Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
3069 posts

Uber Geek


  #1929636 5-Jan-2018 09:52
Send private message

Starscream122:

 

Do intel not test their CPUs how did they not find this fault and it's been present on CPUs they've made for the last 10 years

 

10 years of faulty CPUs unbelievable 

 

and they can't even replace them as they are still making faulty CPUs the only option is a software fix that will slow the system down.

 

 

Well to be fair - its a vulnerability rather than a fault.

 

Fault = something that breaks

 

Vulnerability = something that can be hacked or exploited by someone with a mind to be looking to cause trouble.

 

I agree its not ideal - now that its been flagged of course there will be hackers and malware exploiters looking at how they can cause trouble with this new found knowledge.

 

Note that it has been there for over 10 years and no-one has noticed until now.





Nothing is impossible for the man who doesn't have to do it himself - A. H. Weiler


BDFL - Memuneh
67150 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1929642 5-Jan-2018 10:01
Send private message

freitasm:

 

Well this makes things even more complicated. From the link:

 

"In a default installation of Windows 7, Windows Server 2008 R2, and Windows Server 2012 customers will not have an anti-virus application installed by default. In these situations, Microsoft recommends installing a supported anti-virus application such as Microsoft Security Essentials or a third-party anti-virus application"

 

Do you know how much server AV software costs? And are they recommending to buy the AV just to set the registry key?

 

 

Also note the misleading instructions:

 

"Customers will not receive these security updates and will not be protected from security vulnerabilities unless their anti-virus software vendor sets the following registry key: Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”"

 

The key name is cadca5fe-87d3-4b96-b7fb-a231484277cc and the value should be 0.

 

The AV should set this so it can claim that it's ready to interact with the updated kernel in the proper ways - otherwise clients risk BSOD.

 

On machines without AV you can manually create this key so that the patch is downloaded.

 

This is only needed on Windows 7, Windows Server 2008 R2, and Windows Server 2012.

 

Creating the key if an AV is present may cause BSOD.





 
 
 
 


BDFL - Memuneh
67150 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1929645 5-Jan-2018 10:03
Send private message

Another release from Intel:

 

 

Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems -- including personal computers and servers -- that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero. Intel and its partners have made significant progress in deploying updates as both software patches and firmware updates.

 

Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years. In addition, many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services.

 

Intel continues to believe that the performance impact of these updates is highly workload-dependent and, for the average computer user, should not be significant and will be mitigated over time. While on some discrete workloads the performance impact from the software updates may initially be higher, additional post-deployment identification, testing and improvement of the software updates should mitigate that impact.

 

System updates are made available by system manufacturers, operating system providers and others.

 

Intel will continue to work with its partners and others to address these issues, and Intel appreciates their support and assistance. Intel encourages computer users worldwide to utilize the automatic update functions of their operating systems and other computer software to ensure their systems are up-to-date.

 





623 posts

Ultimate Geek

Subscriber

  #1929674 5-Jan-2018 10:24
Send private message

freitasm:

 

Also note the misleading instructions:

 

"Customers will not receive these security updates and will not be protected from security vulnerabilities unless their anti-virus software vendor sets the following registry key: Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”"

 

The key name is cadca5fe-87d3-4b96-b7fb-a231484277cc and the value should be 0.

 

The AV should set this so it can claim that it's ready to interact with the updated kernel in the proper ways - otherwise clients risk BSOD.

 

On machines without AV you can manually create this key so that the patch is downloaded.

 

This is only needed on Windows 7, Windows Server 2008 R2, and Windows Server 2012.

 

Creating the key if an AV is present may cause BSOD.

 

 

Well I guess the job list for my first day back at work on Monday is already sorted :)

 

 


230 posts

Master Geek


  #1929889 5-Jan-2018 14:32
Send private message

So 30% Price drop across the board on intel cpus be nice.  I am Looking for a haswell i3 under 40$ for a xpenology NAS


89 posts

Master Geek


  #1929984 5-Jan-2018 17:55
Send private message

Just updated Fedora 27 to kernel 4.14.11 today which has the patch but is really a back-port from 4.15. No noticeable change in performance. I've just installed unreal tournament 99 and looked normal to me.


BDFL - Memuneh
67150 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

 
 
 
 


568 posts

Ultimate Geek
Inactive user


  #1930972 5-Jan-2018 18:10
Send private message

The update must be rolling out in waves cause I haven't got anything. 


BDFL - Memuneh
67150 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1930973 5-Jan-2018 18:12
Send private message
Mad Scientist
22225 posts

Uber Geek

Trusted
Lifetime subscriber

  #1930976 5-Jan-2018 18:19
Send private message

freitasm:

 

Microsoft update including the fix is being rolled out now - should appear in Windows Update soon.

 

 

 

 

Can someone clarify - this "fix" is responsible for slowing the CPU by 30%, no patch no slow, but no patch = bad.





Involuntary autocorrect in operation on mobile device. Apologies in advance.


