Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


BarTender

3606 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

#249526 15-May-2019 07:21
Send private message

https://techcrunch.com/2019/05/14/zombieload-flaw-intel-processors/
I introduce Spectre and Meltdown. Part III

This is pretty bad, and just as bad as the last two.

That along with the RDP vulnerability that came out recently.

Create new topic
premiumtouring
355 posts

Ultimate Geek


  #2237120 15-May-2019 07:50
Send private message

The frustrating part of these exploits is not so much the security vulnerability but rather Intel's solutions affecting performance. This microcode patch is going to be a 3% hit. Taking into consideration the previous patches as well we are looking at a 10% hit in total to performance. 





-




insane
3236 posts

Uber Geek

ID Verified
Trusted

  #2237126 15-May-2019 08:00
Send private message

I'm guessing that these researchers are now on AMD's payroll?

Beccara
1469 posts

Uber Geek

ID Verified

  #2237139 15-May-2019 08:19
Send private message

Na AMD will be hit just as hard if they ever become big enough to target. Last I heard it's still sub 10% so unless you have something juicy its just not worth the effort. Both are pretty guilty of taking "shortcuts" in the name of performance that opens risk





Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 



Beccara
1469 posts

Uber Geek

ID Verified

  #2237140 15-May-2019 08:20
Send private message

Still, Fun fun fun been for IT guys patching this in secure enviroments





Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

BarTender

3606 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2237145 15-May-2019 08:31
Send private message

Beccara:

 

Still, Fun fun fun been for IT guys patching this in secure enviroments

 

 

I hear you.... But if you don't have a process to patch in airgapped networks then you're opening yourself up to compromise. All it takes is one idiot to inadvertently plug a non-authorized device into the network to bring it down. Anyone say UK NHS and WannaCry. That being said moving the USB thumb drive between networks to hold the patches is an attack vector, hence why you need to manage things properly.


networkn
Networkn
32349 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2238159 15-May-2019 09:23
Send private message

premiumtouring:

 

The frustrating part of these exploits is not so much the security vulnerability but rather Intel's solutions affecting performance. This microcode patch is going to be a 3% hit. Taking into consideration the previous patches as well we are looking at a 10% hit in total to performance. 

 

 

Which would pretty much revert us to the performance gains over the last 5+ years.


Beccara
1469 posts

Uber Geek

ID Verified

  #2238160 15-May-2019 09:24
Send private message

Yeah its all just man-hours, Almost just need to employ a person who does nothing but running around doing 0-day mitigation. Gotta love the MS blog title, They ain't messing around

 

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)




Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
openmedia
3324 posts

Uber Geek

Trusted

  #2238302 15-May-2019 12:12
Send private message




Generally known online as OpenMedia, now working for Red Hat APAC as a Technology Evangelist and Portfolio Architect. Still playing with MythTV and digital media on the side.


premiumtouring
355 posts

Ultimate Geek


  #2238343 15-May-2019 13:25
Send private message

"An Apple support document on the ZombieLoad vulnerability provides details for "full mitigation" protection that can be enabled for customers with computers at heightened risk or that run untrusted software on their Macs.

Full mitigation requires using the Terminal app to enable additional CPU instructions and disable hyper-threading processing technology, which is available for macOS Mojave, High Sierra, and Sierra, but not on certain older machines. Apple says full mitigation could reduce performance by up to 40 percent, so most users will not want to enable it.

According to Intel, its microcode updates will have an impact on processor performance, but for the patch that Apple released in macOS Mojave 10.14.5, there was no measurable performance impact. Apple's fix prevents the exploitation of ZombieLoad vulnerabilities via JavaScript in Safari."

 

As much as 40%. Jesus.

 

I'd be super interested in seeing CPU reviewers go back and re:benchmark these "patched" Intel processors, and see whether or not they still hold water versus the AMD counterparts in testing.





-


networkn
Networkn
32349 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2238349 15-May-2019 13:31
Send private message

40%, seriously?

 

I am wondering what precedent there would be for a class action law suit? 

 

I will be interested to see what Windows Performance hit ends up as?

 

 


Beccara
1469 posts

Uber Geek

ID Verified

  #2238372 15-May-2019 13:58
Send private message

Hopefully it's like the specter patches that had a 30% performance hit but only on some odd ball use cases. We saw 1-2% at best which was what others were seeing too





Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

  #2238410 15-May-2019 15:18
Send private message

The 40% performance hit would come from disabling HYPErthreading, if and only if the target application set could actually advantageously use HYPErthreading.

 

It is interesting to note that BSD has HYPErthreading turned off by default, not only because of the security issues it brings, but also because many workloads - particularly server-type workloads - don't gain any advantage, and sometime a disadvantage, from having it on.

 

In the Windows world, it was regarded as Best Practice to turn off HYPErthreading for MS SQL Server instances, for example.

 

 

 

YMMV

 

 

 

And isn't it interesting to have both AMD and ARM come out and say words to the effect of "We don't have this issue, it's an Intel® special"


matisyahu
1623 posts

Uber Geek

Trusted

  #2238436 15-May-2019 15:49
Send private message

Both my iMac and MacBook, as part of 10.14.5 came up with firmware updates which has:

 

 Hyper-Threading Technology: Enabled

 

In 'System Information' along with an updated BootROM which makes wonder whether it has been patched with the new microcode as well. I haven't noticed any performance degradation but then again I really haven't stress tested it much since the update.





"When the people are being beaten with a stick, they are not much happier if it is called 'the People's Stick'"


Beccara
1469 posts

Uber Geek

ID Verified

  #2238441 15-May-2019 15:53
Send private message

Worth keeping an eye on ARM and Intel but even with a 40% hit on everything Intel still win in thermal/power management in a rack





Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 

Tracer
343 posts

Ultimate Geek


  #2239685 17-May-2019 08:56
Send private message

PolicyGuy:

 

It is interesting to note that BSD has HYPErthreading turned off by default

 

 

OpenBSD does, because Theo decided it would be so. Other BSD distros like FreeBSD, macOS haven't done this.


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.