• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel bug incoming? Meltdown and Spectre exploits

Associate
Joined
24 Mar 2011
Posts
623
Location
Cambridgeshire
I think Spectre has enough traction that Intel won't (hopefully) let the updates for this slip. Updates for as far back as Haswell are already available so Intel have already got back to 2013 with the current microcode patches. The question is really how much further back they'll go.

Intel aren't the worst offender here for Spectre though. Smartphones are really a big issue. OoO ARM CPU's need patches too, but how many Android phones older than 18-24 months won't get an update? Most to nearly all, yet most of those phones still work great and will be in use by customers who will never see a security update for Spectre :(
 
Man of Honour
Joined
30 Oct 2003
Posts
13,229
Location
Essex
We will then focus on issuing updates for older products as prioritized by our customers.

You would have thought that their customers at this level i.e. people paying thousands of pounds for server grade processors (that could still be in extended warranty) should be the priority, You would think they would patch all vulnerable server and enterprise grade kit, then HEDT, then the desktop but they just seemed to go with "what is the newest" yea lets try and patch that. I dunno perhaps I was expecting too much. IMO they patch everything thats susceptible regardless of age.

I think Spectre has enough traction that Intel won't (hopefully) let the updates for this slip. Updates for as far back as Haswell are already available so Intel have already got back to 2013 with the current microcode patches. The question is really how much further back they'll go

There really is no excuse not to patch anything and everything that is vulnerable, no excuses, Intel your CPU's are insecure so fix it.

I think that will do for rambling on for now :D
 
Soldato
Joined
28 May 2007
Posts
18,200
You would have thought that their customers at this level i.e. people paying thousands of pounds for server grade processors (that could still be in extended warranty) should be the priority, You would think they would patch all vulnerable server and enterprise grade kit, then HEDT, then the desktop but they just seemed to go with "what is the newest" yea lets try and patch that. I dunno perhaps I was expecting too much. IMO they patch everything thats susceptible regardless of age.



There really is no excuse not to patch anything and everything that is vulnerable, no excuses, Intel your CPU's are insecure so fix it.

I think that will do for rambling on for now :D


Pretty much my sentiments. Intel should throw everything they have behind this problem and fully fix this balls up regardless.
 
Man of Honour
Joined
30 Oct 2003
Posts
13,229
Location
Essex
Pretty much my sentiments. Intel should throw everything they have behind this problem and fully fix this balls up regardless.

Good that it's not just me then because I really don't want to be ripping a load of servers out this year when in reality I should not need to :( If I have to do it that is going to mean that my storage back end and servers are out of sync in terms of upgrade path as I have a couple of years in the P6300 (Upgraded to P6350) EVA without doubt. I only recently added 3 shelves so I was hoping that end of 2019 I could start looking at the likes of 3par, nimble, pure etc so really that should be the time to be buying new servers, not because an intel bug forces my hand.

I think all I can do is wait it out and see what happens over the next month or so. Luckily all servers that are web facing are gen8 and all the gen7 stuff sits inside the perimeter behind UTM and IDS devices.
 
Associate
Joined
7 Aug 2017
Posts
415
Location
location location
Ryzen is not susceptible to meltdown so no re-spin/design is needed.

Fair enough for Meltdown, but for Spectre the software mitigations are proving to cause quite a performance loss in some benchmarks. I expect there's research into ways of keeping the performance benefit of speculative execution without leaking data to side channels, but I would expect any notable changes to silicon to take years to get to market.

IMO they patch everything thats susceptible regardless of age

I think they ought to too - they certainly have enough technical capability to do so; I'd give them more time to roll out the updates, but I'd be very disappointed if it takes further customer pressure to make them support the numerous deployed systems out there that utilise their older CPUs.

AMD confirms that they are rolling out microcode updates for its CPUs to mitigate against Spectre (Variant 2) attacks.

Initially they said no such attacks had been demonstrated on AMD CPUs but they are releasing "optional" microcode updates regardless.

More from that link: these updates will be made available for Ryzen and EPYC starting this week, and "previous generation products over the coming weeks".
 
Associate
Joined
26 May 2017
Posts
360
Fair enough for Meltdown, but for Spectre the software mitigations are proving to cause quite a performance loss in some benchmarks. I expect there's research into ways of keeping the performance benefit of speculative execution without leaking data to side channels, but I would expect any notable changes to silicon to take years to get to market.

".

Have you found evidence of the degradation due to Spectre mitigation as opposed to Meltdown or is that just a guess.
 
Caporegime
Joined
18 Oct 2002
Posts
33,188
INformation coming out that Intel's microcode updates, particularly for Sandy and Haswell, are causing a lot of issues. HP, Lenovo and other companies have pulled the updates and server companies are contacting customers to let them know there are issues, to let them know they may have to migrate to new servers and that they'll be going after Intel to reimburse them for switching to newer chips that have less problems.

You might be cynical in saying Intel purposefully put out 'bad' microcode for older generation chips so server companies have to switch from older Sandy/Haswell Xeons to newer Xeons. Those companies saying they'll take on the expense themselves(rather than the customers) at first but seek compensation when Intel will fight tooth and nail not to give out compensation.

Or maybe they just suck and really are just struggling to fix their own problems. Also announced is another massive AMT bug that apparently lets people bypass bios and bitlocker passwords on a system.

Intel really couldn't be doing worse on the security front right now.
 
Permabanned
Joined
6 Feb 2010
Posts
6,138
Location
Barnsley
Shame older X79, etc. probably won't get updates but good on them if they are on the ball getting the last 2-3 generations sorted.


comments like this are getting my back up.. (not aimed at Rroff just an linked as an example)

"good on them if they are on the ball getting the last 2-3 generations sorted"
they did this on purpose, to gain a performance advantage over AMD. this go's back to sandybridge and the massive jump in performance they made.
an AMD Tech said intel are bypassing security checks at gain performance but any anyone that mentioned it was called an AMD fanboy and told to **** off...

i hope intel burn for this. they need to FIX every single chipset that's affected.
 
Man of Honour
Joined
13 Oct 2006
Posts
90,819
comments like this are getting my back up.. (not aimed at Rroff just an linked as an example)

"good on them if they are on the ball getting the last 2-3 generations sorted"
they did this on purpose, to gain a performance advantage over AMD. this go's back to sandybridge and the massive jump in performance they made.
an AMD Tech said intel are bypassing security checks at gain performance but any anyone that mentioned it was called an AMD fanboy and told to **** off...

i hope intel burn for this. they need to FIX every single chipset that's affected.

My comment was about Gigabyte not Intel.
 
Soldato
Joined
9 Mar 2012
Posts
10,072
Location
West Sussex, England
Anyone know how to figure out your CPUID? I've managed to extract the microcode .bin files from the Intel download for my processor but it contains .bin files for lots of CPU's. A lot of the microcode files when extracted are old too so I don't know why they repackage them and date the archive as though its a new release for all the listed CPUs...

This is the Intel release I'm referring to.

https://downloadcenter.intel.com/download/27431/?product=65520
 
Back
Top Bottom