Massive security hole in Xeons incoming?Official Meltdown/Spectre Discussion Thread

Discussion in 'CPUs and Overclocking' started by CatMerc, Jan 2, 2018.

  1. csbin

    csbin Senior member

    Joined:
    Feb 4, 2013
    Messages:
    737
    Likes Received:
    163
    moinmoin, PhonakV30 and lightmanek like this.
  2. PingSpike

    PingSpike Lifer

    Joined:
    Feb 25, 2004
    Messages:
    20,810
    Likes Received:
    48
    Yeah, what I'm getting out of this is sit tight because what we've seen so far isn't really the whole story. It seems like early benchmarks may not have been using all the fixes. Not sure if the shoes are done dropping.

    Some things I've read (and I'm sure its referenced here in the thread most likely) suggest that there's a microcode workaround for one of the spectre variants that is pretty cheap as far as performance cost goes on older chips. But skylake and newer actually has to use a more expensive workaround.
     
  3. vissarix

    vissarix Senior member

    Joined:
    Jun 12, 2015
    Messages:
    251
    Likes Received:
    81
  4. nOOky

    nOOky Senior member

    Joined:
    Aug 17, 2004
    Messages:
    967
    Likes Received:
    35
    I'd edit the thread title unless it only applies to Xeon processors? :)
     
  5. bsp2020

    bsp2020 Member

    Joined:
    Dec 29, 2015
    Messages:
    25
    Likes Received:
    9
    You should buy AMD stocks and wait for the market to realize how big a problem this is for Intel. AMD's server just went from "competitive" to "dominating by 2X or more" overnight. This is an opportunity to make money for all of us who understand what is going on. There is no way Intel will not lose significant server market share from this.

    The only way to get to servers in data center is through network and the patch slows down network traffic significantly for small packets. Intel server's IO performance went down the drain just in time for AMD EPYC's arrival that offers superior IO performance. EPYC offered superior IO performance using more PCIe lanes that are connected directly to CPUs. That superiority just went from "price/performance competitive" to "dominating in every metric".

    People who are benchmarking the effect of gaming performance of the patch just does not understand what is going on. Every disk access and network traffic happens through system call and the meltdown patch slows down all system calls. What type of workload uses disk and network a lot? Data center server workload, of course.

    Buy AMD shares and wait a few month to profit. The stock price will move like it was 2016 all over again. :)
     
    #705 bsp2020, Jan 6, 2018
    Last edited: Jan 6, 2018
  6. french toast

    french toast Senior member

    Joined:
    Feb 22, 2017
    Messages:
    604
    Likes Received:
    443
    I was going use MS DOS.
    .. didn't think I would be taken seriously with that...
     
  7. plopke

    plopke Member

    Joined:
    Jan 26, 2010
    Messages:
    188
    Likes Received:
    48
    "When we tested and published this article, the Windows 10 emergency fix had been out for just a few hours and no microcode or firmware updates had become available."
    Lets hope for gaming these results stay the same when it is tested with firmware update also , for now all these news articles that only tested the patch are no indication of performance. If i look true the thread the one place gaming might be impacted is that game servers will suffer.
     
    #707 plopke, Jan 6, 2018
    Last edited: Jan 6, 2018
    PingSpike and IEC like this.
  8. tential

    tential Diamond Member

    Joined:
    May 13, 2008
    Messages:
    7,288
    Likes Received:
    609
    I've just seen the AMD subreddit BLOW UP with how they're all going to switch from intel to AMD because of this and they're afraid they're going to lose performance.
    Yet I've seen few benchmarks, or data supporting anyone freaking out, just fear mongering.

    In fact, most of what I see is just speculation, no one seems to have done much of any testing. It's really annoying, because I couldn't care LESS about Spectre/Meltdown, unless you have performance numbers. If you have zero data, why are we even talking?! That's been the frustrating thing. Tell me the performance hit, or I really just don't care.
     
  9. Fanatical Meat

    Joined:
    Feb 4, 2009
    Messages:
    15,134
    Likes Received:
    1,405
    What is a reasonable time estimate for Intel to release newly designed chips that do not have this flaw?
     
  10. tential

    tential Diamond Member

    Joined:
    May 13, 2008
    Messages:
    7,288
    Likes Received:
    609
    Tell that to all the gamers who are freaking out and thinking they need to do something. No data supporting their claims yet, just a ton of fear mongering. On reddit anyway.
     
