If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
|
#1
|
|||
|
|||
Very interesting Intel CPU problem
http://www.theregister.co.uk/2018/01...u_design_flaw/
The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. |
#2
|
|||
|
|||
Very interesting Intel CPU problem
"Mayayana" news
Wed, 03 Jan 2018 01:36:00 GMT in alt.windows7.general, wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. Thanks for the informative link. Intel seems to have done more than just inconvenience people this time. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = If God dwells within us, I hope He likes enchiladas, because that's what He's getting. |
#3
|
|||
|
|||
Very interesting Intel CPU problem
Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. Impressive. So that means no patches for Win7 and Win8.1 and no performance loss. And patches for Win10. Got it. And Ryzens for all my friends. OK. We'll have to switch Ed's gaming rig to a ThreadRipper :-) Paul |
#4
|
|||
|
|||
Very interesting Intel CPU problem
On 2018-01-02 23:16, Paul wrote:
Mayayana wrote: http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. Yeah, I read that just now, incredible! Imagine, a context switch for EVERY sys call or interrupt! This will seriously affect some stuff (altho I'm not sure about games). I hope they make this optional, ie: provide a switch somewhere to disable or enable the fix. Impressive. So that means no patches for Win7 and Win8.1 and no performance loss. And patches for Win10. Got it. They might patch Win7 too :-( And Ryzens for all my friends. OK. We'll have to switch Ed's gaming rig to a ThreadRipper :-) Lol. -- ! _\|/_ Sylvain / ! (o o) Memberavid-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society oO-( )-Oo Borg virus detected - (A)ssimilate? (Y/n/a) |
#5
|
|||
|
|||
Very interesting Intel CPU problem
Paul news
Jan 2018 04:16:31 GMT in alt.windows7.general, wrote:
Mayayana wrote: http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. Impressive. So that means no patches for Win7 and Win8.1 and no performance loss. And patches for Win10. Got it. No, but, if you come across a website with the right javascript or another method of delivery, having a potential looksee in kernel space may not be a good thing. Which is what the patch is supposed to address... I don't know of any functional poc demonstrating it actually works or how reliable it is, but, that could change in the future. It may actually be one of those exploits that only works under very specific conditions, some of the time. In other words, damn unreliable. With that said, I don't have the insider information which is making the linux kernel developers go into a panic mode or the MS ones doing the same thing, so there could be something quite real and nasty about this. And Ryzens for all my friends. OK. A slightly overhyped cpu in my opinion. Doesn't actually perform as well as the initial claims by AMD in the real world. Hopefully the performance will be increased to match the initial claims by AMD when it was first announced some time back. We'll have to switch Ed's gaming rig to a ThreadRipper :-) I'd advise taking a wait and see approach with that technology for awhile longer too. While it may not have this issue, others could exist from a non vulnerability perspective that could be a compatibility or performance issue. Sadly, I'll be waiting awhile longer to build new rigs to take over some duties some of the machines here perform until things stabilize a bit more. I can't remember the last time so many cpu offerings were available with their own share of crippled/non enabled 'features' with significant differences in price for the chip alone. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = No time spent with a cat on your lap can be considered waste |
#6
|
|||
|
|||
Very interesting Intel CPU problem
Paul wrote:
Mayayana wrote: http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. Impressive. So that means no patches for Win7 and Win8.1 and no performance loss. And patches for Win10. Got it. And Ryzens for all my friends. OK. We'll have to switch Ed's gaming rig to a ThreadRipper :-) Paul I had the same thoughts but I stopped patching w7 when they went to cumulatives anyways. No individual KB's = no patches on my machines. Most of it was garbage anyways like the vulnerabilities if someone sits down at the machines and loads malware. Or the patch to show the newest currency symbol for South Sudan. |
#7
|
|||
|
|||
Very interesting Intel CPU problem
Paul in Houston TX wrote:
Or the patch to show the newest currency symbol for South Sudan. LOL :-) Those patches seem to cause quite a bit of collateral damage. When I did my big patching session more than a year ago, those were stricken from the list. Paul |
#8
|
|||
|
|||
Very interesting Intel CPU problem
On 03/01/2018 07:07, Paul in Houston TX wrote:
I had the same thoughts but I stopped patching w7 when they went to cumulatives anyways. I've never had less trouble with Windows Updates than since W7 went to cumulative. -- Brian Gregory (in England). |
#9
|
|||
|
|||
Very interesting Intel CPU problem
On 03/01/2018 01:36, Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/ The gist of it: Intel CPUs for the past 10 years or so have had a serious design flaw that makes the kernel vulnerable. All OSs using Intel will have to be patched, resulting in a 5-30% slowdown in software because kernel operations will have to run in a separate process from software. In other words, when you write a file or do any other basic system functions, the software won't be able to just call up the line to get the job done. Too risky. It will have to send the request to the kernel running in a separate process, like making requests to another, separate software program. Patches due soon. Solutions: If the patch is problematic your options will be AMD or new Intel CPUs that have been fixed. It's been suspected there might be a problem for ages. I'd be a lot more convinced that it's worth worrying about if they could actually produce a working proof of concept. Also wish it was clearer than AMD wasn't effected. Seems to me they might just have not tried so hard to break AMD. -- Brian Gregory (in England). |
