New Hardware Vulnerability Found in Intel Processors
Click here to post a comment for New Hardware Vulnerability Found in Intel Processors on our message forum
pegasus1
Id rather have the vulnerability than the performance loss (on my gaming rig).
RealNC
If this is as bad as people fear it is, this could mean that just visiting some random site could place a bitcoin miner or similar on your machine. That would be a worse perf hit than the patch 😛
If no remote code execution exploit is involved, then yeah, it would be a calculated risk, depending on whether the data on the machine is private or not (passwords, credit card data, etc.)
However, not sure if Windows will actually allow you to disable the patch. On Linux you can (there's a boot option for this), but MS isn't known for offering such configuration switches.
HK-1
hmm although I'm AMD user I don't trust in this info at all 😉
RealNC
I took a look at the kernel patches. This is happening. The kernel developers removed the comments from the code as to not disclose what the hardware bug actually is. The kernel patch went live today (kernel version 4.14.11.) It sets the "CPU_INSECURE" flag with all x86 CPUs, and the perf hit is there.
Interesting tidbit: AMD posted a Linux kernel patch that excludes AMD CPUs from this, and clarified that AMD does not have this bug and thus does not need to suffer the perf hit. The patch has not been accepted yet, and so the kernel is now slower on AMD CPUs too. Note that many kernel developers and maintainers are Intel employees. Tinfoil hat 😀
Solfaur
Well...shit Intel, I guess it's like the saying "when it rains, it pours". 😳
HK-1
:D yep you are right 😛
Octopuss
What performance drops does the news article (here) talk about? I don't understand.
It's pretty poorly written. First it talks about some security hole in Intel CPUs, and suddenly is on about some performance. What's the context?
TheDeeGee
I read now that Gaming Performance isn't affected.
Barry J
How many Intel CPU,s will the effect and how far back, Some users are not going to be happy after spending a lot of money on high end Intel systems only to loose the performance they paid for.
As long as Gaming isn't effected (fingers crossed) it will not cause me a problem as my system is mainly used for gaming
TheDeeGee
CPU's from 10 years back as well.
RealNC
There's no verified context right now. Intel has not yet disclosed the hardware bug. All information we have right now is based on the Linux kernel patches that work around the bug. Since it's open source, everyone can see the code. However, the code documentation has been removed and replaced with the text "[stay tuned]."
So right now, the theory is that the CPU's speculative execution mechanism (an optimization technique that speeds up code execution) is buggy, and allows everyone to access protected parts of your RAM.
It's not known whether this access is read-only or read-write. In simple terms, this exploit could either allow anyone (including JavaScript code on a web page) to read passwords or any other protected data if the access is read-only. It would also allow gathering of kernel data that would make other, unrelated exploits easier or feasible.
If the access is read-write, it would mean anyone can execute code with administrator/system permissions on your machine. That last one would extremely nasty; you just visit a random website, and malware could be installed on your machine without you downloading anything or even clicking anything.
This is speculation though. We don't know yet what the hardware bug actually is. Intel has yet to disclose it.
RealNC
For those wondering, it seems that CPUs supporting PCID will suffer less of a perf impact. From what I could find out, Sandy Bridge is the first architecture to support PCID. Westmere and older do not, and thus the perf hit will be bigger there.
However, I wasn't able to 100% verify that Sandy Bridge is indeed the oldest architecture to support this, or whether it supports it in a form that is usable for this case.
user1
Inorder to work around the hw bug, they had to change the way kernel memory is handled, which unfortunately results in higher overhead , or in other words, it eats some performance due to the cpu being used in an inefficent way inorder to prevent malicious software from using the bug.
We still dont know what the bug is exactly, but you can view the changes they made to work around it.
yeah ive seen people claiming its only sandy and newer effected, all the way to the only uneffected intel cpu being the original pentium lol. wont know until the embargo is lifted.
RzrTrek
I wish there was a third viable option for PC gaming CPUs.
Alessio1989
Coffee Lake should not be affected and recent Core architecture could take advantage of other hardware features to mitigate the performance drop. :|
All the tests done in the papers, with a minimal of criteria, talks about older core CPUs, from Nehalem to Skylake.
Anyway performance impact when a context switch occur.
Evildead666
From what i've read, this seems to be a CPU Bug, specifically problematic for VM's.
If you have multiple VM's on a single hardware server, they can read-write between the VM's.
i.e. One VM can access the data of another VM on the server, without you knowing, or allowing it.
That is why it is such a Big problem for Amazon, Google, and all the other Cloud providers.
__hollywood|meo
i just died laughing.
scatman839
https://www.reddit.com/r/Games/comments/7nrlos/initial_testing_shows_the_intel_bug_does_not/
Linux Gaming Performance Doesn't Appear Affected By The x86 PTI Work
https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-Initial-Gaming-Tests
https://i.imgur.com/PZqnEe8.png
https://i.imgur.com/PZqnEe8.png?3
pegasus1
They will find a way, they always do, remember the line "Its impossible to code games to use more than a single core".
__hollywood|meo
not too surprising. the patch impacts I/O heavily.
