http://bgr.com/2018/01/03/intel-chips-security-issue-mac-windows/ Severe Intel security issue may impact all Macs and Windows PCs – BGR
Just bought a new $2K Alienware to get maximum speed. Now I find out that it's going to be 30% slower thanks to this security flaw fix. Any hope that a better solution will be figured out, something that doesn't damage all of us who need high frame rates and pay quite a lot of money to get them?
My understanding is that for gaming you'll be relatively unaffected on a Coffee Lake.
However there's many of us still using Sky Lake and Kaby Lake generation processors which will be affected severely (my system is multipurpose... primarily developement).
My understanding is that as this can't be resolved with a microcode update to the hardware and as the performance decrease is 5-30% to "work around" it, that's known as a "Defect by Design".
The interesting thing with that is that in the UK this falls under the Consumer Rights Act which protects consumers from this situation on products dating back 6 years from the present.
Repair, replace or refund are the 3 resolutions under UK law...
Now this is where it starts to get even more interesting...
If someone purchased an affected processor on it's own then those 3 options are fairly straight forward.
If someone purchased a bundle or a whole PC then the entire purchase is covered by the Consumer Rights Act...
People could be looking at a free/discounted MB, Proc and RAM upgrade due to compatibility.
It could be argued that people with fewer cores or lower frequency processors could be given better performance ones as replacements but those with 6700Ks, 7700Ks etc...
the margins lost aren't matched by upgrading a generation and upgrading 2 generations almost definately means changing the MB and RAM.
Its surprising that the OS manufacturers would be taking the brunt of this fix.
I believe if Intel introduced it at the hardware level they should fix it.
But either way its gonna be a big hit for Intel. AMD will be enjoying the outcome of this security issue!
Is there a list of current processors that do not have this design flaw and will not be affected by this?
Can Intel release that data. Or is it ALL of their fleet even newer generation i7 and i9??
You can find up-to-date information here:
If you scroll down to the FAQs, you'll see a list of Intel-based platforms are impacted by this issue.
Support Community Manager
Mary, the one question that is not addressed at that link is where the firmware updates will be located for those of us with Intel motherboards. The sentence, "Please check with your system vendor or equipment manufacturer for more information regarding updates for your system," is not helpful. Intel needs to create a webpage for users with Intel motherboards, even if the text on that page reads, for now, "Coming soon!"
No. This is not a bug or a flaw in Intel® products. These new exploits leverage data about the proper operation of processing techniques common to modern computing platforms, potentially compromising security even though a system is operating exactly as it is designed to. Based on the analysis to date, many types of computing devices — with many different vendors' processors and operating systems — are susceptible to these exploits.
Everything here is technically true
"operation of processing techniques common to modern computing platforms" - considering the exploit goes back decades and you've been the market leader then I'd be amazed if they weren't... O/S's and software designed to work wih your hardware.
"system is operating exactly as it is designed to" - yes... defect by design.
"many different vendors' processors and operating systems" - AMD is only affected by 1 variant of Specter. Intel is affected by both and Meltdown. O/S's are designed to work on your hardware and thus inherit the defect.
This is a case of building a castle on sand. Intel is the sand and the O/S is the castle.
AMD would be solid ground if we applied the metaphor to them.
It's pretty disappointing, and I hope Intel will soon release the information--at least consumer info like the amount of speed slowdown, the effected chips, and so on.
I'm unsure whether the memory, optane chip, and motherboard of my new machine would even be compatible, would permit swapping a different CPU from AMD.
The Oregonian newspaper is http://www.oregonlive.com/silicon-forest/index.ssf/2018/01/intel_shares_fall_on_report_of.html reporting that Intel released a statement today disputing information in the report about the flaw in their processors. According to that report Intel is saying the fix will not cause the severe slowdown that is being reported, at least with most CPU operations. They are also saying that it is not a flaw in their processors but a more systemic security flaw that will affect a large number of processors from different manufacturers. They are saying that they are "working with rivals AMD, ARM Holdings and multiple operating system companies to develop a broad approach to fixing the issue".
