Core 9000 series

[AndreiD]

@robin66 good article, makes it less confusing as to what security mitigation the processors have.

 

[humbug]

https://www.anandtech.com/show/1330...e-intel-clarifies-whiskey-lake-and-amber-lake

So they are not going to have this fully fixed for another few generations.

That ^^^^ added to this bizarre statement.

The takeaway message from our discussions with Intel is that there are some hardware mitigations in the new Whiskey Lake processors. In fact, there are almost as many as the upcoming Cascade Lake enterprise parts. Intel told us that while the goal was to be transparent in general with how these mitigations were being fixed, they misread the level of interest in the specifics in advance of the Whiskey Lake launch, especially when the situation is not a simple yes/no.

Are they taking any of this seriously?

 

[jigger]

@robin66 good article, makes it less confusing as to what security mitigation the processors have.

The problem is a lot of the vulnerabilities can't be mitigated. You literally have to wipe from the L1 data to keep a secure space.

 

[AndreiD]

@jigger I'm sure if Intel did the same it would also fly under the radar... or not, you know there would be a lot more outcry. GF blatantly lied and there was no optical shrink, 12LP only had some very minor changes. At least AMD is moving away from GF.
And you obviously can mitigate those vulnerabilities, maybe apart from Spectre Var 1 which seems to be tackled at a software level.

 

[humbug]

@jigger I'm sure if Intel did the same it would also fly under the radar... or not, you know there would be a lot more outcry. GF blatantly lied and there was no optical shrink, 12LP only had some very minor changes. At least AMD is moving away from GF.
And you obviously can mitigate those vulnerabilities, maybe apart from Spectre Var 1 which seems to be tackled at a software level.

This: "GloFo lying" needs to be brought out of its hyperbolic context, when you actually read the article he posted its not so much a lie as it is an uncommon practice amongst foundries of improvements without an actual shrink, that's convenient for chip designers like AMD, AMD being their biggest customer and wanting an easy node switch probably drove the direction the node took.

This is what was actually said.

GlobalFoundries 12LP which ramped earlier this year was designed to make it as seamless as possible for their 14nm customers to migrate over to 12nm. GF robust 14nm platform and IPs are largely compatible with 12nm. Unlike other foundries, GF made no optical shrinks or other major design rule changes that would force customers to make more significant design reworks. Instead, they opted for improving the device characteristics as well as introducing a new higher-density library that brings a modest density and performance improvement over the prior 14LPP high-performance library. Customers can also continue to use their existing 9T and 10.5T libraries while taking advantage of the higher performance from the raw device improvements that were made to 12LP.

Overall, the low-risk, high reward strategy for 12LP has worked well and GlobalFoundries is reporting yield comparable to 14LPP with a number of customers, including AMD, already leveraging the process for mass production products. GlobalFoundries has also extended the platform to include new RF and analog applications as well as automotive-grade applications.

Cut the crap AndreiD.

 

[jigger]

@jigger I'm sure if Intel did the same it would also fly under the radar... or not, you know there would be a lot more outcry. GF blatantly lied and there was no optical shrink, 12LP only had some very minor changes. At least AMD is moving away from GF.
And you obviously can mitigate those vulnerabilities, maybe apart from Spectre Var 1 which seems to be tackled at a software level.

Intel did do the same. Nothing went under the radar we are still at circa 20nm.

Intels chips are B0rked beyond fixing and have more vulnerabilities to come. Intel chips can't be fixed and Intel have now become toxic to the market. It's strange you ignore these problems but fixate on GF marketing, the same marketing the rest of industry is using and marketing that everyone knows is rubbish.

 

[Jamie Archer]

If only this situation was so trivial. L1 cache wipe is 4 clock cycles?

Anyway if you are an Intel guy, because Intel must be promoted, I wouldn't even mention security and how critical it is or isn't. Keep that hush because Intel are in deep trouble.

Tell me, how long have these vulnerabilities been about on Intel CPUs? It must take a very long time to get into trouble i suppose.
I guess things that are realistically easy to perform or obtain are just decades in the finding seeing as nobody notably has performed or obtained anything.

 

[AndreiD]

Another Intel related thread derailed by the usual bunch, of course.

