• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Zombieland impact on Intel CPUs

hedgey

hedgey

hedgey

Permabanned
Joined
30 Jan 2003
Posts
1,525
Location
Cardiff
Last edited:
Just switched z370 boards actually and the one I brought had the very first initial release BIOS on it. Updated to the one before this release as it to warned that I wouldn't be able to revert back if I did.

Looks like I lucked out.
 
I don't upgrade BIOS if the computer works. Easy as that. Yeah I'm probably missing a few vulnerability patches but the performance stays strong lol
 
Steveocee said:
I don't upgrade BIOS if the computer works. Easy as that. Yeah I'm probably missing a few vulnerability patches but the performance stays strong lol
Click to expand...

That’s the best reason to no flash your bios or even update windows 10 who wants to nerf there shinny intel cpu :) sorry but the amount of issues being found on intel cpu’s Have gotten out of hand and I wonder how many intel knew about and did nothing so they didn’t loose performance or even fix in new CPU’s as it would have caused performance to not increase
 
TrM said:
That’s the best reason to no flash your bios or even update windows 10 who wants to nerf there shinny intel cpu :) sorry but the amount of issues being found on intel cpu’s Have gotten out of hand and I wonder how many intel knew about and did nothing so they didn’t loose performance or even fix in new CPU’s as it would have caused performance to not increase
Click to expand...

Careful, nearly encroaching on tin foil hat territory there! I agree there are a lot of Intel issues coming out but look at the market dominance over the past few years. It's not surprising you don't hear about many from other manufacturers as simply there haven't really been any.

I'm wanting a reason to hop onto a shiny 3900X but I'd rather it not be because a BIOS upgrade chopped my 8700K down.
 
Its not really tinfoil hat territory though, these vulns exit as do more of them no doubt and it wont take long until one is weaponized.

I take security very seriously, my internet access has the equiv of half a dozen gun totting bouncers at the front door and my pc's are all patched and secured with virus and malware detectors that are top notch or pretty good and i am in no doubt that at somepoint something could get through this.
 
Stephanie Peterson said:
I take security very seriously, my internet access has the equiv of half a dozen gun totting bouncers at the front door and my pc's are all patched and secured with virus and malware detectors that are top notch or pretty good and i am in no doubt that at somepoint something could get through this.
Click to expand...

Your bouncers are looking for and proactively stopping "expected" problems though.

You realise a vulnerability works the same as someone shoving a bag of cash into one of your bouncers pockets to get him to look the other way whilst they go in?

I don't think any vendor can truly say they are not affected by vulnerabilities but to say Intel knew they had some and kept quiet IS tin foil hat territory although I didn't imply @TrM was (just bordering with that mindset). Was it Spectre or Meltdown that affected Ryzen as well?
 
I am well aware of what real security is (it is unfortunately part of my job) and yes some vulns are indeed backdoors, hence having multiple layers of security doing different things.
Long gone are the days you can plug in a router with a crap firewall and ports open left right and centre to a pc with an 8yr old OS that hardly ever sees an update because buying the new os and running updates costs real money or dont like the OS/layout/ads/snooping ect...

No system is 100% secure, even air gapped servers / networks are not - but what we have we can make better with a few changes - unfortunately having a cpu that blabs pish all over the shop as default behaviour unless you put a muzzle on it is not a something we can easily change.
 
Stephanie Peterson said:
Long gone are the days you can plug in a router with a crap firewall and ports open left right and centre to a pc with an 8yr old OS that hardly ever sees an update because buying the new os and running updates costs real money or dont like the OS/layout/ads/snooping ect...
Click to expand...

Look at the security updates/advisories for the recent KBs for Windows 10 (such as KB4512508 and KB4507469 albeit some more relevant to server than desktop)... you'd actually be more secure or at least no less secure with an 8 year old OS - just some highlights of issues if you don't have those updates:

Remote code execution vulnerability in .NET, Edge (Chakra) - if current user logged in as admin attacker could gain control of PC.