I hope this is true. The prospect of a 30-50% slowdown was a major issue for me. I am waiting for the last of the components to arrive this Friday to build a new intel bassed PC this weekend. I was just getting ready to contact Amazon & Newegg to replace my Kaby Lake processor and Intel based motherboard with AMD equipment based on the original news. I'll wait now to see if more information is released by Friday before requesting a return.
I have been watching this most of the day. I have seen reports of 5% to 50% degradation. It would be very wise for ALL users to wait, and not do knee-jerk reactions.
Then, have a cup of decaf and relax. We need to wait and see what the real issue and solution is.
Just my opinion.
Thank you for contacting Intel Technical Support,
We currently do not have comments on this situation; please look forward to an official response soon.
One cannot believe what is published by the press, especially in today's world. It is their goal to cause panic whenever they can. Publishing stories, without the facts and proper investigation, is what they do.
How do you think grocery stores sell all of those plastic snow shovels?
Intel has said this just now "Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time." which I translate as if you need speed for your games or intensive media computation, you're not average and the impacts will be significantly more. We'll see. All this however is taking a toll on me personally. Even the possibility of my computer going half as fast as it should (which Intel does not deny) makes me feel very upset.
Oh wow Intel... way to spin it so it appears every manufacturer is affected.
This is 2 distinct bugs that utilize speculative execution and they are named Meltdown and Spectre (Spectre comes in 2 variants).
Meltdown Spectre1 Spectre2
Intel Affected Affected Affected
AMD Immune Affected Immune
The fix for Meltdown will take a performance hit - software fix.
The fix for Spectre can be a microcode update according to AMD - hardware fix.
The majority aren't concerned with fixes that resolve issues at the hardware level... as they have minimal impact on performance.
What they are concerned about is the performance hit via a software fix.
Don't presume that the standard user won't see a performance hit... the classification of "standard user" last time I checked was a person that does the occasional document and light internet use. I can assure you that isn't the standard user nowdays.
We'll applied the hotfix from MS...
Now I have a very noticeable performance hit with Entity Framework and SQL Server Developer.
System spec - Core i7-6700K, 32GB RAM, 2TB 960 PRO NVMe
Going to disable the hotfix, run a full benchmark and then re-enable it and repeat the benchmark... I have a feeling it's my IOP's that have been hit hard.
Obviously I'm not a standard user.
Regarding your concerns please review Intel's information at:
Linus Torvalds, someone who would know, stated regarding Meltdown:
"Something around 5% performance impact of the isolation is what people are looking at. Obviously it depends on just exactly what you do. Some loads will hardly be affected at all, if they just spend all their time in user space. And if you do a lot of small system calls, you might see double-digit slowdowns."
The authors of the Meltdown discovery wrote:
"Meltdown exploits side-channel information available on most modern processors, e.g., modern Intel microarchitectures since 2010 and potentially on other CPUs of other vendors. ... We also tried to reproduce the Meltdown bug on several ARM and AMD CPUs. However, we did not manage to successfully leak kernel memory with the attack described in Section 5, neither on ARM nor on AMD."
We will have to wait and see whether Meltdown's vulnerabilities started with Intel's Core architecture or with P6 in 1995 as the authors theorize. Right now, we know that Sandy Bridge and all later Intel architectures are vulnerable. Meltdown affects almost all Intel and some ARM processors. However, Intel, ARM, and AMD processors are vulnerable to Spectre -- AMD is only partially vulnerable -- though it is more difficult than Meltdown to use as an attack.
https://developer.arm.com/support/security-update Arm Processor Security Update – Arm Developer
The Linux-only KAISER fix to the solution works against Meltdown, though not against Spectre. Microsoft's solution conflicts with most antivirus solutions and we'll have to wait and see how that plays out.
This is the most complete, objective, and balanced report I've seen so far on this issue:
https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre Understanding Meltdown & Spectre: What To Know About New Exploits That Affect Virtually All CPUs