Also did anyone notice that Whiskey Lake doesn't have any fixes for Spectre V2 which is one of the bigger performance impacts? Apparently Amber Lake doesn't have any fixes because it's just a higher Kaby Lake Refresh bin, but Whiskey Lake is fabbed using 14nm+++ so they could probably implement a few silicon fixes. If Coffee Lake Refresh is using the improved 14nm node, wouldn't that mean they'd implement some spectre fixes? Going to be interesting to see if they do.

Also the mitigation they implemented in Cascade Lake silicon should put them roughly on par with AMD again.

 

[jigger]

Tell me, how long have these vulnerabilities been about on Intel CPUs? It must take a very long time to get into trouble i suppose.
I guess things that are realistically easy to perform or obtain are just decades in the finding seeing as nobody notably has performed or obtained anything.

It seems Intel got 6-12 months heads up before the flaws went public.

 

[SiDeards73]

Another Intel related thread derailed by the usual bunch, of course.

Also did anyone notice that Whiskey Lake doesn't have any fixes for Spectre V2 which is one of the bigger performance impacts? Apparently Amber Lake doesn't have any fixes because it's just a higher Kaby Lake Refresh bin, but Whiskey Lake is fabbed using 14nm+++ so they could probably implement a few silicon fixes. If Coffee Lake Refresh is using the improved 14nm node, wouldn't that mean they'd implement some spectre fixes? Going to be interesting to see if they do.

Also the mitigation they implemented in Cascade Lake silicon should put them roughly on par with AMD again.

Intel is caught between a rock and a hard place, if they implement hardware fixes, which im not sure they can without completely redesigning the branch prediction in their CPUs, they will suffer performance penalties for doing so, which may well bring their current IPC lead to being only parallel with AMD's IPC, as lets face it, CFL is not massively better IPC now than Zen.

They could keep their advantage by refining their designs and adding hardware level fixes and at best this may keep their IPC lead mainly due to the refinements as much would probably be negated by the branch prediction fixes and other bits n bobs, then AMD would move to 7nm and refinements and could potentially bypass Intels IPC lead.

AMD may well have played the long game here by luck or judgement, if they had known of these types of exploits and vulnerabilities, which in all honesty they should be, as anyone designing this type of architecture should be well versed in what is and is not possible, and could potentially have known that Intels IPC lead was due to the way they favoured speed over these types of security exploits, and well.. chickens have come home to roost.

Its very interesting, id love to know if AMD merely lucked into this current scenario, and if it was a conscious decision by Intel to forgo this type of security in favour of performance.

Looking ahead you can see Intel has deep issues, if they cannot patch the immediate future chips fully from these exploits, and its going to be a couple more generations before they can, that could be a good few years, with the rate cyber attacks increase and become increasingly more clever, and the rate people are playing cloud based games or gobbling up cloud based services, its inevitable that Intel is going to be on the sharp end of their chips being at the heart of a severe security breach somewhere and fingers pointing in their direction, especially if home users start getting attacked.

 

[jigger]

Another Intel related thread derailed by the usual bunch, of course.

Also did anyone notice that Whiskey Lake doesn't have any fixes for Spectre V2 which is one of the bigger performance impacts? Apparently Amber Lake doesn't have any fixes because it's just a higher Kaby Lake Refresh bin, but Whiskey Lake is fabbed using 14nm+++ so they could probably implement a few silicon fixes. If Coffee Lake Refresh is using the improved 14nm node, wouldn't that mean they'd implement some spectre fixes? Going to be interesting to see if they do.

Also the mitigation they implemented in Cascade Lake silicon should put them roughly on par with AMD again.

What size node? You just keep failing with these arguments.

 

[SiDeards73]

Tell me, how long have these vulnerabilities been about on Intel CPUs? It must take a very long time to get into trouble i suppose.
I guess things that are realistically easy to perform or obtain are just decades in the finding seeing as nobody notably has performed or obtained anything.

You under estimate that certain countries are major sources of hackers and exploits who spend a lot of time trying many different avenues to exploit computers to extract data to earn revenue from it, whether it be by Ransomeware or ID theft etc.

Its very naive to think that these now known exploits are not already being used by determined hackers to make money, they know as well as we do that most people wont ever patch these vulnerabilities, and these are the people that will ultimately end up paying the price, its not uncommon for even large legit websites to get attacked and end up hosting malware of this sort that can and will exploit your vulnerabilities.

