,179
146
DigDog said:
i'm gonna side with cpu manufacturers saying "it works as intended".

in other news, Lamborghini willingly released their latest car knowing full well at launch that the tires it comes equipped with are subject to a defect where if an attacker lays spikes in front of the oncoming vehicle, the tires can be punctured.
Also locks that can be opened, the chassis is susceptible to fires when covered in gasoline, and the windshield will shatter if simply struck with an 8-pound hammer.

a vulnerability is not a defect. the FDIV floating point bug was a defect. in common market products, you might have a slim chance if it was proven that a manufacturing company skipped common tests for common vulnerability, such as a company that produces roof tiles and does not test them for rain.

when it comes down to research-based technology, you just don't have a chance. unless you prove that they *knew* the vulnerability existed and went into production anyway ...
Click to expand...

It depends on where this vulnerability came from and why it is there. I'm the cynical type, so when I see the claim "It works as intended," it absolutely means:

1. We knew this was a real exploit and security concern
2. We did it anyway because we needed to cram in some hidden performance to overtake our competitors
3. We really, really, really hoped you wouldn't notice
4. Oh, those guys over there? Their hardware also has vulnerabilities that may or may not be kinda as bad as ours, you know?
 
zinfamous

zinfamous

No Lifer
Jul 12, 2006
110,568
29,179
146
LTC8K6 said:
Waiting out this gen of chips has proved to be the right course of action.

Those who waited can wait some more, and then be able to build their new system without any of these vulnerabilities.

Hopefully. :)

If your system is a few years old and you have been waiting, then wait a little longer for the next gen of chips before spending
your hard earned money.
Click to expand...

Yeah, unintended for me, lol. I was more or less waiting for a decent Vega 56 release, priced well, and available....so I continue to wait. Still haven't bought my Ryzen (Was also waiting for good mATX boards, as well). Now it's no big thing to wait for Zen+ in a couple of months. By then, I expect the issues that actually effect AMD will be ironed out and part of an initial update.

Can these be done through BIOS? I've only read that they were software/OS fixes.

...but also smaller and better PSUs are finally starting to show up, so all of these delays are helpful.
 
LTC8K6

LTC8K6

Lifer
Mar 10, 2004
28,520
1,575
126
zinfamous said:
Yeah, unintended for me, lol. I was more or less waiting for a decent Vega 56 release, priced well, and available....so I continue to wait. Still haven't bought my Ryzen (Was also waiting for good mATX boards, as well). Now it's no big thing to wait for Zen+ in a couple of months. By then, I expect the issues that actually effect AMD will be ironed out and part of an initial update.

Can these be done through BIOS? I've only read that they were software/OS fixes.

...but also smaller and better PSUs are finally starting to show up, so all of these delays are helpful.
Click to expand...
I don't know, I'm still confused as to whether this is even a problem for a home user and if it is even a problem in the absence of a malware infection?
Also, I am thinking that patches and updates will gradually decrease the performance hit for those situations where that occurs.
 
coercitiv

coercitiv

Diamond Member
Jan 24, 2014
6,187
11,859
136
LTC8K6 said:
I don't know, I'm still confused as to whether this is even a problem for a home user and if it is even a problem in the absence of a malware infection
Click to expand...
Mozilla had to make changes to Firefox in order to limit exploit potential via JS. Based on this I reckon a browser based attack was a possibility, hence home users could become targets.
 
  • Like
Reactions: lightmanek
zinfamous

zinfamous

No Lifer
Jul 12, 2006
110,568
29,179
146
LTC8K6 said:
I don't know, I'm still confused as to whether this is even a problem for a home user and if it is even a problem in the absence of a malware infection?
Also, I am thinking that patches and updates will gradually decrease the performance hit for those situations where that occurs.
Click to expand...

patching meltdown looks to be a real performance hit for people using NvMe SSDs. Some of those benchmarks were reporting 20-25%? Rather defeats the purpose of going that route, then.
 
