so those of us..
Still using aged CPU's are still buggered then? (I'm thinking Sandy bridge here... for personal reasons) is this the punishment for owning old bit perfectly capable kit?
Intel's offered the world some helpful advice about how to handle the Meltdown and Spectre chip design flaws it foisted on the world. "I can't emphasize enough how critical it is for everyone to always keep their systems up-to-date," wrote Navin Shenoy, executive veep and general manager of Intel's data centre group, bemoaning …
> Yes indeed. One way of looking at this whole Meltdown/Spectre episode is as a spectacularly successful sales campaign.
For AMD yes. Not sure anyone forced to upgrade from older Intel gear by this bullshit is going to reward Intel for it.
Obviously, some will... but not expecting many.
> Not sure anyone forced to upgrade from older Intel gear by this bullshit is going to reward Intel for it.
Of course they will. I'm not saying AMD is bad, they're pretty good actually, but Intel controls the corporate market, there is no wiggling around it.
Anyway, we'll be forced to discard all our older but perfectly working computers and replace them with newer computers, which will have the exact same problems, but will get those patches the old ones will never get. That's really minimum value for maximum money.
(And in a nice chain reaction way, this means having to also replace every piece of hardware which ran perfectly on those older computers, but which hasn't Win10 drivers. Everybody gets a piece of the Intel pie - except the end user...)
This guy needs to be explained the concept of QA. I got a friend of mine who can do the honours (*). I can talk to her boss to lend her to Intel for a short tour. As they are an outsourcing supplier they will be happy to oblige
(*)In addition to being a damn good QA (15+ years of QA experience and 5+ writing software before that), she has spent 10+ years in the country's top 10 on sabre and has a collection of belts (brown onwards) in more than one martial art. I would love to sell tickets when this guy has a discussion with her on releasing sh*t of the kind they shipped as Meltdown fixes. Gives a whole new meaning to the words "you are releasing this over my dead body (and I am hard to kill ya know)"
Go a step further... instead of "naming" the processer, tell us what we will find on the "label". My Gateway says "Intel inside".. a quick check tells me it's an i3... How does this relate to the average person knowing WTF a Skylake is? Same for the Dells and Acers we have. I have yet to see anything that correlates what they call it and what's on the boxen.
And then there's the problem of getting the info and patches out to Joe-Average User who hasn't a clue but knows that Winders does updates without him/her doing anything.
Truly a fluster-cluck.
The effort to do so turned out to be more complicated than Intel thought, as some of its early updates made the silicon unstable. So unstable, in fact, that Intel recommended rollback as the best option
It always is more complicated to fix things.
If you can't fix it does everybody get a free CPU upgrade?
> If you can't fix it does everybody get a free CPU upgrade?
No, because they don't have any CPUs without the bug to issue as replacements (*)
(*) Unless you are suggesting that they "upgrade" people from Xeon to Celeron.
I suppose they *could* upgrade everyone to the corresponding AMD parts, in the same way that an airline may have to book you a seat on a competing airline if it can't get you home. Unfortunately it would involve replacing motherboards.
There will never be replacements - they won't be opening the lines to create "fixed" Haswells, for example.
The only option will be the latest devices, on the latest motherboards. And you won't be getting a penny in discount from Intel for the costs of upgrading all of your gear.
Thieves.
But they could produce latest generation chips without the design flaw, and package them in the older chip packages. As most Core and Xeon processors are in sockets, it would be possible to do a one-for-one replacement, although you would either have to be happy taking the systems apart yourself, or paying someone to do it.
They could get approximate performance by tweaking the clock multiplier and possibly disabling some cores and L0/1 cache, and I dare say they could also turn off some of the newer features (as they already do for current generation Celeron and the recently re-launched Pentium processors) so that end users did not get the benefit of those not in the older CPUs. They would have to do something with the ID info, because some mobos may struggle to configure the newer chips without a firmware upgrade.
I think that the only thing they might have problems with was the TDP. Underclocking later generation CPUs would use less power, but I think that they should be generous enough to allow people to benefit from that.
