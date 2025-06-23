MrGuvernment said: Exactly, but you still had companies getting teams to drop everything and patch everything now for their on-prem systems because "Oh Noes bad exploit" Click to expand...

To be fair for a lot of industries. They should absolutely NOT be turning off mitigations. People confuse the "no in the wild viruses" known to use... with side channel attacks are ineffective. They are not so effective that malware your grandpa downloads is going to exist. However they are still potentially very effective against valuable targets. Not all the side channel attacks require physical access. Which is the other "don't worry" just don't plug a USB stick in argument. I have zero doubt real world exploits have used side channel attacks. They are just not the types of wide spread attacks you hear about in news reports. If your a home user ya less worry, if your a larger business, financial, medical, gov. I wouldn't turn any mitigations off. Your personal gaming machine ok mitigations=off... the business server ah no mitigations remain on.Intel in this is not suggesting companies turn of CPU mitigations, this Ubuntu thing is about adding a GPU mitigation off flag. This is directly related to GPU security mitigations. To be honest I have no idea how sever the GPU vulnerabilities are. I will say this though. Intel has taken 20% in performance hits to their GPU compute performance (this isn't talking about igpu stuff though it may also be effected) we are talking about the compute racks of battlemage type stuff. The stuff Intel is betting the damn company on. I'm not going to lie if I'm in charge of purchasing R&D systems to possibly move away from Nvidia, knowing Intel has taken a 20% performance hit via mitigations is going to turn me right off before even entertaining conversations with them. Compound that with most purchasers already having dealt with CPU mitigation performance hits the last 5 years. I mean how much worse could security holes get for Intel GPU compute stuff? Its barely used right now what happens when more people are using it, more researchers are looking into it? Intel seems to have a habit of iffy security design.I guess I'm saying Intel probably should have been more quite about this plan to include a NEO_DISABLE_MITIGATIONS. A GPU version of mitigations=off. IMO it is terrible PR for Intel that after getting clobbered on CPU security for years now, they are also pointing out that their GPUs are also designed with security issues baked in.