Quick Facts about Meltdown and Spectre

1. Who named these and why these names?
2. Who came up with the graphics/icons for these?
 
ALL of them lol, or at least that's what I gather from reading that list lol
 
Oh man how nice would it be if Intel would step up to the plate, fix the issue in the chips and allow you to cross ship RMA your affected chip(s) as stock on the new version of the processor becomes available.
Click to expand...

Could take 18+ months for a new CPU to be developed and tested. And its not like they could replace every CPU sold in the last 25 years. Although good thing the users have thrown their old systems out..
 
drescherjm said:
Could take 18+ months for a new CPU to be developed and tested. And its not like they could replace every CPU sold in the last 25 years. Although good thing the users have thrown their old systems out..
Click to expand...

I know it's wishful thinking, but it would be cool if this could be addressed in microcode. Then all we'd need would be a new bios.
 
Zarathustra[H] said:
I know it's wishful thinking, but it would be cool if this could be addressed in microcode. Then all we'd need would be a new bios.
Click to expand...

The problem with BIOS update is that I doubt older platform will be taken care of... I mean I still use a 2500K on an ASUS board.
I'm scared I'll need to replace my perfectly working computer because they decided to patch until "most" of last 5 years... which doesn't even mention the motherboard part...

On the other hand, I might be one of the early Zen refresh adopter...
 
A microcode update could be loaded at OS boot and it will be installed as an OS update.
 
MMitch said:
The problem with BIOS update is that I doubt older platform will be taken care of... I mean I still use a 2500K on an ASUS board.
I'm scared I'll need to replace my perfectly working computer because they decided to patch until "most" of last 5 years... which doesn't even mention the motherboard part...

On the other hand, I might be one of the early Zen refresh adopter...
Click to expand...


Then convert the old CPU to a Linux box? My understanding (which very well could be wrong) is that on Linux microcode doesn't depend on the BIOS, but can be loaded into ram at the time of boot by the OS.
 
Zarathustra[H] said:
Then convert the old CPU to a Linux box? My understanding (which very well could be wrong) is that on Linux microcode doesn't depend on the BIOS, but can be loaded into ram at the time of boot by the OS.
Click to expand...

I believe Windows loads microcode updates at boot as well.
 
One idea (could be wrong). If it is in the BIOS then you don't have to worry about malware disabling the update.
 
pcgeekesq said:
So? Are they experts in the micro-architecture of high-performance microprocessors? Are they experts in the particulars of Intel x86 microprocessors? Do they have clue-1 as to what Intel's microcode patching system is and isn't capable of? Have they published the analysis behind their conclusions?

The answer to at least some and perhaps all of those questions is probably NO.
And if that isn't causing the needle to move on your BS detector, better get it checked.
Click to expand...
If it's fixable by a microcode update, why didn't Intel state so?
 
Zarathustra[H] said:
Just yesterday everyone was saying Spectre was unpatchable.

Which is it?

Is it patchable, but only on Zen and with the extreme measures of completely disabling branch prediction?
Click to expand...

CVE-2017-5715 is Spectre. The patch is being also added to Gentoo

https://bugs.gentoo.org/643476

There is a firmware update also for Intel chips, but it works differently. The patch for Intel adds a special register to control branch prediction.

https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html
 
pcgeekesq said:
So? Are they experts in the micro-architecture of high-performance microprocessors? Are they experts in the particulars of Intel x86 microprocessors? Do they have clue-1 as to what Intel's microcode patching system is and isn't capable of? Have they published the analysis behind their conclusions?

The answer to at least some and perhaps all of those questions is probably NO.
And if that isn't causing the needle to move on your BS detector, better get it checked.
Click to expand...

Perhaps if you would bother reading the actual whitepapers you would understand more... But I guess you are an expert so you don't need to bother with the direct facts and information, you can just say stuff on conjecture and accuse people of fake news even when the news comes directly from the source. It is also nice how you can just consistently assume the experience level of everyone without knowing anything about them...

EDIT: Also note that often people who find and write exploits aren't always experts on the systems they are exploiting. In fact it's usually because they aren't experts that they find these exploits. Experts tend to only see what they know and experience and can't always see the ways in which their designs can be exploited. Particularly because they have designed it in a way they believe it won't be exploited. This is why you sometimes see exploits being found sometimes even decades after something is released. Someone finds an unintentional flaw while trying to do something new.

