Personal computing discussed
Moderators: renee, Flying Fox, morphine
just brew it! wrote:Man, this pair of exploits has turned into a major dumpster fire...
Kougar wrote:If I understand correctly there currently there is no complete immunization possible against Spectre, just patch stopgaps against specific vectors, and a CPU hardware change is required for full immunization. So does anyone have even a vague idea what kind of performance impact these hardware changes to prevent Spectre will incur on future hardware? Nevermind that every Out-of-Order CPU vender is affected by it and will have to make their own changes.
DancinJack wrote:https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
Google with a nice little workaround for their servers.
fhohj wrote:so TS has an article up where they benched an 8700K with the most recent AC. there was no noticeable difference to the user.
chuckula wrote:I JUST UPGRADED AND IT'S SO SLOW THAT THE KEYBOARD SCANNER CAN ONLY TAKE UPPER CASE LETTERS.
Ok not really. Kernel 4.14.11 with KPTI enabled seems to be OK so far.
Bruce Schneier wrote:It shouldn't be surprising that microprocessor designers have been building insecure hardware for 20 years. What's surprising is that it took 20 years to discover it. In their rush to make computers faster, they weren't thinking about security. They didn't have the expertise to find these vulnerabilities. And those who did were too busy finding normal software vulnerabilities to examine microprocessors.
Security researchers are starting to look more closely at these systems, so expect to hear about more vulnerabilities along these lines.
Bruce Schneier wrote:Now that they -- and the research into the Intel ME vulnerability -- have shown researchers where to look, more is coming -- and what they'll find will be worse than either Spectre or Meltdown.
There will be vulnerabilities that will allow attackers to manipulate or delete data across processes, potentially fatal in the computers controlling our cars or implanted medical devices. These will be similarly impossible to fix, and the only strategy will be to throw our devices away and buy new ones.
fhohj wrote:so TS has an article up where they benched an 8700K with the most recent AC. there was no noticeable difference to the user.
DancinJack wrote:It took me a second to think what site it was too. It's an abbreviation i've never come across before.
SuperSpy wrote:Brief write-up of the major players responses by Ars' Peter Bright: https://arstechnica.com/gadgets/2018/01 ... -about-it/
chuckula wrote:I JUST UPGRADED AND IT'S SO SLOW THAT THE KEYBOARD SCANNER CAN ONLY TAKE UPPER CASE LETTERS.
Ok not really. Kernel 4.14.11 with KPTI enabled seems to be OK so far.
defaultluser wrote:Is there any chance of TechReport doing a more in-depth test with frame minimums and "time spent below" graphs?
cphite wrote:chuckula wrote:I JUST UPGRADED AND IT'S SO SLOW THAT THE KEYBOARD SCANNER CAN ONLY TAKE UPPER CASE LETTERS.
Ok not really. Kernel 4.14.11 with KPTI enabled seems to be OK so far.
I knew you were kidding because capital letters are bigger, and would therefore be slower...
captaintrav wrote:If I'm understanding things properly, the mitigation for Meltdown is going to have more of a performance impact if your processor doesn't support process context identifiers, which means Haswell and newer, but Wikipedia says it was introduced with Westmere. Maybe just for certain SKUs before Haswell. Maybe time to finally ditch Sandy Bridge?
captaintrav wrote:If I'm understanding things properly, the mitigation for Meltdown is going to have more of a performance impact if your processor doesn't support process context identifiers, which means Haswell and newer, but Wikipedia says it was introduced with Westmere. Maybe just for certain SKUs before Haswell. Maybe time to finally ditch Sandy Bridge?