Chrome OS 74 will disable Hyper-Threading by default

[Stefan Payne]

7 hours ago, brwainer said:

Some (but not all) of the hyperthreading vulnerabilities have also affected SMT, so AMD has not been completely immune. Also many security researchers believe any type of multi threading (two or more threads sharing a compute element) is less secure by its nature, and it will be impossible to remove all vulnerabilities.

Is there any proof of that claim??

Or just the usual "ah, AMD can't be immune to that"??

 

As you know, AMD does have some kind of access checks inside the CPU unlike Intel and some other who do not have that implemented...

[AlTech]

7 hours ago, floofer said:

Most people run Chrome OS on ARM anyway? 

Nope. Most run x86-64 cpus. A small minority use arm but defo not the majority

[Chunchunmaru_]

8 hours ago, DrMacintosh said:

Its not like Chrome OS has any applications that could put those threads to use.....

No applications, just basically every video without hardware decoding you watch in a browser

[brwainer]

51 minutes ago, Stefan Payne said:

Is there any proof of that claim??

Or just the usual "ah, AMD can't be immune to that"??

 

As you know, AMD does have some kind of access checks inside the CPU unlike Intel and some other who do not have that implemented...

Here’s explicit details from AMD as to what vulnerabilities are and are not applicable to them. In short, some variants of SPECTRE affect AMD, but not Meltdown. The PortSmash vulnerability affects any type of multithreading, including Intel’s, AMD’s, IBM’s, and any other that may exist.

 

EDIT: forgot link: https://www.amd.com/en/corporate/product-security

[JustWantTech]

The article that reports that MDS vulnebilities said AMD's chips are not affected with MDS attacks. Only Intel's chips.

 

And yes, AMD's CPU aren't totally immune to vulnabilities (some spectre variant can affect AMD CPUs). It's just AMD has less vulnabilities thanks to it being haitus (i guess) from the CPU competition.

[Stefan Payne]

57 minutes ago, brwainer said:

Here’s explicit details from AMD as to what vulnerabilities are and are not applicable to them. In short, some variants of SPECTRE affect AMD, but not Meltdown. The PortSmash vulnerability affects any type of multithreading, including Intel’s, AMD’s, IBM’s, and any other that may exist.

 

EDIT: forgot link: https://www.amd.com/en/corporate/product-security

Quote

We are aware of the report of a new security exploit called SPOILER which can gain access to partial address information during load operations. The SPOILER exploit can gain access to partial address information above address bit 11 during load operations. AMD processors do not use partial address matches above address bit 11 when resolving load conflicts. 

Quote

Fallout and Rogue In-Flight Data Load (RIDL)

5/14/19

At AMD we develop our products and services with security in mind. Based on our analysis and discussions with the researchers, we believe our products are not susceptible to ‘Fallout’ or ‘RIDL’ because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so.

 

 

AMD said not with us. Why are you trying to claim that it also affects AMD???

[The Benjamins]

57 minutes ago, brwainer said:

Here’s explicit details from AMD as to what vulnerabilities are and are not applicable to them. In short, some variants of SPECTRE affect AMD, but not Meltdown. The PortSmash vulnerability affects any type of multithreading, including Intel’s, AMD’s, IBM’s, and any other that may exist.

 

EDIT: forgot link: https://www.amd.com/en/corporate/product-security

This source does not list AMD vulnerable to MDS vulnerabilities, please provide a source that states AMD is affected and that google is also concerned about AMD CPU's. All sources provided has shown AMD not vulnerable, and google is not concerned about AMD for MDS vulnerabilities.

[Stefan Payne]

10 minutes ago, JustWantTech said:

And yes, AMD's CPU aren't totally immune to vulnabilities (some spectre variant can affect AMD CPUs). It's just AMD has less vulnabilities thanks to it being haitus (i guess) from the CPU competition.

Most of them haven't been demonstrated and, according to AMD:

Quote

because of the hardware protection checks in our architecture.

Its not likely that that happened.

 

You remember the "Ryzenfall" Bullshit??

