Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

Page 33 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
goldstone77

goldstone77

Senior member
Dec 12, 2017
217
93
61
moinmoin said:
Some ex-Intel employee did a detailed Tweets thread about this very topic: https://twitter.com/securelyfitz/status/949370010652196864
Click to expand...
Even after this apologetic speech what's more interesting is the simple responses that fix the problem fairly quickly with cavities:
"All of this is why you're supposed to make chicken bits to disable dubious, dangerous features like the sort of speculative execution that's at fault here." Continue reading from here
 
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,952
7,665
136
goldstone77 said:
Even after this apologetic speech what's more interesting is the simple responses that fix the problem fairly quickly with cavities:
"All of this is why you're supposed to make chicken bits to disable dubious, dangerous features like the sort of speculative execution that's at fault here." Continue reading from here
Click to expand...
Not sure what's "apologetic" about this "speech" if it's a realistic outline of how long it's going to take Intel to get its hardware out of this mess.

Regarding the response AMD appears to have released a microcode update that enables selective deactivating of branch prediction/speculative execution.
 
goldstone77

goldstone77

Senior member
Dec 12, 2017
217
93
61
moinmoin said:
Not sure what's "apologetic" about this "speech" if it's a realistic outline of how long it's going to take Intel to get its hardware out of this mess.

Regarding the response AMD appears to have released a microcode update that enables selective deactivating of branch prediction/speculative execution.
Click to expand...
(note: my goal is not to criticize chip manufacturers - it's to defend the constraints they have)
Click to expand...
 
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,952
7,665
136
@goldstone77
What's apologetic about talking about constraints in an industry?

Just in case you think I'm defending Intel here, I'm not. I just think it's insightful having a (former) insider line out the usual modus operandi of the industry and spell out that it will realistically take Intel 4 to 5 years (in case you TL;DR'ed) until it will completely have solved the whole issue in the hardware itself. How that's apologetic I don't know.
 
  • Like
Reactions: pcp7
aigomorla

aigomorla

CPU, Cases&Cooling Mod PC Gaming Mod Elite Member
Super Moderator
Sep 28, 2005
20,846
3,190
126
LOL you know what I find funny...

Intel came out with netburst arch... the old smithfields and prescott's which doubled as space heaters aka p4.
We complained and hated intel. We even called the creators of netburst Failures and idiots.

AMD also spanked intel with the release of Toledo and Manchester, which basically ran circles around intel's dual cores and generated less heat.

Then some guy discovered hey if we put a laptop die off a p3... yes a older branch tech then the space heaters, we could make the cpu run faster... and not just a little faster but a LOT faster.

Then that was the birth of the Core... but it doesnt end there... we wanted more and more, and hence got the i7 920 bloomfield....
This is basically the start point of where spectre / meltdown began.

So what does this state?
The guy who invented prescott / smithfield that we flamed and ranted was an idiot, may have actually been correct.

So oh god, we may see netburst cpu's in the future, and rise of the space heaters may come to us again if everyone is looking for a uber fast solution.
 
  • Like
Reactions: scannall
DrMrLordX

DrMrLordX

Lifer
Apr 27, 2000
21,634
10,849
136
stockolicious said:
https://www.ebay.com/sch/i.html?_od...&_trksid=m570.l1313&_nkw=xeon+server&_sacat=0

I think your right - seems as though there are a few hundred thousand newly available intel servers on Ebay
Click to expand...

Interesting. I wonder how many of those are newer than Haswell.

hnizdo said:
Hmm, I am thinking how its realted. Lets have a server(s), retarded by ptaches. How I solve the situation? I will sell them for low price on ebay, and restock with - what? Server with the same flaw? Forget bout AMD, there are no hundred thousand modern amd servers on the whole market.
Click to expand...

Newer systems are more likely to get the necessary firmware patches to be fully secured against both Meltdown and Spectre. Older stuff won't get patched as quickly, or maybe not at all.

A cursory glance at some of those eBay offers showed a lot of Sandy Bridge-era stuff for sale. No small wonder there.

In the short term, we may see a run on Broadwell-era Xeons, since Retpoline may actually work on those.

moinmoin said:
Some ex-Intel employee did a detailed Tweets thread about this very topic: https://twitter.com/securelyfitz/status/949370010652196864
Click to expand...

That guy seems even more pessimistic than I. I figure Intel can have this problem licked by 2020, but he thinks 2021?

aigomorla said:
Then that was the birth of the Core... but it doesnt end there... we wanted more and more, and hence got the i7 920 bloomfield....
This is basically the start point of where spectre / meltdown began.
Click to expand...

I thought some of these problems affect PPro as well, and everything Netburst.

But hey there's always IA64 right?

Anyone know if Itanium is vulnerable?
 
goldstone77

goldstone77

Senior member
Dec 12, 2017
217
93
61
moinmoin said:
@goldstone77
What's apologetic about talking about constraints in an industry?

Just in case you think I'm defending Intel here, I'm not. I just think it's insightful having a (former) insider line out the usual modus operandi of the industry and spell out that it will realistically take Intel 4 to 5 years (in case you TL;DR'ed) until it will completely have solved the whole issue in the hardware itself. How that's apologetic I don't know.
Click to expand...

Granted the post talks his thoughts on how Intel got to this point. From there he goes into theories on how this could potentially be remedied with a time frame. But the last statement in his opening comments reveals his purpose: (note: my goal is not to criticize chip manufacturers - it's to defend the constraints they have) The speech takes place, because of advancements in speed vs. security that lead up to this fundamental hardware flaw. One commenter makes a couple statement providing a quick remedy in the interim(which could/should have happened in the past) giving people a choice of security over speed.
https://imgur.com/uBISgCD
uBISgCD

Maybe apologetic isn't the right word for what he is trying to do. Does he want to regretfully acknowledge the failure or excuse it? Either way it feels like it's meant to ease the blow cause by these vulnerabilities.
a·pol·o·get·ic:
adjective
  1. regretfully acknowledging or excusing an offense or failure.
 
