• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel bug incoming? Meltdown and Spectre exploits

Soldato
Joined
5 Nov 2014
Posts
7,462
Will all the issues in this thread also apply to the 9700k? Just got the funds to buy a new cpu, mono and ram but don’t want performance killed off over the months with bios updates to fix these issues
 
Associate
Joined
30 Aug 2018
Posts
2,483
Will all the issues in this thread also apply to the 9700k? Just got the funds to buy a new cpu, mono and ram but don’t want performance killed off over the months with bios updates to fix these issues
Any of the hyperthreading issues obviously won't impact the 9700k. Three issues have been resolved in hardware in the 9 series and the fixes for the rest are down to patches and updates to the affected os, software, bios or microcode that runs on the cpu.
There is no way of escaping the issue (right now) because it is so prevalent, however you don't need to install every fix. Weigh up the cost of the fix vs the likelihood that your machine is vulnerable and going to be targeted and decide for yourself if the performance hit is worth it.

There are going to be new exploits going forward as well as fixes for those exploits. Security is a game of cat and mouse. They can predict what avenues of attack might be used and try to mitigate the threat, but until the hardware and software is in the wild you don't know how secure it really is. Even years after release like in this instance.

You may see less issues with ARM or AMD depending on your environment, but that doesn't mean there wont be issues in the future that require fixes that impact performance. Hopefully this isn't the case, in which case AMD is a slightly more secure and viable alternative given that not all the exploits are proven to affect their current hardware.
 
Man of Honour
Joined
30 Oct 2003
Posts
13,228
Location
Essex
Frustrating. I thought Intel had sorted this. On a brand new Intel Gold host:


Do what I did, give up until Rome is here! In the meantime I implemented Darktrace network AI and push every single little bit of traffic at it. Properly pricey solution to what "might be a problem". Awesome bit of kit though.
 
Soldato
Joined
5 Nov 2014
Posts
7,462
Any of the hyperthreading issues obviously won't impact the 9700k. Three issues have been resolved in hardware in the 9 series and the fixes for the rest are down to patches and updates to the affected os, software, bios or microcode that runs on the cpu.
There is no way of escaping the issue (right now) because it is so prevalent, however you don't need to install every fix. Weigh up the cost of the fix vs the likelihood that your machine is vulnerable and going to be targeted and decide for yourself if the performance hit is worth it.

There are going to be new exploits going forward as well as fixes for those exploits. Security is a game of cat and mouse. They can predict what avenues of attack might be used and try to mitigate the threat, but until the hardware and software is in the wild you don't know how secure it really is. Even years after release like in this instance.

You may see less issues with ARM or AMD depending on your environment, but that doesn't mean there wont be issues in the future that require fixes that impact performance. Hopefully this isn't the case, in which case AMD is a slightly more secure and viable alternative given that not all the exploits are proven to affect their current hardware.
Thank you for taking the time to reply. I would wait but my x58 mobo died a few weeks back and now needs replacing. Got a budget of £550 and can just squeeze in a 9700k, 8gb 3200mhz ram and a gigabyte z390 UD mobo

I don’t upgrade often so want to get the best I can for my money and all I do is game on it and the forums so not used for much else
 
Last edited:
Soldato
Joined
26 May 2014
Posts
2,944
Ironically, the recent hardware countermeasures introduced by Intel in recent Coffee Lake Refresh i9 CPUs to prevent Meltdown make them more vulnerable to Fallout, compared to older generation hardware.
https://mdsattacks.com/

fondadoredjackal-sizeytkds.gif
 
Man of Honour
Joined
13 Oct 2006
Posts
90,805
Another reason to go AMD this generation. Intel's architecture is inherently insecure, and even the recent ones still need mitigation.

We are fortunate really that the Intel Management Engine hasn't been exploited yet as if that ever happens in a serious way there is little you can do but take an Intel CPU completely offline:

wikipedia said:
The Intel Management Engine always runs as long as the motherboard is receiving power, even when the computer is turned off.

The IME is an attractive target for hackers, since it has top level access to all devices and completely bypasses the operating system.
...
It is normally not possible for the user to disable the ME. Potentially risky, undocumented methods to do so were discovered, however.[39] These methods are not supported by Intel. The ME's security architecture is supposed to prevent disabling

It isn't so much the architecture is inherently insecure any more or less than any other though - even my 4820K is 6 years old let alone the architecture that these CPUs are based on - that is a long time in security terms - though if they'd have taken a less head in sand approach the last couple of generations could have had a full raft of hardware mitigations.
 

V F

V F

Soldato
Joined
13 Aug 2003
Posts
21,184
Location
UK
and another found, but should be patched by now though.

SWAPGSAttack

https://www.guru3d.com/news_story/s..._intel_processors_starting_at_ivy_bridge.html

Im glad i went back to AMD :p

How are all these exploits happening now when it was never an issue back in 2012... or whenever.

"So i had a 4770K, which got turned into a 2600K, then into a i5 because disabling HT was advised, and now i'm back at my old 950..."

"Strangely coincidentall that vurnerabilities started existing at the moment their sales were pretty much dying. This is all planned obsolence. Agreements between soft and hardware producers.
Did anyone ever encounter a hacked system because of these "vulnarabilities" ? Doubtfull.
Anyway Intel has proven to not be worthy of being in CPU-businness whatsoever. I'd rather trust my bakker to make my next cpu.
"
 
Man of Honour
Joined
13 Oct 2006
Posts
90,805
How are all these exploits happening now when it was never an issue back in 2012... or whenever.

Intel having largely stuck on the same architecture for so long - eventually almost any hardware security gets broken as people understand the technology better and unexpected weaknesses are found, etc. - a lot of what at the time were quite secure systems on older hardware have been broken more recently with people wanting to emulate them to play old games, etc. etc. and in time the same is likely to happen to Zen - but probably not for a few years or more.

Did anyone ever encounter a hacked system because of these "vulnarabilities" ? Doubtfull.

Most of these attacks really to be useful need some idea of what you are going after and a big enough pay off for the effort required - it is probable that in some cases there will be attempts to use them where someone can get access via a VPS, etc. into a company that has high value commercial data and so on.
 
Back
Top Bottom