A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 7 » Windows 7 Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Very interesting Intel CPU problem



 
 
Thread Tools Rate Thread Display Modes
  #1  
Old January 3rd 18, 01:36 AM posted to alt.windows7.general
Mayayana
external usenet poster
 
Posts: 4,764
Default Very interesting Intel CPU problem

http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Ads
  #2  
Old January 3rd 18, 02:37 AM posted to alt.windows7.general
Diesel
external usenet poster
 
Posts: 834
Default Very interesting Intel CPU problem

"Mayayana" news Wed, 03 Jan 2018 01:36:00 GMT in alt.windows7.general, wrote:

http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Thanks for the informative link. Intel seems to have done more than
just inconvenience people this time.


--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
If God dwells within us, I hope He likes enchiladas, because that's
what He's getting.
  #3  
Old January 3rd 18, 04:16 AM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 7,094
Default Very interesting Intel CPU problem

Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.

And Ryzens for all my friends. OK.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)

Paul
  #4  
Old January 3rd 18, 06:28 AM posted to alt.windows7.general
B00ze
external usenet poster
 
Posts: 472
Default Very interesting Intel CPU problem

On 2018-01-02 23:16, Paul wrote:

Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Yeah, I read that just now, incredible! Imagine, a context switch for
EVERY sys call or interrupt! This will seriously affect some stuff
(altho I'm not sure about games). I hope they make this optional, ie:
provide a switch somewhere to disable or enable the fix.

Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.


They might patch Win7 too :-(

And Ryzens for all my friends. OK.
We'll have to switch Ed's gaming rig to a ThreadRipper :-)


Lol.

--
! _\|/_ Sylvain /
! (o o) Memberavid-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society
oO-( )-Oo Borg virus detected - (A)ssimilate? (Y/n/a)

  #5  
Old January 3rd 18, 06:54 AM posted to alt.windows7.general
Diesel
external usenet poster
 
Posts: 834
Default Very interesting Intel CPU problem

Paul news Jan 2018 04:16:31 GMT in alt.windows7.general, wrote:

Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.


No, but, if you come across a website with the right javascript or
another method of delivery, having a potential looksee in kernel
space may not be a good thing. Which is what the patch is supposed to
address... I don't know of any functional poc demonstrating it
actually works or how reliable it is, but, that could change in the
future. It may actually be one of those exploits that only works
under very specific conditions, some of the time. In other words,
damn unreliable.

With that said, I don't have the insider information which is making
the linux kernel developers go into a panic mode or the MS ones doing
the same thing, so there could be something quite real and nasty
about this.

And Ryzens for all my friends. OK.


A slightly overhyped cpu in my opinion. Doesn't actually perform as
well as the initial claims by AMD in the real world. Hopefully the
performance will be increased to match the initial claims by AMD when
it was first announced some time back.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)


I'd advise taking a wait and see approach with that technology for
awhile longer too. While it may not have this issue, others could
exist from a non vulnerability perspective that could be a
compatibility or performance issue.

Sadly, I'll be waiting awhile longer to build new rigs to take over
some duties some of the machines here perform until things stabilize
a bit more. I can't remember the last time so many cpu offerings were
available with their own share of crippled/non enabled 'features'
with significant differences in price for the chip alone.


--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
No time spent with a cat on your lap can be considered waste
  #6  
Old January 3rd 18, 07:07 AM posted to alt.windows7.general
Paul in Houston TX[_2_]
external usenet poster
 
Posts: 832
Default Very interesting Intel CPU problem

Paul wrote:
Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.


Impressive.

So that means no patches for Win7 and Win8.1 and no
performance loss. And patches for Win10. Got it.

And Ryzens for all my friends. OK.

We'll have to switch Ed's gaming rig to a ThreadRipper :-)

Paul


I had the same thoughts but I stopped patching w7 when they went
to cumulatives anyways. No individual KB's = no patches on my machines.
Most of it was garbage anyways like the vulnerabilities if someone sits down
at the machines and loads malware.
Or the patch to show the newest currency symbol for South Sudan.


  #7  
Old January 3rd 18, 07:48 AM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 7,094
Default Very interesting Intel CPU problem

Paul in Houston TX wrote:

Or the patch to show the newest currency symbol for South Sudan.


LOL :-) Those patches seem to cause quite a bit of collateral damage.
When I did my big patching session more than a year ago,
those were stricken from the list.

Paul

  #8  
Old January 3rd 18, 12:05 PM posted to alt.windows7.general
Brian Gregory[_2_]
external usenet poster
 
Posts: 96
Default Very interesting Intel CPU problem

On 03/01/2018 07:07, Paul in Houston TX wrote:
I had the same thoughts but I stopped patching w7 when they went
to cumulatives anyways.


I've never had less trouble with Windows Updates than since W7 went to
cumulative.

--

Brian Gregory (in England).
  #9  
Old January 3rd 18, 12:09 PM posted to alt.windows7.general
Brian Gregory[_2_]
external usenet poster
 
Posts: 96
Default Very interesting Intel CPU problem

On 03/01/2018 01:36, Mayayana wrote:
http://www.theregister.co.uk/2018/01...u_design_flaw/

The gist of it: Intel CPUs for the past 10 years or
so have had a serious design flaw that makes the kernel
vulnerable. All OSs using Intel will have to be patched,
resulting in a 5-30% slowdown in software because
kernel operations will have to run in a separate process
from software. In other words, when you write a file
or do any other basic system functions, the software
won't be able to just call up the line to get the job
done. Too risky. It will have to send the request to
the kernel running in a separate process, like
making requests to another, separate software program.