Also, I am simply amazed at your refusal to aknowledge the expertise of the researchers who discovered a flaw which was then acknowledged by your precious experts at Intel. It was also acknowledged by AMD. Both companies then did their best to downplay it, why? Because it affects their bottom line. It is a serious flaw.
 
Last edited:
"These vulnerabilities are particularly troubling as they are not due to a bug in a particular processor implementation, but are a consequence of the widespread technique of speculative execution. Many generations of processors with different ISAs and from several different manufacturers are susceptible to the attacks, which exploit the fact that instructions speculatively executed on incorrectly predicted code paths can leave observable changes in micro-architectural state even though the instructions' architectural state changes will be undone once the branch prediction is found incorrect." -- https://riscv.org/2018/01/more-secure-world-risc-v-isa/

Just as I thought.
 
pcgeekesq said:
"These vulnerabilities are particularly troubling as they are not due to a bug in a particular processor implementation, but are a consequence of the widespread technique of speculative execution. Many generations of processors with different ISAs and from several different manufacturers are susceptible to the attacks, which exploit the fact that instructions speculatively executed on incorrectly predicted code paths can leave observable changes in micro-architectural state even though the instructions' architectural state changes will be undone once the branch prediction is found incorrect." -- https://riscv.org/2018/01/more-secure-world-risc-v-isa/

Just as I thought.
Click to expand...

Explain how that is "Just as you thought"? What does RISC-V have to do with Intel and AMD x86 ISA?
 
pcgeekesq said:
"These vulnerabilities are particularly troubling as they are not due to a bug in a particular processor implementation, but are a consequence of the widespread technique of speculative execution. Many generations of processors with different ISAs and from several different manufacturers are susceptible to the attacks, which exploit the fact that instructions speculatively executed on incorrectly predicted code paths can leave observable changes in micro-architectural state even though the instructions' architectural state changes will be undone once the branch prediction is found incorrect." -- https://riscv.org/2018/01/more-secure-world-risc-v-isa/

Just as I thought.
Click to expand...

It's basically no one was cleaning house after a mis-predict because it never occurred to anyone that the inner machinations of the processors could be discernible in the final state of the system as a whole.
 
NoOther said:
Perhaps if you would bother reading the actual whitepapers you would understand more... But I guess you are an expert so you don't need to bother with the direct facts and information, you can just say stuff on conjecture and accuse people of fake news even when the news comes directly from the source. It is also nice how you can just consistently assume the experience level of everyone without knowing anything about them...
Click to expand...

Yada yada yada. I read the GPZ reports. What evidence do you have that I didn't?
And your experience level is indicated by what you post. You're just mindlessly regurgitating after misunderstanding what you read.
In essence, you're puking up random stuff from the Internet in manner inconsistent with the proposition that you have substantial experience with the subject matter.
 
NoOther said:
Explain how that is "Just as you thought"? What does RISC-V have to do with Intel and AMD x86 ISA?
Click to expand...
You don't understand what the RISC-V people posted, do you?
Think hard about these parts of it: "speculative execution ... micro-architectural state ... architectural state." Google them if you must, because if you don't understand exactly what those terms mean, you understand nothing about these exploits.
 
pcgeekesq said:
Yada yada yada. I read the GPZ reports. What evidence do you have that I didn't?
And your experience level is indicated by what you post. You're just mindlessly regurgitating after misunderstanding what you read.
In essence, you're puking up random stuff from the Internet in manner inconsistent with the proposition that you have substantial experience with the subject matter.
Click to expand...

The evidence I quoted right from their papers? I did not pull up random stuff, I pulled right from the whitepapers. You do realize those white papers is what the GPZ report was made from right? I went directly to the source.

Your experience level is not indicated by your posts. You quoted from a report on RISC-V in relation to a bug found in x86 architecture, what sense does that make?
 
pcgeekesq said:
You don't understand what the RISC-V people posted, do you?
Think hard about these parts of it: "speculative execution ... micro-architectural state ... architectural state." Google them if you must, because if you don't understand exactly what those terms mean, you understand nothing about these exploits.
Click to expand...

They were posting about the threat compared to their architecture... It says so right in that page you quoted from... Be honest and include the full context:

"Many generations of processors with different ISAs and from several different manufacturers are susceptible to the attacks, which exploit the fact that instructions speculatively executed on incorrectly predicted code paths can leave observable changes in micro-architectural state even though the instructions’ architectural state changes will be undone once the branch prediction is found incorrect. No announced RISC-V silicon is susceptible, and the popular open-source RISC-V Rocket processor is unaffected as it does not perform memory accesses speculatively."

