News Intel promises Meltdown-, Spectre-immune silicon later this year

And this comes from a company that packages a proprietary hidden operating system with every chip, security through obscurity doesn't work.

 

'Security is a top priority for Intel, foundational to our products, and it's critical to the success of our data-centric strategy, as long as you opt-in through kernel flags.'

There, fixed.

 

Thanks for the laugh.

 

So problems we've known about for ages will get a fix, sometime in the future, after borking a botch job in the meantime.

Until then, cross your fingers but don't forget to buy our latest chips that are fundamentally flawed.

Suck it Intel. Can't trust you can design your next chips properly.

 

lol - I have been ready to upgrade my i2500k for so long now. I finally think it's time to bite the bullet and get told it's not worth it, might as well hang on for another year...

 

I'd see what Ryzen+ offers. Improve on my 3770 for gaming and I may bite.

 

Pretty much everyone is doing that:
AMD has Secure Processor
ARM - TrustZone (up to vendors to implement that)
Every SOC with Video core runs closed source firmware.
Not to mention all mobile modems (and wifi phy's) run closed source firmware that has direct access to outside world.

Also, opensource != secure.

 

And doesn't even harden that secret OS.

This isn't about open vs closed source. This is about a completely invisible OS on a secondary processor that has full access to your entire system and you qan't do anything to it. And the Management Engine takeover exploit proved Intel's security team is incompetent.

 

No but it's not possible for closed source to be secure.

 

Well Ryzen wasn't fast enough (single core performance) for me. Ryzen 2 is coming out however, if that is significantly quicker I might be tempted ... obviously that's assuming that they don't find some other variant of meltdown or whatever that does apply to them.

 

So are they really not accepting any responsibility for replacing the current population of compromised hardware in the wild? I have a 2700k and Max IV Extreme board that will need to be swapped out if this is all as serious as it's being made out to be - have I got to foot the bill for this upgrade even though the system is more than adequate for my needs and doesn't NEED replacing now?

 

Currently you are screwed if you want meltdown and spectre immune silicon and will have to pay the full cost of the upgrade when such chips become available.

In a few years this may change as there is a pretty good chance that someone will sue (similarly too what happened with the memory issue on the nvidia 970), but of course that may well take years, plus will offer zero benefit to people outside of America.

 

Someones bound to tell me how stupid i am but I've not bothered to much about Meltdown or Spectre outside of mitigations built into my web browsers, my motherboard and CPU is far to old to expect an update and I've disabled the Windows mitigation so as not to lose performance.

The way i figure it is I'm the only person with physical access to my PC and if i run a dodgy program then more fool me, about the only way i think a ne'er do well could take advantage of the vulnerabilities is via the browsers and (afaik) I'd need to be processing sensitive data while having a dodgy website running in the background, something i don't do as when paying for something via CC or doing online banking those are the only sites i have running.

 

I have the windows update and that for browsers etc. Fortunately no big drop (that i notice) and no random bsods.

Trouble is we're not protected and the malware makers are already churning out masses of exploits https://blog.fortinet.com/2018/01/3...cted-malware-targeted-at-meltdown-and-spectre

Intel's response is pretty much "tough luck just buy our next uber expensive thing later in the year even though you spent lots of cash on some of our gear which is open to attack".

 

Any news if these silicon solutions will also deal with MeltdownPrime and SpectrePrime?

Or are we still going to need software solutions for the silicon that in the future can architecturally handle Meltdown and Spectre?