As per subject. I'm considering buying a new Microsoft Windows computer with an Intel processor. I'm put off by the spectre / meltdown bug which is present in 8th generation Intel processors.
Will this bug be fixed in the 9th generation CPUs? When will it be possible to buy a consumer PC with an Intel processor which does not suffer from this bug?
Let's start by clearing up some misconceptions. Spectre and Meltdown are not bugs; they actually represent a new set of attack vectors that have uncovered vulnerabilities in processor architectures. These vulnerabilities have existed for quite some time, but only recently has the level of sophistication of attack vectors progressed to the point where these vulnerabilities have been exposed. I would also add that, before their announcement, these attack vectors were all theoretical; there is no evidence as yet that any of these vulnerabilities have actually been exploited. Secondly, this is not a problem specific to Intel processors; many processors from AMD, ARM and other vendors are also affected to some degree (consider the following article: https://www.techarp.com/guides/complete-meltdown-spectre-cpu-list/ Complete list of CPUs Vulnerable to Meltdown/Spectre).
As for if, how and when these vulnerabilities will be addressed in silicon, I refer you to Brian Krzanich's update from March 15th: https://newsroom.intel.com/editorials/advancing-security-silicon-level/ Advancing Security at the Silicon Level.
https://www.digitaltrends.com/computing/intel-meltdown-spectre-silicon-fixes-ice-lake/ Intel's Ninth-Gen 'Ice Lake' CPUs Will Have Fixes For Meltdown and Spectre | Digital Trends
"https://www.extremetech.com/computing/262884-intel-fixes-meltdown-spectre-10nm-cpus-may-lost-market-... Speculation points to knowledge of the Meltdown and Spectre issues long before acknowledging them in public. That is because processor designs remain locked for at least a year before they become products sold on the market. Intel's ninth-generation "https://www.digitaltrends.com/computing/intel-lists-ice-lake-9th-gen-family/ Ice Lake" family of processors is expected to launch by the end of 2018 or in early 2019 based on 10nm process technology. Thus, the fixes needed to be in place prior to December 2017. "
So essentially 9th gen will solve the bug, and will be on the market in late 2018 or early 2019.
Does anyone have further wisdom to add?
Its a vulnerability that's fixed by a combination of bios and Windows updates. Some of these also affected ARM and AMD CPUs as well. Also future products may have their own vulnerabilities that may be discovered down the line so if you want a flawless product you are going to be waiting a lifetime.
My understanding is that fixing these vulnerabilities on current processors involves a significant performance hit, of the order of 30%.
So It makes sense to wait for Intel to produce a CPU without this bug.
So .... will 9th gen Intel CPUs feature a solution to this issue?
That is workload dependent, from what I know that impacted virtualization more rather than regular use cases. Things like gaming etc would have virtually no impact according to various benchmarking done by review sites.
I just want to know which generation CPU will feature a solution to the issue. Is the 9th gen going to solve it, or a later generation, eg 10th generation?
If you don't know, that's fine, I can wait until the 9th gen actually appears, and ask at that point.
What's been said in Brian Krzanich's March 15th update (https://newsroom.intel.com/editorials/advancing-security-silicon-level/ Advancing Security at the Silicon Level) is all that we can tell you at this point.
I'm going to have to disagree with you that the Spectre/Meltdown vulnerabilities are not bugs. Calling them "vectors" is completely misleading and is throwing jargon at others to mask the problem.
In computer science and engineering a vector is a list. So if we want to take your attack vectors by definition, then it is a list of attacks or vulnerabilities depending on which side of the coin you're on. The general understood definition of a bug in computing is a defect or flaw that causes unexpected behavior.
Given Spectre and Meltdown allow unexpected behavior, they are bugs. Intel has known about these issue for years. At this point if Intel's position is these are attack vectors then trust will be eroded with software practitioners and the dominance Intel once held will be lost.
I personally find your response very misleading.
I believe I did contribute as to debunk what Scott Pearson's response was. When discussing issues, someone needs to keep people from drinking the Kool-Aid. Scott was emphatic in his response, and he is wrong.
Do you have anything to contribute? Your response seems contentious.
As contentious as yours is flawed. You clearly do not understand the issue.
All of us, you included, will simply have to agree to disagree.
Since you have voiced your opinion, it is time for you to move on. Words like debunk, kool-aid, and emphatic from you are clearly to insult and argue. Further arguing will not be tolerated.
I didn't insult anyone. If I were to insult you, you would know it.
As engineers and scientists there are truths and fabrications of truth wrapped in jargon. The claim was that meltdown/spectre vulnerabilities are not bugs.
Clearly, we can see they are bugs. It is a design flaw. You can wrap that in any box you want, but that is the unfortunate truth.
No one in industry or academia agrees with Intel that this is not a serious bug in hardware.