Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
1731 posts

Uber Geek
+1 received by user: 388

Trusted
Subscriber

  Reply # 1929212 4-Jan-2018 17:21
Send private message

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 





________

 

Antonios K

 

 

 

Click to see full size


929 posts

Ultimate Geek
+1 received by user: 183
Inactive user


  Reply # 1929214 4-Jan-2018 17:23
Send private message

AMD is fine unless you are running a Linux kernel at non default settings.

Meow
7884 posts

Uber Geek
+1 received by user: 3915

Moderator
Trusted
Lifetime subscriber

  Reply # 1929281 4-Jan-2018 18:10
One person supports this post
Send private message

Stan: Well Intel don't have a product on the market that is secure so...

Here is a chart explaining it
https://m.imgur.com/NjH7CbX

 

You can embed images :)

 







390 posts

Ultimate Geek
+1 received by user: 55


  Reply # 1929425 4-Jan-2018 20:21
One person supports this post
Send private message

alasta:

 

I am still on MacOS 10.12 and have no updates pending, so I am assuming that the patch has only been released for 10.13? I was hoping to avoid upgrading, but it looks like I might not have a choice.

 

 

Looks like you will need to update.

 

According to some sites, Apple had patched it in macOS 10.13.2 which has been available since 06/12/17 with additional tweaks set to be introduced in macOS 10.13.3

Source

 

 


568 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929435 4-Jan-2018 20:35
Send private message

I don't get why they can't fix this and have no performance decrease 


929 posts

Ultimate Geek
+1 received by user: 183
Inactive user


13429 posts

Uber Geek
+1 received by user: 2428

Trusted

  Reply # 1929440 4-Jan-2018 20:47
Send private message

antoniosk:

 

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 

 

 

Pentium 90??? I had a 60, overcooked to 66 as 66 was too expensive. Heat was an issue IIRC. Orchid Righteous 3D or Hercules 128 ring a bell??


2443 posts

Uber Geek
+1 received by user: 145


  Reply # 1929456 4-Jan-2018 21:05
Send private message

Starscream122:

I don't get why they can't fix this and have no performance decrease 

 

 

:| Take some computer science classes at uni and then you'll understand.

 

 

Every program can run multiple "processes" or "threads". Your OS has some fancy memory management stuff that it does, the CPU also has lots of caching and a "prediction algorithm" that predicts what each of your program's processes is going to do based on what it's done before as well as some other "magic" stuff.

 

 

The OS basically assigns each thread of a program some memory, usually that memory includes kernel (the "OS" bit") memory. Due to the way caching and the way CPU's predict things, malicious programs can read the "OS" memory (which is God mode), which can include the memory of every other program (intel CPUs) or straight up "guess" access to other programs memory (Intel/AMD/ARM)

 

 

The answer is "Computers are complicated".

 


BDFL - Memuneh
61303 posts

Uber Geek
+1 received by user: 12043

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929471 4-Jan-2018 21:25
Send private message

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

 

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

 

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

 

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

 

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

 





382 posts

Ultimate Geek
+1 received by user: 147

Subscriber

  Reply # 1929475 4-Jan-2018 21:31
Send private message

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?


2443 posts

Uber Geek
+1 received by user: 145


  Reply # 1929486 4-Jan-2018 21:43
Send private message

djtOtago:

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure)

 

 

In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 


2443 posts

Uber Geek
+1 received by user: 145


  Reply # 1929488 4-Jan-2018 21:46
Send private message

freitasm:

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

 

snip

 

 

 

PR spin.

 

This is an architectural design flaw and this is just intel PR trying to spin their way out of it. It's hard to blame Intel engineering for doing things this way, because this happened because it was faster/more efficient for them to do it this way, but due to the recent Rowhammer/etc research, security searchers have looked further into how CPU's/kernel memory actually works and discovered security issues. :|

 


568 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929489 4-Jan-2018 21:47
Send private message

kyhwana2:
djtOtago:

 

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure) In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 

 

 

So then the issue lies with the OS not the CPU. so software fault 


382 posts

Ultimate Geek
+1 received by user: 147

Subscriber

  Reply # 1929498 4-Jan-2018 22:00
Send private message

networkn:

 

djtOtago:

 

networkn:

 

How is this not already a class action lawsuit?

 

 

Against who? And for what?

 

A problem has been identified, and is being fixed.

 

 

 

 

Are you being serious? Against Intel for a bug which cannot be fixed without a performance hit. 

 

Would you be so cavalier if you bought a car for 50K 2 weeks ago, and the manufacturer said they discovered a bug that couldn't be fixed properly, but as a work around it would stop the car reaching 100KM/h? To make it worse, they couldn't tell you yet how much slower you would be allowed to go, but the potential range was a max speed of 66KM/h through to 92KM/h?

 

Nope, I didn't think so.

 

 

I don't know if the fix will slow the car down in normal day to day driving.
I only evidence I've seen so far suggest if the section of road has an incline of 12 deg, the air temp is 25, I have 3 passengers, and my elbow resting on the door,  there may be a noticeable slow down.

 

Plus is the bug with the car or the road surface or how we drive it.

 

Until there is more information, don't know who to sue or what for.


BDFL - Memuneh
61303 posts

Uber Geek
+1 received by user: 12043

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929500 4-Jan-2018 22:04
One person supports this post
Send private message
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.