Intel PCs to be reduced in speed by up to 30%

[Ady1Participant @ady1]

Unless you're on XP of course

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

Final update A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

**LINK**

[Ady1Participant @ady1]

[Ady1Participant @ady1]

Rush to fix 'serious' computer chip flaws

Tech firms are working to fix two bugs that could allow hackers to steal personal data from computer systems.

Google researchers said one of the "serious security flaws", dubbed "Spectre", was found in chips made by Intel, AMD and ARM.

The other, known as "Meltdown" affects Intel-made chips alone.

The industry has been aware of the problem for months and hoped to solve it before details were made public.

The UK's National Cyber Security Centre (NCSC) said there was no evidence that the vulnerability had been exploited.

According to the researchers who found the bugs, chips dating as far back as 1995 have been affected.

Some fixes, in the form of software updates, have been introduced or will be available in the next few days, said Intel, which provides chips to about 80% of desktop computers and 90% of laptops worldwide.

**LINK**

Edited By Ady1 on 04/01/2018 10:15:55

[Neil WyattModerator @neilwyatt]

Bear in mind this affects PCs running Windows, Linux and MacOS… in fact I can's see why it wouldn't affect XP on a modern machine.

Time to move to an Rpi?

Neil

[SillyOldDufferModerator @sillyoldduffer]

Posted by Neil Wyatt on 04/01/2018 10:21:36:

Bear in mind this affects PCs running Windows, Linux and MacOS… in fact I can's see why it wouldn't affect XP on a modern machine.

Time to move to an Rpi?

Neil

Don't forget Servers have the same problem too! And, as the bug started in 1995, there's no particular reason to assume NT is safe either.

This is a pretty fundamental problem. The good news is that the flaw seems hard to exploit and that there's a software fix on the way. Apart from that it's horrible.

I hope those who believe that everything was better in the past aren't laughing too loudly. The original mistake was made in in 1967.

There's a Nascom 1 in my loft stored for just this emergency. I wonder if it still works?

Dave

Edited By SillyOldDuffer on 04/01/2018 11:40:31

[Brian GParticipant @briang]

Posted by Neil Wyatt on 04/01/2018 10:21:36:

Bear in mind this affects PCs running Windows, Linux and MacOS… in fact I can's see why it wouldn't affect XP on a modern machine.

Time to move to an Rpi?

Neil

As I (barely) understand it, ARM processors are also affected, whilst although AMD say "There is a near zero risk to AMD products at this time", they may also be affected. Perhaps I should have kept my old Amiga

Brian

[Michael GilliganParticipant @michaelgilligan61133]

This article by Reuters is probably less hysterical that what we can expect to see in the UK media: **LINK**

https://in.reuters.com/article/apple-cyber/apple-to-issue-fix-for-iphones-macs-at-risk-from-spectre-chip-flaw-idINKBN1EU04H

MichaelG.

Edited By Michael Gilligan on 05/01/2018 07:49:56

[I.M. OUTAHEREParticipant @i-m-outahere]

I knew it ! I should have kept that commodore 64 !

Now that some idiot has made this info public guess what the hackers are going to target ? Most of them probably never knew about it in the first place .

My pc and ipad are limited by Australia's horrendous broadband speeds and i'm on mobile broadband which is worse so a speed drop would be negligible.

Being a born pessimist i often wonder if the manufactures release info like this so everyone thinks they need " the new and more secure product " .

So the update is for the OS so Win7 or older won't get it nor will IOS 9 ( not sure who makes the chips for these so they may be unaffected) so the only way you have to fix this is buy a new machine and i would be waiting for the next gen chip to hit the market before i do that .

Ian .

[MWParticipant @mw27036]

the way I understand it is it has something to do with the way the processor pages memory and therefore can be tricked into running malicious software, if so desired?

