Yep when I heard about that exploit and one of the fixes to help make things a bit safer was to disable Intel's Hyper Threading. I was like oh hell no I'm not turning my i7 into a i5 just so I can feel secure. You know what I did not do it and I can still sleep at night and I am still able to fully use my CPU because I am not willing to let fear rule my life. Besides that after being in this industry for over 22 years I am pretty sure I am able to tell when the system is not behaving as it should & have the smarts to correct it without losing 40% of my performance just in case something might happen which has about the same odds as wining one of those big lotteries.
On a side note because there is no edit function that I could find. These exploits that seem to have Intel CPU's the worst is one of the few reasons I am going away from Intel for my next platform upgrade here in the fall of 2019. Heck I have to stay on Windows 10 1709 because it is one of the ones you can still control whether you have to infest your system with performance losing updates to maybe fix all of the exploits that affect Intel CPU's. I am on a Sandy Bridge i7 still and form the numbers I have seen so far these CPU's and Haswell lose up to 35%-40% performance in a lot of tasks by doing the patches which is not an option I am willing to take. I can not wait to get my AMD platform upgrade soon so I can get the latest Windows 10 installed and finally be able to do that Microsoft Game pass which is something I would have liked to do now but Game pass requires the latest Windows 10 to be installed or it is a no go according to MS's requirements.
Before someone gets on my back about not being patched I was all patched up for about 3 weeks. I did not know MS put the update patches into my system and was wondering my my FPS counts dropped to a degree I actually noticed and why the system was less responsive that it had been in the past when I started digging by using a little program it reported back to me that my performance level was low because it had all of the patches installed. I disabled what I could and ripped the rest of them out of my system and then blocked and I mean 100% blocked MS from doing updates on my system.
I do updates but I download the ones that are not related to those patches and install them at my choosing. When I switch to AMD Ryzen platform I will install fresh Windows 10 with latest patches as well and finally be able to enjoy the game pass MS offers. BY the way My Sandy Bridge is a i7 2600K@5.1GHz so for those patches to make a 5.1GHz CPU act like a Core2Quad but with Hyper Threading basically seems like they did not put to much effort into the patch fixes or they just worried more about the newer stuff and not really caring about the older stuff because it is not making them any farther money.
The amount of BS in that post. You'd have lost maybe 2/3 fps if the game was I/O bound, it wouldn't have made a game unplayable.
New Windows update of May 2019 released a new version of the specter and other mitigations patch that has supposedly near no difference to without patch, so update.
Windows 10 1709 had EoL in April 2019 (it was released Oct 2017, W10 has 1.5 years support per major version), you're not getting any security patches.
Windows microcode patching is always a last resort. I don't like it because if you reinstall Windows you have to reinstall the microcode patches every time, and I'm assuming some Linux distros include the microcode patches as well--same thing applies, of course. Main thing is that if they cannot fix it with a firmware patch it means the windows microcode patch is the only method possible, etc. It is inevitable that at least some of them will cause performance problems at times. But the main reason AMD looks much more attractive than Intel is the simple fact that Zen 2 (3k series) is a much, much newer architecture than what Intel is presently peddling--which because of that doesn't have the vulnerabilities current Intel processors have at the level of the processor itself. Of course, performance is a good reason to move to AMD and avoid all of that tiresome Windows/OS microcode patching! Gawd, yes...;)
Exactly how are these bugs affecting you ? There are literally zero home usercase scenarios I can think of which the SMT bugs affect in any meaningful way.
Because side-channel attacks have been demonstrated in browser-based code. So, you don't need to download and install anything to be affected by malicious code.
Some comment in response to a query about why Anandtech wasn't reporting on the latest Intel issues was answered with a, "We're waiting for Intel to respond," which, given that AT never published anything about the problem, seems like a steaming pile of bull.
Yep, and considering how severe those vulnerabilities are (both for security and mitigations destroying performance), they should be refusing to cover any Intel news or products until Intel gives them a proper response, and if Intel wants to wait until they have products that aren't affected by them (and also don't suffer huge performance losses to mitigate) then they should expect no one to recommend their stuff until then. I can only imagine how much better these new Epyc chips will be than the Intel stuff for those markets (as they're affected by the mitigations more than general consumer stuff).
They should be contacting the groups that found the exploits and have discussions with them as well, since Intel clearly intends there to be a vacuum in coverage of them based on Intel not talking about them at all.
