Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
CommandMan7

Intel gives up on patching Spectre variant 2

Recommended Posts

Posted · Original PosterOP

As title says, Intel has given up on mitigating spectre variant 2 after having multiple issues making a functional microcode updates, as well as seeing low customers demand for such patches. Note spectre variant 2 only affects older chips:

 

Quote

CPU families that won't be updated include Bloomfield, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0 and M0, Wolfdale E0 and R0, Wolfdale Xeon X0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.

The newest chips that are on the list that I can make out are the 1000 series core series. If you have a sandy bridge processor or newer, this vulnerability does not affect you. 

 

This leaves the "Intel core", "Penryn", and "Nehalem" architectures vulnerable. These architectures are all 10+ years old but nonetheless I still think it's reckless to not even try to secure them. Im sure there are plenty of ATM's, School PC's, and other critical systems running these chips. That being said, anybody still running these chips likely are running Windows XP or Windows 7, so it's not like they were secure anyways.

 

I still believe these should be patched, and even if not for practical reasons. It's important to foster an environment of zero tolerance for security flaws in a company, as well as proving to your customers you stand behind your products. 

 

Source: http://www.zdnet.com/article/intel-we-now-wont-ever-patch-spectre-variant-2-flaw-in-these-chips/

 

this was written on mobile when extremely sleep deprived so if I missed anything let me know


I am conducting some polls regarding your opinion of large technology companies. I would appreciate your response. 

Microsoft Apple Valve Google Facebook Oculus HTC AMD Intel Nvidia

I'm using this data to judge this site's biases so people can post in a more objective way.

Link to post
Share on other sites

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy? 

 

Intel announced whats not supported, if you ATM or school has them, should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

Link to post
Share on other sites

oh yay... well hopefully 1st gen Core I can drop in price but RIP the X58 comunity i guess...


I spent $2500 on building my PC and all i do with it is play no games atm & watch anime at 1080p(finally)...

Builds:

The Toaster Project! Northern Bee!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to post
Share on other sites

Tbh, i dont think windows (microsoft) would bother updating if a flaw was found in Windows Vista. The fact that Intel attempted to patch them at all is great, but since they are old CPU`s that arent making any money anymore. You shouldnt be surprised to see them not bothering to fix them

Edited by GoldenLag
Reasons
Link to post
Share on other sites

A lot of office and school computers are still on ancient Intel teknologi

But if it doesn't affect the latest architecture I'm sure Intel will be happy not to fix it


Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to post
Share on other sites

It's called End of Life and End of Support.

A company cannot support ancient technology forever, there has to be a point where you cut it off and move on.

Stop expecting your 20 year old CPU and Windows XP installation to get updates for 100 years.


Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to post
Share on other sites

What you mean low demand ? fix your bugs lol :D with minimal performance hit or non, should't be that hard :D

 

32 minutes ago, CommandMan7 said:

Im sure there are plenty of ATM's, School PC's, and other critical systems running these chips.

Are those updated ever at all, if seen ATM run windows xp lol.

Link to post
Share on other sites
3 minutes ago, Lurick said:

It's called End of Life and End of Support.

A company cannot support ancient technology forever, there has to be a point where you cut it off and move on.

Stop expecting your 20 year old CPU and Windows XP installation to get updates for 100 years.

Most cant comprehend this and whats most surprising to me is a lot even on LTT dont either. 

Link to post
Share on other sites

great. now there's incentive to develop real-world malware that exploits these


"There is nothing more difficult than fixing something that isn't all the way broken yet." - Author Unknown

"A redline a day keeps depression at bay" - Author Unknown

Spoiler

Intel Core i7-3960X @ 4.6 GHz - Asus P9X79WS/IPMI - 12GB DDR3-1600 quad-channel - EVGA GTX 1080ti SC - Fractal Design Define R5 - 500GB Crucial MX200 and 2 x Seagate ST2000DM006 (in RAID 0 for games!) - The good old Corsair GS700 - Yamakasi Catleap 2703 27" 1440p and ASUS VS239H-P 1080p 23" - NH-D15 - Logitech G710+ - Mionix Naos 7000 - Sennheiser PC350 w/Topping VX-1

 

Avid Miata autocrosser :D

Link to post
Share on other sites

Still have a wolfdale based system. Just gotta be careful where I go on the internet and what I do.


There are 10 types of people in this world. Those that understand binary and those that don't.