Mad Scientist
22225 posts

Uber Geek

Trusted
Lifetime subscriber

  #1930977 5-Jan-2018 18:25
Send private message

djtOtago:

 

Why is this being blamed on the hardware (Intel/AMD/ARM) when it appears to be a problem with the way the OS is managing memory access?

 

 

Presumably (no I didn't take computer science at uni lol) it's a matter of time before people discover a similar "bug" with other things eg routers, ATMs, bank computers, power companies, traffic management, etc (that may use other CPUs)?





Involuntary autocorrect in operation on mobile device. Apologies in advance.


BDFL - Memuneh
67150 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #1930978 5-Jan-2018 18:27
Send private message

@Batman:

 

freitasm:

 

Microsoft update including the fix is being rolled out now - should appear in Windows Update soon.

 

 

Can someone clarify - this "fix" is responsible for slowing the CPU by 30%, no patch no slow, but no patch = bad.

 

 

It can be UP TO 30% depending on your workload. My guess is if you use it for large databases and data intensive work then you might see something. If you use for web browsing and email, I doubt it.

 

YMMV.

 

Always apply security patches.





2466 posts

Uber Geek


  #1930979 5-Jan-2018 18:29
Send private message

Batman:

freitasm:


Microsoft update including the fix is being rolled out now - should appear in Windows Update soon.


 



Can someone clarify - this "fix" is responsible for slowing the CPU by 30%, no patch no slow, but no patch = bad.



Looks like basically no impact on latest Intel CPUs in windows 10 for normal desktop usage/gaming.
https://www.techspot.com/amp/article/1554-meltdown-flaw-cpu-performance-windows/

Mad Scientist
22225 posts

Uber Geek

Trusted
Lifetime subscriber

  #1930982 5-Jan-2018 18:53
Send private message

Yay thanks




Involuntary autocorrect in operation on mobile device. Apologies in advance.


1116 posts

Uber Geek


  #1931109 6-Jan-2018 04:23
Send private message

The good old TEOTWAWKI Intel Atom N270 isn't affected anyhow. And it's still working well under Win7 professional when tweaked accordingly against all odds and performance hungry graphic applications. The same with the Raspberry Pi with a LEMP stack. I wonder when I'll have to swap the OS to a Linux derivate in the future.

 

To reach the same security and privacy level with a Win10 Intel i5 notebook recently bought for my wife and still under investigation is a nightmare and more like a widely open barn door.





- ISP1: OneBox FTTH modem, 1/.5G, full DS, VLAN7, VoIP + ipTV streaming flat
- ISP2: 4G/LTE USB modem + TL-MR3020, 100/40M data plan (wireless fallback)
- NET: ZBOX CI329 router, 2 C2960X-48TS-L, 3 GWN7630/LR, ECO EL1600+800
- SVR: E3C236 32G/24T, 2 H2 16G/500G, N2 128G, HC1 1T || HC2 14T, HC2 4T
- USR: DeskMini 9i5, NUC8i7HVK, Aspire E5, EliteBook 840, Galaxy Tab, 4K TV
- IoT (EU868): openHAB, CCU3, Vantage ISS 6327, 4 LoRaWAN GWs, 14 Nodes
- 3D: 2 Ender-3/Pro, 4 Ultimaker 2E+/3/3+/S5, MPCNC, EleksLaser-A3 Pro
- ipPBX: GO-Box, 2 GRP2613, SPA112 (Fax & W-48, a 1948 Siemens phone)


1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

OPPO Find X2 Lite brings flagship features to mid-range 5G smartphone
Posted 29-May-2020 12:52


Sony introduces the digital camera ZV-1 for content creators
Posted 27-May-2020 12:47


Samsung Announces 2020 QLED TV Range
Posted 20-May-2020 16:29


D-Link A/NZ launches AI-Powered body temperature measuring system
Posted 20-May-2020 16:22


NortonLifeLock Online Banking Protection now available for New Zealand banks
Posted 20-May-2020 16:14


SD Express delivers new gigabyte speeds for SD memory cards
Posted 20-May-2020 15:00


D-Link A/NZ launches Nuclias cloud managed network solution hosted in Australia
Posted 11-May-2020 17:53


Logitech introduces new video streaming solution for home studios
Posted 11-May-2020 17:48


Next generation Volvo cars to be powered by Luminar LiDAR technology
Posted 7-May-2020 13:56


D-Link A/NZ launches Wi-Fi Certified EasyMesh system
Posted 7-May-2020 13:51


Spark teams up with Microsoft to bring Xbox All Access to New Zealand
Posted 7-May-2020 13:01


Microsoft plans to establish its first datacenter region in New Zealand
Posted 6-May-2020 11:35


Genesis School-gen has joined forces with Mind Lab Kids
Posted 1-May-2020 12:53


Malwarebytes expands into privacy with fast, frictionless VPN
Posted 30-Apr-2020 16:06


Kordia to donate TV airtime on Channel 200 to community groups
Posted 30-Apr-2020 16:00



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.