#10
|
|||
|
|||
Very interesting Intel CPU problem
"Brian Gregory" wrote
| I'd be a lot more convinced that it's worth worrying about if they could | actually produce a working proof of concept. | | Also wish it was clearer than AMD wasn't effected. Seems to me they | might just have not tried so hard to break AMD. | The article I read said AMD is not affected. The proof of concept may be awhile. Apparently they're being deliberately vague to avoid giving away the bug until it's patched. (Also see article.) |
#11
|
|||
|
|||
Very interesting Intel CPU problem
On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote | I'd be a lot more convinced that it's worth worrying about if they could | actually produce a working proof of concept. | | Also wish it was clearer than AMD wasn't effected. Seems to me they | might just have not tried so hard to break AMD. | The article I read said AMD is not affected. The proof of concept may be awhile. Apparently they're being deliberately vague to avoid giving away the bug until it's patched. (Also see article.) I think I was muddling two separate vulnerabilities which seem to be called meltdown and spectre. Meltdown affects only (or maybe mainly) Intel. Probably Meltdown does have proof of concept code somewhere but hopefully not public. I just installed a large security patch KB4056894 on both my Windows 7 64 bit PCs which apparently includes patches for something or some things that are important, probably including Meltdown. No noticeable slowdown seen yet. Benchmarks: the one in CPU-Z still the same result, Novabench 4.0.3 still same result. Looks hopeful. -- Brian Gregory (in England). |
#12
|
|||
|
|||
Very interesting Intel CPU problem
Brian Gregory wrote:
On 03/01/2018 14:18, Mayayana wrote: "Brian Gregory" wrote | I'd be a lot more convinced that it's worth worrying about if they could | actually produce a working proof of concept. | | Also wish it was clearer than AMD wasn't effected. Seems to me they | might just have not tried so hard to break AMD. | The article I read said AMD is not affected. The proof of concept may be awhile. Apparently they're being deliberately vague to avoid giving away the bug until it's patched. (Also see article.) I think I was muddling two separate vulnerabilities which seem to be called meltdown and spectre. Meltdown affects only (or maybe mainly) Intel. Probably Meltdown does have proof of concept code somewhere but hopefully not public. I just installed a large security patch KB4056894 on both my Windows 7 64 bit PCs which apparently includes patches for something or some things that are important, probably including Meltdown. No noticeable slowdown seen yet. Benchmarks: the one in CPU-Z still the same result, Novabench 4.0.3 still same result. Looks hopeful. Check to see if a registry entry was added, to switch that patch on and off. Linux called theirs KPTI. I don't know the registry key name for the Windows patch, as there is supposed to be a way to turn it on and off. I just did a search, and there is a *second* kind of registry key involved. The patch can't come in, until your AV product says it's safe to do so. ******* Uh oh. It's worse than that. "Barry Pain says: January 4, 2018 at 12:39 pm So the MS patches, e.g. kb4056888 are only being offered if the AV software is compatible and sets a registry entry as below: Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft \Windows\CurrentVersion\QualityCompat" Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD” Data="0x00000000” Are Sophos aware of this and are Sophos products compatible? " Apparently, some sort of patch is gated by your AV product setting a flag that it's prepared for the patch to take place. You may think you've installed a patch, but the application may be gated by your AV and when their patch comes out. You can't start modifying kernel behavior, without some AV blowback (heuristic behavior or whatever). It's possible '894 isn't actually for that issue. The article here says there are patches for Win7 and Win8.1, coming in via catalog.update.microsoft.com but not via Windows Update. Kinda like the WinXP patches last year ? https://www.ghacks.net/2018/01/04/mi...urity-updates/ At least we're pulling out the stops on this one, and setting the "confusion knob" to 11. I blame the music group Spinal Tap for this. Paul |
#13
|
|||
|
|||
Very interesting Intel CPU problem
Brian Gregory
Fri, 05 Jan 2018 00:41:06 GMT in alt.windows7.general, wrote: On 03/01/2018 14:18, Mayayana wrote: "Brian Gregory" wrote | I'd be a lot more convinced that it's worth worrying about if | they could actually produce a working proof of concept. | | Also wish it was clearer than AMD wasn't effected. Seems to me | they might just have not tried so hard to break AMD. | The article I read said AMD is not affected. The proof of concept may be awhile. Apparently they're being deliberately vague to avoid giving away the bug until it's patched. (Also see article.) I think I was muddling two separate vulnerabilities which seem to be called meltdown and spectre. Meltdown affects only (or maybe mainly) Intel. Probably Meltdown does have proof of concept code somewhere but hopefully not public. It's public now. It's even available as javascript. I just installed a large security patch KB4056894 on both my Windows 7 64 bit PCs which apparently includes patches for something or some things that are important, probably including Meltdown. No noticeable slowdown seen yet. Benchmarks: the one in CPU-Z still the same result, Novabench 4.0.3 still same result. MS is focused on Windows 10 and has issued a patch for it, I cannot confirm patches have been issued for prior versions at this point. Unless the description for what you installed specifically states it's for this issue, I wouldn't assume that it is. -- To prevent yourself from being a victim of cyber stalking, it's highly recommended you visit he https://tekrider.net/pages/david-brooks-stalker.php ================================================== = I'm out of bed and dressed. What more do you want? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|