More Intel leaks.. this one is not good though

[Carlos Andrade]

2 minutes ago, DoctorWho1975 said:

So does this mean that if you have Xeon PLATINUM chips this bug doesn't hit them? I  mean.. they do say Hardware-Enhanced Security, right there in English!

 

 

https://www.intel.com/content/www/us/en/products/processors/xeon/scalable/platinum-processors.html   Its not on the product page. I dont think those $10000 CPU's are safe either

[Gibbons]

The Intel CEO  Brian Krzanich sold as much Intel stock as their corporate rules allowed a few weeks ago.

 

https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

[cj09beira]

5 minutes ago, Gibbons said:

The Intel CEO  Brian Krzanich sold as much Intel stock as their corporate rules allowed a few weeks ago.

 

https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

he was smart to do it 

the stock is probably going to plummet soon

[Guest]

1 hour ago, Princess Cadence said:

Yes because realistically speaking this has affected an insignificant amount of users on all these 10 years, this is just a rushed fix because it finally grew somewhat notorious, I am to believe it will only affect older 45nm processors like first gen Core i processors to a greater degree.

 

Nothing stops Intel work alongside Microsoft after the main fix to optimize the whole process and regain every bit of lost performance back within months software side.

 

Just sit tight and give it time, gee... hardly the end of the world.

http://www.game-debate.com/news/24293/rumour-major-intel-cpu-hardware-vulnerability-found-could-cost-35-performance 

That's Skylake isn't it?

 

"According to Brad Spengler, from GR Security, an Intel Core i7-6700 will take a 29% performance hit while an Intel Core i7-3770S will run 34% slower."

 

[Notional]

8 minutes ago, Gibbons said:

The Intel CEO  Brian Krzanich sold as much Intel stock as their corporate rules allowed a few weeks ago.

 

https://www.fool.com/investing/2017/12/19/intels-ceo-just-sold-a-lot-of-stock.aspx

With all the scummy crap Intel has done, some insider trading isn't exactly the worst. Just very illegal.

[Princess Luna]

3 minutes ago, jdwii said:

"According to Brad Spengler, from GR Security, an Intel Core i7-6700 will take a 29% performance hit while an Intel Core i7-3770S will run 34% slower."

In Linux.

[Guest]

5 minutes ago, Princess Cadence said:

In Linux.

That doesn't matter at all it will affect Windows just as much...edit and MAC's too

[PatrikStar24]

Can I have a dumbed down TL;DR so I can explain the upcoming situation to my tech illiterate family?

[cj09beira]

Just now, PatrikStar24 said:

Can I have a dumbed down TL;DR so I can explain the upcoming situation to my tech illiterate family?

current intel processors have an hardware error that allows access to things that programs shouldnt have access too, like passwords, 

[thorhammerz]

1 hour ago, DrMacintosh said:

They actually had a little increase today. Should have bought some yesterday

I'm waiting for it to slide back to $10.00-$10.25 territory within a few weeks before it spikes back to ~$11 .

[colonel_mortis]

1 hour ago, DoctorWho1975 said:

So does this mean that if you have Xeon PLATINUM chips this bug doesn't hit them? I  mean.. they do say Hardware-Enhanced Security, right there in English!

Although the specifics of the vulnerability, and list of affected devices, hasn't yet been disclosed, I would be surprised if any recent Intel processors are unaffected. The theory presented in the article is that the bug involves code that is executed speculatively not being subject to the relevant security checks. I believe that if Intel had fixed that on any processor, they would have fixed it on all processors, because if they think it has a potential of being exploitable it would (and is) devastating.

30 minutes ago, PatrikStar24 said:

Can I have a dumbed down TL;DR so I can explain the upcoming situation to my tech illiterate family?

The full details aren't public yet, but the plausible explanation given in the source is that the vulnerability allows an attacker to bypass all of the security features and escalate themselves to ultra God mode, with read and potentially write access to everything done on the computer, from monitoring encrypted communications with websites to keyloggers capable of recording everything. It remains to be seen precisely how bad the vulnerability is, but the upper bound is as bad as it gets.

The vulnerability is particularly severe on services like Amazon AWS and Microsoft Azure, which are services where lots of websites are hosted, because it would allow a malicious user to potentially escape from their sandboxed area and access data being processed by other users' sites.

[Coaxialgamer]

40 minutes ago, Princess Cadence said:

In Linux.

This is a hardware issue. If it just affected the linux kernel it wouldn't be much as an issue as it could be attributed to a software bug. But this affects windows too. What this means is that the privilege ring is not operating as intended. 

