Been happily running linux on an Skylake 6700k since 2015 for work. Anything computationally intensive I run on a cluster so it’s plenty fast for my needs. It’s the most stable system I’ve ever had and I would be happy to continue using it. I have all the various security mitigations enabled and always keep everything up to date, but it just entered end of service (edit: as of september 2022) and will no longer get any updates. How urgent is it that I upgrade?
If its for work or for critical services, you should.
For home and not really connecting to the internet to random sites, it should be fine.
Ideally you should be getting new hardware ASAP because unpatchable exploits tend to accumulate on old hardware. And very old hardware has a lot of unpatchable issues.
I would not dare connect that machine to the Internet anymore if I were you. Remember, today there are a large number of botnet machines that search for old hardware to exploit.
Performance wise your 6700k is really, really old. Here is a spec of a budget Core i3 13100 build that has ~50% better performance compared to what you have:
Type | Item | Price |
---|---|---|
CPU | Intel Core i3-13100 | $147.99 |
Motherboard | ASRock Z690 Extreme | $129.99 |
Memory | TEAMGROUP T-Force Vulcan Z 2x16 GB DDR4-3600 CL18 | $59.99 |
Storage | TEAMGROUP MP34 2 TB M.2-2280 PCIe 3.0 | $96.99 |
Case | MagniumGear NEO AIR (2023) | $59.99 |
Power Supply | Thermaltake Toughpower GX2 600W | $64.98 |
Total | $559.93 |
You could easily put a 14600k in that machine, too, that is 200% better in Single core and obliterates multicore, but costs around $150 more. Most priceworthy right now would be exploiting the AM4 swansong:
Type | Item | Price |
---|---|---|
CPU | AMD Ryzen 7 5700G | $195.99 |
Motherboard | MSI B550M PRO-VDH WIFI | $109.99 |
Memory | TEAMGROUP T-Force Vulcan Z 2x16 GB DDR4-3600 CL18 | $59.99 |
Storage | TEAMGROUP MP34 2 TB M.2-2280 PCIe 3.0 | $96.99 |
Case | MagniumGear NEO AIR (2023) | $59.99 |
Power Supply | Thermaltake Toughpower GX2 600W | $64.98 |
Total | $587.93 |
Of course, sky is the limit if you want something better
Come on, it’s not like Intel dropping security updates for a CPU means you’re suddenly vulnerable. How often is a microcode vulnerability actually an attack vector? And when was the last time you actually applied a microcode update?
Microcode-wise, Skylake is actually less likely to be vulnerable than the newer microarchitectures as it’s mature enough to receive 8 years of fixes and hardening, as compared to e.g. the hybrid architectures (12-14th Intel Core gens).
“Old hardware to exploit” – no “botnet” is searching for vulnerable machines with “6700K” or any other processor someone considers obsolete. They look for outdated software, medical equipment running obsolete Windows versions, this kind of stuff.
Performance wise, there is absolutely nothing wrong with Skylake, especially i7-6700K! And I mean it, it’s my daily driver, has been for years. Will it get 100000 points in Cinebench? No, it doesn’t have to. At the same time, there is no workload it can’t handle.
Same here. And again, ask yourself - when was the last time you even got a microcode update?
I’d be more pressed by Win10 getting EOL than CPU tbh, and even with Win10 EOL I’d rather switch to Linux than throw away a perfectly good workstation.
Only two this year, true.
Ever heard of Metasploit and Metasploit-enabled botnets?
if it works don’t fix it
and all the latest security patches and newest hardware is fun. But if the End user instals ransomware, he installs ransomware.
Retbleed is yet another incarnation of Spectre, something that should never have been patched in uC, but in software.
Downfall sounds interesting, but if you allow a third party to run any untrusted software on your hardware, you’ve already lost, so…
Unless it’s exploitable from the browser (like Spectre was initially) or leads to RCE without user’s interaction, there’s virtually no reason to be afraid.
And if there is a double whammy?
All it takes is the ability to run code. Then a local exploit can be just as dangerous as a remote exploit. Especially if the local exploit escalates. Not to mention that Windows 10 goes EOL in ~20 months from now (October next year) and Windows 11 is unable to run on Skylake.
I wouldn’t say it is super-urgent to upgrade, but given a decent upgrade is only $600 (unless you want to go for a MiniPC, those starts at $300), well…
I’ve got a corporate 6700 that I use for lab stuff, looking to retire mine imminently - 4 cores with hyper threading, security issues and 3.4ghz clock speed are quite a way behind the curve now.
