Intel CPU security flaw
Moderators: MattKingUSA, khz
Intel CPU security flaw
https://www.theregister.co.uk/2018/01/0 ... sign_flaw/
Has anyone else been following this? Can we expect a performance hit in music applications?
Has anyone else been following this? Can we expect a performance hit in music applications?
-
- Established Member
- Posts: 2080
- Joined: Mon Sep 28, 2015 8:06 pm
- Location: Here, of course!
- Has thanked: 227 times
- Been thanked: 400 times
- Contact:
Re: Intel CPU security flaw
From what I've read, we probably (mostly) dodged the bullet.
It seems the fix will mostly affect I/O not processor intensive tasks.
Building up a buffer full of sound will be fine, but there may be a bit of a bottleneck getting each buffer to the soundcard
It seems the fix will mostly affect I/O not processor intensive tasks.
Building up a buffer full of sound will be fine, but there may be a bit of a bottleneck getting each buffer to the soundcard
The Yoshimi guy {apparently now an 'elderly'}
Re: Intel CPU security flaw
Good to hear. I don't want to lose 30% of CPU speed.
This was really funny:
"The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers."
This was really funny:
"The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers."
- thetotalchaos
- Established Member
- Posts: 211
- Joined: Mon Sep 29, 2014 8:29 pm
- Has thanked: 55 times
- Been thanked: 9 times
- Contact:
Re: Intel CPU security flaw
I hope not. In less than a year, both Intel and Mozilla, two of the finest examples of freedom respecting companies, betrayed us and let us down. And although i am quite happy, using Chromium and Epiphany, I am not ready to assemble a new AMD Based home system. My configuration is less then an year old, Intel based.....s*it.hyenaz wrote: Has anyone else been following this? Can we expect a performance hit in music applications?
You can listen to my music at: https://totalchaos-music.bandcamp.com/
Take a journey to wonderland with The Butterfly Effect 2016
https://totalchaos-music.bandcamp.com/a ... fly-effect
Take a journey to wonderland with The Butterfly Effect 2016
https://totalchaos-music.bandcamp.com/a ... fly-effect
Re: Intel CPU security flaw
Reading Intel's PR statement, it basically translates to:
There is no problem, and the problem effects all chip manufacturers, and the problem will be minor for most users, and the problem will be mitigated in the long term.
So hopefully fixes in the longer term will mitigate any CPU hit.
There is no problem, and the problem effects all chip manufacturers, and the problem will be minor for most users, and the problem will be mitigated in the long term.
So hopefully fixes in the longer term will mitigate any CPU hit.
-
- Established Member
- Posts: 2080
- Joined: Mon Sep 28, 2015 8:06 pm
- Location: Here, of course!
- Has thanked: 227 times
- Been thanked: 400 times
- Contact:
Re: Intel CPU security flaw
Intel are doing their usual mixture of flat out lies plus bait and switch.
There are very real and serious problems and there are two separate issues.
The first, is immediately and easily exploitable. It is specific to all Intel processors since 2009, and also one (as yet unreleased) class of ARM processors. it doesn't affect AMD nor any other class of processors. This is the 'Meltdown' one that devs all round the world have been working flat out for months to work-around it. Note this is not a fix. A proper fix has to be done with new CPU hardware.
The other one (spectre) is much harder to exploit, and requires more uninterrupted attack time - unfortunately it is also much harder to fix. This one affects just about all modern processors. Browser makers are working to produce blocks in javascript to close that particular attack vector. Once more, this is not a fix, and again, eventually hardware solutions need to be found.
The final gotcha is that new hardware doesn't solve the problem for old systems that for one reason or another can't be replaced. For them, there will always need to be some form of software hack.
On the plus side, there have already been a lot of benchmark tests done on the new code, and we should get off pretty lightly.
The people who will be in the worst position are relatively small ISPs who's machines are doing mostly net and storage accessing.
There are very real and serious problems and there are two separate issues.
The first, is immediately and easily exploitable. It is specific to all Intel processors since 2009, and also one (as yet unreleased) class of ARM processors. it doesn't affect AMD nor any other class of processors. This is the 'Meltdown' one that devs all round the world have been working flat out for months to work-around it. Note this is not a fix. A proper fix has to be done with new CPU hardware.
The other one (spectre) is much harder to exploit, and requires more uninterrupted attack time - unfortunately it is also much harder to fix. This one affects just about all modern processors. Browser makers are working to produce blocks in javascript to close that particular attack vector. Once more, this is not a fix, and again, eventually hardware solutions need to be found.
