I think this seals the deal for my next build. There is 0 reason for me to want another intel CPU. If this results in more performance degradation after being patched, there wont be much argument for going intel. GG, no re.
The last two hardware specific vuln discoveries made me numb to caring.
Some objective testing on multiple platforms and reporting the results instead of using fancy adjectives to convey distaste toward one brand would be great. Mmmkay.
Indeed. The researchers simply haven’t properly looked at AMD (and others) yet. But given that AMD’s architectures are just as vulnerable to the previous spectre attacks as all the other CPUs, saying that “There is 0 reason for me to want another intel CPU” is rather premature. We need more information before hating on any manufacturers.
This is all circling back to something I’ve said for quite a while…
In every other aspect of society, we rely on a great deal of trust to function.
We:
pass each other at 80MPH on roads in 6,000lb killing machines
we buy food prepared by strangers
we walk among strangers in public
we sit among strangers in entertainment venues
we trust our governments not to drone us without Due Process
Of course, any one of these acts of trust can result in a violation of that trust - bad people do bad things. However, the fact that there are 7.5B+ humans on this planet shows that the overwhelming balance of people are “basically good” or we’d have run each other into extinction long ago.
What does this mean for these bugs?
Maybe these bugs can and will be fixed with deep architectural changes to verify permissions at the earliest phase of prediction… Maybe they can’t be without crippling performance as those permissions require other memory fetches…
The point is that we are approaching a level of bug and exploit that are equivalent to the tradeoff made driving a 6000lb car that requires 100’s of feet to stop under ideal circumstances. We are trying to make computers and software impossibly secure to remove the need to trust other humans (and punish those who violate this trust sufficiently to keep abuse to an acceptable minimum).
At the end of the day - locks on doors only keep honest people honest. They don’t stop criminals. The reality of software and hardware security, I fear, will ultimately reach the same asymptote if it has not already.
We need a shift in expectations and policy to align with this reality. We need to drone spammers and hackers (ok, let’s start with any punishment at all for their abuse, but the point is right now there is little to no “disincentive” for bad actors or governments sending abusive traffic).
In fact, as it stands we are legally precluded from “digital self-defense”. I cannot send packets that would disable an attacker in response to a request I know to be 100% malicious and not accidental. We need broad immunity for research, investigation and publishing of exploits where there is no intent to harm so that we can find such things. We need to respond to foreign actors and governments who attack computers as easily and often as they breath.
The response to this requires much more than Silicon changes.
I place a great deal of blame and mistrust on Intel for Meltdown. That vulnerability was unacceptable.
Spectre is a different animal. It isn’t a bug. It’s an emergent consequence of modern CPU design at a fundamental level. I expect we’ll keep finding Spectre variants in all current-gen and past CPUs, both Intel and AMD, for some time.
I agree to a degree, but ultimately these exploits exist on the same spectrum. Just a question of how easy they are to mitigate.
I think anger that they released products they knew to be vulnerable and advertising performance they knew to be unrealistic (i.e. stripping 100’s of lbs of safety equipment from a car and touting how fast it does 0-60 in that config), is justified.
Watching other forums and the Intelbots come out is pretty painful. The amount of butthurt that Intel could in fact be square in the cross hairs of moar shit is hilarious. I am not surprised though.
As far as purchasing CPU’s I already built a Ryzen last year before the vulnerabilities because it made sense against a monolithic piece of crap company who kept us at 4 cores, 8 threads for years. Vulnerabilities are bad enough, Intel are just a bunch of cunts.
I wonder if the research team has an annoying 14 year old shit running around the labs.