Michael W

[I.M. OUTAHEREParticipant @i-m-outahere]

I don't need to worry too much my PC really only gets connected to the net for updates when i turn it on every so often , the rest of the time its iPad i use but I haven't heard if they are affected .

[Michael GilliganParticipant @michaelgilligan61133]

Best quote I've seen so far:

"In terms of real-world risk, it's another day in information security," said Kenneth White, security researcher and co-director of the Open Crypto Audit Project . "It opens up all kinds of interesting new lines of work and a lot of reassessment of fundamental assumptions we've made about hardware and security properties. For the average person, it's just about patching."

Source: **LINK**

http://money.cnn.com/2018/01/04/technology/spectre-meltdown-chip-bugs-businesses/index.html?iid=EL

MichaelG.

[Michael GilliganParticipant @michaelgilligan61133]

Posted by XD 351 on 05/01/2018 08:59:43:

… the rest of the time its iPad i use but I haven't heard if they are affected .

.

**LINK**

https://support.apple.com/en-us/HT208394

MichaelG.

[Ady1Participant @ady1]

It can only get snippets of code from the cache which in theory can be exploited over time

Big places like banks and Financial houses might be worth the effort but you need to be a super duper code dude to know what to do and you have to sift through billions of code cache rewrites to sort out anything which may be of value

It's like finding an ounce of gold dust which has been sprinkled onto a beach

It's definitely there

But is it worth the massive effort to get it

edit: and just to make things a bit harder, the gold dust is sand coloured, just like the other 2 million grains of sand which poured through the cache in the time it took you to read this post

Edited By Ady1 on 05/01/2018 09:30:17

[JourneymanParticipant @journeyman]

Just so that no-one feels left out the BBC report:

Apple has said that all iPhones, iPads and Mac computers are affected by two major flaws in computer chips.

This is from this *** News Item ***

John

[VicParticipant @vic]

Posted by Journeyman on 05/01/2018 09:36:04:

Just so that no-one feels left out the BBC report:

Apple has said that all iPhones, iPads and Mac computers are affected by two major flaws in computer chips.

This is from this *** News Item ***

John

Michael already posted this link:

**LINK**

Which says Apple already released one patch about a week ago before it became public knowledge. Another patch for Safari is expected soon.

[SillyOldDufferModerator @sillyoldduffer]

Posted by Vic on 05/01/2018 13:35:36:

Posted by Journeyman on 05/01/2018 09:36:04:

Just so that no-one feels left out the BBC report:

Apple has said that all iPhones, iPads and Mac computers are affected by two major flaws in computer chips.

This is from this *** News Item ***

John

Michael already posted this link:

**LINK**

Which says Apple already released one patch about a week ago before it became public knowledge. Another patch for Safari is expected soon.

I'll be interesting to see how quickly suppliers respond to this and how far back they go. Looks like Apple are in the lead, with Microsoft starting yesterday. Ubuntu is scheduled for Jan 9th. The Microsoft Desktop fix only covers Windows 10, Windows 8.1, and Windows 7 SP1. Who knows about smart phones, tablets, and embedded systems like your Router?

The fix may not all be plane sailing. For instance some Microsoft users may get the dreaded Blue Screen Of Death back again – Microsoft warn that 'the Meltdown and Spectre security fixes are incompatible with some anti-virus products.' I'd expect AVM providers to be quick off the mark, but it may take them time to straighten things out before normality returns.

One of the worrying things about Meltdown and Spectre is that no-one knows what an attack looks like. Viruses etc have recognisable signatures that enable them to be blocked. Although unlikely, a successful exploit would be devastating; in the jargon it's 'low risk, high impact'.

Dave

[egaParticipant @ega]

SillyOldDuffer:

"The Microsoft Desktop fix only covers Windows 10, Windows 8.1, and Windows 7 SP1"

Can you point to any further information about this, please? I had gathered that Win 7 users would be left facing the spectre of meltdown with no help from MS.

