Discussion in 'Article Discussion' started by bit-tech, 15 May 2019.
finally game to a head early?
Ah, the G key is so close to the C key. Well, it's not really, but... Look, the Goodyear Blimp!
<runs and hides>
Intel just love racking up those vulnerabilities.
Okay, so it that i haven't read the entire source material and have very little time to invest in doing so (along with little technical knowledge in this arena) I wanted to ask a question.
In respect to finding flaws in products more than 10 years old and the items were manufacturered with no prior knowledge of said flaws, how much emphasis can we put on this?
I guess my question is, how long after production should Intel (and other manufacturers) be responsible for their products performance and security when they operate in such a fluid and changing technology industry?
Props to someone in the TPU comment section for this gem:
The i9 9900k is also affected...
Apologies if my article didn't make it clear, but the flaws are found in processors from 2008 to the present day. Not prior to 2008, 2008 upwards. So while you might not expect Intel to support an Atom chip it stopped making a decade ago...
There's also that. And pretty much every other chip it's made in the last eleven years.
Basically, do you have an Intel chip made after 2007? Then you're probably vulnerable.
No Hyper-Threading. Can't steal data from a thread running on the same physical CPU core if you can't run on the same physical CPU core...
You get 10 year limit for faults with cars why should a CPU be any different, I guess it is difficult for Intel as it would require computer manufacturers to provide BIOS updates, unlikely to happen as many companies don't exist long enough in the tech world.
Leaves me and my Arrandale in use right this second out in the cold, hopefully software patches will mitigate and I don't have to concern myself.
...the 4690[K] doesn't have hyperthreading enabled, the compenent vulnerable to these exploits?
Any word of AMD SMT being affected by these or similar?
IIRC so far only Intel's CPUs have been demonstrated to be vulnerable these specific exploits. Doesn't necessarily mean AMD's SMT isn't vulnerable to similar exploits, just not these specific ones.
So far, it's looking Intel-specific - they're primarily variants on the Meltdown theme. The old vulnerability checker script I'm using has been updated to check for it and claims my AMD system is vulnerable, but I think it's only looking for the mitigations and not finding them - actual exploitation should, in theory, fail.
EDIT: Ninja'd by @RedFlames!
It could also be a simple oversight... Intel make/made a ****load of various models and it's easy to lose one or 2 in what will be a lengthy list.
FWIW the 'Products formely Haswell' list on ARK is 256 items long... and that's just Haswell... not including Haswell-E or anything of that ilk.
Just came to me -
Different list, the 4690K and 4790K were officially 'Devil's Canyon', not 'Haswell'
After re-reading my reply I can see where you're coming from. I did mean processors produced over the last 10 years not just pocessors prior to 2008, for which I apologise for.
The main item I wanted to address was how long should a manufacturer offer support for their products in such a high speed industry. 1 Generation, 2 Generations, 10 Generations?
I guess it depends what market you're distributing to. If you want companies to build your processors into embedded stuff that's likely to sit there for years, you'd better support it for years - just look at how long Microsoft supported Windows XP 'cos it ran the world's ATMs and POSes. For that matter, look at my MicroServer: the version of Linux that's on there now has just EOL'd five years after release, and the next version I'm upgrading to won't EOL for ten.
It's perfectly reasonable, especially for a company as big as Intel and with as healthy a profit margin, to expect a decade's worth of support - perhaps less on the desktop.
Not yet. This research was funded by Intel (as with discoveries of past SPECTRE variants) so the researchers' focus has been on testing Intel CPUs. It may be some time before AMD replicate the research and verify if or if not their CPUs are affected. Last time around they jumped the gun by initially announcing they were not vulnerable to SPECTRE, then having to walk that back to just not vulnerable to Variant 3 (MELTDOWN).
Separate names with a comma.