Current Rig (Dominator II): 8GB Corsair Vengeance LPX DDR4 3133 C15, AMD Ryzen 3 1200 at 4GHz, Coolermaster MasterLiquid Lite 120, ASRock B450M Pro4, AMD R9 280X, 120GB TCSunBow SSD, 3TB Seagate ST3000DM001-9YN166 HSD, Corsair CX750M Grey Label, Windows 10 Pro, 2x CoolerMaster MasterFan Pro 120, Thermaltake Versa H18 Tempered Glass.

 

Previous Rig (Black Magic): 8GB DDR3 1600, AMD FX6300 OC'd to 4.5GHz, Zalman CNPS5X Performa, Asus M5A78L-M PLUS /USB3, GTX 950 SC (former, it blew my PCIe lane so now on mobo graphics which is Radeon HD 3000 Series), 1TB Samsung Spinpoint F3 7200RPM HDD, 3TB Seagate ST3000DM001-9YN166 HDD (secondary), Corsair CX750M, Windows 8.1 Pro, 2x 120mm Red LED fans, Deepcool SMARTER case

 

My secondary rig (The Oldie): 4GB DDR2 800, Intel Core 2 Duo E8400 @ 3GHz, Stock Dell Cooler, Foxconn 0RY007, AMD Radeon HD 5450, 250GB Samsung Spinpoint 7200RPM HDD, Antec HCG 400M 400W Semi Modular PSU, Windows 8.1 Pro, 80mm Cooler Master fan, Dell Inspiron 530 Case modded for better cable management. UPDATE: SPECS UPGRADED DUE TO CASEMOD, 8GB DDR2 800, AMD Phenom X4 9650, Zalman CNPS5X Performa, Biostar GF8200C M2+, AMD Radeon HD 7450 GDDR5 edition, Samsung Spinpoint 250GB 7200RPM HDD, Antec HCG 400M 400W Semi Modular PSU, Windows 8.1 Pro, 80mm Cooler Master fan, Dell Inspiron 530 Case modded for better cable management and support for non Dell boards.

 

Retired/Dead Rigs: The OG (retired) (First ever PC I used at 3 years old back in 2005) Current Specs: 2GB DDR2, Pentium M 770 @ 2.13GHz, 60GB IDE laptop HDD, ZorinOS 12 Ultimate x86. Originally 512mb DDR2, Pentium M 740 @ 1.73GHzm 60GB IDE laptop HDD and single boot XP Pro. The Craptop (dead), 2gb DDR3, Celeron n2840 @ 2.1GHz, 50GB eMMC chip, Windows 10 Pro. Nightrider (dead and cannibalized for Dominator II): Ryzen 3 1200, Gigabyte A320M HD2, 8GB DDR4, XFX Ghost Core Radeon HD 7770, 1TB Samsung Spinpoint F3 (2010), 3TB Seagate Barracuda, Corsair CX750M Green, Deepcool SMARTER, Windows 10 Home.

Link to post
Share on other sites

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites
12 minutes ago, mr moose said:

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

Some people seem to think businesses and schools just upgrade hardware willy nilly. In their eyes as long as it gets the job done and stays stable, it's not worth upgrading until it's either broken or not as productive as it once was.


CPU: Intel i7 7700K | GPU: ROG Strix GTX 1080Ti | PSU: Seasonic X-1250 (faulty) | Memory: Corsair Vengeance RGB 3200Mhz 16GB | OS Drive: Western Digital Black NVMe 250GB | Game Drive(s): Samsung 970 Evo 500GB, Hitachi 7K3000 3TB 3.5" | Motherboard: Gigabyte Z270x Gaming 7 | Case: Fractal Design Define S (No Window and modded front Panel) | Monitor(s): Dell S2716DG G-Sync 144Hz, Acer R240HY 60Hz | Keyboard: G.SKILL RIPJAWS KM780R MX | Mouse: Steelseries Sensei 310 (Striked out parts are sold, awaiting zen2 parts)

Link to post
Share on other sites
6 minutes ago, mr moose said:

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

Okay except that 10 years in computer terms is more like 50-70 years in automotive terms as far as changes go. So look at it more like could you expect to get free repairs for your 1948-1968 GM vehicle? Not third party parts or used parts mind you but fresh from the factory real GM parts? Reasonable? I don't think so, think about it the same way. There is probably just about as much difference between a 1968 GM and a 2018 GM and a first gen Intel Core and a 8th gen Intel Core part - maybe less.

Link to post
Share on other sites

I'm not concerned. I don't have any data worth stealing, it's all just furry porn anyway.