The point is that the bug shouldn't even be POSSIBLE if the hardware was functioning properly, regardless of OS

[DoctorWho1975]

5 minutes ago, colonel_mortis said:

Although the specifics of the vulnerability, and list of affected devices, hasn't yet been disclosed, I would be surprised if any recent Intel processors are unaffected. The theory presented in the article is that the bug involves code that is executed speculatively not being subject to the relevant security checks. I believe that if Intel had fixed that on any processor, they would have fixed it on all processors, because if they think it has a potential of being exploitable it would (and is) devastating.

 

 

But but but but they say its hardware enchanced security! 

[Coaxialgamer]

41 minutes ago, PatrikStar24 said:

Can I have a dumbed down TL;DR so I can explain the upcoming situation to my tech illiterate family?

This is a more technical explanation, but I'll still try to dumb it down. In modern operating systems, each application (process) is run within a sandbox  of sorts. Each app is given its own memory, and cannot interact with another app's own memory. Only the operating system (kernel) has access to everything. The cpu itself makes sure that this doesn't happen. 

What happens here is that the hardware responsible for managing memory is not functioning properly, and some applications can have access to memory that they shouldn't be able to access. 

[Mira Yurizaki]

All of the various traits I've seen about this remind me of this:

 

Which basically is the same issue: you can fool System Manager into executing code that gives you privileged access. It was also caused by a hardware design flaw.

 

And while it's nice to know AMD isn't affected by the particular exploit in the OP, you'd still be a fool to trust them any better than Intel when none of their security features are open for independent auditing.

[Taf the Ghost]

53 minutes ago, PatrikStar24 said:

Can I have a dumbed down TL;DR so I can explain the upcoming situation to my tech illiterate family?

Bug in hardware, fixed in software. Lots of things run slower. Some, a lot slower.

[zeph_solaris]

3 hours ago, Howitz said:

any class action from consumers on the horizon? i have an intel cpu and if it takes a 30% performance hit i request a full compensation of it and of the motherboard.

No.  You're still getting a processor that runs on x-architecture at y-clockspeeds.  It's not intel's fault that your operating system may get an update that makes it perform slower.

 

I'd really like to see all benchmarks redone after these updates go into place to see just how much of a hit tasks of all sorts take.

[Carlos Andrade]

1 minute ago, zeph_solaris said:

No.  You're still getting a processor that runs on x-architecture at y-clockspeeds.  It's not intel's fault that your operating system may get an update that makes it perform slower.

 

I'd really like to see all benchmarks redone after these updates go into place to see just how much of a hit tasks of all sorts take.

Its Intel's fault for being idiots and not fixing this for TEN YEARS.

[Cookybiscuit]

1 hour ago, cj09beira said:

he was smart to do it 

the stock is probably going to plummet soon

Probably not a bad time to buy.

[Zodiark1593]

Considering my main desktop lives most of it's time offline, meh.

 

Looking on the lighter side of things, I do wonder if this hardware bug could be used to crack that PlayReady DRM, since this bug supposedly allows access to things a user wouldn't ordinarily be able to touch.

[Matu20]

I'd rather be at risk than take a 30% hit.

[Cookybiscuit]

Will need to wait for more information but at this time it looks like gaming performance isn't effected, and neither is video encoding.

 

https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-Initial-Gaming-Tests

https://www.phoronix.com/scan.php?page=article&item=linux-415-x86pti&num=2

 

So long as it doesn't effect me I'll always welcome bad news for Intel.

[ZionDials]

 

"There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine."

 

In addition, apparently both Microsoft Azure and Amazon Web Services have scheduled maintenance that will take place over the next week, although there is no detailed explanation for the downtime. However, rampant speculation suggests that the maintenance could be to put the software fixes in place for this specific Intel CPU hardware bug. Literally, in some cases, it appears operating systems will need to be overhauled to deal with the issue. 

Read more at HotHardware

 

The shear impact of this flaw is unimaginable.

[RagnarokDel]

5 hours ago, DoctorWho1975 said:

The Intel chip security level fubar is again rearing its ugly head. 

 

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

 

 

 

 

This whole best case/worst case scenario is not good:

 

 

 

 

Thank you Intel may we have another?

a 5% performance decrease means Skylake is slower then Ryzen clock for clock (obviously Skylake has a significant advantage in terms of clock)

4 hours ago, Jon4248 said:

hmm interesting, soo XNU is not effected, correct? 

 

Damn I hate your avatar haha

3 hours ago, wolfsbane3083 said:

Welp, hope Ryzen+ is gonna be better than my 4790k then.

Ryzen5 already was. Just barely but still.

 

[Orangeator]

Wow, glad I bought 1600.