Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
1494 posts

Uber Geek
+1 received by user: 251

Trusted
Subscriber

  Reply # 1929212 4-Jan-2018 17:21
Send private message quote this post

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 





________
AK

 


781 posts

Ultimate Geek
+1 received by user: 147


  Reply # 1929214 4-Jan-2018 17:23
One person supports this post
Send private message quote this post

AMD is fine unless you are running a Linux kernel at non default settings.

 
 
 
 


Meow
6942 posts

Uber Geek
+1 received by user: 3249

Moderator
Trusted
Lifetime subscriber

  Reply # 1929281 4-Jan-2018 18:10
One person supports this post
Send private message quote this post

Stan: Well Intel don't have a product on the market that is secure so...

Here is a chart explaining it
https://m.imgur.com/NjH7CbX

 

You can embed images :)

 





Michael Murphy | https://murfy.nz
Want to be with an epic ISP? Want $20 to join them too? Well, use this link to sign up to BigPipe!
The Router GuideCommunity UniFi Cloud Controller | Ubiquiti Edgerouter Tutorial




377 posts

Ultimate Geek
+1 received by user: 51


  Reply # 1929425 4-Jan-2018 20:21
One person supports this post
Send private message quote this post

alasta:

 

I am still on MacOS 10.12 and have no updates pending, so I am assuming that the patch has only been released for 10.13? I was hoping to avoid upgrading, but it looks like I might not have a choice.

 

 

Looks like you will need to update.

 

According to some sites, Apple had patched it in macOS 10.13.2 which has been available since 06/12/17 with additional tweaks set to be introduced in macOS 10.13.3

Source

 

 


388 posts

Ultimate Geek
+1 received by user: 60


  Reply # 1929435 4-Jan-2018 20:35
One person supports this post
Send private message quote this post

I don't get why they can't fix this and have no performance decrease 


781 posts

Ultimate Geek
+1 received by user: 147


10551 posts

Uber Geek
+1 received by user: 1749

Trusted

  Reply # 1929440 4-Jan-2018 20:47
Send private message quote this post

antoniosk:

 

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 

 

 

Pentium 90??? I had a 60, overcooked to 66 as 66 was too expensive. Heat was an issue IIRC. Orchid Righteous 3D or Hercules 128 ring a bell??


2391 posts

Uber Geek
+1 received by user: 107


  Reply # 1929456 4-Jan-2018 21:05
Send private message quote this post

Starscream122:

I don't get why they can't fix this and have no performance decrease 

 

 

:| Take some computer science classes at uni and then you'll understand.

 

 

Every program can run multiple "processes" or "threads". Your OS has some fancy memory management stuff that it does, the CPU also has lots of caching and a "prediction algorithm" that predicts what each of your program's processes is going to do based on what it's done before as well as some other "magic" stuff.

 

 

The OS basically assigns each thread of a program some memory, usually that memory includes kernel (the "OS" bit") memory. Due to the way caching and the way CPU's predict things, malicious programs can read the "OS" memory (which is God mode), which can include the memory of every other program (intel CPUs) or straight up "guess" access to other programs memory (Intel/AMD/ARM)

 

 

The answer is "Computers are complicated".

 


BDFL - Memuneh
59434 posts

Uber Geek
+1 received by user: 10648

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929471 4-Jan-2018 21:25
Send private message quote this post

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

 

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

 

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

 

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

 

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

 





288 posts

Ultimate Geek
+1 received by user: 119

Subscriber

  Reply # 1929475 4-Jan-2018 21:31
Send private message quote this post

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?


2391 posts

Uber Geek
+1 received by user: 107


  Reply # 1929486 4-Jan-2018 21:43
Send private message quote this post

djtOtago:

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure)

 

 

In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 


2391 posts

Uber Geek
+1 received by user: 107


  Reply # 1929488 4-Jan-2018 21:46
Send private message quote this post

freitasm:

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

 

snip

 

 

 

PR spin.

 

This is an architectural design flaw and this is just intel PR trying to spin their way out of it. It's hard to blame Intel engineering for doing things this way, because this happened because it was faster/more efficient for them to do it this way, but due to the recent Rowhammer/etc research, security searchers have looked further into how CPU's/kernel memory actually works and discovered security issues. :|

 


388 posts

Ultimate Geek
+1 received by user: 60


  Reply # 1929489 4-Jan-2018 21:47
Send private message quote this post

kyhwana2:
djtOtago:

 

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure) In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 

 

 

So then the issue lies with the OS not the CPU. so software fault 


288 posts

Ultimate Geek
+1 received by user: 119

Subscriber

  Reply # 1929498 4-Jan-2018 22:00
Send private message quote this post

networkn:

 

djtOtago:

 

networkn:

 

How is this not already a class action lawsuit?

 

 

Against who? And for what?

 

A problem has been identified, and is being fixed.

 

 

 

 

Are you being serious? Against Intel for a bug which cannot be fixed without a performance hit. 

 

Would you be so cavalier if you bought a car for 50K 2 weeks ago, and the manufacturer said they discovered a bug that couldn't be fixed properly, but as a work around it would stop the car reaching 100KM/h? To make it worse, they couldn't tell you yet how much slower you would be allowed to go, but the potential range was a max speed of 66KM/h through to 92KM/h?

 

Nope, I didn't think so.

 

 

I don't know if the fix will slow the car down in normal day to day driving.
I only evidence I've seen so far suggest if the section of road has an incline of 12 deg, the air temp is 25, I have 3 passengers, and my elbow resting on the door,  there may be a noticeable slow down.

 

Plus is the bug with the car or the road surface or how we drive it.

 

Until there is more information, don't know who to sue or what for.


BDFL - Memuneh
59434 posts

Uber Geek
+1 received by user: 10648

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929500 4-Jan-2018 22:04
One person supports this post
Send private message quote this post

Just received the Windows 10 update in two of my laptops.

 

Also, The Register has a "translation" for the Intel PR spin I posted above - worth reading it, really funny.





1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand's IT industry in 2018 and beyond
Posted 22-Jan-2018 12:50


Introducing your new workplace headache: Gen Z
Posted 22-Jan-2018 12:45


Jucy set to introduce electric campervan fleet
Posted 22-Jan-2018 12:41


Hawaiki cable system will be ready for service in June 2018
Posted 22-Jan-2018 12:32


New Zealand hits peak broadband data
Posted 18-Jan-2018 12:21


Amazon Echo devices coming to New Zealand early February 2018
Posted 18-Jan-2018 10:53


$3.74 million for new electric vehicles in New Zealand
Posted 17-Jan-2018 11:27


Nova 2i: Value, not excitement from Huawei
Posted 17-Jan-2018 09:02


Less news in Facebook News Feed revamp
Posted 15-Jan-2018 13:15


Australian Government contract awarded to Datacom Connect
Posted 11-Jan-2018 08:37


Why New Zealand needs a chief technology officer
Posted 6-Jan-2018 13:59


Amazon release Silk Browser and Firefox for Fire TV
Posted 21-Dec-2017 13:42


New Chief Technology Officer role created
Posted 19-Dec-2017 22:18


All I want for Christmas is a new EV
Posted 19-Dec-2017 19:54


How clever is this: AI will create 2.3 million jobs by 2020
Posted 19-Dec-2017 19:52



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.