Not sure if i like Nvidea to get their grubby little fingers in to this honey pot, not that they’l try some gpp shit or something. You know cause transparency for gamers
Intel FUBAR ... again - Kernel memory leak in nearly every Intel CPU of the last decade (Spectre hits everyone, Meltdown still Intel exclusive)
That is new, isn’t it? It’s slow, like really sloooowwww, but …
Called NetSpectre by the team of Graz University engineers who discovered it, the weakness is a network-based version of the Spectre Variant 1 (bounds check bypass, CVE-2017-5753) flaw first publicised earlier this year.
Slow = doesn’t matter so much, but yeah, just reading about Netspectre now.
This will be interesting. Need to insert random jitter into the network it seems
Despite Google’s own Project Zero being part of the discovery team for the Meltdown and Spectre vulnerabilities, Google itself wasn’t notified until 45 days after the initial report was sent to Intel, AMD and ARM.
Turns out when it comes to communication they all suck equally.
it just keeps coming out left right and centre.
Those seem to be new things and not part of the spectre or even spectre NG family.
Would you mind making a new topic about it?
(yes, another link re: the above).
So glad i went AMD this time.
It’s probably been said to death in this thread already and I will pretend I read all that and concur:
These are entire classes of bugs that just started being discovered. Don’t expect it to end any time soon. These systems are fundamentally flawed in principle. And they’re going to keep making them that way, because they don’t have a choice right now.
Well, in this case it was an intel optimisation decision: access resource prior to checking access rights (sure, it’s faster, but incredibly stupid and short sighted IMHO and proving to be so now).
AMD didn’t do that. Yes, spectre is across the board, but these meltdown style attacks (such as Meltdown, Foreshadow, etc.) are intel specific.
Foreshadow is directly related to the same root cause as meltdown…
I’m guessing the would rather have the optimization in hardware and disable it in software to satisfy the customers who are more worried about performance than security. It probably is an unattractive task to re-implement everything they’ve been building on top of this foundation for the past checks tree rings scratch that, I guess they may have bit that bullet already
From the Ars article:
Longer term, Intel promises to fix the issue in hardware. Cascade Lake processors, due to ship later this year, will not suffer the L1TF (or Meltdown) issues at all, suggesting that the new processors will change how they handle the permission checks to prevent speculative execution from running ahead of permissions checks.
Will be interested to see how this impacts their “IPC advantage” vs. AMD.
AMD never did this stuff, and sure, its an optimisation… but at the cost of “doing it wrong”…
already the 2700x and 8700k are pretty close in terms of IPC, its just clocks now…