  11. mxnerd

    mxnerd Diamond Member

    Joined:
    Jul 6, 2007
    Messages:
    3,013
    Likes Received:
    195
  12. wahdangun

    wahdangun Senior member

    Joined:
    Feb 3, 2011
    Messages:
    744
    Likes Received:
    26
    Umm I have a several VM affected by this bug mainly VM that hosted ms-sql and posgress-sql,(odoo), and since the update my user start complaining about slowdown, and what's make me angry was Ms forced update my server, and the worst thing is my antivirus stop working after that (I'm using immunet av).
     
  13. Fanatical Meat

    Joined:
    Feb 4, 2009
    Messages:
    15,134
    Likes Received:
    1,405
    To my understanding there is a possibility of worms infecting machines basically if your machine is connected to the internet it is vulnerable
    *I am no subject matter expert in this area*
     
  14. mxnerd

    mxnerd Diamond Member

    Joined:
    Jul 6, 2007
    Messages:
    3,013
    Likes Received:
    195
    OK. I probably misunderstood what Intel said.

    Intel said 90% of its CPUs released in the past 5 years can be fixed, but didn't say the performance will not be affected by the patch. The performance will get hit, but not major. Should I believe it?
     
  15. Hitman928

    Hitman928 Golden Member

    Joined:
    Apr 15, 2012
    Messages:
    1,143
    Likes Received:
    179
    Intel has said a lot of things since this came out, very little of it really true. The Spectre bug isn't truly fixable without rethinking all modern CPU designs. Intel does have a fix for 2 specific attacks using the Spectre bug, but they haven't made their CPUs "immune" to what Spectre really is. Same thing for AMD, though the fix for both specific types of Spectre attacks we have right now hurts less on AMD than it does on Intel.
     
  16. IEC

    IEC Super Moderator
    Super Moderator

    Joined:
    Jun 10, 2004
    Messages:
    13,023
    Likes Received:
    2,088
    There is a proof of concept Javascript attack demonstrated by a researcher where he was stealing passwords in real time as the user typed them in. While it's more difficult to use these vulnerabilities/bugs to actually deliver payloads to machines, it is not impossible.
     
  17. mxnerd

    mxnerd Diamond Member

    Joined:
    Jul 6, 2007
    Messages:
    3,013
    Likes Received:
    195
    Links?
     
    #717 mxnerd, Jan 6, 2018
    Last edited: Jan 6, 2018
  18. Hitman928

    Hitman928 Golden Member

    Joined:
    Apr 15, 2012
    Messages:
    1,143
    Likes Received:
    179
    IEC and mxnerd like this.
  19. mxnerd

    mxnerd Diamond Member

    Joined:
    Jul 6, 2007
    Messages:
    3,013
    Likes Received:
    195
  20. Markfw

    Markfw CPU Moderator VC&G Moderator Elite Member
    Super Moderator

    Joined:
    May 16, 2002
    Messages:
    15,403
    Likes Received:
    2,015
  21. mxnerd

    mxnerd Diamond Member

    Joined:
    Jul 6, 2007
    Messages:
    3,013
    Likes Received:
    195
    After BIOS patch, processors likely will get even greater performance hit?
     
    Glo. likes this.
  22. William Gaatjes

    Joined:
    May 11, 2008
    Messages:
    16,422
    Likes Received:
    445
    I was wondering people, system calls will be slower. Mainly the requests to drives and network is applicable here for users.
    We notice that i/o to drives is slower and mostly servers will notice this or clients that do small 4k reads and writes.
    Are there tests done on networking already ?
    With all the games testing and people saying it is negliable , how is it when doing multiplayer games ?
    For the client , will this affect when playing a multiplayer game client ?
    And for the server, how will this affect a multiplayer game server ?
     
  23. Markfw

    Markfw CPU Moderator VC&G Moderator Elite Member
    Super Moderator

    Joined:
    May 16, 2002
    Messages:
    15,403
    Likes Received:
    2,015
    Yes....
     
    mxnerd likes this.
  24. Despoiler

    Despoiler Golden Member

    Joined:
    Nov 10, 2007
    Messages:
    1,544
    Likes Received:
    422