Intel gives up on patching Spectre variant 2

[CommandMan7]

As title says, Intel has given up on mitigating spectre variant 2 after having multiple issues making a functional microcode updates, as well as seeing low customers demand for such patches. Note spectre variant 2 only affects older chips:

 

Quote

CPU families that won't be updated include Bloomfield, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0 and M0, Wolfdale E0 and R0, Wolfdale Xeon X0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.

The newest chips that are on the list that I can make out are the 1000 series core series. If you have a sandy bridge processor or newer, this vulnerability does not affect you. 

 

This leaves the "Intel core", "Penryn", and "Nehalem" architectures vulnerable. These architectures are all 10+ years old but nonetheless I still think it's reckless to not even try to secure them. Im sure there are plenty of ATM's, School PC's, and other critical systems running these chips. That being said, anybody still running these chips likely are running Windows XP or Windows 7, so it's not like they were secure anyways.

 

I still believe these should be patched, and even if not for practical reasons. It's important to foster an environment of zero tolerance for security flaws in a company, as well as proving to your customers you stand behind your products. 

 

Source: http://www.zdnet.com/article/intel-we-now-wont-ever-patch-spectre-variant-2-flaw-in-these-chips/

 

this was written on mobile when extremely sleep deprived so if I missed anything let me know

[Cookybiscuit]

RIP a lot of ThinkPads.

[Starelementpoke]

There goes all my school's computers.

[mynameisjuan]

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy? 

 

Intel announced whats not supported, if you ATM or school has them, should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

[Bananasplit_00]

oh yay... well hopefully 1st gen Core I can drop in price but RIP the X58 comunity i guess...

[GoldenLag]

Tbh, i dont think windows (microsoft) would bother updating if a flaw was found in Windows Vista. The fact that Intel attempted to patch them at all is great, but since they are old CPU`s that arent making any money anymore. You shouldnt be surprised to see them not bothering to fix them

Edited April 4, 2018 by GoldenLag
Reasons

[Lurick]

It's called End of Life and End of Support.

A company cannot support ancient technology forever, there has to be a point where you cut it off and move on.

Stop expecting your 20 year old CPU and Windows XP installation to get updates for 100 years.

[mynameisjuan]

3 minutes ago, Lurick said:

It's called End of Life and End of Support.

A company cannot support ancient technology forever, there has to be a point where you cut it off and move on.

Stop expecting your 20 year old CPU and Windows XP installation to get updates for 100 years.

Most cant comprehend this and whats most surprising to me is a lot even on LTT dont either. 

[bcredeur97]

great. now there's incentive to develop real-world malware that exploits these

[xriqn]

Still have a wolfdale based system. Just gotta be careful where I go on the internet and what I do.

[mr moose]

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

[XenosTech]

12 minutes ago, mr moose said:

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

Some people seem to think businesses and schools just upgrade hardware willy nilly. In their eyes as long as it gets the job done and stays stable, it's not worth upgrading until it's either broken or not as productive as it once was.

[AncientNerd]

6 minutes ago, mr moose said:

Of the three reasons given 2 are good reasons it can't be effectively done and one is just a cop out.  Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

Okay except that 10 years in computer terms is more like 50-70 years in automotive terms as far as changes go. So look at it more like could you expect to get free repairs for your 1948-1968 GM vehicle? Not third party parts or used parts mind you but fresh from the factory real GM parts? Reasonable? I don't think so, think about it the same way. There is probably just about as much difference between a 1968 GM and a 2018 GM and a first gen Intel Core and a 8th gen Intel Core part - maybe less.

[i_got_laid_by_a_dragoness]

I'm not concerned. I don't have any data worth stealing, it's all just furry porn anyway.

[asus killer]

for me i think it's reasonable not to patch such old processors, but this is not a update like someone called it in this topic, it's a security flaw.

I guess it's up to the customers to decide when then want to upgrade or not, and the problem was Intel's fault. When Intel sold it no one expected updates for this long but neither were they expecting to buy something with security flaws. so i guess i can see it both ways.

 

7 minutes ago, AncientNerd said:

Okay except that 10 years in computer terms is more like 50-70 years in automotive terms as far as changes go. So look at it more like could you expect to get free repairs for your 1948-1968 GM vehicle? Not third party parts or used parts mind you but fresh from the factory real GM parts? Reasonable? I don't think so, think about it the same way. There is probably just about as much difference between a 1968 GM and a 2018 GM and a first gen Intel Core and a 8th gen Intel Core part - maybe less.

actually if you think about it CPU's haven't changed that much in 10 years. And if it were not for Ryzen, even less. For a particular use (especially businesses) i can see people just not needing or caring for a upgrade as it still does it's job.

[Sauron]

1 hour ago, mynameisjuan said:

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy?

There are companies with 20 year support contracts so yes, it's perfectly reasonable to expect a 2009 cpu to get critical security microcode updates. Maybe you're used to phones getting shit support but it hasn't always been that way.

 

1 hour ago, mynameisjuan said:

 But if they still have that outdated of machines, they were probably not kept up to date in the first place.

Nice assumption, also 100% false.

[Misanthrope]

Well even I think most of the chips affected here are fully obsolete by now. This really isn't a big deal except for maybe nuclear submarines that still run on Windows XP because that certainly makes me feel safe about it.

[ScratchCat]

1 hour ago, mynameisjuan said:

So how long are people now going to expect a company to support a product?

 

10+ years old? Are people fucking crazy? 

 

Intel announced whats not supported, if you ATM or school has them, should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

Progress has slowed down a lot. In the 1990s a 3 year old system was considered ancient, today a 6 year old system is fine if you are not gaming or using it for heavy productivity tasks.

