PCbanter

PCbanter (http://www.pcbanter.net/index.php)
-   Windows 7 Forum (http://www.pcbanter.net/forumdisplay.php?f=48)
-   -   Very interesting Intel CPU problem (http://www.pcbanter.net/showthread.php?t=1102680)

Mayayana January 3rd 18 02:36 AM

Very interesting Intel CPU problem
 
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.



Diesel January 3rd 18 03:37 AM

Very interesting Intel CPU problem
 
"Mayayana"
Wed, 03 Jan 2018 01:36:00 GMT in alt.windows7.general, wrote:

http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Thanks for the informative link. Intel seems to have done more than
just inconvenience people this time.


--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
If God dwells within us, I hope He likes enchiladas, because that's
what He's getting.

Paul[_32_] January 3rd 18 05:16 AM

Very interesting Intel CPU problem
 
Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.

And Ryzens for all my friends. OK.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)

Paul

B00ze January 3rd 18 07:28 AM

Very interesting Intel CPU problem
 
On 2018-01-02 23:16, Paul wrote:

Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Yeah, I read that just now, incredible! Imagine, a context switch for
EVERY sys call or interrupt! This will seriously affect some stuff
(altho I'm not sure about games). I hope they make this optional, ie:
provide a switch somewhere to disable or enable the fix.

Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.


They might patch Win7 too :-(

And Ryzens for all my friends. OK.
We'll have to switch Ed's gaming rig to a ThreadRipper :-)


Lol.

--
! _\|/_ Sylvain /
! (o o) Member:David-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society
oO-( )-Oo Borg virus detected - (A)ssimilate? (Y/n/a)


Diesel January 3rd 18 07:54 AM

Very interesting Intel CPU problem
 
Paul Wed, 03
Jan 2018 04:16:31 GMT in alt.windows7.general, wrote:

Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.


No, but, if you come across a website with the right javascript or
another method of delivery, having a potential looksee in kernel
space may not be a good thing. Which is what the patch is supposed to
address... I don't know of any functional poc demonstrating it
actually works or how reliable it is, but, that could change in the
future. It may actually be one of those exploits that only works
under very specific conditions, some of the time. In other words,
damn unreliable.

With that said, I don't have the insider information which is making
the linux kernel developers go into a panic mode or the MS ones doing
the same thing, so there could be something quite real and nasty
about this.

And Ryzens for all my friends. OK.


A slightly overhyped cpu in my opinion. Doesn't actually perform as
well as the initial claims by AMD in the real world. Hopefully the
performance will be increased to match the initial claims by AMD when
it was first announced some time back.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)


I'd advise taking a wait and see approach with that technology for
awhile longer too. While it may not have this issue, others could
exist from a non vulnerability perspective that could be a
compatibility or performance issue.

Sadly, I'll be waiting awhile longer to build new rigs to take over
some duties some of the machines here perform until things stabilize
a bit more. I can't remember the last time so many cpu offerings were
available with their own share of crippled/non enabled 'features'
with significant differences in price for the chip alone.


--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
No time spent with a cat on your lap can be considered waste

Paul in Houston TX[_2_] January 3rd 18 08:07 AM

Very interesting Intel CPU problem
 
Paul wrote:
Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.

And Ryzens for all my friends. OK.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)

Paul


I had the same thoughts but I stopped patching w7 when they went
to cumulatives anyways. No individual KB's = no patches on my machines.
Most of it was garbage anyways like the vulnerabilities if someone sits down
at the machines and loads malware.
Or the patch to show the newest currency symbol for South Sudan.



Paul[_32_] January 3rd 18 08:48 AM

Very interesting Intel CPU problem
 
Paul in Houston TX wrote:

Or the patch to show the newest currency symbol for South Sudan.


LOL :-) Those patches seem to cause quite a bit of collateral damage.
When I did my big patching session more than a year ago,
those were stricken from the list.

Paul


Brian Gregory[_2_] January 3rd 18 01:05 PM

Very interesting Intel CPU problem
 
On 03/01/2018 07:07, Paul in Houston TX wrote:
I had the same thoughts but I stopped patching w7 when they went
to cumulatives anyways.


I've never had less trouble with Windows Updates than since W7 went to
cumulative.

