- Last post
- 15 Responses
Seems like a big deal: Intel CPUs have a security bug in how they handle memory that is hard coded on the silicon (un fixable) Mitigating the bug in software can reduce system performance upwards of 30%
we are all getting the patches shortly, which is good for security, but this will kill performance. If your computer starts to feel really slow soon, you know why.
Some speculation on this and how it might effect cloud services:
I may go with AMD for my next computer. I will change my computer in 208 probably.
Although the details are a bit inscrutable at the moment, losses are apparently only relevant in a percentage of operation types, particularly in those related to how Virtual Machines work - hence the panic in cloud operations and AMD's apparent stock price rise.
The effect on the likes of us will be a small percentage of the stated percentage range - ie. your processor won't suddenly become 30% slower.
If this isn't the case, then Intel's truly fucked as it may be open to a massive class action suit - the sort here they have to either replace your chip, or refund a significant percentage of the cost, as per the Pentium FPU fuck up back in the 90s.
Now with a catchy name - "Spectre"
Full info here: https://spectreattack.com/
- makes a good points about cloud storage providers not patching :=| ...meltdown effects nearly every processor since 1995, nuts.kingsteven
- Yeah, this is brutal for both cloud providers, and companies using their services if not patched. 30% performance drop must eat up all profit marginmonNom
^ that tool is for a different bug dealing with the Intel management engine. I think that mostly affects servers and workstations/corporate laptops. Things you would remotely administer.
Everyone is vulnerable to meltdown / spectre if unpatched.
(Meltdown only on intel and recent ARM chips)
To be clear why spectre is so worrisome: it can steal sensitive information right out of your CPU memory as though it were plain text.
For users with older computers who can't update OS, or don't want to update for some reason, you should probably disconnect that machine from the Internet all together and use it only for off line work from now on. Get a cheap new computer for Internet things and use a sneaker network to move files between them.
A note on performance:
I did a before/after on a computationally intensive 3d render. My performance was actually very slightly better post-update. (WIn10 i7 6700k)
As I understand it, it's the Disk IO related tasks that are most serverely really hurt (3d render is basically all CPU), so I can see how servers would suffer for this. I don't notice a difference.