1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Intel CPUs hit by four more security flaws

Discussion in 'Article Discussion' started by bit-tech, 15 May 2019.

  1. bit-tech

    bit-tech Supreme Overlord Lover of bit-tech Administrator

    Joined:
    12 Mar 2001
    Posts:
    3,676
    Likes Received:
    138
    Read more
     
  2. xalek

    xalek What's a Dremel?

    Joined:
    26 Jul 2007
    Posts:
    33
    Likes Received:
    0
    finally game to a head early?
     
  3. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    Ah, the G key is so close to the C key. Well, it's not really, but... Look, the Goodyear Blimp!

    <runs and hides>
     
  4. adidan

    adidan Guesswork is still work

    Joined:
    25 Mar 2009
    Posts:
    19,722
    Likes Received:
    5,485
    Intel just love racking up those vulnerabilities. :duh:
     
  5. Modsbywoz

    Modsbywoz Multimodder

    Joined:
    14 Oct 2009
    Posts:
    2,778
    Likes Received:
    273
    Okay, so it that i haven't read the entire source material and have very little time to invest in doing so (along with little technical knowledge in this arena) I wanted to ask a question.

    In respect to finding flaws in products more than 10 years old and the items were manufacturered with no prior knowledge of said flaws, how much emphasis can we put on this?

    I guess my question is, how long after production should Intel (and other manufacturers) be responsible for their products performance and security when they operate in such a fluid and changing technology industry?
     
  6. Wakka

    Wakka Yo, eat this, ya?

    Joined:
    23 Feb 2017
    Posts:
    2,117
    Likes Received:
    673
    Props to someone in the TPU comment section for this gem:

    :hehe:
     
  7. adidan

    adidan Guesswork is still work

    Joined:
    25 Mar 2009
    Posts:
    19,722
    Likes Received:
    5,485
    The i9 9900k is also affected...
     
  8. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    Apologies if my article didn't make it clear, but the flaws are found in processors from 2008 to the present day. Not prior to 2008, 2008 upwards. So while you might not expect Intel to support an Atom chip it stopped making a decade ago...
    There's also that. And pretty much every other chip it's made in the last eleven years.

    Basically, do you have an Intel chip made after 2007? Then you're probably vulnerable.

    No Hyper-Threading. Can't steal data from a thread running on the same physical CPU core if you can't run on the same physical CPU core...
     
    Last edited: 15 May 2019
  9. sandys

    sandys Multimodder

    Joined:
    26 Mar 2006
    Posts:
    4,907
    Likes Received:
    722
    You get 10 year limit for faults with cars why should a CPU be any different, I guess it is difficult for Intel as it would require computer manufacturers to provide BIOS updates, unlikely to happen as many companies don't exist long enough in the tech world.

    Leaves me and my Arrandale in use right this second out in the cold, hopefully software patches will mitigate and I don't have to concern myself.
     
  10. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
    ...the 4690[K] doesn't have hyperthreading enabled, the compenent vulnerable to these exploits?
     
  11. yuusou

    yuusou Multimodder

    Joined:
    5 Nov 2006
    Posts:
    2,844
    Likes Received:
    903
    Any word of AMD SMT being affected by these or similar?
     
  12. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
    IIRC so far only Intel's CPUs have been demonstrated to be vulnerable these specific exploits. Doesn't necessarily mean AMD's SMT isn't vulnerable to similar exploits, just not these specific ones.
     
  13. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    So far, it's looking Intel-specific - they're primarily variants on the Meltdown theme. The old vulnerability checker script I'm using has been updated to check for it and claims my AMD system is vulnerable, but I think it's only looking for the mitigations and not finding them - actual exploitation should, in theory, fail.

    EDIT: Ninja'd by @RedFlames!
     
  14. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
    It could also be a simple oversight... Intel make/made a ****load of various models and it's easy to lose one or 2 in what will be a lengthy list.
     
  15. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
  16. Anfield

    Anfield Multimodder

    Joined:
    15 Jan 2010
    Posts:
    7,058
    Likes Received:
    969
    Comedy Gold:

     
  17. RedFlames

    RedFlames ...is not a Belgian football team

    Joined:
    23 Apr 2009
    Posts:
    15,395
    Likes Received:
    2,992
    Just came to me -

    Different list, the 4690K and 4790K were officially 'Devil's Canyon', not 'Haswell'
     
    Guest-44638 likes this.
  18. Modsbywoz

    Modsbywoz Multimodder

    Joined:
    14 Oct 2009
    Posts:
    2,778
    Likes Received:
    273
    After re-reading my reply I can see where you're coming from. I did mean processors produced over the last 10 years not just pocessors prior to 2008, for which I apologise for.

    The main item I wanted to address was how long should a manufacturer offer support for their products in such a high speed industry. 1 Generation, 2 Generations, 10 Generations?
     
  19. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,066
    Likes Received:
    6,610
    I guess it depends what market you're distributing to. If you want companies to build your processors into embedded stuff that's likely to sit there for years, you'd better support it for years - just look at how long Microsoft supported Windows XP 'cos it ran the world's ATMs and POSes. For that matter, look at my MicroServer: the version of Linux that's on there now has just EOL'd five years after release, and the next version I'm upgrading to won't EOL for ten.

    It's perfectly reasonable, especially for a company as big as Intel and with as healthy a profit margin, to expect a decade's worth of support - perhaps less on the desktop.
     
  20. edzieba

    edzieba Virtual Realist

    Joined:
    14 Jan 2009
    Posts:
    3,909
    Likes Received:
    591
    Not yet. This research was funded by Intel (as with discoveries of past SPECTRE variants) so the researchers' focus has been on testing Intel CPUs. It may be some time before AMD replicate the research and verify if or if not their CPUs are affected. Last time around they jumped the gun by initially announcing they were not vulnerable to SPECTRE, then having to walk that back to just not vulnerable to Variant 3 (MELTDOWN).
     
Tags: Add Tags

Share This Page