But it would be pretty expensive, so I have no expectation that Intel will do this.
"As most Core and Xeon processors are in sockets, it would be possible to do a one-for-one replacement"
last I checked, an older (replacement) 'Core Quad' costs more than Intel's faster/better "latest" quad-core CPU. Economy of scale and all of that.
swapping out the motherboard, RAM, and CPU together might actually cost less.
But packaging a Coffee Lake+ in a Socket 1150/1 package (at the volume of Core Quads produced) may be cheaper, especially if you consider a like-for-like replacement of the mobo and memory in some gaming rigs will cost a similar amount to the processor!
Last year I did a just-behind the leading curve rebuild of one of my son's gaming rig, and the cost of the mobo and memory was easily more than the processor.
""I can't emphasize enough how critical it is for everyone to always keep their systems up-to-date," wrote Navin Shenoy,"
"I can't emphasize enough how critical it is for everyone to always keep giving Intel money." Navin Shenoy wanted to write, but didn't think he could get away with it.
No particular benefit to the consumer, who would still be saddled with Meltdown-Spectre, only on the latest faulty Intel kit rather than slightly older faulty Intel kit.
Well, they could do with a bigger tide-over while they sort out some over-priced offering that is bug-free free of PR disaster-level revealed flaws.
Given how seriously Shenoy suggests Intel takes this issue I have to assume that they set to work to try and produce a microcode patch as soon as they learned of the problem 8 months ago (or was that 2 years ago?).
In all that time they have not succeeded; so maybe they could do with some help. How about releasing the microcode and then we could all try to help.
PC-and-server-makers, not Intel, will be the source of the fixes .. so basically anything that a manufacturer is not currently making cash from will be left vulnerable, just like the mobile market. Manufacturers should be forced to supply patches for any CPU made in the last 10 years and Intel/AMD/Apple/Arm/xxx should pick up the costs.
If the HP, Dell etc refused to provide the patch because your 'outside of warranty' you could return it under the sale of goods act to the place you originally purchased it as not fit for purpose, for up to 6 years in the EU i believe. I am sure if enough PCs got returned this way the PC sellers would put pressure on the manufactures to resolve the issue or they will stop selling their gear with Intel inside in favour of AMD or Arm systems.
The post also points out that PC-and-server-makers, not Intel, will be the source of the fixes.
I call bullshit on this (well, as others have pointed out, on the whole thing, really). How are people who bought the parts and built their own computers going to get these "fixes"? I bought the motherboard, CPU and other bits from a parts supplier and built my own computer. Hey, Intel, which "PC-and-server-maker" should I contact for my microcode update?
Yourself, as you are the 'manufacturer'... I would expect that you should be able to download a BIOS update for your motherboard (when/if available) which will contain the relevant microcode to patch the processor. If you are using Linux then you can also update the microcode manually if you so wish, this link describes the process (https://sites.google.com/site/easylinuxtipsproject/microcode) there are ways to do the same thing on Windows too.
Maybe the motherboard manufacturer will have a BIOS update that you can download. Check your motherboard manufacturer's support page.
I also have a homebrew PC with a 4 year old ASUS AMD motherboard. Since the motherboard was still be sold by ASUS a year ago, I'm hoping to see a BIOS update come out for SPECTRE, but I'm not going to hold my breath.
Just last week I did a Bios upgrade to a almost brand new system, ASUS Z370 MB with Intel I7 8700K CPU.
The new firmware brought the performance down to about 16% of the level achieved with the previous version. Yes, not _by_ 16% but _to_ 16%. (*)
So there's room for improvement.
Yes, I indeed switched back to the previous firmware. Shame on me.
(*) = Measured under Win10 Pro with Cinebench v15.
Yes, this is definitely a massive f**k-up by processor manufacturers and although Intel is by far worse affected let's not forget that AMD, Arm and pretty much any modern CPU that uses preemptive/speculative execution are vulnerable too.. If you were paranoid you might even speculate that such a 'feature' was added deliberately.
