Drudge Retort: The Other Side of the News
Wednesday, January 03, 2018

A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world. It is believed to affect chips in millions of computers from the last decade. The UK's National Cyber Security Center said it was aware of the issue and that patches were being produced. In response, Intel said the issue was not limited to its processors and that it was working on a fix. "Based on analysis to date, many types of computing devices -- with many different vendors' processors and operating systems -- are susceptible to these exploits," it said in a statement. It said it was working to "develop an industry-wide approach to resolve this issue promptly and constructively". "Intel has begun providing software and firmware updates to mitigate these exploits," it said.

Advertisement

Advertisement

More

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

I knew there was something wrong with all computers this decade.

#1 | Posted by Tor at 2018-01-03 05:51 PM | Reply

#1 | POSTED BY TOR

Most computers this decade have a major problem existing between the keyboard and chair.

#2 | Posted by IndianaJones at 2018-01-03 06:28 PM | Reply

There are no flaws. This is just a ruse to get more spyware into the system.

#3 | Posted by Whizzo at 2018-01-03 10:33 PM | Reply

I read on twitter that the patches will slow down some processors by 30%. Of course in the rush for processor speed, security becomes overlooked..

#4 | Posted by GOnoles92 at 2018-01-03 10:41 PM | Reply

#4 there has not been a major boost in processor speed in years. I have been shopping for a new computer and without spending 2k I can't get one faster than my 3 year old laptop.

It's kind of disappointing for a guy who grew up in an age where processor speed doubled every 6 months. We seem to have hit a plateau in the last couple years. My benchmark of 7170 is on par or faster than most commercial computers and unless you are willing to spend 1k + just on the processor you probably won't get more than a 10% boost over mine, and that's not even overclocked.

I seriously doubt intel will push a patch that would drop speeds 30% given the incredible lag in processor speed right now.

#5 | Posted by TaoWarrior at 2018-01-03 10:49 PM | Reply

I believe this is the vulnerability described here:
googleprojectzero.blogspot.com

We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.

Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01 [1].

#6 | Posted by snoofy at 2018-01-03 10:58 PM | Reply | Newsworthy 1

Of course, the very next post on Slashdot says AMD isn't affected... If it turns out Intel really did this to get a speed boost at the cost of security, and AMD isn't affected, it could be a good quarter for AMD.

#7 | Posted by snoofy at 2018-01-03 11:06 PM | Reply

these are layer 8 errors....

#8 | Posted by ichiro at 2018-01-04 01:38 AM | Reply | Newsworthy 1

I seriously doubt intel will push a patch that would drop speeds 30% given the incredible lag in processor speed right now.
#5 | TAOWARRIOR

That may be the only option in the short run. But it won't be a problem for some.

Intel CEO Brian Krzanich sold $24 million worth of stock and options in late November, several months after the company learned of its chip vulnerability.

e.businessinsider.com

#9 | Posted by Whizzo at 2018-01-04 08:17 AM | Reply

"Intel CEO Brian Krzanich sold $24 million worth of stock and options in late November, several months after the company learned of its chip vulnerability."

Insider trading?

#10 | Posted by danni at 2018-01-04 09:02 AM | Reply

Advertisement

Advertisement

Insider trading?
#10 | DANNI

I would guess that he's just lucky.

The stock sale raised eyebrows when it was disclosed, primarily because it left Krzanich with just 250,000 shares of Intel stock -- the bare minimum the company requires him to hold under his employment agreement.

#11 | Posted by Whizzo at 2018-01-04 09:17 AM | Reply

PCs have become PC. Innovations in the last several years have prioritized making CPUs more more green by consuming less energy. Important for battery operated systems but my desktop is powered by coal and nuclear energy. Microsoft and Apple are complicit, their manipulation of energy settings have also slowed things down. It's like the 1980s when the clumsy inclusion of EPA controls gave us a decade of cars with crappy performance.

#12 | Posted by visitor_ at 2018-01-04 10:20 AM | Reply

The CEO sold $24 million stock before this was announced. He is to be punished with a tax break.

