'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

  • Thread starter
  • Admin
  • #1

zappaDPJ

Administrator
Joined
Aug 26, 2010
Messages
7,273
A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.
Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

I regularly run processes that take well over 48 hours to complete. A 30% slowdown there would be somewhat noticeable. 5% I can live with.
 

LeadCrow

Apocalypse Admin
Joined
Jun 29, 2008
Messages
6,578
A stark reminder of why a single vendor's defacto monopoly leads to stagnation.
Processors are already fast enough for every use, software and videogames needs to slim up instead of masking inefficient code paths behind raw processing power demands.
 

Klaatu

Fan
Joined
Mar 1, 2010
Messages
602
A stark reminder of why a single vendor's defacto monopoly leads to stagnation.
Processors are already fast enough for every use, software and videogames needs to slim up instead of masking inefficient code paths behind raw processing power demands.
Apparently AMD and ARM processors are also vulnerable to this. I recently built a new computer, I went with Ryzen and I was patting myself on the back this morning for my decision after reading the Intel news, but now it seems like I might be screwed as well.

https://www.cnet.com/how-to/how-to-...roid-ios/?ftag=COS-05-10aaa0b&linkId=46552942
 
  • Thread starter
  • Admin
  • #5

zappaDPJ

Administrator
Joined
Aug 26, 2010
Messages
7,273
What I find slightly concerning about these vulnerabilities apart from the possibility of losing computing power to a fix is a) this information was not supposed to be public domain until fixes were made available to affected systems and b) now that it is in the public domain and exploitable there appears to be no way of knowing if a system has been compromised.
 

eva2000

Habitué
Joined
Jan 11, 2004
Messages
1,778
Apparently Google discovered the flaws last year and there was a planned news announcement on Jan 9th, 2018 but it was leaked earlier than planned https://techcrunch.com/2018/01/03/googles-project-zero-team-discovered-critical-cpu-flaw-last-year/
The Google Security team wrote that they began taking steps to protect Google services from the flaw as soon as they learned about it. If you’re wondering why they didn’t tell the public about it as soon as they learned about it, it’s because there was supposed to be a coordinated release coming up next week (on January 9th). When the news leaked, Google, Intel and other interested parties decided to release the information to end speculation.
 
  • Thread starter
  • Admin
  • #7

zappaDPJ

Administrator
Joined
Aug 26, 2010
Messages
7,273
The Financial Times which I can't link because it sits behind a pay-wall has the following main headline on today's front page; 'Companies warned to replace all hardware or risk 'Spectre' attack.' o_Oo_Oo_O
 

dethfire

Habitué
Joined
Jan 17, 2005
Messages
1,020
So all of our servers could take a 30% performance hit just to patch Meltdown? How are people not freaking out about this? Intel stock not being affected. AMD is a little bit. But what other choice do we have?
 

LeadCrow

Apocalypse Admin
Joined
Jun 29, 2008
Messages
6,578
our servers could take a 30% performance hit just to patch Meltdown? How are people not freaking out about this?
Patching a major security vulnerability waiting to be exploited is worth the hit.
After it's resolved, the only issue is that you'll be getting less bang for your buck or overpaying, but I assume cloud providers will adapt their pricing globally after the longterm impact is quantified.

what other choice do we have?
ARM servers perhaps. Theyre not as powerful as x86 machines, but consume much less energy in general.
 

LeadCrow

Apocalypse Admin
Joined
Jun 29, 2008
Messages
6,578
Meltdown and the fix's performance hit appear limited to x86/Intel chips.

If the cost efficiency of x86-based servers is drastically affected, lower-power ARM chips will make sense for special workloads. The more likely outcome is vendors adapting their prices to the situation and passing down lesser savings from their operating cost.
 

zappaDPJ

Administrator
Joined
Aug 26, 2010
Messages
7,273
Patching a major security vulnerability waiting to be exploited is worth the hit.
Having seen a couple of people (one apparently working for Google) pulling sensitive data from a server via one of these vulnerabilities I agree. It certainly didn't seem to take much effort. I've just had a Windows 10 update so hopefully the patches are already being rolled out.
 

Karll

Adherent
Joined
Dec 9, 2011
Messages
441
ARM processors aren't immune from what I gather. Have you read differently?
Meltdown and the fix's performance hit appear limited to x86/Intel chips.
The way I read the news articles was that while Meltdown was limited to Intel, the Spectre flaw/vulnerability was present in ARM as well as Intel and AMD.

Edited to add:
Which systems are affected by Meltdown?
[...] At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

Which systems are affected by Spectre?
[...] In particular, we have verified Spectre on Intel, AMD, and ARM processors.
From: https://spectreattack.com/
 

Alfa1

Administrator
Joined
May 28, 2007
Messages
3,996
My hosting company has updated/patched the OS on my servers on the 4th. I wonder how fast other hosting companies are taking action.
 

Paul M

Limeade Addict
Joined
Jun 26, 2006
Messages
3,938
My VPS instances on Ramnode were rebooted yesterday because of the host servers being patched.
 

Matthew S

Adherent
Joined
Jun 27, 2015
Messages
303
My VPS hosts have applied patches.

Has there been any word on hardware releases from Intel et al, or at least what is safe to buy new at the moment?
 
Top