Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
1568 posts

Uber Geek
+1 received by user: 304

Trusted
Subscriber

  Reply # 1929212 4-Jan-2018 17:21
Send private message quote this post

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 





________
AK

 

 

 

Click to see full size


817 posts

Ultimate Geek
+1 received by user: 152


  Reply # 1929214 4-Jan-2018 17:23
One person supports this post
Send private message quote this post

AMD is fine unless you are running a Linux kernel at non default settings.

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
Meow
7273 posts

Uber Geek
+1 received by user: 3477

Moderator
Trusted
Lifetime subscriber

  Reply # 1929281 4-Jan-2018 18:10
One person supports this post
Send private message quote this post

Stan: Well Intel don't have a product on the market that is secure so...

Here is a chart explaining it
https://m.imgur.com/NjH7CbX

 

You can embed images :)

 







384 posts

Ultimate Geek
+1 received by user: 52


  Reply # 1929425 4-Jan-2018 20:21
One person supports this post
Send private message quote this post

alasta:

 

I am still on MacOS 10.12 and have no updates pending, so I am assuming that the patch has only been released for 10.13? I was hoping to avoid upgrading, but it looks like I might not have a choice.

 

 

Looks like you will need to update.

 

According to some sites, Apple had patched it in macOS 10.13.2 which has been available since 06/12/17 with additional tweaks set to be introduced in macOS 10.13.3

Source

 

 


589 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929435 4-Jan-2018 20:35
Send private message quote this post

I don't get why they can't fix this and have no performance decrease 


817 posts

Ultimate Geek
+1 received by user: 152


11634 posts

Uber Geek
+1 received by user: 1996

Trusted

  Reply # 1929440 4-Jan-2018 20:47
Send private message quote this post

antoniosk:

 

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 

 

 

Pentium 90??? I had a 60, overcooked to 66 as 66 was too expensive. Heat was an issue IIRC. Orchid Righteous 3D or Hercules 128 ring a bell??


2413 posts

Uber Geek
+1 received by user: 133


  Reply # 1929456 4-Jan-2018 21:05
Send private message quote this post

Starscream122:

I don't get why they can't fix this and have no performance decrease 

 

 

:| Take some computer science classes at uni and then you'll understand.

 

 

Every program can run multiple "processes" or "threads". Your OS has some fancy memory management stuff that it does, the CPU also has lots of caching and a "prediction algorithm" that predicts what each of your program's processes is going to do based on what it's done before as well as some other "magic" stuff.

 

 

The OS basically assigns each thread of a program some memory, usually that memory includes kernel (the "OS" bit") memory. Due to the way caching and the way CPU's predict things, malicious programs can read the "OS" memory (which is God mode), which can include the memory of every other program (intel CPUs) or straight up "guess" access to other programs memory (Intel/AMD/ARM)

 

 

The answer is "Computers are complicated".

 


BDFL - Memuneh
60007 posts

Uber Geek
+1 received by user: 11109

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929471 4-Jan-2018 21:25
Send private message quote this post

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

 

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

 

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

 

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

 

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

 





319 posts

Ultimate Geek
+1 received by user: 128

Subscriber

  Reply # 1929475 4-Jan-2018 21:31
Send private message quote this post

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?


2413 posts

Uber Geek
+1 received by user: 133


  Reply # 1929486 4-Jan-2018 21:43
Send private message quote this post

djtOtago:

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure)

 

 

In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 


2413 posts

Uber Geek
+1 received by user: 133


  Reply # 1929488 4-Jan-2018 21:46
Send private message quote this post

freitasm:

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

 

snip

 

 

 

PR spin.

 

This is an architectural design flaw and this is just intel PR trying to spin their way out of it. It's hard to blame Intel engineering for doing things this way, because this happened because it was faster/more efficient for them to do it this way, but due to the recent Rowhammer/etc research, security searchers have looked further into how CPU's/kernel memory actually works and discovered security issues. :|

 


589 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929489 4-Jan-2018 21:47
Send private message quote this post

kyhwana2:
djtOtago:

 

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure) In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 

 

 

So then the issue lies with the OS not the CPU. so software fault 


319 posts

Ultimate Geek
+1 received by user: 128

Subscriber

  Reply # 1929498 4-Jan-2018 22:00
Send private message quote this post

networkn:

 

djtOtago:

 

networkn:

 

How is this not already a class action lawsuit?

 

 

Against who? And for what?

 

A problem has been identified, and is being fixed.

 

 

 

 

Are you being serious? Against Intel for a bug which cannot be fixed without a performance hit. 

 

Would you be so cavalier if you bought a car for 50K 2 weeks ago, and the manufacturer said they discovered a bug that couldn't be fixed properly, but as a work around it would stop the car reaching 100KM/h? To make it worse, they couldn't tell you yet how much slower you would be allowed to go, but the potential range was a max speed of 66KM/h through to 92KM/h?

 

Nope, I didn't think so.

 

 

I don't know if the fix will slow the car down in normal day to day driving.
I only evidence I've seen so far suggest if the section of road has an incline of 12 deg, the air temp is 25, I have 3 passengers, and my elbow resting on the door,  there may be a noticeable slow down.

 

Plus is the bug with the car or the road surface or how we drive it.

 

Until there is more information, don't know who to sue or what for.


BDFL - Memuneh
60007 posts

Uber Geek
+1 received by user: 11109

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929500 4-Jan-2018 22:04
One person supports this post
Send private message quote this post
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon launches the International Shopping Experience in the Amazon Shopping App
Posted 19-Apr-2018 08:38


Spark New Zealand and TVNZ to bring coverage of Rugby World Cup 2019
Posted 16-Apr-2018 06:55


How Google can seize Microsoft Office crown
Posted 14-Apr-2018 11:08


How back office transformation drives IRD efficiency
Posted 12-Apr-2018 21:15


iPod laws in a smartphone world: will we ever get copyright right?
Posted 12-Apr-2018 21:13


Lightbox service using big data and analytics to learn more about customers
Posted 9-Apr-2018 12:11


111 mobile caller location extended to iOS
Posted 6-Apr-2018 13:50


Huawei announces the HUAWEI P20 series
Posted 29-Mar-2018 11:41


Symantec Internet Security Threat Report shows increased endpoint technology risks
Posted 26-Mar-2018 18:29


Spark switches on long-range IoT network across New Zealand
Posted 26-Mar-2018 18:22


Stuff Pix enters streaming video market
Posted 21-Mar-2018 09:18


Windows no longer Microsoft’s main focus
Posted 13-Mar-2018 07:47


Why phone makers are obsessed with cameras
Posted 11-Mar-2018 12:25


New Zealand Adopts International Open Data Charter
Posted 3-Mar-2018 12:48


Shipments tumble as NZ phone upgrades slow
Posted 2-Mar-2018 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.