Although news of the problem did make it to the mainstream media, this was a few weeks ago and probably wont be mentioned ever again. I'd say 95% of computer users are still completely oblivious to the issue and wont make the connection even when they do get pwned. Intel will get away Scot-free as per usual.
Personally I think patching existing systems is likely to have to involve using software to increase timing entropy resulting in the blocking of these side channels where the software access control context calls for it. So processes already running sandboxed from each other or owned by different users shouldn't be able to read each other's memory and will run slower as a consequence.
This is just a patch. If the deeper problem exposed is that proprietary hardware can't be trusted anymore due to it's combination of obscurity and complexity, then open source hardware might offer a solution for users and applications where security really matters enough, initially to be willing to pay more for hardware offering the same raw performance, until scale economics enable this approach to compete against established hardware designs. The RISC-V open source hardware project seems to be making useful progress .
The 2/7 update is only for "several (not all) Skylake-based platforms."
So except for the "several (not all) Skylake-based platforms," there is nothing for the other zillions after the last emergency Windows update that disables the patch for Intel!
Seems people have been accepting quite well what has been going on with Intel, amazing!
I think it's more that they are stunned and hardly able to believe that a corporation they believed to be "leading edge" could be so grossly incompetent.
Also, what action is open to them? This situation is very much like the financial crash of 2008. It's wholly due to the unbelievable negligence and incompetence of corporations - but because of their "in" with government they will not suffer any consequences, and may indeed gain.
I am a mathematician, and I spent 10 years at AMD & IBM doing microprocessor validation from 1996-2006. I occasionally referred to my job as taking the smartest engineers on the planet and rubbing their noses in their mistakes like bad puppies. In fact, I have enormous respect for the individual engineers, but the culture can breed a lot of arrogance--and I have anecdotal evidence that Intel is significantly worse than IBM (which was worse than AMD).
I am sceptical of claims that Specter-class issues (these are not "bugs") can be completely fixed in microcode without trash-can level performance penalties. Many of the core performance features (caches of one form or another) on these parts are so core to the system that they cannot be turned off. (Resulting in some hilarious initial responses to bug reports, by the way.) This means that the added microcode either has to turn off speculation, which will often be at least as expensive as an expensive task switch for each instruction executed, or flush the affected caches--which will likely be even more expensive.
Informed speculation here--the patches are going to cover the easy to cover parts of the exploit. But the corner cases might not even be known yet. How can I say this? 1) I stopped the public announcement of a bug so I could whip up a script and search for more fails over night. I almost quadrupled the failing cases. 2) I was contacted just before a bug announcement was made for a bug I had researched. Suspecting an issue, I checked my data. The first fail I had traced out represented 50% of the failing cases--and it was not in the planned errata. 3) I was called into a need-to-know only meeting and had a failure described to me. The design team stated that they did not believe that a certain class of failure was possible. I told them that I would have the the failing case in the morning. (It took less than an hour to target the case & collect the data.)
The only way to have complete confidence that these side channels do not exist in the design would be to have a cycle-accurate simulation of the chip, and then do formally checked proofs that they do not. And yes, that involves something that approaches proving a negative. You can prove that side channels X, Y, and Z do not exist. But proving that an out-of-order chip design has no side channels at all.... I'm not holding my breath.
I mentioned this before, but it is worth repeating. Right inside the cover of the manual for these chips is a declaration that they are not approved for use with classified material. There has always been, and will always be, a different price/security computation between sensitive government use and general public use.
I am no Intel fan. And yes, they appear to have forgotten whatever they learned from the Pentium bug fiasco. But if you want a level of security assurance that governments demand for their classified work, you have no business running a consumer application on a consumer OS in a consumer enclosure holding a consumer hard drive, motherboard, and processor. (All delivered via a consumer shipping service and hooked up to the Internet.)
Certainly, we want best available of everything. And we want it now. For free. But we make tradeoffs.