Intel Core i7 4790K 4.8GHz | MSI Z97 Gaming 5 | 32GB 2133MHz CL7 DDR3 | nVidia GeForce GTX 1070 with Custom BIOS | Samsung 850 Evo 500GB | 3TB Seagate FireCuda SSHD | 2TB Seagate FireCuda SSHD | Corsair CX750M  | Custom 240mm all-in-one liquid cooler | Broadcom NetXTREME 5709c Dual Gigabit NIC | Cougar MX330 mid-tower chassis | Windows Server 2008 R2 Datacenter

Link to post
Share on other sites

for me i think it's reasonable not to patch such old processors, but this is not a update like someone called it in this topic, it's a security flaw.

I guess it's up to the customers to decide when then want to upgrade or not, and the problem was Intel's fault. When Intel sold it no one expected updates for this long but neither were they expecting to buy something with security flaws. so i guess i can see it both ways.

 

7 minutes ago, AncientNerd said:

Okay except that 10 years in computer terms is more like 50-70 years in automotive terms as far as changes go. So look at it more like could you expect to get free repairs for your 1948-1968 GM vehicle? Not third party parts or used parts mind you but fresh from the factory real GM parts? Reasonable? I don't think so, think about it the same way. There is probably just about as much difference between a 1968 GM and a 2018 GM and a first gen Intel Core and a 8th gen Intel Core part - maybe less.

actually if you think about it CPU's haven't changed that much in 10 years. And if it were not for Ryzen, even less. For a particular use (especially businesses) i can see people just not needing or caring for a upgrade as it still does it's job.


.

Link to post
Share on other sites
1 hour ago, mynameisjuan said:

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy?

There are companies with 20 year support contracts so yes, it's perfectly reasonable to expect a 2009 cpu to get critical security microcode updates. Maybe you're used to phones getting shit support but it hasn't always been that way.

 

1 hour ago, mynameisjuan said:

 But if they still have that outdated of machines, they were probably not kept up to date in the first place.

Nice assumption, also 100% false.


...is there a question here? 🤔

sudo chmod -R 000 /*

What is scaling and how does it work? Asus PB287Q unboxing! Console alternatives :D Watch Netflix with Kodi on Arch Linux Sharing folders over the internet using SSH Beginner's Guide To LTT (by iamdarkyoshi)

Sauron'stm Product Scores:

Spoiler

Just a list of my personal scores for some products, in no particular order, with brief comments. I just got the idea to do them so they aren't many for now :)

Don't take these as complete reviews or final truths - they are just my personal impressions on products I may or may not have used, summed up in a couple of sentences and a rough score. All scores take into account the unit's price and time of release, heavily so, therefore don't expect absolute performance to be reflected here.

 

-Lenovo Thinkpad X220 - [8/10]

Spoiler

A durable and reliable machine that is relatively lightweight, has all the hardware it needs to never feel sluggish and has a great IPS matte screen. Downsides are mostly due to its age, most notably the screen resolution of 1366x768 and usb 2.0 ports.

 

-Apple Macbook (2015) - [Garbage -/10]

Spoiler

From my perspective, this product has no redeeming factors given its price and the competition. It is underpowered, overpriced, impractical due to its single port and is made redundant even by Apple's own iPad pro line.

 

-OnePlus X - [7/10]

Spoiler

A good phone for the price. It does everything I (and most people) need without being sluggish and has no particularly bad flaws. The lack of recent software updates and relatively barebones feature kit (most notably the lack of 5GHz wifi, biometric sensors and backlight for the capacitive buttons) prevent it from being exceptional.

 

-Microsoft Surface Book 2 - [Garbage - -/10]

Spoiler

Overpriced and rushed, offers nothing notable compared to the competition, doesn't come with an adequate charger despite the premium price. Worse than the Macbook for not even offering the small plus sides of having macOS. Buy a Razer Blade if you want high performance in a (relatively) light package.

 

-Intel Core i7 2600/k - [9/10]

Spoiler

Quite possibly Intel's best product launch ever. It had all the bleeding edge features of the time, it came with a very significant performance improvement over its predecessor and it had a soldered heatspreader, allowing for efficient cooling and great overclocking. Even the "locked" version could be overclocked through the multiplier within (quite reasonable) limits.

 

-Apple iPad Pro - [5/10]

Spoiler

A pretty good product, sunk by its price (plus the extra cost of the physical keyboard and the pencil). Buy it if you don't mind the Apple tax and are looking for a very light office machine with an excellent digitizer. Particularly good for rich students. Bad for cheap tinkerers like myself.

