Another Intel vulnerability!

Discussion in 'HardForum Tech News' started by 1_rick, Sep 10, 2019.

  1. 1_rick

    1_rick Gawd

    Messages:
    562
    Joined:
    Feb 7, 2017
  2. Master_shake_

    Master_shake_ [H]ardForum Junkie

    Messages:
    9,353
    Joined:
    Apr 9, 2012
    put another one on the board Vanna!

    wow.

    can we stop calling it security and call it what it really is?

    swiss cheese.
     
  3. Lakados

    Lakados [H]ard|Gawd

    Messages:
    1,661
    Joined:
    Feb 3, 2014
    The higher ups have already given me the order to phase out all Intel servers. So main Hyper-V servers are done just have to do the onsite AD/DNS servers next.
     
  4. cyklondx

    cyklondx Limp Gawd

    Messages:
    278
    Joined:
    Mar 19, 2018
    i think those are just designed flaws us gov wanted; but now that there's a cold war with china we must close the doors and windows.
     
    d3athf1sh and KarsusTG like this.
  5. thesmokingman

    thesmokingman [H]ardness Supreme

    Messages:
    4,925
    Joined:
    Nov 22, 2008
    Is it a bad time to buy Intel?
     
  6. DrDoU

    DrDoU 2[H]4U

    Messages:
    2,388
    Joined:
    Jun 4, 2007
    one more intel flaw. Who does it really hurt? Don't see the average person screaming bloody murder.
     
    Viper16 and lRaphl like this.
  7. Tweak42

    Tweak42 Gawd

    Messages:
    605
    Joined:
    Dec 1, 2010
    Reading the article it's a high hanging fruit attack vector. Who knows, state actors may have been using this for years. Also appears the Intel server chipset feature (DDIO) that enables this attack can be disabled.

    Still, that unknowing factor of the next Intel security "feature" lurking around the corner has a lot of admins on edge. Or buying AMD.
     
    lRaphl likes this.
  8. Mode13

    Mode13 Gawd

    Messages:
    652
    Joined:
    Jun 11, 2018
    Intel cut too many corners in the name of convenience and performance it seems.

    .... I wonder if the lizard people knew about these vulnerabilities years before the rest of us :)
     
    Revdarian, DrezKill, Baenwort and 3 others like this.
  9. Ready4Dis

    Ready4Dis Gawd

    Messages:
    554
    Joined:
    Nov 4, 2015
    Revdarian likes this.
  10. odditory

    odditory [H]ardness Supreme

    Messages:
    5,565
    Joined:
    Dec 23, 2007
    Yes but it's still faster at 1080p gaming.

    COME AT ME!
     
  11. Hagrid

    Hagrid [H]ardForum Junkie

    Messages:
    8,452
    Joined:
    Nov 23, 2006
    Yes, with none of the fixes, I bet it is!

    How many more are there going to be? Crazy.
     
    d3athf1sh likes this.
  12. MMitch

    MMitch Gawd

    Messages:
    774
    Joined:
    Nov 29, 2016
    AHAH At least you mentioned it before someone else could say it's better at gaming while referencing 1080P benchmark on a 500+ $ CPU (Or whatever price it is) and saying how glorious it's at 4K :eek:
    Courage you have ! Watch out Apple might sue you...
     
    d3athf1sh, lRaphl and Krazy925 like this.
  13. Krenum

    Krenum [H]ardForum Junkie

    Messages:
    15,549
    Joined:
    Apr 29, 2005
    Hmm, this or AMD's lackluster boost.

    I think I'll wait another two generations!
     
  14. MMitch

    MMitch Gawd

    Messages:
    774
    Joined:
    Nov 29, 2016
    Lol, fair comparison :eek:
     
  15. cybereality

    cybereality [H]ardness Supreme

    Messages:
    4,684
    Joined:
    Mar 22, 2008
    Surely won't affect anyone here, since everyone that uses Intel only plays games and does not use any other programs at all.
     