 

[NinjaCool]

It seems Intel got 6-12 months heads up before the flaws went public.

Which was one of the reasons people got angry with Intel since they were publicly selling Coffee Lake as a secure CPU at launch even though Intel already knew it had serious security issues.

 

[jigger]

Intel is caught between a rock and a hard place, if they implement hardware fixes, which im not sure they can without completely redesigning the branch prediction in their CPUs, they will suffer performance penalties for doing so, which may well bring their current IPC lead to being only parallel with AMD's IPC, as lets face it, CFL is not massively better IPC now than Zen.

They could keep their advantage by refining their designs and adding hardware level fixes and at best this may keep their IPC lead mainly due to the refinements as much would probably be negated by the branch prediction fixes and other bits n bobs, then AMD would move to 7nm and refinements and could potentially bypass Intels IPC lead.

AMD may well have played the long game here by luck or judgement, if they had known of these types of exploits and vulnerabilities, which in all honesty they should be, as anyone designing this type of architecture should be well versed in what is and is not possible, and could potentially have known that Intels IPC lead was due to the way they favoured speed over these types of security exploits, and well.. chickens have come home to roost.

Its very interesting, id love to know if AMD merely lucked into this current scenario, and if it was a conscious decision by Intel to forgo this type of security in favour of performance.

Looking ahead you can see Intel has deep issues, if they cannot patch the immediate future chips fully from these exploits, and its going to be a couple more generations before they can, that could be a good few years, with the rate cyber attacks increase and become increasingly more clever, and the rate people are playing cloud based games or gobbling up cloud based services, its inevitable that Intel is going to be on the sharp end of their chips being at the heart of a severe security breach somewhere and fingers pointing in their direction, especially if home users start getting attacked.

The problem is the flaws are numerous and keep coming. Every flaw needs to uncovered first and then a fully reworked chip designed. I think right now we are looking at 2021-22 for Intel have a viable design and then that will have to fit in with the timing of Intels process. 5nm?

 

[chroniclard]

For your average gamer these flaws are mostly irrelevant, unless any fixes substantially impact performance.

 

[jigger]

Which was one of the reasons people got angry with Intel since they were publicly selling Coffee Lake as a secure CPU at launch even though Intel already knew it had serious security issues.

At what point did Intel know about the flaws is the big question.

 

[SiDeards73]

For your average gamer these flaws are mostly irrelevant, unless any fixes substantially impact performance.

At the moment they are irrelevant as no one has successfully used them to hack a gamers PC to either lob a ransomware on it or steal data, im sure most of us have seen the demo of the java script reading memory space and accurately recreating a picture from the infected PC.

Sooner rather than later someones going to find a way to use those exploits to steal data or ransom all those unpatched gaming PC's, the payoff is too big to ignore, you think these hackers sit around saying "oh no its too hard" this to them is the golden goose, whoever cracks this first makes a lot of money from it.

Its going to happen, the very moment this went public, there was people starting looking at how they can exploit this for financial gains, these are organized criminal outfits with lots of money and resources they can bend to exploiting this as the prize at the end is just to big for them to ignore.

 

[SiDeards73]

At what point did Intel know about the flaws is the big question.

I heard it was around 9 months before they went public, i believe both AMD and Intel were made aware, if we look at the state of current CPU's, its very telling. Its also telling BK sold off a ton of shares before this went public, enough telling that he is under investigation for it i believe.

 

[jigger]

For your average gamer these flaws are mostly irrelevant, unless any fixes substantially impact performance.

It's irrelevant if you don't mind a world full of machine trying to exploit other machines.

 

[AndreiD]

@SiDeards73 With Cascade Lake Intel should be on par with AMD so we'll know then for sure what the difference between the two is IPC wise. Will be very curious to see The Stilt comparing Cascade Lake, Skylake-SP and Zen+.

@humbug you and a few others derailed the thread long before I replied to someone bringing up AMD.

@jigger It's not like the Intel systems are less secure if you have the mitigation installed, which if you have Windows 10 you will by default (W10 delivers microcode updates too). The issue is just the performance impact those fixes have, which seems to be insignificant for most consumer workloads.