You can argue that that was "paid opposition Research" or whatever, doesn't matter what the reason for that was, what matters is that those things were all they could come up with. 

[brwainer]

1 hour ago, Stefan Payne said:

 

 

AMD said not with us. Why are you trying to claim that it also affects AMD???

 

1 hour ago, The Benjamins said:

This source does not list AMD vulnerable to MDS vulnerabilities, please provide a source that states AMD is affected and that google is also concerned about AMD CPU's. All sources provided has shown AMD not vulnerable, and google is not concerned about AMD for MDS vulnerabilities.

I missed that Google was taking this action in response to MDS in particular. However I still feel that if there were systems shipped with Chrome OS and AMD processors with SMT, that Google would disable multithreading on AMD as well - not due to a specific vulnerability like MDS, but because time and again researchers are able to keep poking holes at multithreading features. There are undoubtedly going to be issues that affect AMD’s implementation only. Before these speculative execution attacks, CPUs were thought to be very secure, and any vulnerabilities found in them was just with a specific SKU and not with decades of products. Disabling multithreading entirely is a neat way of stepping away from the issue for a company who intends their products for mainly light use.

[rcmaehl]

3 minutes ago, GoodBytes said:

It is a good thing I use Edge Chromium.

I don't like software that imposes performance restrictions on my system.
Beside Edge Chromium is already superior in performance than Chrome,

*slaps self* No. I'm awake. Has it taken over already? That was quick.

[sof006]

12 hours ago, DrMacintosh said:

Its not like Chrome OS has any applications that could put those threads to use.....

4K videos on YouTube could possibly benefit from multithreading. Although I think it's mostly GPU dependant. 

[ImAyaanKhan]

9 hours ago, gabrielcarvfer said:

Cryptomining?

You'd have to be insane to mine on a chromebook

[Trixanity]

1 hour ago, GoodBytes said:

It is a good thing I use Edge Chromium.

I don't like software that imposes performance restrictions on my system.

Beside Edge Chromium is already superior in performance than Chrome, and feature a number of changes that Google never bothers with, like an understandable and organized Setting panel, smoother scrolling (eventually smooth scrolling), smooth zooming, integrates with the OS, improved incognito mode and things just got started.

 

The fact that Google is waking up late, and rushing features like Dark Mode, and start announcing coming up features like a new Settings panel, and Google already started to block Edge Chromium from Google very services, until the media caught on, and on each case Google goes: "Oops, honest mistake!" shows that Google already feels the pain of competition.

What does the Edge browser have to do with ChromeOS?

[GoodBytes]

11 minutes ago, Trixanity said:

What does the Edge browser have to do with ChromeOS?

Miss read as Chrome web browser

[ImAyaanKhan]

27 minutes ago, gabrielcarvfer said:

Correction: you'd have to be insane to mine on your own Chromebook. Don't you remember Coinhive?

lololol

[Kisai]

On 5/15/2019 at 8:10 AM, sof006 said:

4K videos on YouTube could possibly benefit from multithreading. Although I think it's mostly GPU dependant. 

4K (H265 HEVC, and VP9) videos presently require on-CPU or on-GPU hardware to decode or encode. That's only available in Braswell, Skylake or later hardware (eg 6000-series chips.) nVidia GTX Geforce 900 series, AMD RX 400 series GPU's also support it. No AMD CPU can encode VP9, and only the 7th generation core Intel CPU's can do VP9 encoding in hardware.

 

If you do offline encoding, (eg ffmpeg), of course it doesn't matter, and chromium uses libavcodec to do software encoding/decoding.

 

Regardless, multithreading and SMT/HT in this case have little bearing on video playback performance. It's difficult to synchronize cores for video decoding and the result in software is usually terrible (frame tearing.) It tends to play a role in software encoding only. 

 

If you want to watch 4K video, you really do need a three year old or less GPU/CPU. As for ChromeOS, that's just google playing it safe, because their target audience demographic is education, and they're basically disposable, cheap enough to throw away every year like cell phones.