  16. TurboGLH

    TurboGLH Gawd

    Messages:
    561
    Joined:
    Dec 19, 2002
    Fix for AMD is coming tomorrow, supposedly. Not sure the Intel security bugs will ever stop.
     
    d3athf1sh, SvenBent and Red Falcon like this.
  17. MMitch

    MMitch Gawd

    Messages:
    774
    Joined:
    Nov 29, 2016
    Let's wait to see that actual fix and what did they change to achieve their results but I would say that the issue Intel and AMD are having in this comparison is really 2 issues that are in 2 different solar system at that point...
    Security problem compared to single thread max boost turbo, gg guys gg. The current only alternative to all Intel security flaws is AMD is lack luster max boost CPU (unless you think those are overblown and like to ride professional ladies without adequate protection). [Checks if in GenMay, nope, edit with common words]
     
    auntjemima likes this.
  18. Krenum

    Krenum [H]ardForum Junkie

    Messages:
    15,549
    Joined:
    Apr 29, 2005
    From what I hear, they've been an issue since the Pentium IV, so I wouldn't hold my breath :D
     
    d3athf1sh likes this.
  19. TurboGLH

    TurboGLH Gawd

    Messages:
    561
    Joined:
    Dec 19, 2002
    I threw supposedly in there on purpose, I'm not sure that it their fix will mean anything for people who are short of boost by 25mhz, so the crowd that it will matter for are the guys who say they're short 2-300mhz.

    Either way, not long to wait, and I don't want this to get off topic and get locked.
     
  20. MMitch

    MMitch Gawd

    Messages:
    774
    Joined:
    Nov 29, 2016
    EDIT: My confusion, now get off my grass :D
     
  21. Gideon

    Gideon 2[H]4U

    Messages:
    2,295
    Joined:
    Apr 13, 2006
    Intel will have to hire quite a bit more marketing guys at this rate. That is just ugly.
     
    Revdarian, 5150Joker, N4CR and 2 others like this.
  22. Master_shake_

    Master_shake_ [H]ardForum Junkie

    Messages:
    9,353
    Joined:
    Apr 9, 2012
    At least the amd won't vomit up your passwords.
     
  23. Master_shake_

    Master_shake_ [H]ardForum Junkie

    Messages:
    9,353
    Joined:
    Apr 9, 2012
    intel will always be at the top of this benchmark too

    fail.png
     
    Tweak42, d3athf1sh, Lumpus and 28 others like this.
  24. Red Falcon

    Red Falcon [H]ardForum Junkie

    Messages:
    9,970
    Joined:
    May 7, 2007
    What is this?
    Hardware exploit 21? 22? ...23???

    The corners they cut have finally caught up to them - death by a thousand cuts.


    EDIT:

    Ok, 22 of them, that's not so bad, right?
    Right??? :D
     
  25. Red Falcon

    Red Falcon [H]ardForum Junkie

    Messages:
    9,970
    Joined:
    May 7, 2007
    This one specifically is from CPUs circa 2011 forward, so basically Sandy/Ivy Bridge onwards and any CPU with Intel's L3 "Smart Cache".
    The rest basically date back to 1995 with the Pentium Pro, though, so running unpatched older Intel-based systems for anything other than hobbyist systems is basically a death sentence for security.
     
  26. Master_shake_

    Master_shake_ [H]ardForum Junkie

    Messages:
    9,353
    Joined:
    Apr 9, 2012
    i disagree.

    intel has been penetrated more times than a veteran floozy.
     
  27. Red Falcon

    Red Falcon [H]ardForum Junkie

    Messages:
    9,970
    Joined:
    May 7, 2007
    Oh baby, your security holes are soooo big! :D
     
    Master_shake_ likes this.
  28. trasixes

    trasixes Gawd

    Messages:
    663
    Joined:
    Feb 18, 2010
    Must be a ZIF socket!
     
    Master_shake_ and Red Falcon like this.
  29. Skyblue

    Skyblue Limp Gawd

    Messages:
    261
    Joined:
    Jan 2, 2008
    Is this a real life problem?
     
    Stryker7314 likes this.
  30. Tsumi

    Tsumi [H]ardForum Junkie

    Messages:
    13,024
    Joined:
    Mar 18, 2010
    For the home user... not really, at least based on my interpretation of the article. This essentially requires direct hardware access, and for the home user, that generally means someone that has physical access to your stuff.

    The concern is for servers and data centers, where multiple users are served by the same hardware. What this attack does is allows one user to snoop on other users on the same server. Most of the Intel vulnerabilities are like this, where it's primarily based on multiple users on the same system and one user being able to steal data from other users.
     