My work box has 64GB of ram and a heap of SSDs in it, but its done its time.
I agree with this view.
I would look at upgrading, from the efficiency/upgrade/support aspect
Doing an upgrade to say Gen12 [via 12100], would be performance bump and a power sipper
In keeping the hardware arrangement, more or less the same [4c/8t]
All the while, having more CPU SKUs in future [perhaps P/E scheduler improvements?]
Security support would be more active, for the upcoming future
DDR4 can be had, for fairly cheap, along with smaller M.2 drives [for Boot/OS]
Then do just hat.
Maybe have a laptop on hand in case it suddenly dies, but that applies to any circumstance where loss of equipment would result in downtime.
Not at all.
Hmmm, sounds like folks are a little divided. FWIW I checked my apt logs and it looks I upgraded the intel-microcode
package three times in 2023 (February, August, and November) but looking at the releases page on the intel linux microcode github I see that none of them actually affected my hardware. Which does seem a little sketchy to be missing out on this stuff.
Re:new hardware, I do all of my real computational work on supercomputers so the 6700k is more than sufficient. But I would probably want to go top of the line again to avoid having to do this again anytime soon. It’s a bit of a bummer that you can’t get 10 years out of a part that was top of the (consumer-grade) line when purchased…
So still not entirely sure what I’ll do next.
I have a formerly 6th gen now i7-7700k (same socket) gaming box that I only replaced recently. It’s a powerhouse. In hindsight I should have saved my money and kept using it. The 16 core replacement rarely has more than 4 cores active…
Microcode updates stopping aren’t high on my list of risks. Has there been a single in the wild case of these timing side-channel attacks being used against a desktop user?
What they come down to is a malicious program running on your desktop could read memory from outside it’s memory space. But on my desktop, almost everything lives under a single user where programs are free to RW any of the important files anyway. It’s not root user access, but compromising the main user account is everything important anyway.
But there is of course one place where we download and run random code off the Internet hundreds of times a day. Spectre and friends aside, browsers have long been a security problem. Only enabling javascript from sources you trust goes a long way today. Browsers implement some countermeasures, but the more elaborate safety mechanisms involve running the javascript on a different computer.
But even with the broad enablement of javascript, have we had successful attacks against desktop users?
Meanwhile phishing, supply chain attacks, and the ever popular buffer overflow are much more straight forward and have happened time and time again.
(There is also row hammer, where those of us without ECC were in a bad place. But likewise, did it ever manifest as a problem for a desktop user?)
A lot has changed in the last 8 years, a current top of the line costs a lot more than you paid for that 6700k build, mostly due to the GPU price hikes. What used to be $200 for a 960 is now closer to $350 for either 7600 or 4060, not to mention the infamous 4090.
It all depends on if you can live with integrated graphics or not. If you can, I would probably spring for the up and coming 8700G that is expected to be released at CES - graphics are nowhere near top of the line and it is “only” 8 cores, but it will still be Zen 4 on AM5, meaning you can upgrade to Zen 6 in 2026 without batting an eye. For your use case, I think this is the most cost-effective option and bypasses the need to get an expensive and, in your case, quite redundant GPU.
If you do not mind that shit will get expensive fast, here is a top of the line 7950X build. Why 7950X over a Threadripper, Xeon or 14900k? Mostly because of the upgrade path, this will allow you to basically hot swap the CPU in three years or so. Note that I have included the price without the GPU; other good top of the line options right now are RTX 4080 Super, RX 7900 XTX and RX 7900 XT. You specifically asked for top of the line though, here it is.
Type | Item | Price |
---|---|---|
CPU | AMD Ryzen 9 7950X | $598.99 |
CPU Cooler | be quiet! Pure Loop 2 | $99.90 |
Motherboard | ASRock X670E Pro RS | $249.99 |
Memory | Silicon Power XPOWER Zenith Gaming 2x32 GB DDR5-6000 CL30 | $179.99 |
Storage | TEAMGROUP MP34 4TB M.2-2280 PCIe 3.0 | $179.99 |
Case | Fractal Design Meshify 2 | $159.99 |
Power Supply | Asus ROG THOR P2 Gaming 1200W 80+ Platinum | $222.99 |
Subtotal | $1691.84 | |
Video Card | MSI SUPRIM LIQUID X GeForce RTX 4090 | $2199.99 |
Total | $3891.83 |
Same build with an 8700G would probably cost around $1500 in total, and can both have a GPU and new CPU installed at a later date. Not having to switch case, motherboard or PSU for at least 7 years or more is awesome.