Scripting vulnerabilities in Edge could allow remote code execution

Multiple privilege elevation vulnerabilities in the kernel and audio service

RDP/RDS - multiple serious vulnerabilities

Windows error reporting multiple vulnerabilities medium to moderate severity

RPCSS, SPLWOW64 privilege elevation vulnerabilities
Click to expand...

Whole load of remote code execution issues with Windows 10 at the moment MS really are dropping the ball.
 
Last edited:
Thats the price of progress, we all want new toys but nowadays everything is released in beta.
As long as the bugs are found and fixed before they become an issue its not a big deal, the problem is when the problems are not found or worse not acted upon (Apple!!!)
 
Stephanie Peterson said:
Thats the price of progress, we all want new toys but nowadays everything is released in beta.
As long as the bugs are found and fixed before they become an issue its not a big deal, the problem is when the problems are not found or worse not acted upon (Apple!!!)
Click to expand...

Increasingly though some of these issues should never have existed in the first place - with a risk of being exploited in the window between release and being patched especially if it becomes more of a trend with development which those up to no good recognise and attempt to capitalise on.

It is way past time IMO MS split out security and feature updates and how they handle out of band updates and paid a lot more attention to the updates process itself so critical security updates could be delivered and applied much more seamlessly and much quicker.
 
Stephanie Peterson said:
I am well aware of what real security is (it is unfortunately part of my job) and yes some vulns are indeed backdoors, hence having multiple layers of security doing different things.
Long gone are the days you can plug in a router with a crap firewall and ports open left right and centre to a pc with an 8yr old OS that hardly ever sees an update because buying the new os and running updates costs real money or dont like the OS/layout/ads/snooping ect...

No system is 100% secure, even air gapped servers / networks are not - but what we have we can make better with a few changes - unfortunately having a cpu that blabs pish all over the shop as default behaviour unless you put a muzzle on it is not a something we can easily change.
Click to expand...


One of the most upsetting part of these recent Intel focused CPU attacks is that Intel (in some cases) was informed and did nothing or argued that the exploit was not worth patching. This probably due to the impact on performance the FW level patches would have, mainly on the server market.


This is definitely one of the advantages of having the choice of 2 strong CPU makers again, you can now go for who is the most secure at the time of purchase without any real performance hit.
 
Stephanie Peterson said:
Its not really tinfoil hat territory though, these vulns exit as do more of them no doubt and it wont take long until one is weaponized.
Click to expand...

As an aside these particular vulnerabilities aren't suited to fire and forget type malware of the more common kind - they really need both some idea of the target environment they are being used against and some idea of what you are trying to achieve specific to a target - more suited to active intrusion attempts and/or active persistent snooping where there is something of value to be gained (commercial secrets, foreign intelligence, etc.) and a fairly significant level of resources behind those trying to use them such a state level actors, etc. a lot of malware as you probably know uses a cocktail of approaches to try and install malware and then either attacks common targets such as cached/logged in paypal details, etc. or quietly sits in the background reporting back to and/or as part of a botnet that can be utilised later for things like DDOS attacks and traffic proxying, etc. while these vulnerabilities can't really be used like that.
 
Kinda makes me wonder how much performance I've lost on my laptop, that's 'only' got a 7700HQ, which with the performance reductions and it 'only' being 4c8th, can't be doing it wonders in some more modern games :(
 
Security is always a compromise with usability, I doubt any of us run our PC's with NSA's recommended security policy, if I wanted security I'd be running OpenBSD not Windows. Not much point overclocking for 10% perf gain to throw it away with a -16% perf loss with microcode updates. I run Comodo (which the CIA hated) and my browser (FF) is sandboxed with a reduced attack surface profile.
 
The performance hit from these countless vulnerabilities and their subsequent patches must be significant.

What's shocking is Ryzen 3000 was benched against Intel systems without any of the performance crippling patches applied (or the latest ones) in all the reviews I've checked. The reviewers either outright said they did not test with the Intel patches or they didn't mention it at all.
 
You must log in or register to reply here.
Back
Top Bottom