#13 | Posted by Sycophant at 2018-01-04 11:22 AM | Reply | Funny: 2

Leak of NSA tools made this public.

#14 | Posted by fresno500 at 2018-01-04 11:33 AM | Reply | Newsworthy 1

The amount of red coming from my sensors after adding these hashes makes me feel like the holidays haven't passed yet, so that's awesome!

#15 | Posted by humtake at 2018-01-04 11:38 AM | Reply

#5 | Posted by TaoWarrior

I am calling bunk on that - it isn't all in clock speeds as I am sure you are aware. 7th and 8th Gen (8th Gen in particular) have made huge leaps in speed - MOBILE CHIPS IN PARTICULAR. More cores and threads too. They run circles around 4-6th gen CPUs (those are pretty much the same). I want to say a 7th gen was about 50% faster than 6th gen and I know 8th gen is a 40% bump in speed over 7th gen. Most of the focus has been on things like battery life as much as CPU performance is usually not a bottleneck today and has not been unless you are say 3D Modeling, Rendering video or a few other specialized tasks.

It also depends on what you want for features and the form factor. I just bought my wife an 8th Gen i7 1080 resolution, nVidia 1050 dedicated graphics and 256 GB ssd equipped 17.3" for $650 for Christmas. I see it is on sale for the same price now. She had things she wanted and there were things I knew she should have - point is this thing is snappy. Less than 10 seconds from power on to login - I really need to clock it officially.

Sure you have to look but there are good deals out there. And no doubt most makers of Laptops seem to be idiots. Either that or they just don't care because PCs are a shrinking segment. A laptop without an SSD is just stupid IMHO. ANY PC without an SSD as the boot drive is stupid today. It literally makes them at least 10 times faster starting and loading applications.

#16 | Posted by GalaxiePete at 2018-01-04 12:40 PM | Reply

Leak of NSA tools made this public.

#14 | Posted by fresno500

Not sure if this is was facetious but I have seen nothing on that... At least in reference to "Meltdown" which is the super critical one of the TWO being discussed and the one AMD claims doesn't impact them.

So nothing is official and it is all speculation BUT from what I have read the patches are MOST LIKELY related to a research paper that discussed a method of unmasking the memory location for kernel code. A team from the Graz University of Technology in Austria wrote a paper that discussed breaking KASLR (Kernel Address Space Layout Randomization) protection of kernel code, a security feature used by both Linux and Windows. After researchers published their paper, work on improving KASRL spurned the creation of the KAISER project, a security-hardened version of the KASRL feature. Because KPTI (Kernel page-table isolation) development came as a continuation on the KAISER feature, many believe the method described in that research paper may be the ultra-secret vulnerability that OS makers and cloud providers have been working to patch since this summer.

KAISER Paper
PDF of a presentation on breaking KASLR from 2016 - if you don't have a clue probably not worth a look...

#17 | Posted by GalaxiePete at 2018-01-04 12:59 PM | Reply

I read on twitter that the patches will slow down some processors by 30%. Of course in the rush for processor speed, security becomes overlooked..

#4 | Posted by GOnoles92

You need to stay off Twitter. It's for Twits. :)

That is all speculation on the slow down. MANY factors in that. First that information is based on pre-release performance. Lots of tweaking yet to be done I am sure - both before and after release. It will also depend on the processor. This goes back to 1995 CPUs...

It isn't security "being overlooked". A CPU is an INCREDIBLY complex piece of hardware. Time and again "errors" have been found. There are ERRORS in every CPU. Just like in any "program". The problem with CPUs is the errors are embedded in hardware. If you find a way to look at every single attack vector that both exists today and will be invented 20+ years from now please patent it before you share because you will make a mint.

#18 | Posted by GalaxiePete at 2018-01-04 01:08 PM | Reply

the hackintosh -- built like Apple's new $4,500. iMac -- for $1,000.
youtu.be

#19 | Posted by ichiro at 2018-01-04 01:55 PM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2018 World Readable

Drudge Retort