Patches due soon.

Solutions: If the patch is problematic your options
will be AMD or new Intel CPUs that have been fixed.



It's been suspected there might be a problem for ages.

I'd be a lot more convinced that it's worth worrying about if they could
actually produce a working proof of concept.

Also wish it was clearer than AMD wasn't effected. Seems to me they
might just have not tried so hard to break AMD.

--

Brian Gregory (in England).
  #10  
Old January 3rd 18, 02:18 PM posted to alt.windows7.general
Mayayana
external usenet poster
 
Posts: 4,764
Default Very interesting Intel CPU problem

"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)


  #11  
Old January 5th 18, 12:41 AM posted to alt.windows7.general
Brian Gregory[_2_]
external usenet poster
 
Posts: 96
Default Very interesting Intel CPU problem

On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to be
called meltdown and spectre. Meltdown affects only (or maybe mainly)
Intel. Probably Meltdown does have proof of concept code somewhere but
hopefully not public.

I just installed a large security patch KB4056894 on both my Windows 7
64 bit PCs which apparently includes patches for something or some
things that are important, probably including Meltdown. No noticeable
slowdown seen yet. Benchmarks: the one in CPU-Z still the same result,
Novabench 4.0.3 still same result.

Looks hopeful.

--

Brian Gregory (in England).
  #12  
Old January 5th 18, 01:11 AM posted to alt.windows7.general
Paul[_32_]
external usenet poster
 
Posts: 7,094
Default Very interesting Intel CPU problem

Brian Gregory wrote:
On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if they
could
| actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me they
| might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to be
called meltdown and spectre. Meltdown affects only (or maybe mainly)
Intel. Probably Meltdown does have proof of concept code somewhere but
hopefully not public.

I just installed a large security patch KB4056894 on both my Windows 7
64 bit PCs which apparently includes patches for something or some
things that are important, probably including Meltdown. No noticeable
slowdown seen yet. Benchmarks: the one in CPU-Z still the same result,
Novabench 4.0.3 still same result.

Looks hopeful.


Check to see if a registry entry was added, to switch
that patch on and off.

Linux called theirs KPTI. I don't know the registry
key name for the Windows patch, as there is supposed
to be a way to turn it on and off.

I just did a search, and there is a *second* kind of
registry key involved. The patch can't come in, until
your AV product says it's safe to do so.

*******

Uh oh. It's worse than that.

"Barry Pain says:
January 4, 2018 at 12:39 pm

So the MS patches, e.g. kb4056888 are only being offered
if the AV software is compatible and sets a registry entry as below:

Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft \Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”

Are Sophos aware of this and are Sophos products compatible?
"

Apparently, some sort of patch is gated by your AV product
setting a flag that it's prepared for the patch to take place.

You may think you've installed a patch, but the application
may be gated by your AV and when their patch comes out.
You can't start modifying kernel behavior, without some
AV blowback (heuristic behavior or whatever).

It's possible '894 isn't actually for that issue.
The article here says there are patches for Win7 and Win8.1,
coming in via catalog.update.microsoft.com but not via
Windows Update. Kinda like the WinXP patches last year ?

https://www.ghacks.net/2018/01/04/mi...urity-updates/

At least we're pulling out the stops on this one,
and setting the "confusion knob" to 11.

I blame the music group Spinal Tap for this.

Paul
  #13  
Old January 5th 18, 03:59 AM posted to alt.windows7.general
Diesel
external usenet poster
 
Posts: 834
Default Very interesting Intel CPU problem

Brian Gregory
Fri, 05 Jan 2018
00:41:06 GMT in alt.windows7.general, wrote:

On 03/01/2018 14:18, Mayayana wrote:
"Brian Gregory" wrote

| I'd be a lot more convinced that it's worth worrying about if
| they could actually produce a working proof of concept.
|
| Also wish it was clearer than AMD wasn't effected. Seems to me
| they might just have not tried so hard to break AMD.
|

The article I read said AMD is not affected.
The proof of concept may be awhile. Apparently
they're being deliberately vague to avoid giving
away the bug until it's patched. (Also see article.)



I think I was muddling two separate vulnerabilities which seem to
be called meltdown and spectre. Meltdown affects only (or maybe
mainly) Intel. Probably Meltdown does have proof of concept code
somewhere but hopefully not public.


It's public now. It's even available as javascript.

I just installed a large security patch KB4056894 on both my
Windows 7 64 bit PCs which apparently includes patches for
something or some things that are important, probably including
Meltdown. No noticeable slowdown seen yet. Benchmarks: the one in
CPU-Z still the same result, Novabench 4.0.3 still same result.


MS is focused on Windows 10 and has issued a patch for it, I cannot
confirm patches have been issued for prior versions at this point.
Unless the description for what you installed specifically states
it's for this issue, I wouldn't assume that it is.



--
To prevent yourself from being a victim of cyber
stalking, it's highly recommended you visit he
https://tekrider.net/pages/david-brooks-stalker.php
================================================== =
I'm out of bed and dressed. What more do you want?
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 02:02 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 2004-2018 PCbanter.
The comments are property of their posters.