RISC-V is not x86 architecture. It is completely different. Not to mention if you look at the title of that page it literally says more secure world RISC V..

I am also convinced you do not even know what that quote means, since it is stating there is a problem on many different processors.
 
juanrga said:
Resume of attacks and table of affecter vendors

https://www.kb.cert.org/vuls/id/584653

IBM is missing in that table. Already confirmed by Red Hat than Power and Z-series are also affected

The linux kernel fix for Spectre attack on Zen CPUs consists on disabling branch prediction

https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
Click to expand...


Strait from AMD this isn't an accurate description, it does not disable branch prediction. https://www.phoronix.com/forums/for...-wake-of-spectre-meltdown?p=999484#post999484
 
NoOther said:
RISC-V is not x86 architecture. It is completely different. Not to mention if you look at the title of that page it literally says more secure world RISC V..

I am also convinced you do not even know what that quote means, since it is stating there is a problem on many different processors.
Click to expand...

You are ignorant. This exploit is micro-architectural, not architectural. That's why it isn't on all x86 processors, and is on some non-x86 processors.
Since you apparently don't know the difference between architecture and micro-architecture, you are completely unqualified to discuss this topic.

I have complete confidence that within the next two week, events will demonstrate that you are totally wrong.
 
pcgeekesq said:
You are ignorant. This exploit is micro-architectural, not architectural. That's why it isn't on all x86 processors, and is on some non-x86 processors.
Since you apparently don't know the difference between architecture and micro-architecture, you are completely unqualified to discuss this topic.

I have complete confidence that within the next two week, events will demonstrate that you are totally wrong.
Click to expand...

You realize that using red, consistently trying to put people's experience down that you don't know, trying to use various classifications to confuse people, and trying to put things all in bold, doesn't make your points anymore valid. So far you have provided zero evidence behind anything you have said, yet are trying to invalidate things people have said backed by direct evidence. In fact the one page you did try to use as evidence pretty much showed you actually didn't even understand what was written on it...

I am also still not sure what your angle is here, or why you seem to be calling what I am saying fake news without actually trying to say what it is you specifically disagree with about it? I am waiting for you to eventually get to some kind of point...but I am just left waiting. So far you have validated things I have said, like the fact it is a problem on many different processors and that it is a design flaw.

Also trying to say that what happens in the next 2 weeks somehow proves I am wrong shows that all you are doing is trying personal attacks. Because all I have said is what is literally in the reports from the researchers who found the flaw. Perhaps they are wrong, but that doesn't make me wrong about pointing to the researcher's evidence and being wary of early claims about complete immunity to the attacks based on rushed patches... If the patches do work, then great. That doesn't fix the design flaw, because now there is apparently a performance hit. If they have a fix in two weeks that doesn't include a performance hit and completely fixes the problem, even better.
 
NoOther said:
You realize that using red, consistently trying to put people's experience down that you don't know, and trying to use various classifications to confuse people, and trying to put things all in bold doesn't make your points anymore valid. So far you have provided zero evidence behind anything you have said, yet are trying to invalidate things people have said backed by direct evidence. In fact the one page you did try to use as evidence pretty much showed you actually didn't even understand what was written on it...

I am also still not sure what your angle is here, or why you seem to be calling what I am saying fake news without actually trying to say what it is you specifically disagree with about it? I am waiting for you to eventually get to some kind of point...but I am just left waiting. So far you have validated things I have said, like the fact it is a problem on many different processors and that it is a design flaw.

Also trying to say that what happens in the next 2 weeks somehow proves I am wrong shows that all you are doing is trying personal attacks. Because all I have said is what is literally in the reports from the researchers who found the flaw. Perhaps they are wrong, but that doesn't make me wrong about pointing to the researcher's evidence and being wary of early claims about complete immunity to the attacks based on rushed patches... If the patches do work, then great. That doesn't fix the design flaw, because now there is apparently a performance hit. If they have a fix in two weeks that doesn't include a performance hit and completely fixes the problem, even better.
Click to expand...

Considering Juanrga is liking his post. I would ignore the troll. Only Intel fanboi's are working overtime to make this a non-issue.

This is a non-issue if you do game, you probably wont see any performance hit. But I don't think anyone thought gaming would be affected. From what I have been reading is that mostly Enterprise is what is going to be affected.

Intel is in full on PR mode right now trying to blame everyone else, and not even admit it is a design flaw when it is.
 