 

 

Link to post
Share on other sites

Well even I think most of the chips affected here are fully obsolete by now. This really isn't a big deal except for maybe nuclear submarines that still run on Windows XP because that certainly makes me feel safe about it.


-------

Current Rig

-------

Link to post
Share on other sites
1 hour ago, mynameisjuan said:

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy? 

 

Intel announced whats not supported, if you ATM or school has them, should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

Progress has slowed down a lot. In the 1990s a 3 year old system was considered ancient, today a 6 year old system is fine if you are not gaming or using it for heavy productivity tasks.

  1. An R9 290X/GTX Titan is 5 years old and still is considered rather powerful, the R9 290X especially in compute tasks. 
  2. Sandy Bridge is 7 years old and is still considered modern, advancements have not been large in the last few years hence older systems will still be present in many places.

 

Link to post
Share on other sites

I kinda feel like it's justifiable to no longer support CPU's which came out more than ten years ago, I mean I think the only hardware that still gets support that long after release are sound cards anyways. On the other hand many people have had little reason to upgrade if they bought their system 10 years ago because innovation has been quite low.

 

Has Intel actually fixed the flaws on the more modern parts yet anyways?


CPU - Ryzen Threadripper 2950X | Motherboard - X399 GAMING PRO CARBON AC | RAM - G.Skill Trident Z RGB 4x8GB DDR4-3200 14-13-13-21 | GPU - Aorus GTX 1080 Ti Waterforce WB Xtreme Edition | Case - Inwin 909 (Silver) | Storage - Samsung 950 Pro 500GB, Samsung 970 Evo 500GB, Samsung 840 Evo 500GB, HGST DeskStar 6TB, WD Black 2TB | PSU - Corsair AX1600i | Display - DELL ULTRASHARP U3415W |

Link to post
Share on other sites
1 hour ago, mynameisjuan said:

...if you ATM...should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

But how exactly does an ATM go 'out of date'?  It was built to do one single purpose, run a display, interact with the user and their credentials, communicate with the network and dispense money.  It's job doesn't 'evolve'.  There's no 'high resolution money update'.  It's a money kiosks who's role in the universe is entirely static.  So why should it be 'upgraded' when it does it's job exactly as it did when it was new?  The vulnerability is a design flaw that was present since the day it was manufactured so  how is it unreasonable to want a patch rather than saying 'They shouldn't put it in a dumpster 5 years ago anyway!'

 

I think a lot of people on this forum get clouded by the CONSUMER electronic upgrade cycles and forget that in industrial and commercial applications, a lot of technology is turn-key.  You can install it and outside of maintenance, it'll perform it's job just fine for 20 years and that's not a 'failure to upgrade' it's 'it still does it's task perfectly'.

Link to post
Share on other sites

Some of them are so old it hardly matters. What does matter is the lack of bios updates for older chipsets/CPU's that are heavily affected. For instance, my Devil's Canyon I7 gets rekt in the inner city in GTAV. My GPU is basically idling, as the CPU with Windows security updates, is chugging along with IO streaming as well as physics stuff an open world game needs. It's pathetic. Fuck you greedy Intel.


Watching Intel have competition is like watching a headless chicken trying to get out of a mine field

CPU: Intel I7 4790K@4.6 with NZXT X31 AIO; MOTHERBOARD: ASUS Z97 Maximus VII Ranger; RAM: 8 GB Kingston HyperX 1600 DDR3; GFX: ASUS R9 290 4GB; CASE: Lian Li v700wx; STORAGE: Corsair Force 3 120GB SSD; Samsung 850 500GB SSD; Various old Seagates; PSU: Corsair RM650; MONITOR: 2x 20" Dell IPS; KEYBOARD/MOUSE: Logitech K810/ MX Master; OS: Windows 10 Pro

Link to post
Share on other sites
7 minutes ago, Sauron said:

There are companies with 20 year support contracts so yes, it's perfectly reasonable to expect a 2009 cpu to get critical security microcode updates. Maybe you're used to phones getting shit support but it hasn't always been that way.

Well these 20 year expectations are honestly stupid for consumer products. Commercial products I can see on certain levels, but in the tech industry is make little to no sense. 

 

With most consumer products you build the product and if something fails, replace the part. However, this is about bugs and vulnerabilities which there will 100% always be. Typical support or replacing a part cost nothing other than the part and the employee replacing it at that time. While in the tech world a few employees are working year round fixing bugs that WILL happen. 

 

The tech world vs normal consumer world are two different things. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×