• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel Core Family

HatMan

HatMan

HatMan

Associate
Joined
2 Oct 2007
Posts
610
Location
Cardiff
Hello,

I have been watching forums and the news etc with regards Intel CPU's. I am of the opinion that all Intel Core Family CPU's are now scrap and yet I hear of folk still buying them and even Intel releasing new ones like the 8086. Is that not compromised as well? I am bewildered as to why anyone, especially with the expertise on here would buy into faulty goods. I have been reading some of the hacking news and security experts are readying themselves for the attack of doom. Does this not concern anyone?

Oh and I am not an AMD fanboy. Quite the opposite. I want a new rig but not until Intel have corrected the issues.

Don't Avoid the Swear Filter -
Armageus
 
Last edited:
Lol, I am a bit of an AMD fanboy and I am loving what is happening right now. BUT two things, first for all the headlines the Intel vulnerabilities are really hard to exploit in the average home PC environment and they are getting a lot more negative press than they probably deserve. They are far from broken.
Second if you are a gamer the simple truth is that the high single core speed of the intel chips still gives them the edge. Sure it has shrunk a lot and will continue to... But if I had a big budget and was just gaming I would get an intel.
The difference is for my budget and how long I want a system to last AMD is spanking Intel and also doesnt have the same vulnerability.
Also we have had core for a long time so people have been poking at it to find holes for longer, as AMD share grows and we get more time with Ryzen we might find that there are holea there too.
 
For most of the vulnerabilities, there are no reported attacks in the wild. They're tricky to execute and need an already compromised system to run the malicious code.

Personally my gaming machine lives by the TV and I can afford to disconnect its internet but I appreciate that isn't true for most people. Plus, newer chips have been patched. So considering the current performance lead and historical market share, the entire industry isn't going to stop buying Intel overnight. we're talking millions of chips to Dell, HP etc every year.
 
Intel's CPU's hold users data about as securely as a Teabag holds water but you're right no one seems to care, i think most people are under the impression that it just doesn't mater and it will never happen to them.

LuckyBenski said:
For most of the vulnerabilities, there are no reported attacks in the wild. They're tricky to execute and need an already compromised system to run the malicious code.

Personally my gaming machine lives by the TV and I can afford to disconnect its internet but I appreciate that isn't true for most people. Plus, newer chips have been patched. So considering the current performance lead and historical market share, the entire industry isn't going to stop buying Intel overnight. we're talking millions of chips to Dell, HP etc every year.
Click to expand...

How do you know? for all you know some Russian kid could be rummaging round in your computer right now.
Just about every intelligence institution, FBI, CIA, GCHQ, MI5.... has been hacked at one point or another in recent times and they are supposed to be the security experts.

Before all this broke the Chinese were saying they would be using AMD processors for their infrastructure citing the insecurity of Intel processors, i think now we know what they were talking about.
 
I thought there were patches for all these flaws except for the most recent one and that is due soon?
Flaws that can't be mitigated at all or without a significant performance penalty when using the software that I use are the ones that concern me.
Haven't heard about any such flaws yet but it may well just be a matter of time.
 
HatMan said:
Does this not concern anyone?
Click to expand...

Do the vulnerabilities concern me in general? Yes, considering virtually every business and organisation that holds any data on me will be using Intel CPUs.

Did it concern me a few months ago when I bought an i7-8700K? Not really, due to the above.
 
Using these vulnerabilities is relatively easy - actually using them to do anything useful a bit harder as they need a fairly focussed target and/or making sense of the data.

For the average home user making sure your browser is upto date and using a browser that has been updated with the mitigations closes down your biggest vulnerability (unless there is a big attack using a so far unknown variant/new approach) to remote exploitation - those most impacted by these vulnerabilities are people like VPS providers or anywhere else where you are using a virtual machine for either security and/or shared access as these allow an attacker to break out of the supposed confinement especially as this gives an attacker a more known environment and more time meaning that firmware and OS patches, etc. are pretty much mandatory and moving to a CPU that isn't affected a serious consideration.
 
It's like LuckyBenski says to exploit the flaws the system already needs to be compromised, once the system is compromised the majority of malware will use far simpler methods to steal passwords etc. It's mainly going to affect organisations who may become targets of professional hackers and the majority of industrial motherboards will receive fixes from the manufacturers, server grade hardware gets far better long term support than consumer grade motherboards.
 
mmj_uk said:
It's like LuckyBenski says to exploit the flaws the system already needs to be compromised, once the system is compromised the majority of malware will use far simpler methods to steal passwords etc.
Click to expand...

That isn't entirely true with these Intel flaws - some variants can be exploited via a carefully crafted web-site if you are using an unpatched browser and no microcode/OS patches (just patching the browser is sufficient and an unpatched browser with a patched system is also less vulnerable) and/or using a number of recent vulnerabilities that of themselves aren't particularly bad but combined with stuff like Meltdown and Spectre can be utilised to leverage serious remote intrusion such as the Ogg Vorbis remote code execution issue which wouldn't normally be possible.

However many of them you can't just fire and forget and they will be useful - often you need to make sense of the data and/or know the layout/offset of memory space you are trying to attack to then use that data to elevate system access - but in an environment like a virtual machine that gives an attacker a way out of the confinement they wouldn't normally have.
 
Last edited:
mmj_uk said:
It's like LuckyBenski says to exploit the flaws the system already needs to be compromised, once the system is compromised the majority of malware will use far simpler methods to steal passwords etc.
Click to expand...
It was those vulnerabilities in Zen blown out of proportions by those fraudsters which needed admin level access for exploiting them.
Intel's speculative code execution vulnerabilities were lot more serious.
 
Most OS's and software were patched almost immediately. It's mainly the Microcode updates from Intel that some people are still waiting on (or will be missing out on altogether).
 
mmj_uk said:
Most OS's and software were patched almost immediately. It's mainly the Microcode updates from Intel that some people are still waiting on (or will be missing out on altogether).
Click to expand...
Yep, Haswell got mixed support - some Gigabyte motherboard owners have had patches, I haven't for my Z97X-SLI
 
You must log in or register to reply here.
Back
Top Bottom