Yes, questions were asked twenty years ago about side channels with speculative and out of order execution. But no one could figure out how to do it (that we know of). For almost twenty years. That's longer than the expected lifespan of an encryption scheme by a substantial margin. In the meantime, we all benefited from speculative execution. A lot.
Yes, the embargo was at best handled poorly. And anyone who bought on of these products after the stock sale and before the matter came to light might have a good case that bad product was being foisted off on them. But from the initial internal light to before the sale, it is murkier. Before the initial report? Human beings err. A lot.
So......a computer company doesn't have simulation capabilities to model their own products?
I suspect that the truth is closer to "no-one at Intel ever considered that something like this could be a security vulnerability".
Which (to me) indicates a profound lack of *design* QA (not production QA - that looks at very different things) - design QA being "what are the things that can go wrong with this high-level design and how can someone abuse/break it"?
Intel, having the vast resources that it has, should be able to afford a set of interdisciplinary teams to look at new designs. But instead, all they seem to do is check whether the final result works according to the designs and not whether the designs are flawed to begin with.
It's a bit more even than this. First of all, you might be surprised to know that cycle-accurate simulations were in fact not intended to be created on multiple projects that I was a part of. In each case, validation requirement eventually prevailed, but in one case, it actually took years.
Second, and this is critical, the set of people that are actually capable of attacking this problem (Spectre-class vulnerabilities) is vanishing small. This is not a problem of design or engineering. This is basically a problem of proving a negative. You need a mathematician's training in just what a proof is combined with a deep understanding of computer function, architecture, and design. Formally defining the statement "speculative execution of instructions does not affect the microarchitectural state of the processor" is actually not that hard to do. But the statement is too strong--there ARE microarchitectural state changes that will not lead to vulnerabilities--and you want to allow those. Once you get past that, you can start on your proof. Have fun.
A nationstate has the resources, and the priorities, to do such a thing. That a consumer-facing company might not go there should not be disappointing. The real issue is--where do we go from here? Now that this is in the open, consumer protection does require that this be cleaned up. But the cost is going to be high. I am not at all surprised by the comment here that a benchmark test showed a 6x performance drop.
I think this IS a problem of design: It demonstrates that our current concepts of design do not work at the complexity levels we want to use. This idea of "proving a negative" is the statement that the system is too big to traverse, as most are. But little systems and scalable systems can be investigated very strongly.
It may not be practical, but it would be heartening to see a build based on small modules which can be exhaustively tested to do exactly what they should and nothing else. When we get into systems with massive state, we need designs we can scale down and test. Yes, that is not the same, but it is close.
The problem is whether such tested systems can be built in hardware. We know they can be built, to some extent, in software, although very rarely are, presumably because that is not a goal, and is not taught. In this case testing might have caught a hint of the problem, only to be dismissed so the business could benefit. That benefit is what society needs to take back.
The business benefited because society benefited. All of those cheap cycles have added up--a lot.
The "small, composable modules" idea has been around a long time. The problem is emergent complexity. For instance, we've solved the general two-body problem. Why can't we solve the general three-body problem?
I really did spend a decade being paid to find bugs in designs. This class of vulnerability is going to be really, really hard to stamp out at speed.
...I actually liked Shenoy's comments so much that I printed them out.
You see, there is a lot of bullshit in the world. So much that one can drown. But the bullshit that threatens us is always contaminated to a greater or lesser degree by "reality" and "common sense".
This particular Intel bullshit, in contrast, is absolutely pure and unadulterated. It's a work of art. From a genuine bullshit artist. Show some respect!
I have a 5 year old Dell which they seem determined to ignore and isn't in their list of potential changes, so I asked Which, as our consumer champion, what they thought abut the whole affair. As part of their reply they said any patches from Intel would come via MS updates?!
The 2/7 update is only for "several (not all) Skylake-based platforms."
So there is nothing for the rest of zillions after the last emergency Windows update that disables the patch for Intel!
Amazing, the company can keeps launching new chips without "known-stable" working patches, and people keeps buying chips without "known-stable" working patches, just so amazing!