Unfortunately I expect Intel's response is going to be trying to find vulnerabilities in AMD's chips and then try to make them seem every bit as bad, just like they pulled with Spectre/Meltdown.
Come on Anandtech, your silence over Intel vulnerabilities is... deafening. No more excuses - let's see your "deep dive" on the latest Intel vulnerability whether Intel respond to you or not. If you continue to sit on it any longer it just makes you look like Intel apologists.
The sad fact is that the obvious lack of coverage for Intel vulnerabilities undermines Anandtech's credibility as an authoritative source of CPU information, especially where Intel is concerned. What's the point in writing thousands of words in the latest deep-dive article when a major Intel security vulnerability that significantly impacts performance goes totally unreported? It tends to color most of what this organ now produces, as it's far from independent.
Sites such as phoronix.com are far more transparent and willing to dish the dirt when it is necessary regardless of who the vendor may be - the benefit of being fully independent and not funded - (directly or indirectly) - by Intel, I guess.
Well the article clarifies that AMD had issued a fix several builds back, apparently before this article was written...? Or was it the article updated later? Anyway, the problem no longer exists.
Or anyone not happy with using the NIST curves. A not wholely imaginary issue, as was seen with Dual_EC_DRBG backdoor. No-one wants to be the next BSAFE
I look forward to seeing what other security vulnerabilities are to be found in AMD's architecture now that the industry will start to have reason to look for them.
I knowed AMD cpus are safe by default......ho wait !!! they are bugged too !!! The number of exploits will rise exponentially with the wider adoption of Epyc SKUs. No cpu is safe in these days.
um yea ok Gondalf... that sounds more like your own hope and speculation then anything.. hasnt amd's chips already shown to be safer then intel's, and the security bugs in those, are not in amd's chips ? but in the end.. we will see...
Don't forget that since AMD doesn't sit on the same design for all that long, even if a problem were found in an old CPU, the new processors would probably have had enough changes to mean the new chips don't have the problem.
Intel...problems in the memory controller for ALL Intel Core processors are affected? So Intel hasn't done a significant design change? Hyperthreading, no updated implementation in all this time? Honestly, problems from ten years ago should have been resolved, just as a normal part of improving the design, unless the design itself hasn't gotten a major overhaul.
It seems like this was a missing safety-check in the security processor firmware. That's very different than the micro-architectural flaws affecting Intel CPUs.
Intel kernel software developers recently had their latest effort to claw back performance pulled from the next Linux kernel after the test cases included with the patches were found to not even run (suggesting that they had _never_ been run by Intel), the patches had "serious bugs" and the confidence in the Intel changes is "now close to zero".
This email exchange is pretty breath-taking, https://lkml.org/lkml/2019/3/26/719 and shows that the Linux kernel maintainers are pretty sick and tired of the Intel kernel developers for their unprofessional development practices.
So not only is Intel CPU hardware badly designed (let's not even talk about their flaky GPUs!) but their software developers are poor too, to the point that few kernel maintainers want to deal with them.
I doubt Anandtech would find this interesting though, as it's negative about Intel.
We’ve updated our terms. By continuing to use the site and/or by logging into your account, you agree to the Site’s updated Terms of Use and Privacy Policy.
33 Comments
Back to Article
Irata - Wednesday, June 26, 2019 - link
Good to see Anandtech starting to report on CPU vulnerabilities againshabby - Wednesday, June 26, 2019 - link
Wonder why they missed a few of the intel ones 🤔azfacea - Wednesday, June 26, 2019 - link
yea after all its not like the fix for those required losing 40% perf. oh waitimaskar - Wednesday, June 26, 2019 - link
But this is an article about a fix. There is no full fix for Intel other than disabling SMT completely, right?rocky12345 - Wednesday, June 26, 2019 - link
Yep when I heard about that exploit and one of the fixes to help make things a bit safer was to disable Intel's Hyper Threading. I was like oh hell no I'm not turning my i7 into a i5 just so I can feel secure. You know what I did not do it and I can still sleep at night and I am still able to fully use my CPU because I am not willing to let fear rule my life. Besides that after being in this industry for over 22 years I am pretty sure I am able to tell when the system is not behaving as it should & have the smarts to correct it without losing 40% of my performance just in case something might happen which has about the same odds as wining one of those big lotteries.rocky12345 - Wednesday, June 26, 2019 - link
On a side note because there is no edit function that I could find. These exploits that seem to have Intel CPU's the worst is one of the few reasons I am going away from Intel for my next platform upgrade here in the fall of 2019. Heck I have to stay on Windows 10 1709 because it is one of the ones you can still control whether you have to infest your system with performance losing updates to maybe fix all of the exploits that affect Intel CPU's. I am on a Sandy Bridge i7 still and form the numbers I have seen so far these CPU's and Haswell lose up to 35%-40% performance in a lot of tasks by doing the patches which is not an option I am willing to take. I can not wait to get my AMD platform upgrade soon so I can get the latest Windows 10 installed and finally be able to do that Microsoft Game pass which is something I would have liked to do now but Game pass requires the latest Windows 10 to be installed or it is a no go according to MS's requirements.Before someone gets on my back about not being patched I was all patched up for about 3 weeks. I did not know MS put the update patches into my system and was wondering my my FPS counts dropped to a degree I actually noticed and why the system was less responsive that it had been in the past when I started digging by using a little program it reported back to me that my performance level was low because it had all of the patches installed. I disabled what I could and ripped the rest of them out of my system and then blocked and I mean 100% blocked MS from doing updates on my system.
I do updates but I download the ones that are not related to those patches and install them at my choosing. When I switch to AMD Ryzen platform I will install fresh Windows 10 with latest patches as well and finally be able to enjoy the game pass MS offers. BY the way My Sandy Bridge is a i7 2600K@5.1GHz so for those patches to make a 5.1GHz CPU act like a Core2Quad but with Hyper Threading basically seems like they did not put to much effort into the patch fixes or they just worried more about the newer stuff and not really caring about the older stuff because it is not making them any farther money.
RSAUser - Tuesday, July 2, 2019 - link
The amount of BS in that post. You'd have lost maybe 2/3 fps if the game was I/O bound, it wouldn't have made a game unplayable.New Windows update of May 2019 released a new version of the specter and other mitigations patch that has supposedly near no difference to without patch, so update.
Windows 10 1709 had EoL in April 2019 (it was released Oct 2017, W10 has 1.5 years support per major version), you're not getting any security patches.
Enjoy your tinfoil hat.
WaltC - Thursday, July 4, 2019 - link
Windows microcode patching is always a last resort. I don't like it because if you reinstall Windows you have to reinstall the microcode patches every time, and I'm assuming some Linux distros include the microcode patches as well--same thing applies, of course. Main thing is that if they cannot fix it with a firmware patch it means the windows microcode patch is the only method possible, etc. It is inevitable that at least some of them will cause performance problems at times. But the main reason AMD looks much more attractive than Intel is the simple fact that Zen 2 (3k series) is a much, much newer architecture than what Intel is presently peddling--which because of that doesn't have the vulnerabilities current Intel processors have at the level of the processor itself. Of course, performance is a good reason to move to AMD and avoid all of that tiresome Windows/OS microcode patching! Gawd, yes...;)imaskar - Wednesday, June 26, 2019 - link
It will behave normally, just give away all your credentials, that's all.Kvaern1 - Thursday, June 27, 2019 - link
Exactly how are these bugs affecting you ?There are literally zero home usercase scenarios I can think of which the SMT bugs affect in any meaningful way.
nivedita - Friday, June 28, 2019 - link
You don’t run a browser on your home computer?Kvaern1 - Saturday, June 29, 2019 - link
Of course I do, how does this affect my browser in any meaningful way ?mode_13h - Monday, July 1, 2019 - link
Because side-channel attacks have been demonstrated in browser-based code. So, you don't need to download and install anything to be affected by malicious code.PeachNCream - Wednesday, June 26, 2019 - link
Some comment in response to a query about why Anandtech wasn't reporting on the latest Intel issues was answered with a, "We're waiting for Intel to respond," which, given that AT never published anything about the problem, seems like a steaming pile of bull.darkswordsman17 - Wednesday, June 26, 2019 - link
Yep, and considering how severe those vulnerabilities are (both for security and mitigations destroying performance), they should be refusing to cover any Intel news or products until Intel gives them a proper response, and if Intel wants to wait until they have products that aren't affected by them (and also don't suffer huge performance losses to mitigate) then they should expect no one to recommend their stuff until then. I can only imagine how much better these new Epyc chips will be than the Intel stuff for those markets (as they're affected by the mitigations more than general consumer stuff).They should be contacting the groups that found the exploits and have discussions with them as well, since Intel clearly intends there to be a vacuum in coverage of them based on Intel not talking about them at all.
Unfortunately I expect Intel's response is going to be trying to find vulnerabilities in AMD's chips and then try to make them seem every bit as bad, just like they pulled with Spectre/Meltdown.
close - Tuesday, July 2, 2019 - link
The other response was marking the people who asked as spammers ;). IntelTech does have a ring to it.CityBlue - Sunday, July 7, 2019 - link
That was my comment. Believe me now?Come on Anandtech, your silence over Intel vulnerabilities is... deafening. No more excuses - let's see your "deep dive" on the latest Intel vulnerability whether Intel respond to you or not. If you continue to sit on it any longer it just makes you look like Intel apologists.
CityBlue - Sunday, July 7, 2019 - link
The sad fact is that the obvious lack of coverage for Intel vulnerabilities undermines Anandtech's credibility as an authoritative source of CPU information, especially where Intel is concerned. What's the point in writing thousands of words in the latest deep-dive article when a major Intel security vulnerability that significantly impacts performance goes totally unreported? It tends to color most of what this organ now produces, as it's far from independent.Sites such as phoronix.com are far more transparent and willing to dish the dirt when it is necessary regardless of who the vendor may be - the benefit of being fully independent and not funded - (directly or indirectly) - by Intel, I guess.
mode_13h - Tuesday, July 9, 2019 - link
I've found Phoronix' hardware reviews have a tendency to be a bit biased, as he's almost entirely dependent on vendors for supplying the hardware.However, you're right that he doesn't bury embarrassing stories.
WaltC - Thursday, July 4, 2019 - link
Well the article clarifies that AMD had issued a fix several builds back, apparently before this article was written...? Or was it the article updated later? Anyway, the problem no longer exists.mode_13h - Tuesday, July 9, 2019 - link
It exists on unpatched hardware. Therefore, publicizing the issue is relevant.imaskar - Wednesday, June 26, 2019 - link
>reasonable disclosureresponsible disclosure!
imaskar - Wednesday, June 26, 2019 - link
>Any user submitting non-standard points will be met with an error.So, to summarize - only irresponsible people who didn't replace testing values with actual secure seeds are affected.
HyperText - Thursday, June 27, 2019 - link
This should be highlighted in the article as well!edzieba - Thursday, June 27, 2019 - link
Or anyone not happy with using the NIST curves. A not wholely imaginary issue, as was seen with Dual_EC_DRBG backdoor. No-one wants to be the next BSAFEKhato - Wednesday, June 26, 2019 - link
I look forward to seeing what other security vulnerabilities are to be found in AMD's architecture now that the industry will start to have reason to look for them.Irata - Thursday, June 27, 2019 - link
They have been / are looking for them.Gondalf - Friday, June 28, 2019 - link
I knowed AMD cpus are safe by default......ho wait !!! they are bugged too !!!The number of exploits will rise exponentially with the wider adoption of Epyc SKUs.
No cpu is safe in these days.
Korguz - Friday, June 28, 2019 - link
um yea ok Gondalf... that sounds more like your own hope and speculation then anything.. hasnt amd's chips already shown to be safer then intel's, and the security bugs in those, are not in amd's chips ? but in the end.. we will see...Targon - Friday, June 28, 2019 - link
Don't forget that since AMD doesn't sit on the same design for all that long, even if a problem were found in an old CPU, the new processors would probably have had enough changes to mean the new chips don't have the problem.Intel...problems in the memory controller for ALL Intel Core processors are affected? So Intel hasn't done a significant design change? Hyperthreading, no updated implementation in all this time? Honestly, problems from ten years ago should have been resolved, just as a normal part of improving the design, unless the design itself hasn't gotten a major overhaul.
mode_13h - Monday, July 1, 2019 - link
It seems like this was a missing safety-check in the security processor firmware. That's very different than the micro-architectural flaws affecting Intel CPUs.CityBlue - Sunday, July 7, 2019 - link
Intel kernel software developers recently had their latest effort to claw back performance pulled from the next Linux kernel after the test cases included with the patches were found to not even run (suggesting that they had _never_ been run by Intel), the patches had "serious bugs" and the confidence in the Intel changes is "now close to zero".This email exchange is pretty breath-taking, https://lkml.org/lkml/2019/3/26/719 and shows that the Linux kernel maintainers are pretty sick and tired of the Intel kernel developers for their unprofessional development practices.
So not only is Intel CPU hardware badly designed (let's not even talk about their flaky GPUs!) but their software developers are poor too, to the point that few kernel maintainers want to deal with them.
I doubt Anandtech would find this interesting though, as it's negative about Intel.