Dismiss Notice
Guest, I have a big favor to ask you. We've been working very hard to establish ourselves on social media. If you like/follow our pages it would be a HUGE help to us. SoSH on Facebook and Inside the Pylon Thanks! Nip

Intel CPU Design Flaw: Fix will cause performance hit

Discussion in 'BYTE ME: Technology discussion' started by swiftaw, Jan 3, 2018.

  1. swiftaw

    swiftaw Member SoSH Member

    Messages:
    1,822
    So apparently a fundamental design flaw in Intel CPUs has been discovered. The bug has security implications, so operating systems are going to have to be patched to deal with that. Those fixes could cause performance hits of as much as 30%.

    Intel chips from the past 10 years could be impacted.

    More details here: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
     
  2. wade boggs chicken dinner

    wade boggs chicken dinner Member SoSH Member

    Messages:
    14,932
    AMD up 6% yesterday and up again after hours.

    I had bought a bit of AMD a few years ago when I had the time to keep track of such things and sold it for a small profit when it looked like their products still weren't competitive. AMD has only quintupled since then based on its 14nm Zen architecture.

    Win some lose some.
     
  3. wade boggs chicken dinner

    wade boggs chicken dinner Member SoSH Member

    Messages:
    14,932
  4. lexrageorge

    lexrageorge Member SoSH Member

    Messages:
    6,553
    The publication of the filings happened on 12/19. The actual sales happened earlier and were reported on a 11/29 filing with the SEC, which means they likely happened earlier in November. These transactions are likely in the "nothing to see here" category. CEO's have limited windows in which to sell shares, and quite a few of those shares were from stock grants. As the author notes, it is somewhat notable that Krzanich is holding onto the mandated minimum number of shares, but that doesn't seem to be new either.

    It's probable that the bug is not quite a dire situation as the intern at The Register is making it out to be. O/S folks have long had a love/hate relationship with Intel's architecture. Given that this bug has supposedly existed for 10+ years and noone found out about it until recently, the safe assumption is that this is very much a corner case issue that requires a whole host of conditions to be lined up just right to be triggered, and is therefore unlikely to be found by casual hacking. Software folks understandably hate having to find those conditions, so by default they will want to take the easy way out and create a general fix that by all appearances sounds like a real sub-optimal solution. tl;dr; it's best not to draw any conclusions until the press embargo is lifted and the details of the bug and the workarounds are more generally known.
     
  5. wade boggs chicken dinner

    wade boggs chicken dinner Member SoSH Member

    Messages:
    14,932
    As I said, the stock sales and the bug are hopefully unrelated.

    Thanks for the word of optimism on the bug. The technical issues are way over my head and my biggest concern is how this is going to affect my laptop computer. (Glad I procrastinated in upgrading over the past few months!). Found this interesting article that attempted to describe the bug prior to the official release - note that work to mitigate the bug was showing up as early as October in Linux circles.

    Good thing I have SOSH to explain all of this!
     
  6. Was (Not Wasdin)

    Was (Not Wasdin) Member SoSH Member

    Messages:
    1,691
    So....unless absolutely necessary, hold off on buying any computer with an intel processor until the flaw is fixed?
     
  7. cgori

    cgori Well-Known Member Silver Supporter SoSH Member

    Messages:
    2,221
    Wait until the embargo on the vulnerability lifts, then see which processors have an issue. Wouldn't be surprising if relatively new devices (Skylake? Kaby Lake?) have a fix.
     
  8. lexrageorge

    lexrageorge Member SoSH Member

    Messages:
    6,553
    Intel is unsurprisingly disputing the story from The Register. Could be a vulnerability that affects most any processor that handles virtual memory in a certain way based on a novel method of exploitation. If so, it's not clear that the issue is limited to Intel processors, or should even be considered a "bug". About the only thing we can be sure about is that there's definitely been a lot of finger pointing back and forth in closed door meetings between Intel, Microsoft, the Linux community, and the big server guys (Google, Amazon, etc.).
     
  9. SumnerH

    SumnerH Malt Liquor Picker Dope

    Messages:
    25,310
    Ars Technica has a pretty detailed but still (*cough*) speculative write-up on the issue. If they’re correct, AMD is unaffected and the bug is specific to Intel processors from the Pentium Pro through current.

    But there’s a leap of faith in the article. I'm not sure how they get from a side-channel timing attack—which is bad enough—to reading arbitrary Ring 0 memory.
     
  10. cgori

    cgori Well-Known Member Silver Supporter SoSH Member

    Messages:
    2,221
    As someone who worked with world-class side channel attack experts for a long time, I am no longer surprised at the relative power they can have. It's always a matter of when not if - when a researcher has a clever thought or figures out how to apply a technique across domains is usually when things tip over.

    The performance penalties being thrown around are in the range of what side channel countermeasures often require.
     
  11. cgori

    cgori Well-Known Member Silver Supporter SoSH Member

    Messages:
    2,221
    More info available now, there are two different issues: https://arstechnica.com/gadgets/201...odern-processor-has-unfixable-security-flaws/

    The guy they list as one of the independent discoverers of Spectre was my old boss - I had no idea this was something he was looking into but it does not surprise me at all.

    Edit- paper for Meltdown: https://meltdownattack.com/meltdown.pdf - perhaps my boss was on this one instead, I haven't dug out the Spectre paper yet to see if he's on both.

    Edit2 - Spectre paper: https://spectreattack.com/spectre.pdf

    Some weird stuff in the media this morning that maybe the authors broke the embargo a week early. Not sure what to make of that but seems like keeping a lid on this at this point is pretty futile.
     
    #11 cgori, Jan 3, 2018
    Last edited: Jan 4, 2018
  12. lexrageorge

    lexrageorge Member SoSH Member

    Messages:
    6,553
    Interesting. Still amazing that one can infer a randomized kernel memory address by just looking at the execution timing of certain accesses. Can't really fault Intel here; speculative execution has been a mainstay for decades, and I'm sure these type of security issues were completely unknown (or even unknowable) when Intel began releasing processors with their aggressive speculation. The main worry at the time with Intel's approach would have been power and cache pollution, not security.

    The excellent article from arstechnica does mention that these attacks are mainly concerns for servers:

    So Overwatch for PC will still run fine on Intel-based PC's.
     

Share This Page