The final gotcha is that new hardware doesn't solve the problem for old systems that for one reason or another can't be replaced. For them, there will always need to be some form of software hack.
On the plus side, there have already been a lot of benchmark tests done on the new code, and we should get off pretty lightly.
The people who will be in the worst position are relatively small ISPs who's machines are doing mostly net and storage accessing.
The Yoshimi guy {apparently now an 'elderly'}
Re: Intel CPU security flaw
Related, but more selfish question: I was just about to start putting together a new system. Any guesses as to when the new, "fixed," hardware will be available?
- English Guy
- Established Member
- Posts: 525
- Joined: Wed Oct 17, 2012 7:28 pm
- Location: England
- Has thanked: 8 times
- Been thanked: 7 times
Re: Intel CPU security flaw
I want to keep an old kernel on hand and run it on an offline system when I work
-
- Established Member
- Posts: 681
- Joined: Sat Nov 01, 2014 8:15 pm
- Location: The Internet
- Been thanked: 1 time
Re: Intel CPU security flaw
KPTI can be disabled with runtime switch. If you don't run untrusted code, you can easily turn it off.English Guy wrote:I want to keep an old kernel on hand and run it on an offline system when I work
- briandc
- Established Member
- Posts: 1442
- Joined: Sun Apr 29, 2012 3:17 pm
- Location: Italy
- Has thanked: 58 times
- Been thanked: 28 times
- Contact:
Re: Intel CPU security flaw
Kinda sounds to me like a big scare to get people buying new computers.
brian
brian
Have your PC your way: use linux!
My sound synthesis biome: http://www.linuxsynths.com
My sound synthesis biome: http://www.linuxsynths.com
-
- Established Member
- Posts: 2057
- Joined: Tue Feb 16, 2016 6:56 am
- Location: Kangasala, Finland
- Has thanked: 373 times
- Been thanked: 209 times
- Contact:
Re: Intel CPU security flaw
Problem is real. Current state, any website can put javascript reading all your passwords from your browsers password manager or from your keepass if it is open. Same goes for office documents, reading memory with word doc macros is possible. However, implementing word doc which works also in libreoffice in linux might be bit harderbriandc wrote:Kinda sounds to me like a big scare to get people buying new computers.
So if there is update for your browser available, update now.
Linux veteran & Novice musician
Latest track: https://www.youtube.com/watch?v=ycVrgGtrBmM
-
- Established Member
- Posts: 2057
- Joined: Tue Feb 16, 2016 6:56 am
- Location: Kangasala, Finland
- Has thanked: 373 times
- Been thanked: 209 times
- Contact:
Re: Intel CPU security flaw
https://twitter.com/securelyfitz/status ... 0652196864m.lp.ql.m wrote:Related, but more selfish question: I was just about to start putting together a new system. Any guesses as to when the new, "fixed," hardware will be available?
That says maybe some minor fixes on summer. Something bit better 2019-2010. Full fix 2021.
That isn't word of god, but anyway guess from somebody who knows workflow and constrants on processor industry.
Linux veteran & Novice musician
Latest track: https://www.youtube.com/watch?v=ycVrgGtrBmM
-
- Established Member
- Posts: 2057
- Joined: Tue Feb 16, 2016 6:56 am
- Location: Kangasala, Finland
- Has thanked: 373 times
- Been thanked: 209 times
- Contact:
Re: Intel CPU security flaw
Fix for meltdown, which gives access to kernel memory to all processes will be fixed, and this will cause slowdown.42low wrote:I've read on a linux forum that the software fix is to be expected this weekend. Then the hardware bug isn't a problem anymore.m.lp.ql.m wrote:Any guesses as to when the new, "fixed," hardware will be available?
For spectre, which will allows reading memory from other process there won't be single fix, but many fixes here and there. Most likely it can't be fixed fully in software. Never ever. And this problem is also in amd processors.
Linux veteran & Novice musician
Latest track: https://www.youtube.com/watch?v=ycVrgGtrBmM
-
- Established Member
- Posts: 381
- Joined: Sun May 28, 2017 3:52 pm
Re: Intel CPU security flaw
Spectre is arguably the bigger problem...
Reaper/KDE/Archlinux. i7-2600k/16GB + i7-4700HQ/16GB, RME Multiface/Babyface, Behringer X32, WA273-EQ, 2 x WA-412, ADL-600, Tegeler TRC, etc For REAPER on Linux information: https://wiki.cockos.com/wiki/index.php/REAPER_for_Linux