Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
1653 posts

Uber Geek
+1 received by user: 344

Trusted
Subscriber

  Reply # 1929212 4-Jan-2018 17:21
Send private message

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 





________

 

AK

 

 

 

Click to see full size


930 posts

Ultimate Geek
+1 received by user: 183
Inactive user


  Reply # 1929214 4-Jan-2018 17:23
Send private message

AMD is fine unless you are running a Linux kernel at non default settings.

Meow
7522 posts

Uber Geek
+1 received by user: 3634

Moderator
Trusted
Lifetime subscriber

  Reply # 1929281 4-Jan-2018 18:10
One person supports this post
Send private message

Stan: Well Intel don't have a product on the market that is secure so...

Here is a chart explaining it
https://m.imgur.com/NjH7CbX

 

You can embed images :)

 







389 posts

Ultimate Geek
+1 received by user: 55


  Reply # 1929425 4-Jan-2018 20:21
One person supports this post
Send private message

alasta:

 

I am still on MacOS 10.12 and have no updates pending, so I am assuming that the patch has only been released for 10.13? I was hoping to avoid upgrading, but it looks like I might not have a choice.

 

 

Looks like you will need to update.

 

According to some sites, Apple had patched it in macOS 10.13.2 which has been available since 06/12/17 with additional tweaks set to be introduced in macOS 10.13.3

Source

 

 


589 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929435 4-Jan-2018 20:35
Send private message

I don't get why they can't fix this and have no performance decrease 


930 posts

Ultimate Geek
+1 received by user: 183
Inactive user


12527 posts

Uber Geek
+1 received by user: 2219

Trusted

  Reply # 1929440 4-Jan-2018 20:47
Send private message

antoniosk:

 

https://en.wikipedia.org/wiki/Pentium_FDIV_bug

 

A quick trip down memory lane, for those of us old enough to be part of it. I remember recreating this error in my copy of Excel when I was at Telecom, as I had one of the few Pentium machines at the time (90mhz, what a demon). An isolated incident became a PR disaster that cost Intel $500m in 1997 dollars.

 

I don't think this will be the same as microsoft and apple will patch so fast most people wont even see it, but it does go back to a confidence thing over and over and over again. I have high confidence none of my mac's or iOS widgets will be affected. I have some concern over my AMD machines. I have zero confidence in any android devices.

 

Now... how quickly the corporate devices I am forced to use will be updated... hmmmm.... 

 

 

Pentium 90??? I had a 60, overcooked to 66 as 66 was too expensive. Heat was an issue IIRC. Orchid Righteous 3D or Hercules 128 ring a bell??


2435 posts

Uber Geek
+1 received by user: 144


  Reply # 1929456 4-Jan-2018 21:05
Send private message

Starscream122:

I don't get why they can't fix this and have no performance decrease 

 

 

:| Take some computer science classes at uni and then you'll understand.

 

 

Every program can run multiple "processes" or "threads". Your OS has some fancy memory management stuff that it does, the CPU also has lots of caching and a "prediction algorithm" that predicts what each of your program's processes is going to do based on what it's done before as well as some other "magic" stuff.

 

 

The OS basically assigns each thread of a program some memory, usually that memory includes kernel (the "OS" bit") memory. Due to the way caching and the way CPU's predict things, malicious programs can read the "OS" memory (which is God mode), which can include the memory of every other program (intel CPUs) or straight up "guess" access to other programs memory (Intel/AMD/ARM)

 

 

The answer is "Computers are complicated".

 


BDFL - Memuneh
60795 posts

Uber Geek
+1 received by user: 11672

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929471 4-Jan-2018 21:25
Send private message

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

 

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

 

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

 

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

 

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

 





354 posts

Ultimate Geek
+1 received by user: 134

Subscriber

  Reply # 1929475 4-Jan-2018 21:31
Send private message

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?


2435 posts

Uber Geek
+1 received by user: 144


  Reply # 1929486 4-Jan-2018 21:43
Send private message

djtOtago:

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure)

 

 

In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 


2435 posts

Uber Geek
+1 received by user: 144


  Reply # 1929488 4-Jan-2018 21:46
Send private message

freitasm:

From Intel:

 

 

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

 

 

snip

 

 

 

PR spin.

 

This is an architectural design flaw and this is just intel PR trying to spin their way out of it. It's hard to blame Intel engineering for doing things this way, because this happened because it was faster/more efficient for them to do it this way, but due to the recent Rowhammer/etc research, security searchers have looked further into how CPU's/kernel memory actually works and discovered security issues. :|

 


589 posts

Ultimate Geek
+1 received by user: 103
Inactive user


  Reply # 1929489 4-Jan-2018 21:47
Send private message

kyhwana2:
djtOtago:

 

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

This is where the whole "zomg performance drops" comes from. OS's have done it this way because it's efficient and fast (but insecure) In reality, your CPU has it's own OS and it goes off and predicts the future. It does this in such a way that apps can come along and cause the CPU to falsely predict things from other programs in such a way that the malicious app can read stuff from cache that belongs to the "victim" app. (Thing passwords or cookies or "secret keys" and so on)

 

 

 

So then the issue lies with the OS not the CPU. so software fault 


354 posts

Ultimate Geek
+1 received by user: 134

Subscriber

  Reply # 1929498 4-Jan-2018 22:00
Send private message

networkn:

 

djtOtago:

 

networkn:

 

How is this not already a class action lawsuit?

 

 

Against who? And for what?

 

A problem has been identified, and is being fixed.

 

 

 

 

Are you being serious? Against Intel for a bug which cannot be fixed without a performance hit. 

 

Would you be so cavalier if you bought a car for 50K 2 weeks ago, and the manufacturer said they discovered a bug that couldn't be fixed properly, but as a work around it would stop the car reaching 100KM/h? To make it worse, they couldn't tell you yet how much slower you would be allowed to go, but the potential range was a max speed of 66KM/h through to 92KM/h?

 

Nope, I didn't think so.

 

 

I don't know if the fix will slow the car down in normal day to day driving.
I only evidence I've seen so far suggest if the section of road has an incline of 12 deg, the air temp is 25, I have 3 passengers, and my elbow resting on the door,  there may be a noticeable slow down.

 

Plus is the bug with the car or the road surface or how we drive it.

 

Until there is more information, don't know who to sue or what for.


BDFL - Memuneh
60795 posts

Uber Geek
+1 received by user: 11672

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1929500 4-Jan-2018 22:04
One person supports this post
Send private message
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Microsoft Dynamics 365 Business Central launches
Posted 10-Jul-2018 10:40


Spark completes first milestone in voice platform upgrade
Posted 10-Jul-2018 09:36


Microsoft ices heated developers
Posted 6-Jul-2018 20:16


PB Technologies charged for its extended warranties and warned for bait advertising
Posted 3-Jul-2018 15:45


Almost 20,000 people claim credits from Spark
Posted 29-Jun-2018 10:40


Cove sells NZ's first insurance policy via chatbot
Posted 25-Jun-2018 10:04


N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.