[SillyOldDufferModerator @sillyoldduffer]

Posted by ega on 05/01/2018 15:49:09:

SillyOldDuffer:

"The Microsoft Desktop fix only covers Windows 10, Windows 8.1, and Windows 7 SP1"

Can you point to any further information about this, please? I had gathered that Win 7 users would be left facing the spectre of meltdown with no help from MS.

Hi ega,

It comes from Microsoft's delightfully entitled 'Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities'. Table at the front with what's been done plus a FAQ at the end about older versions of Microsoft O/S that's rather discouraging.

Another FAQ mentions the need to update the CPU chip's microcode with a firmware update from the manufacturer. That'll be fun unless they can automate it. Also, it suggests that some chips are more vulnerable than others.

Dave

[egaParticipant @ega]

Dave

Thanks for the further information and the link which I am attempting to digest.

I have always put my own desktops together and shall watch for any CPU firmware updates (which I assume are different from BIOS updates).

[VicParticipant @vic]

Apple have stated a possible performance hit of under 2.5% on their hardware so where did the 5% to 30% come from?

[Russell EberhardtParticipant @russelleberhardt48058]

Posted by ega on 05/01/2018 16:31:10:I have always put my own desktops together and shall watch for any CPU firmware updates (which I assume are different from BIOS updates).

Yes, they are different. Linux (at least Ubuntu variants) includes in its package list something called "intel-microcode" or equivalent for AMD installations. This can be updated with normal system updates. and should be updated next week.

I'm not a Windows expert but would be surprised if MS don't have something similar.

Russell

[Neil WyattModerator @neilwyatt]

Any reaction from the Linux community yet… or do that have some magical immunity from malware?

[SamsarandaParticipant @samsaranda]

My new Iphone received today has just updated its software and according to Apple it is now “safe”,whatever that means. One day a couple of years ago I was in my bank when a technician was fixing a cash point, it was housed in a huge polished mahogany cabinet, inside was a desktop PC complete with monitor screen and keyboard, I could see on the monitor screen that the equipment was running on Microsoft Windows, rather worrying to think that there are thousands of Windows powered PCs all connected to the Banks mainframe computer, one can only imagine what havoc could be wrought with a determined cyber attack.

Dave W

[Russell EberhardtParticipant @russelleberhardt48058]

Posted by Neil Wyatt on 05/01/2018 18:47:13:

Any reaction from the Linux community yet… or do that have some magical immunity from malware?

No, Linux is not immune because the problem lies in the CPU not the operating system. New kernels are being worked on to overcome the error and will be released soon. New CPU microcode firmware will be installed by a regular update.

There is a lot of talk of a 30% slow down but that is a worst case and most users will notice very little difference. It will only really affect you if you have many tabs open in your browser or are downloading a large torrent file while watching a video or something similar.

Russell

[SillyOldDufferModerator @sillyoldduffer]

Posted by Neil Wyatt on 05/01/2018 18:47:13:

Any reaction from the Linux community yet… or do that have some magical immunity from malware?

Fortunately Linux's famous resistance to malware is real, not magical!

Red Hat may have been first to deploy fixes rather than Apple not that it matters. Everyone is taking this seriously.

This story may be going to run and run. Digging a little deeper shows signs of mud starting to fly. It seems that the hardware boys were very late informing operating system developers that there was a major problem. Microsoft and all the other developers were bounced into rushing patches out when the news broke; there are concerns that the patches may themselves be buggy. It could get very messy.

When it comes to performance the size of the hit depends on what the computer is doing. There's a good chance a typical PC will only slow down very slightly, say 2%. More serious looks to be the impact on database servers and the like: up to 30%. It's more likely to slow down the Forum at the server end than our browsers. I expect everyone will blame you Neil!

I expect we'll be finding out the truth during the next week or too. Let's hope it's a storm in a teacup rather than the end of Model Engineering as we know it.

Dave

[Author]

Posts