  • Like
Reactions: Kuosimodo
aigomorla

aigomorla

CPU, Cases&Cooling Mod PC Gaming Mod Elite Member
Super Moderator
Sep 28, 2005
20,846
3,190
126
Nah that list says core 45nm and 32nm...

Bloomfield was the start of 32nm...
Yorkfield was the start of the 45nm... also the start of the intigration of the single die quadcore.
Kentsfield was when intel decided to paste 2 dualcore dies on 1 pcb... and was 65nm....

I am guessing anywhere from the e6600 or a variant of it, and down is safe according to articles.
 
Markfw

Markfw

Moderator Emeritus, Elite Member
May 16, 2002
25,562
14,515
136
aigomorla said:
Nah that list says core 45nm and 32nm...

Bloomfield was the start of 32nm...
Yorkfield was the start of the 45nm... also the start of the intigration of the single die quadcore.
Kentsfield was when intel decided to paste 2 dualcore dies on 1 pcb... and was 65nm....

I am guessing anywhere from the e6600 or a variant of it, and down is safe according to articles.
Click to expand...
Safe ? Just get a Ryzen or Threadripper.......
 
  • Like
Reactions: Kuosimodo, Shamrock, DarthKyrie and 1 other person
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,952
7,665
136
goldstone77 said:
One commenter makes a couple statement providing a quick remedy in the interim(which could/should have happened in the past) giving people a choice of security over speed.
Click to expand...
That commenter (and it seems you as well) seems to miss the point that the "speech" is not about "quick remedies" (that's what all the workarounds in OS, software, firmware/BIOS and microcode already are all about) but about fundamentally correcting the hardware, ideally while recovering all the performance loss all the workarounds already are and still will incur.

I fully and obviously agree that Intel obviously put speed above security and that that was a very ill-advised strategy that just was waiting to backfire. That doesn't change (rather it imo actually exacerbates) the likely fact that Intel will need time to fundamentally resolve the issue in its hardware.
 
  • Like
Reactions: DarthKyrie
IEC

IEC

Elite Member
Super Moderator
Jun 10, 2004
14,330
4,918
136
goldstone77 said:
This is why Intel did not want to publicly announce this as a hardware security flaw! Look at that class action lawsuit!
Click to expand...

Let's be real here... required disclosures aside, obviously there were going to be class action lawsuits regardless of what Intel did or didn't do.
 
Fanatical Meat

Fanatical Meat

Lifer
Feb 4, 2009
34,576
15,790
136
I'm a total amateur in this subject so bare with me if I'm being dumb.
I wonder if we'll see a bunch of arm or atom (or some low powered unaffected chip) start to become firewalls or powering network gear. Maybe a whole new category of hardware.
 
IEC

IEC

Elite Member
Super Moderator
Jun 10, 2004
14,330
4,918
136
Fanatical Meat said:
I'm a total amateur in this subject so bare with me if I'm being dumb.
I wonder if we'll see a bunch of arm or atom (or some low powered unaffected chip) start to become firewalls or powering network gear. Maybe a whole new category of hardware.
Click to expand...

Most network gear already uses different chips (quite a lot of networking gear uses ARM-based chips). They may or may not have these specific flaws, but they still have flaws that are patched all the time.
 
EXCellR8

EXCellR8

Diamond Member
Sep 1, 2010
3,982
839
136
i expect to see some price slashing on all of these to-be-gimped Intel processors... finally a bit of poetic karma for the overpriced wafers. The irony here... biblical!
 
  • Like
Reactions: Kuosimodo
moinmoin

moinmoin

Diamond Member
Jun 1, 2017
4,952
7,665
136
@goldstone77
Regarding Intel doing bad design decisions and amassing critical bugs in their CPUs for some time now, you may or may not be aware of this commonly quoted old blog post: https://danluu.com/cpu-bugs/

Fanatical Meat said:
I'm a total amateur in this subject so bare with me if I'm being dumb.
I wonder if we'll see a bunch of arm or atom (or some low powered unaffected chip) start to become firewalls or powering network gear. Maybe a whole new category of hardware.
Click to expand...
Raspberry Pi is unaffected, just sayin'.
 
IEC

IEC

Elite Member
Super Moderator
Jun 10, 2004
14,330
4,918
136
EXCellR8 said:
i expect to see some price slashing on all of these to-be-gimped Intel processors... finally a bit of poetic karma for the overpriced wafers. The irony here... biblical!
Click to expand...

That's assuming a bit much... with typical desktop applications and games there hasn't been much of a performance impact *to date*, so unless future patches really screw the pooch, I don't think it really changes anything for most consumers (server/datacenter users excluded).
 
Fanatical Meat

Fanatical Meat

Lifer
Feb 4, 2009
34,576
15,790
136
moinmoin said:
@goldstone77
Regarding Intel doing bad design decisions and amassing critical bugs in their CPUs for some time now, you may or may not be aware of this commonly quoted old blog post: https://danluu.com/cpu-bugs/


Raspberry Pi is unaffected, just sayin'.
Click to expand...

That's kind of what I mean, I wonder if we'll see more powerful pi's and some maniac string a bunch together to make a secure virtualized print server for a bank or hospital network
 
urvile

urvile

Golden Member
Aug 3, 2017
1,575
474
96
IEC said:
Let's be real here... required disclosures aside, obviously there were going to be class action lawsuits regardless of what Intel did or didn't do.
Click to expand...

There will always be opportunistic lawyers coming out of the woodwork.......
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom