Intel bug incoming? Meltdown and Spectre exploits

drunkenmaster · 4 Jan 2018 at 11:35

AndreiD said:
Based on benchmarks so far, the IPC difference hasn't really changed overall.
It does make Epyc more compelling for some datacenter tasks though.

I mean one of the first places to benchmark showed a 5% drop in gaming frame rates at 1080p in all the games they tested, then the article said there was no noticeable reduction in performance. Yet for Zen/coffeelake reviews when there is no framerate difference at 4k but a 5% frame rate difference at 1080p and cpu limited they go on to say Intel has a commanding 5% lead in gaming.....

THere seems to absolutely be a performance drop, but review sites are being careful not to call Intel out on it at all.

Rroff · 4 Jan 2018 at 11:41

drunkenmaster said:
Sorry but that is bull. Near zero doesn't mean they are vulnerable but it's not easily exploited. Everyone has tested Zen and no one has been able to expose it, but that doesn't mean 2 or 10 years from now someone won't find some insane method to do it and if AMD said zero risk they can be sued.

When your words can have consequences, like billion dollar lawsuits you tend to say near zero to cover your backside, not because you are vulnerable and it's just not easy to do. If AMD know they can be exploited and are saying this for just an exploit that is hard to attack they would also get sued for that. Near zero means at this time no one has found any way in which AMD is vulnerable to this variant of exploit, but legally saying zero risk is a landmine waiting to kill us in the future, nothing more or less.

Taking your point in a slightly wider context as you seem to be missing some of the more specific aspects of my posts - then you say no known vulnerabilities or passes X penetration/vulnerability/vector test not near zero - near zero implies something different and an interesting choice of wording.

I think we are gonna see another instance of deny, deny, deny - oh wait there are some things we need to do.

In some cases they've blatantly only done cursory checking and covering their bases - maybe nothing else will be turned up but they've obviously not tested as exhaustively as they'd like to make out or they'd have used another turn of phrase.

Silent_Scone · 4 Jan 2018 at 11:49

drunkenmaster said:
I mean one of the first places to benchmark showed a 5% drop in gaming frame rates at 1080p in all the games they tested, then the article said there was no noticeable reduction in performance. Yet for Zen/coffeelake reviews when there is no framerate difference at 4k but a 5% frame rate difference at 1080p and cpu limited they go on to say Intel has a commanding 5% lead in gaming.....

There seems to absolutely be a performance drop, but review sites are being careful not to call Intel out on it at all.

The first test, then the others showed gains post patch. It's not indicative of anything. If gaming performance is affected when updated ucode rolls out, I'd be extremely surprised.

Rroff · 4 Jan 2018 at 11:50

Silent_Scone said:
The first test, then the others showed gains post patch. It's not indicative of anything, if gaming performance is affected when updated ucode rolls out, I'd be extremely surprised.

If it is the same site I'm thinking the changes were all within margin of error with some games a tiny little bit faster and some a tiny bit slower and one game that was like 5% slower.

SiDeards73 · 4 Jan 2018 at 11:52

Silent_Scone said:
The first test, then the others showed gains post patch. It's not indicative of anything, if gaming performance is affected when updated ucode rolls out, I'd be extremely surprised.

I have to agree with Scone, gaming pretty much wont be affected directly on your home PC, however should you be playing games that require resources from elsewhere, oh i dunno say MMORPG's etc? then you could potentially see performances regression, its hard to tell yet exactly how it will pan out with regards to games that require a connection to offsite servers etc..

To say it wont affect gaming at all is not true, it will indirectly effect a lot of games that rely on cloud / server farms etc to function.

SiDeards73 · 4 Jan 2018 at 11:54

LOL the Irony as i was typing the above i just received the latest "Tech news from Intel" mailshot, and it includes this gem of an article https://www.intel.co.uk/content/www...dium=email&utm_campaign=33340&elq_cid=1411153

How utterly ironic, i cant believe Intel actually let this be sent today tbh.

andicole0 · 4 Jan 2018 at 11:55

Should change the thread title now that AMD and ARM are in the same boat?
Andi.

Rroff · 4 Jan 2018 at 11:58

SiDeards73 said:
LOL the Irony as i was typing the above i just received the latest "Tech news from Intel" mailshot, and it includes this gem of an article https://www.intel.co.uk/content/www...dium=email&utm_campaign=33340&elq_cid=1411153

How utterly ironic, i cant believe Intel actually let this be sent today tbh.

I've just got this mental image of someone - come into work having missed the fuss, finished work on that PR shot and deploys, sits back in satisfaction of a job well done and then browses the news hah.

Hades · 4 Jan 2018 at 12:00

Rroff said:
In some cases they've blatantly only done cursory checking and covering their bases - maybe nothing else will be turned up but they've obviously not tested as exhaustively as they'd like to make out or they'd have used another turn of phrase.

Linus Torvalds is notoriously strict in allowing anything being committed to the Linux kernel. I would be surprised if he accepted the AMD 'patch' (which removes the blanket patch) without being happy they had done more than cursory checks. Obviously that's just an opinion rather than hard fact. But he doesn't let things into the kernel easily.

Hades · 4 Jan 2018 at 12:02

andicole0 said:
Should change the thread title now that AMD and ARM are in the same boat?
Andi.

Is there something new about AMD being impacted by Meltdown now?

Rroff · 4 Jan 2018 at 12:03

Hades said:
Linus Torvalds is notoriously strict in allowing anything being committed to the Linux kernel. I would be surprised if he accepted the AMD 'patch' (which removes the blanket patch) without being happy they had done more than cursory checks. Obviously that's just an opinion rather than hard fact. But he doesn't let things into the kernel easily.

Is it even in yet? last I checked it was in a pending branch for "Linux-next".

pete910 · 4 Jan 2018 at 12:04

This is what Linus thinks of Intel atm.

https://lkml.org/lkml/2018/1/3/797

Hades · 4 Jan 2018 at 12:06

Rroff said:
Is it even in yet? last I checked it was in a pending branch for "Linux-next".

Actually you may be right. Fair point.

Aretak · 4 Jan 2018 at 12:10

https://twitter.com/timgostony/status/948682862844248065

Seems like the CPU's having to work a lot harder to perform the same tasks post-patch. Not a big deal for this guy because he massively overprovisioned to begin with, but it'll be trouble for people running close to the limit already.

drunkenmaster · 4 Jan 2018 at 12:11

Hades said:
Actually you may be right. Fair point.

Does it matter? It's going to be possible to disable it easily anyway and everyone involved has accepted that disabling it by default on AMD is the right option, if it happens now or in the future is pretty much irrelevant to the discussion. None of them believe AMD need it on any of their cpus, full stop.

Rroff · 4 Jan 2018 at 12:11

Hades said:
Actually you may be right. Fair point.

At the end of the day to a degree he can only go on what AMD tells him and/or is authenticated by 3rd parties.

I don't think AMD is affected in any degree like Intel are but they do seem to be largely running a policy of keep quiet, keep heads down and hope Intel takes any flack and if there are any issues they get missed in the **** storm heading Intel's way. The wording of their statement is very much political deflection which I'm reading as they aren't as immune to this as they'd like people to think even though they aren't seriously exposed by it.

ubersonic · 4 Jan 2018 at 12:13

stockhausen said:
If Intel have known about it for a while & avoided disclosure in order to maintain their share price, could this be of interest to the US regulatory authorities?

That's a question many are asking as Intel's CEO dumped millions in stock months after Google made him aware of the issue.

Rroff · 4 Jan 2018 at 12:14

ubersonic said:
That's a question many are asking as Intel's CEO dumped millions in stock months after Google made him aware of the issue.

Certainly gonna be a hard one to defend - no one is going to believe at this point there wasn't some influence on his decision making there unless he has a repeated pattern of such trading (and even if there was some would still condemn him).

EDIT: Looking at his Intel stock movement history it is pretty hard to defend - its mostly been automated sells at set intervals of approx. the same amount and then suddenly just before this came to light hes dump 13x his normal trading volume in one hit heh.

EDIT2: The only other time he has done uncharacteristic large sell was just before the previous AMT vulnerability hit the headlines - that gonna look suspicious even if its entirely innocent.

smilingcrow · 4 Jan 2018 at 12:18

drunkenmaster said:
Sorry but that is bull. Near zero doesn't mean they are vulnerable but it's not easily exploited.

In the current climate of looking for suspicion anywhere I think they have used an unnecessarily ambiguous phrase there with 'near zero'.
If they had said that no vulnerabilities have currently been found then that is clear and doesn't claim that they might not appear in the future.
But to say 'near zero' has me concerned as that can be typical PR speak.

Hades · 4 Jan 2018 at 12:19

Aretak said:
Seems like the CPU's having to work a lot harder to perform the same tasks post-patch. Not a big deal for this guy because he massively overprovisioned to begin with, but it'll be trouble for people running close to the limit already.

VDI farms are going to struggle...