1. An R9 290X/GTX Titan is 5 years old and still is considered rather powerful, the R9 290X especially in compute tasks. 
2. Sandy Bridge is 7 years old and is still considered modern, advancements have not been large in the last few years hence older systems will still be present in many places.

 

[Carclis]

I kinda feel like it's justifiable to no longer support CPU's which came out more than ten years ago, I mean I think the only hardware that still gets support that long after release are sound cards anyways. On the other hand many people have had little reason to upgrade if they bought their system 10 years ago because innovation has been quite low.

 

Has Intel actually fixed the flaws on the more modern parts yet anyways?

[AshleyAshes]

1 hour ago, mynameisjuan said:

...if you ATM...should probably upgrade. But if they still have that outdated of machines, they were probably not kept up to date in the first place.

But how exactly does an ATM go 'out of date'?  It was built to do one single purpose, run a display, interact with the user and their credentials, communicate with the network and dispense money.  It's job doesn't 'evolve'.  There's no 'high resolution money update'.  It's a money kiosks who's role in the universe is entirely static.  So why should it be 'upgraded' when it does it's job exactly as it did when it was new?  The vulnerability is a design flaw that was present since the day it was manufactured so  how is it unreasonable to want a patch rather than saying 'They shouldn't put it in a dumpster 5 years ago anyway!'

 

I think a lot of people on this forum get clouded by the CONSUMER electronic upgrade cycles and forget that in industrial and commercial applications, a lot of technology is turn-key.  You can install it and outside of maintenance, it'll perform it's job just fine for 20 years and that's not a 'failure to upgrade' it's 'it still does it's task perfectly'.

[Notional]

Some of them are so old it hardly matters. What does matter is the lack of bios updates for older chipsets/CPU's that are heavily affected. For instance, my Devil's Canyon I7 gets rekt in the inner city in GTAV. My GPU is basically idling, as the CPU with Windows security updates, is chugging along with IO streaming as well as physics stuff an open world game needs. It's pathetic. Fuck you greedy Intel.

[mynameisjuan]

7 minutes ago, Sauron said:

There are companies with 20 year support contracts so yes, it's perfectly reasonable to expect a 2009 cpu to get critical security microcode updates. Maybe you're used to phones getting shit support but it hasn't always been that way.

Well these 20 year expectations are honestly stupid for consumer products. Commercial products I can see on certain levels, but in the tech industry is make little to no sense. 

 

With most consumer products you build the product and if something fails, replace the part. However, this is about bugs and vulnerabilities which there will 100% always be. Typical support or replacing a part cost nothing other than the part and the employee replacing it at that time. While in the tech world a few employees are working year round fixing bugs that WILL happen. 

 

The tech world vs normal consumer world are two different things. 

[LAwLz]

Well that's a shame. At this point I kind of understand them though. On the bright side, it's apparently fixed (or will be fixed) on the more modern chips.

 

1 hour ago, Arokhantos said:

should't be that hard

Something tells me you are not qualified to make a proper assessment of how difficult it is or to develop this update.

 

1 hour ago, mr moose said:

Not sure how I feel about ten year old tech being not supported.  Imagine if you couldn't get a replacement part for your ten year old car after discovering the problem was caused by design and not wear?  

Or how a certain company is actively working to make sure updates that are already coded can't be applied to their old operating system if they run on newer hardware.

 

 

49 minutes ago, asus killer said:

actually if you think about it CPU's haven't changed that much in 10 years. And if it were not for Ryzen, even less. For a particular use (especially businesses) i can see people just not needing or caring for a upgrade as it still does it's job.

I think you are confusing "performance hasn't changed much" with "CPU architectures hasn't changed much".

The former is somewhat true, the latter is not.

 

Also, performance has improved A LOT.

The i7-965 is from the generation that support is being dropped for.

Single threaded Cinebench R10 scores:

975 (3.4GHz) - 4475

6100 (3.7GHz) - 7841

 

IPC increase (assuming linear IPC:GHz scaling) from then to now: ~52% single threaded performance.

 

 

 

8 minutes ago, Notional said:

Some of them are so old it hardly matters. What does matter is the lack of bios updates for older chipsets/CPU's that are heavily affected. For instance, my Devil's Canyon I7 gets rekt in the inner city in GTAV. My GPU is basically idling, as the CPU with Windows security updates, is chugging along with IO streaming as well as physics stuff an open world game needs. It's pathetic. Fuck you greedy Intel.

What do you want them to do exactly? Update so you get higher performance? 

[Sniperfox47]

10 minutes ago, AshleyAshes said:

But how exactly does an ATM go 'out of date'?  It was built to do one single purpose, run a display, interact with the user and their credentials, communicate with the network and dispense money.  It's job doesn't 'evolve'.  There's no 'high resolution money update'.  It's a money kiosks who's role in the universe is entirely static.  So why should it be 'upgraded' when it does it's job exactly as it did when it was new?  The vulnerability is a design flaw that was present since the day it was manufactured so  how is it unreasonable to want a patch rather than saying 'They shouldn't put it in a dumpster 5 years ago anyway!'

 

I think a lot of people on this forum get clouded by the CONSUMER electronic upgrade cycles and forget that in industrial and commercial applications, a lot of technology is turn-key.  You can install it and outside of maintenance, it'll perform it's job just fine for 20 years and that's not a 'failure to upgrade' it's 'it still does it's task perfectly'.

And I think a lot of people forget that even in the commercial world of LTSBes you still have EoL and EoS eventually. Ultimately support on everything ends.

[Notional]

7 minutes ago, LAwLz said:

What do you want them to do exactly? Update so you get higher performance? 

The entire point of the bios updates are to give back some of the performance decrease brought on by the windows security patches. I lost at least 20% performance in my example due to greedumb Intel. Those bios updates exists for current gen chipsets, but not older ones like z97, They need to fix that.