    Tweak42, Armenius, auntjemima and 2 others like this.
  31. N4CR

    N4CR 2[H]4U

    Messages:
    3,836
    Joined:
    Oct 17, 2011
    Are you serious? That's quite interesting leadership decision. Good on them though because they really can't lose moving to AMD servers it seems.

    HEY! Did you consult userbenchmark first? They'll probably want to divide exploits per core whilst graphing, so it doesn't look so bad on their masters' $2k hot turd + sprinkles cpus.
     
  32. N4CR

    N4CR 2[H]4U

    Messages:
    3,836
    Joined:
    Oct 17, 2011
    Actually quite a few of the exploits found to date can be done remotely also, not all are physical hardware access, others hit VMs as well. It could also be used to snoop all sorts of encrypted shit in a single user scenarios too, but that goes for any hardware really if you are targeted at a high level, not much is going to stop it. There are so many holes on Intel systems now it's a concern remote or in person, plus these are only the ones we know of...
     
    dragonstongue and blackmomba like this.
  33. Lakados

    Lakados [H]ard|Gawd

    Messages:
    1,661
    Joined:
    Feb 3, 2014
    Yep, we have a lot of private and sensitive data stored and the insurance company doesn’t like the liability that Intel servers currently represent. So they recommended to my higher ups that any new purchases keep that in mind when making decisions. Laptops are due for next year so I really hope AMD brings something there to the table that is noteworthy.
     
    Master_shake_ and N4CR like this.
  34. polonyc2

    polonyc2 [H]ard as it Gets

    Messages:
    16,821
    Joined:
    Oct 25, 2004
    Intel needs to start working on a ground up redesign...but with AMD on their heels this is not a good time for Intel to have to deal with this...
     
    dragonstongue likes this.
  35. N4CR

    N4CR 2[H]4U

    Messages:
    3,836
    Joined:
    Oct 17, 2011
    Wow, never considered that type of use case and the liability aspect, even banking I'd imagine that would apply and other markets too. Thanks for the goss :)
    You might be just in time for 7nm APUs with Zen2 + Navi. That's something I'd be very excited for and may also jump then or next gen (if they include HBM on interposer), either way it's cheap, good iGPU fast laptops that won't break the bank.
     
  36. Mazzspeed

    Mazzspeed [H]ard|Gawd

    Messages:
    1,750
    Joined:
    Dec 27, 2017
    * Goes back to my Amiga 1200 and Motorola 68030 @ 40Mhz...

    Slow but safe wins the race [cough].
     
    noko, Sulphademus and 86 5.0L like this.
  37. T4rd

    T4rd REEEEEEE

    Messages:
    16,449
    Joined:
    Apr 8, 2009
    In terms of security, not really. In terms of performance, yes. Because each hardware security patch comes with a software performance penalty as extra instructions have to run per CPU cycle to mitigate the vulnerability. Doing a quick Google about it, the performance hit can be quite considerable:

    https://www.anandtech.com/show/12566/analyzing-meltdown-spectre-perf-impact-on-intel-nuc7i7bnh/4

    https://www.extremetech.com/computi...take-performance-hit-spectre-meltdown-patches

    Just another reason I'm glad I went Ryzen for my new build. I'm getting around 200 FPS in Wolfenstein 2 that I'm playing right now completely maxed out at 3440x1440 with a 2080 and 2700X with near 100% GPU utilization, so I'm pretty good with that.
     
  38. YeuEmMaiMai

    YeuEmMaiMai [H]ardForum Junkie

    Messages:
    15,022
    Joined:
    Jun 11, 2004
    but have they been penetrated more times than an altar boy by a catholic priest? (Gotta set that bar high)
     
    d3athf1sh, N4CR, Stryker7314 and 3 others like this.
  39. THRESHIN

    THRESHIN 2[H]4U

    Messages:
    2,964
    Joined:
    Sep 29, 2002
    Another benchmark win for Intel! Keep up the good work guys!
     
    N4CR and dragonstongue like this.
  40. Verado

    Verado Limp Gawd

    Messages:
    185
    Joined:
    May 16, 2017
    I can haz job @ intel marketing?


    upload_2019-9-11_15-37-52.png
     

    Attached Files:

    noko, schmide, Meeho and 13 others like this.