All of this is meant to give you options BTW; do not feel pressured to buy into something you do not need or want in particular, there is no real hurry but at the same time it is definitely time to start researching your next build.
The upgrade path argument is appealing not because I’d want to swap my CPU out in 3 years but because I’d bet the platform would last longer. I already have a discrete GPU (low end AMD from a couple years ago) because I have four displays so I would just reuse that. Likewise with an 850 watt platinum power supply and 10 year old fractal case and drives (2tb gen3 nvme for OS + 2x14gb hdd in mirrored zfs pool with an old nvme drive from 2015 for cache). Though I’d double the ram, I occasionally work locally with big data sets and like not having to close things (my current system has 64gb of RAM and I push that sometimes. the supercomputers I use have TBs of ram so I’m spolied). So it would be actually be a pretty cheap upgrade (cheap is relative of course, you could get a entire usable system for this price):
Type | Item | Price |
---|---|---|
CPU | AMD Ryzen 9 7950X 4.5 GHz 16-Core Processor | $598.99 @ Amazon |
CPU Cooler | be quiet! Pure Loop 2 Liquid CPU Cooler | $99.90 @ Newegg Sellers |
Motherboard | ASRock X670E Pro RS ATX AM5 Motherboard | $249.99 @ Newegg |
Memory | Silicon Power XPOWER Zenith Gaming 64 GB (2 x 32 GB) DDR5-6000 CL30 Memory | $179.99 @ Amazon |
Memory | Silicon Power XPOWER Zenith Gaming 64 GB (2 x 32 GB) DDR5-6000 CL30 Memory | $179.99 @ Amazon |
Prices include shipping, taxes, rebates, and discounts | ||
Total | $1308.86 | |
Generated by PCPartPicker 2024-01-05 15:31 EST-0500 |
Though I think I’d spring for the 7950X3D for the power savings… Thanks for the the thoughts!
What’s up with the 192GB max memory on the x670 boards versus the 128gb for the cpus? Is that an upgrade thing assuming the next gen CPUs will support 4x48gb modules? And come to think of it, I’d probably go for ECC memory since stability is far more important to me than anything else. I like only have to reboot once or twice a year
Basically, at the time of release 32GB sticks were the max supported, now 48GB sticks are supported, it is apparently something to do with BIOS.
… Local workstation HDDs In 2023? Not dissing your system, if it works for you it works, but how can you stand that slowness? Hoooow?
Do yourself a favor and consolidate on a 3x4TB Teamgroup MP34 in z1 mode. Those are DRAM m.2 drives and cost $180 a piece right now, $540 is a pretty good upgrade to speedy RAM. If you need faster later $300 8TB boot drives are just around the corner, too.
Yeah it’s slow but I just use it for long term archiving, hence the mirrored set up. Definitely would be painful for anything else.
Oh that’s very interesting. So despite the 128gb limit in the AMD spec list, the 7950X(3D) will work with 192gb ram? I guess it’s pretty expensive/hard to find 48gb ECC UDIMMs but I could always settle for two sticks now and two more when prices drop. With that much ram I could actually do some of my work locally without spending way more money to move to threadripper / xeon…
I have a “gaming rig” that runs i7-4470k, I’m not into the latest AAA titles and whatever, I’ve overclocked that CPU to 4.2GHz and disabled spectre/meltdown mitigations - it runs my favourite minecraft modpacks just fine.
I also have a home NAS that is running some 3rd gen i5, also with disabled mitigations.
Even hosting providers like hetzner, kimsufi, soyoustart let you rent servers with CPUs from 2012.
I didn’t noticed anything weird about my systems, despite some buggy and probably easily hackable by the game server rootkits like easy anticheat and etc.
I think the security advice on the internet… and generally everywhere is a bit of a clown show. You have people and banks that tell you that you have to upgrade to the latest hardware because of some obscure security issue in the cpu that is very unlikely to be the reason why your homework project gets encrypted and then they skip to telling you that using your android phone that didn’t see any security updates since it launched is completely fine to do banking on.
From what you’ve described even with crippled performance (spectre mitigations) that machine is perfectly usable for you. I think it’s completely fine to use a computer until it no longer turns on - that NAS I mentioned was my main computer in 2012, the only reason why I stopped using it is because I got a laptop.
As a side note - if your security model is “they are going to exploit something in my CPU” - far more likely is that someone will exploit something running with system permissions, like razer’s or corsair’s rainbow vomit drivers, some kind of DRM platform and then hide within the motherboard’s UEFI.