A Massive Intel Hardware Bug May Be on the Horizon

Yea from a hardware decider if I was making a choice with this vulnerability in the wild I would be leaning to AMD right now as well.
 
Then people are free to suck up and take the performance hit. I offered a very good solution. I have bookmarks. I use the same websites day in and day out. If I do visit new websites and somehow get infected then the following day when I re-image my drive ... I'm good to go.

35% performance hit? If true ... that's a devastating amount of lost performance.

I'm just not going to suck it up and take the performance hit.

There is nothing I do on my computer that I have to worry about.

All my financials are handled strictly on my phone. I get email alerts for every transaction. Maybe the rest of you are exposed. I'm not.

ARS speculates that ARM is also affected by this based on the KAISER project. Doesn't seem quite that safe anymore.
 
Even if it is limited to 5% (more likely 10% as it's a lot of sql calls), all those corporate servers running on the cloud will be affected. Considering clock limits on Intels HEDT's, that means AMD is on par performance wise, more than ever and for less money.

Cry in your soup Shintai, you know it's true.

49% performance penalty on EPYC 7601.


In other words, this confirms AMD is not affected.

Nope.
 
49% performance penalty on EPYC 7601.




Nope.

AMD confirmed that PTI issue does NOT have to include the work around. So none issue for them. You only see these performance issues IF you force the work around which is not necessary.
 
of course you can always consider non ITX builds?

There is a ROG and Fatality ITX board for AM4, I am sure they are not garbage.

I have the Fatality ITX board. I wouldn't call it garbage, although it's probably not the best X370 board there is, and it's missing some features like USB 3.1 and some advanced OC functionality.
 
So what's the alternative for somebody who wants to build a mini-itx system?
It looks like all of AMD's AM4 mini-itx boards are complete garbage.
At this point maybe I should just start investing in an ARM SOC...

of course you can always consider non ITX builds?

There is a ROG and Fatality ITX board for AM4, I am sure they are not garbage.

Honestly, I wouldn't even consider an ITX build for main system.

Don't get me wrong. I have four ITX builds in my house, but three of them are HTPC's and one is my pfSense router.

For the desktop, the bigger the better. There is absolutely no benefit and many, many drawbacks in it being small.

I was an early-ish adopter of the SFF build back in 2009/2010 (can't remember now) when I got one of those Shuttle All in One SFF cases for my i7-920. I learned from that experience that you'll always be up against problems when you go small form factor. Less expansion, less space for cooling, more expensive components, etc. etc.

That and it isnt even a space saver. Instead of having a large case you rarely notice out of the way on the floor under your desk, you now have a - granted much smaller - case, but it is taking up precious space on the desk. I found I had LESS space when I went with an SFF case.

So, I was supremely disappointed with the SFF experience, and since then have adopted a "bigger is better" mentality. These days I couldn't imagine going smaller than a full tower. Even a mid tower is too small.
 
Glad this doesn't appear to affect gaming, but man, what a crazy situation.
 
Glad this doesn't appear to affect gaming, but man, what a crazy situation.

Based on Computerbase's initial testing, there isn't a noticeable difference. I posted the link in the Front Page thread.
 
That is an outright lie. AMD is unaffected, and their patch was accepted into the mainline kernel.
Linux Kernel as of now still treats the AMD as insecure so it suffers the same penaltys. Obviously you can bypass this on boot for both Intel and AMD. Of course, this will all be sorted soon.
 
This is because the initial patch hit all 64bit Processors, AMD had already released a patch to fix their end.

Exactly, all x86 CPUs are treated as insecure in the recent kernel. If a patch is added to exclude AMD CPUs and when it is added to the kernel remain to be seen.
 
Exactly, all x86 CPUs are treated as insecure in the recent kernel. If a patch is added to exclude AMD CPUs and when it is added to the kernel remain to be seen.

Every single server, in the world, will add nopti=true to AMD systems. Server Owners aren't dumb end users. To post a EPYC benchmark claiming poor performance, or in any way insinuate AMD is impacted by this, is pure and utter bunk.
 
Every single server, in the world, will add nopti=true to AMD systems. Server Owners aren't dumb end users. To post a EPYC benchmark claiming poor performance, or in any way insinuate AMD is impacted by this, is pure and utter bunk.
And what's the windows option?
 
This is bad, really bad.... My VM server is heavy on I/O and runs multiple DB's. If the Phoronix filesystem benches are anything to go by I've just waved goodbye to at least 40% of my server's total performance.

I had spare some capacity on it before this, post patch I won't = New Server = A fair wack of cash.

'Not Cool' doesn't cover it. Neither does 'Really Uncool'. I'm seriously pissed, enough to look at Epyc for it's replacement.
 
on a side note ibm power 9 servers are on the horizen look pretty afordable (starting at 3k) and look sweet in prefermance. plus amd is finally on there game in the multithreaded option so there are many other options.
 
"describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data."

So they can gather the data, just not modify it? It's not extra extra bad, just extra bad?


"Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits."

Look over there, a three headed monkey!


"Intel is committed to the industry best practice of responsible disclosure of potential security issues"

...which is why we kept quiet until others found out and let our CEO cash out before shit hit the fan.


"Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied."

Which is it? Do you believe it's exploitable or don't you?
 
It arm is also potentially affected, and thus not just x86, I wonder if Itanium is affected too. We have a bunch of those running up here.
 
"describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data."

So they can gather the data, just not modify it? It's not extra extra bad, just extra bad?


"Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits."

Look over there, a three headed monkey!


"Intel is committed to the industry best practice of responsible disclosure of potential security issues"

...which is why we kept quiet until others found out and let our CEO cash out before shit hit the fan.


"Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied."

Which is it? Do you believe it's exploitable or don't you?


This is like BP during DeepWater Horizon. They can't say anything that can be shown to negatively impact shareholder value.

So they are lying.
 
  • Like
Reactions: Meeho
like this
I noticed AnandTech has been completely silent. They must be waiting for the official Intel fluff-job press release that they can post verbatim to explain that all of this is GOOD for us and we should want MOAR of it from Intel.
 
  • Like
Reactions: Meeho
like this
I noticed AnandTech has been completely silent. They must be waiting for the official Intel fluff-job press release that they can post verbatim to explain that all of this is GOOD for us and we should want MOAR of it from Intel.
I've also noticed the loud silence from Anandtech.

mshckd.gif
 
Back
Top