CatMerc

CatMerc

Golden Member
Jul 16, 2016
1,114
1,149
136
LTC8K6 said:
What could Intel have done in June to mitigate this?
Click to expand...
Well, bring their own engineers on board to research and fully understand the issue, start discussing and writing patches for their own systems and OS's, stuff like that.

This can't be done overnight.
 
sze5003

sze5003

Lifer
Aug 18, 2012
14,182
625
126
Yep chrome had some patches too. If there is a way to access your memory it's a potential threat to get someone's data. Most of the impacts of the patch would effect servers and such. Some stuff at work uses AWS so I wonder how our webservices that run on that will behave. Yesterday was looking at some logs and I could already see some performance issues. But I'm pretty sure my company didn't take the update yet, they move slowly.
 
LTC8K6

LTC8K6

Lifer
Mar 10, 2004
28,520
1,575
126
zinfamous said:
patching meltdown looks to be a real performance hit for people using NvMe SSDs. Some of those benchmarks were reporting 20-25%? Rather defeats the purpose of going that route, then.
Click to expand...
IIRC, that was only in a benchmark, not in actual use?
 
LTC8K6

LTC8K6

Lifer
Mar 10, 2004
28,520
1,575
126
As the industry understands these exploits better, the patches will probably get more efficient.
 
  • Like
Reactions: pcp7
Zstream

Zstream

Diamond Member
Oct 24, 2005
3,396
277
136
AdamK47 said:
Part of me wishes Google never attempted performing this exploit. Fixes of some kind have to be performed once any exploit is disclosed. This kind of fix I could have done without.
Click to expand...

It’s not that Google found the exploit. It’s that deep state hackers have been using it for some time.
 
  • Like
Reactions: french toast
Fanatical Meat

Fanatical Meat

Lifer
Feb 4, 2009
34,554
15,766
136
So any conclusive impact on older machines like my core 2 quad?
I'd hate that to be slowed down and be forced to buy a new machine that gets slowed down
 
coercitiv

coercitiv

Diamond Member
Jan 24, 2014
6,187
11,859
136
Fanatical Meat said:
So any conclusive impact on older machines like my core 2 quad?
I'd hate that to be slowed down and be forced to buy a new machine that gets slowed down
Click to expand...
Home users will not be significantly impacted in terms of performance (meaning zero or near zero performance impact). Update your browser, update your OS, go on with your life as usual.
 
  • Like
Reactions: Jaskalas and french toast
LTC8K6

LTC8K6

Lifer
Mar 10, 2004
28,520
1,575
126
Fanatical Meat said:
So any conclusive impact on older machines like my core 2 quad?
I'd hate that to be slowed down and be forced to buy a new machine that gets slowed down
Click to expand...
Probably not going to notice in regular home use.
But when you do buy a new system in a year, the newer chips should not have these flaws.

They will probably have their own flaws, though.
 
  • Like
Reactions: urvile
coercitiv

coercitiv

Diamond Member
Jan 24, 2014
6,187
11,859
136
LTC8K6 said:
But when you do buy a new system in a year, the newer chips should not have these flaws.
Click to expand...
This is what I'm most curious about: what CPUs will Intel be selling in 2019 that have been purposely built to avoid this vulnerability? Why would Intel's next gen arch be designed to be immune to this exploit path considering Intel has just become aware of it? :)
 
  • Like
Reactions: maddie and IEC
XMan

XMan

Lifer
Oct 9, 1999
12,513
49
91
Hmm. i7-4790K, Intel's tool says my system is not vulnerable? That chip certainly falls in the described range.
 
witeken

witeken

Diamond Member
Dec 25, 2013
3,899
193
106
coercitiv said:
This is what I'm most curious about: what CPUs will Intel be selling in 2019 that have been purposely built to avoid this vulnerability? Why would Intel's next gen arch be designed to be immune to this exploit path considering Intel has just become aware of it? :)
Click to expand...
Intel said the first chips with hardware mitigation will be released in 2018. They already know about it for 7 months so definitely possible.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom