ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Major Intel CPU vulnerability

    Scheduled Pinned Locked Moved IT Discussion
    260 Posts 29 Posters 41.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dafyreD
      dafyre
      last edited by

      Seems like I saw a write-up on it, and it only made a couple of things significantly slower (at least in Linux).

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Fredtx
        last edited by

        @fredtx said in Major Intel CPU vulnerability:

        "The bad news is that the Kernel Page Table Isolation fix makes everything run slower on Intel x86 processors".

        So does this not affect 64bit processors?

        Fingers crossed. But if that is the case, why does anyone care?

        1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @Obsolesce
          last edited by

          @tim_g said in Major Intel CPU vulnerability:

          @irj said in Major Intel CPU vulnerability:

          This might be the worst vulnerability we've seen to date...

          You can plan for patching and maintenance. You cannot plan for unexpectedly losing resources. Can you imagine how many cloud providers this is going to affect. They share so many services across so many servers, I doubt they could afford to take a 30% resource hit. It could take down their whole environment.

          I thought I read the performance hit only effects 32-bit processors? Did I read that wrong?

          Pretty sure, as I've seen vendors discussion the performance hits on purely 64bit systems.

          S 1 Reply Last reply Reply Quote 0
          • S
            StorageNinja Vendor @scottalanmiller
            last edited by StorageNinja

            @scottalanmiller said in Major Intel CPU vulnerability:

            @tim_g said in Major Intel CPU vulnerability:

            @irj said in Major Intel CPU vulnerability:

            This might be the worst vulnerability we've seen to date...

            You can plan for patching and maintenance. You cannot plan for unexpectedly losing resources. Can you imagine how many cloud providers this is going to affect. They share so many services across so many servers, I doubt they could afford to take a 30% resource hit. It could take down their whole environment.

            I thought I read the performance hit only effects 32-bit processors? Did I read that wrong?

            Pretty sure, as I've seen vendors discussion the performance hits on purely 64bit systems.

            Meltdown's impact indeed is on 64 bit systems.

            https://access.redhat.com/articles/3307751

            *Measureable: 8-19% - Highly cached random memory, with buffered I/O, OLTP database workloads, and benchmarks with high kernel-to-user space transitions are impacted between 8-19%. Examples include OLTP Workloads (tpc), sysbench, pgbench, netperf (< 256 byte), and fio (random I/O to NvME).

            Modest: 3-7% - Database analytics, Decision Support System (DSS), and Java VMs are impacted less than the “Measurable” category. These applications may have significant sequential disk or network traffic, but kernel/device drivers are able to aggregate requests to moderate level of kernel-to-user transitions. Examples include SPECjbb2005, Queries/Hour and overall analytic timing (sec).*

            Note on the virtualization front I can't speak to if KVM or Xen will carry compounding overheads with the guest OS overheads. (ESXi so far is the only Hypervisor reporting as unaffected by Meltdown).

            1 Reply Last reply Reply Quote 0
            • S
              StorageNinja Vendor @DustinB3403
              last edited by

              @dustinb3403 said in Major Intel CPU vulnerability:

              PLVrZdk.png

              It takes 3 seconds to look at his stock trades and see the pattern, and another 5 minutes to see that he filed paperwork for this plan back in 2015

              At the end of Q4 he sells his awards. Nothing to see here fake news from the internet mob who's too lazy to learn basic finance skills.

              ObsolesceO scottalanmillerS 2 Replies Last reply Reply Quote 1
              • ObsolesceO
                Obsolesce @StorageNinja
                last edited by

                @storageninja said in Major Intel CPU vulnerability:

                @dustinb3403 said in Major Intel CPU vulnerability:

                PLVrZdk.png

                It takes 3 seconds to look at his stock trades and see the pattern, and another 5 minutes to see that he filed paperwork for this plan back in 2015

                At the end of Q4 he sells his awards. Nothing to see here fake news from the internet mob who's too lazy to learn basic finance skills.

                Perhaps he knew of this in 2015... relevant to question that at least.

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @Obsolesce
                  last edited by

                  @tim_g said in Major Intel CPU vulnerability:

                  @storageninja said in Major Intel CPU vulnerability:

                  @dustinb3403 said in Major Intel CPU vulnerability:

                  PLVrZdk.png

                  It takes 3 seconds to look at his stock trades and see the pattern, and another 5 minutes to see that he filed paperwork for this plan back in 2015

                  At the end of Q4 he sells his awards. Nothing to see here fake news from the internet mob who's too lazy to learn basic finance skills.

                  Perhaps he knew of this in 2015... relevant to question that at least.

                  That's certainly possible and scary.

                  1 Reply Last reply Reply Quote 0
                  • ObsolesceO
                    Obsolesce
                    last edited by

                    I really don't know what to believe at quick glance. This article is saying it is across all CPUs, including AMD and ARM, not just Intel:

                    http://indianexpress.com/article/technology/tech-news-technology/intels-meltdown-vulnerability-on-processors-impacts-billions-of-pcs-everything-to-know-5010874/

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Obsolesce
                      last edited by

                      @tim_g said in Major Intel CPU vulnerability:

                      I really don't know what to believe at quick glance. This article is saying it is across all CPUs, including AMD and ARM, not just Intel:

                      http://indianexpress.com/article/technology/tech-news-technology/intels-meltdown-vulnerability-on-processors-impacts-billions-of-pcs-everything-to-know-5010874/

                      "The computer world is facing a ‘Meltdown’ after security vulnerabilities have been exposed on processors made by Intel, AMD, ARM and others. According to reports, Intel chips with the x86-64 hardware have a serious design flaw, which makes billions of PCs vulnerable to cyber-attacks."

                      Fishy, because...

                      x86-64 is a uniquely Intel extension, AMD doesn't use it.
                      ARM doesn't make this archtiecture chip in any way shape or form, they only design chips of a completely different type.

                      How does the Intel flaw flow into anyone else that isn't connected to them?

                      ObsolesceO 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller
                        last edited by

                        "Intel’s Meltdown vulnerability can compromise entire server networks, not just individual computers. "

                        WTF does that even mean?

                        1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          Intel says that there is no flaw, it's intentional.

                          1 Reply Last reply Reply Quote 0
                          • ObsolesceO
                            Obsolesce @scottalanmiller
                            last edited by

                            @scottalanmiller said in Major Intel CPU vulnerability:

                            @tim_g said in Major Intel CPU vulnerability:

                            I really don't know what to believe at quick glance. This article is saying it is across all CPUs, including AMD and ARM, not just Intel:

                            http://indianexpress.com/article/technology/tech-news-technology/intels-meltdown-vulnerability-on-processors-impacts-billions-of-pcs-everything-to-know-5010874/

                            "The computer world is facing a ‘Meltdown’ after security vulnerabilities have been exposed on processors made by Intel, AMD, ARM and others. According to reports, Intel chips with the x86-64 hardware have a serious design flaw, which makes billions of PCs vulnerable to cyber-attacks."

                            Fishy, because...

                            x86-64 is a uniquely Intel extension, AMD doesn't use it.
                            ARM doesn't make this archtiecture chip in any way shape or form, they only design chips of a completely different type.

                            How does the Intel flaw flow into anyone else that isn't connected to them?

                            Yeah that doesn't make sense if the AMD architecture is completely different.

                            I'm looking at https://en.wikipedia.org/wiki/X86-64

                            To me it's looking like AMD64 is AMD's version of x86_64. So, perhaps it duplicated the same vulnerability... but maybe not.

                            I wish there was more info on this.

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Obsolesce
                              last edited by

                              @tim_g said in Major Intel CPU vulnerability:

                              To me it's looking like AMD64 is AMD's version of x86_64. So, perhaps it duplicated the same vulnerability... but maybe not.

                              Other way around. AMD64 is the architecture. x86_64 is an Intel marketing name for compatibility with AMD64 extended on top of the IA32 (aka x86) architecture. AMD64 came first and is never x86_64, AMD64 is what you compile to. x86_64 is a scam name used by Intel to try to pretend that they weren't using an AMD designed chip after the disaster of Itaniam (aka IA64.) X86_64 was a reference to AMD64 calls on top of Intel's Pentium IV 32bit chip. Later they called their own implementation of AMD64, x64, because they refused to acknowledge that they were the copy cats so closely following their huge "Genuine Intel" campaign claiming that clones were inferior.

                              For the 64bit era, Intel has been the clone, and it is "Genuine AMD".

                              ObsolesceO 1 Reply Last reply Reply Quote 2
                              • ObsolesceO
                                Obsolesce @scottalanmiller
                                last edited by Obsolesce

                                @scottalanmiller said in Major Intel CPU vulnerability:

                                @tim_g said in Major Intel CPU vulnerability:

                                To me it's looking like AMD64 is AMD's version of x86_64. So, perhaps it duplicated the same vulnerability... but maybe not.

                                Other way around. AMD64 is the architecture. x86_64 is an Intel marketing name for compatibility with AMD64 extended on top of the IA32 (aka x86) architecture. AMD64 came first and is never x86_64, AMD64 is what you compile to. x86_64 is a scam name used by Intel to try to pretend that they weren't using an AMD designed chip after the disaster of Itaniam (aka IA64.) X86_64 was a reference to AMD64 calls on top of Intel's Pentium IV 32bit chip. Later they called their own implementation of AMD64, x64, because they refused to acknowledge that they were the copy cats so closely following their huge "Genuine Intel" campaign claiming that clones were inferior.

                                For the 64bit era, Intel has been the clone, and it is "Genuine AMD".

                                Ahh, i see.

                                Then either:

                                1. Intel did a bad job of duplicating the AMD64 architecture, inventing the vulnerability in the process.

                                or

                                1. AMD64 had the vulnerability to begin with, and Intel replicated it.
                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  It's VERY fishy that this flaw is mentioned over and over again as being Intel and a flaw and unique to the Intel-only platform of x86_64, but then claimed to be on AMD and ARM chips... which just happened to be names that the public knows well. But never, ever mentioned on IA64, Power, or Sparc64. Things don't add up. If it is a flaw in Intel's downstream implementation, how is it affecting others? Why is it only big consumer-known products affected and not other products from the same and other vendors? If other architectures are affected, why is only Intel's architecture named?

                                  1 Reply Last reply Reply Quote 1
                                  • scottalanmillerS
                                    scottalanmiller @Obsolesce
                                    last edited by

                                    @tim_g said in Major Intel CPU vulnerability:

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @tim_g said in Major Intel CPU vulnerability:

                                    To me it's looking like AMD64 is AMD's version of x86_64. So, perhaps it duplicated the same vulnerability... but maybe not.

                                    Other way around. AMD64 is the architecture. x86_64 is an Intel marketing name for compatibility with AMD64 extended on top of the IA32 (aka x86) architecture. AMD64 came first and is never x86_64, AMD64 is what you compile to. x86_64 is a scam name used by Intel to try to pretend that they weren't using an AMD designed chip after the disaster of Itaniam (aka IA64.) X86_64 was a reference to AMD64 calls on top of Intel's Pentium IV 32bit chip. Later they called their own implementation of AMD64, x64, because they refused to acknowledge that they were the copy cats so closely following their huge "Genuine Intel" campaign claiming that clones were inferior.

                                    For the 64bit era, Intel has been the clone, and it is "Genuine AMD".

                                    Ahh, i see.

                                    Then either:

                                    1. Intel did a bad job of duplicating the AMD64 architecture, inventing the vulnerability in the process.

                                    or

                                    1. AMD64 had the vulnerability to begin with, and Intel replicated it.

                                    Right, but if it was #2, it is being reported wrong and the flaw is in AMD64, not x86_64. But neither case would explain how ARM is involved.

                                    1 Reply Last reply Reply Quote 1
                                    • ObsolesceO
                                      Obsolesce
                                      last edited by

                                      Yeah, I guess we need to wait for more info... things just aren't making sense.

                                      My guess is the media is reporting this wrong... or Intel is leaking incorrect information.

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @Obsolesce
                                        last edited by

                                        @tim_g said in Major Intel CPU vulnerability:

                                        Yeah, I guess we need to wait for more info... things just aren't making sense.

                                        My guess is the media is reporting this wrong... or Intel is leaking incorrect information.

                                        Given that Intel and Google both reported only after getting busted for having information about vulnerabilities that they had not released, the one thing we know is that neither can be trusted. Google and Intel got caught with their pants down and seem to be claiming anything to lessen the blow to their integrity.

                                        ObsolesceO 1 Reply Last reply Reply Quote 1
                                        • ObsolesceO
                                          Obsolesce @scottalanmiller
                                          last edited by

                                          @scottalanmiller said in Major Intel CPU vulnerability:

                                          @tim_g said in Major Intel CPU vulnerability:

                                          Yeah, I guess we need to wait for more info... things just aren't making sense.

                                          My guess is the media is reporting this wrong... or Intel is leaking incorrect information.

                                          Given that Intel and Google both reported only after getting busted for having information about vulnerabilities that they had not released, the one thing we know is that neither can be trusted. Google and Intel got caught with their pants down and seem to be claiming anything to lessen the blow to their integrity.

                                          Well yeah they both have so much to lose, especially Google.

                                          Google has a big reputation for being security-focused. Now that's all shot to pieces imo.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @Obsolesce
                                            last edited by

                                            @tim_g said in Major Intel CPU vulnerability:

                                            @scottalanmiller said in Major Intel CPU vulnerability:

                                            @tim_g said in Major Intel CPU vulnerability:

                                            Yeah, I guess we need to wait for more info... things just aren't making sense.

                                            My guess is the media is reporting this wrong... or Intel is leaking incorrect information.

                                            Given that Intel and Google both reported only after getting busted for having information about vulnerabilities that they had not released, the one thing we know is that neither can be trusted. Google and Intel got caught with their pants down and seem to be claiming anything to lessen the blow to their integrity.

                                            Well yeah they both have so much to lose, especially Google.

                                            Google has a big reputation for being security-focused. Now that's all shot to pieces imo.

                                            They are focused on THEIR security, just not ours.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 12
                                            • 13
                                            • 5 / 13
                                            • First post
                                              Last post