--

Brian Gregory (in England).

Brian Gregory[_2_] January 3rd 18 01:09 PM

Very interesting Intel CPU problem
 
On 03/01/2018 01:36, Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.



It's been suspected there might be a problem for ages.

I'd be a lot more convinced that it's worth worrying about if they could
actually produce a working proof of concept.

Also wish it was clearer than AMD wasn't effected. Seems to me they
might just have not tried so hard to break AMD.

--

Brian Gregory (in England).

Mayayana January 3rd 18 03:18 PM

Very interesting Intel CPU problem
 
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



Brian Gregory[_2_] January 5th 18 01:41 AM

Very interesting Intel CPU problem
 
On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to be
called meltdown and spectre. Meltdown affects only (or maybe mainly)
Intel. Probably Meltdown does have proof of concept code somewhere but
hopefully not public.

I just installed a large security patch KB4056894 on both my Windows 7
64 bit PCs which apparently includes patches for something or some
things that are important, probably including Meltdown. No noticeable
slowdown seen yet. Benchmarks: the one in CPU-Z still the same result,
Novabench 4.0.3 still same result.

Looks hopeful.

--

Brian Gregory (in England).

Paul[_32_] January 5th 18 02:11 AM

Very interesting Intel CPU problem
 
Brian Gregory wrote:
On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they
could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to be
called meltdown and spectre. Meltdown affects only (or maybe mainly)
Intel. Probably Meltdown does have proof of concept code somewhere but
hopefully not public.

I just installed a large security patch KB4056894 on both my Windows 7
64 bit PCs which apparently includes patches for something or some
things that are important, probably including Meltdown. No noticeable
slowdown seen yet. Benchmarks: the one in CPU-Z still the same result,
Novabench 4.0.3 still same result.

Looks hopeful.


Check to see if a registry entry was added, to switch
that patch on and off.

Linux called theirs KPTI. I don't know the registry
key name for the Windows patch, as there is supposed
to be a way to turn it on and off.

I just did a search, and there is a *second* kind of
registry key involved. The patch can't come in, until
your AV product says it's safe to do so.

*******

Uh oh. It's worse than that.

"Barry Pain says:
January 4, 2018 at 12:39 pm

So the MS patches, e.g. kb4056888 are only being offered
if the AV software is compatible and sets a registry entry as below:

Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft \Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”

Are Sophos aware of this and are Sophos products compatible?
"

Apparently, some sort of patch is gated by your AV product
setting a flag that it's prepared for the patch to take place.

You may think you've installed a patch, but the application
may be gated by your AV and when their patch comes out.
You can't start modifying kernel behavior, without some
AV blowback (heuristic behavior or whatever).

It's possible '894 isn't actually for that issue.
The article here says there are patches for Win7 and Win8.1,
coming in via catalog.update.microsoft.com but not via
Windows Update. Kinda like the WinXP patches last year ?

https://www.ghacks.net/2018/01/04/mi...urity-updates/

At least we're pulling out the stops on this one,
and setting the "confusion knob" to 11.

I blame the music group Spinal Tap for this.

Paul

Diesel January 5th 18 04:59 AM

Very interesting Intel CPU problem
 
Brian Gregory
Fri, 05 Jan 2018
00:41:06 GMT in alt.windows7.general, wrote:

On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if
| they could actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me
| they might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to
be called meltdown and spectre. Meltdown affects only (or maybe
mainly) Intel. Probably Meltdown does have proof of concept code
somewhere but hopefully not public.


It's public now. It's even available as javascript.

I just installed a large security patch KB4056894 on both my
Windows 7 64 bit PCs which apparently includes patches for
something or some things that are important, probably including
Meltdown. No noticeable slowdown seen yet. Benchmarks: the one in
CPU-Z still the same result, Novabench 4.0.3 still same result.


MS is focused on Windows 10 and has issued a patch for it, I cannot
confirm patches have been issued for prior versions at this point.
Unless the description for what you installed specifically states
it's for this issue, I wouldn't assume that it is.



--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
I'm out of bed and dressed. What more do you want?


All times are GMT +1. The time now is 07:29 AM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2004 - 2006 PCbanter
Comments are property of their posters