NoOther said:
... trying to use various classifications to confuse people ...
Click to expand...
So, you really don't understand that "architecture" and "micro-architecture" are completely different things, do you?
They are, and an expert in one can be non-expert in the other -- they are that different, and both are complicated.
I was more involved in micro-architecture, myself.

So now you resort to criticizing my formating, because you don't have anything more valid to say?
Wow, that's lower than a spelling flame.

I guess no one ever taught you that only you can make a fool out of you on the Internet.
Or was that your goal?
 
pcgeekesq said:
I guess no one ever taught you that only you can make a fool out of you on the Internet.
Or was that your goal?
Click to expand...

after reading the article you linked....I think you might need to look in the "internet" mirror about who is making a fool of themselves.
 
Brackle said:
Considering Juanrga is liking his post. I would ignore the troll.
Click to expand...
And there's all we need to know about your ability to reason logically: you can't.
Brackle said:
after reading the article you linked....I think you might need to look in the "internet" mirror about who is making a fool of themselves.
Click to expand...
You and NoOther don't actually understand that article, as far as I can tell. All I see is puked-up excerpts posted by people who don't understand the technical terms being used.

I have complete confidence that within the next two week, events will demonstrate that you and 'noOther' are totally wrong.
 
pcgeekesq said:
So, you really don't understand that "architecture" and "micro-architecture" are completely different things, do you?
They are, and an expert in one can be non-expert in the other -- they are that different, and both are complicated.
I was more involved in micro-architecture, myself.

So now you resort to criticizing my formating, because you don't have anything more valid to say?
Wow, that's lower than a spelling flame.

I guess no one ever taught you that only you can make a fool out of you on the Internet.
Or was that your goal?
Click to expand...

I have already commented on what you actually have to say, but you aren't saying anything. Why do you keep dithering on making an actual point? What is your point? You refuse to read the whitepapers yet want to say I am posting random stuff from the internet (even though, yet again, it was a direct link to the actual researchers that found the flaw), while the one link you shared wasn't tangential at best and really provided zero actual information except a slight simplification of one particular problem. Also that very link you shared showed that there is a problem and it covers multiple processors.

So yet again, what is it you are actually trying to say? Why not just come out and say it rather than trying to bandy about terms and all sorts of other stuff distracting with colors and underlines and fonts and everything else?
 
pcgeekesq said:
And there's all we need to know about your ability to reason logically: you can't.

You and NoOther don't actually understand that article, as far as I can tell. All I see is puked-up excerpts posted by people who don't understand the technical terms being used.

I have complete confidence that within the next two week, events will demonstrate that you and 'noOther' are totally wrong.
Click to expand...

Please, explain how the researchers who posted the flaws and their conclusions are wrong if you are so confident?
 
pcgeekesq said:
And there's all we need to know about your ability to reason logically: you can't.

You and NoOther don't actually understand that article, as far as I can tell. All I see is puked-up excerpts posted by people who don't understand the technical terms being used.

I have complete confidence that within the next two week, events will demonstrate that you and 'noOther' are totally wrong.
Click to expand...

I will in 2 weeks come back to this post. If am I wrong I will admit it, but looking over the evidence......You got a huge hill to climb.

Good look on your future trolling!
 
NoOther said:
So yet again, what is it you are actually trying to say?
Click to expand...
Reading comprehension and logic don't seem to be your strong suits. Or your buddy Brackle's for that matter.
NoOther said:
Please, explain how the researchers who posted the flaws and their conclusions are wrong if you are so confident?
Click to expand...
You wouldn't understand the explanation, and I don't have time or inclination to teach you the 12 graduate-level credit-hours worth of processor hardware design knowledge you'd need.
 
pcgeekesq said:
Reading comprehension and logic don't seem to be your strong suits. Or your buddy Brackle's for that matter.

You wouldn't understand the explanation, and I don't have time or inclination to teach you the 12 graduate-level credit-hours worth of processor hardware design knowledge you'd need.
Click to expand...

Because you can't even form an explanation. You keep saying you have all this experience and you know the researchers are wrong, but you can't even link to a proper source or articulate what it is you think the researchers are wrong about. All you have are continued personal attacks. I am simply asking for your point and insight. I don't understand why you are so unwilling to share if you know for a fact this is a non-issue. Many others would also be heartened to understand why this is a non-issue, if that is truly what you are trying to say.
 
Last edited:
You must log in or register to reply here.
Back
Top