Contributor ajz3d Posted January 3, 2018 Contributor Report Share Posted January 3, 2018 https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Projected performance drop after the leak is patched is to be from 5% to 30%... What do you guys think about it? 1 Quote Link to comment Share on other sites More sharing options...
Contributor Michaelgdrs Posted January 4, 2018 Contributor Report Share Posted January 4, 2018 Perfect just perfect ... Quote Link to comment Share on other sites More sharing options...
Carlosan Posted January 4, 2018 Report Share Posted January 4, 2018 AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault. Quote Link to comment Share on other sites More sharing options...
Contributor ajz3d Posted January 4, 2018 Author Contributor Report Share Posted January 4, 2018 Some update: https://www.marketwatch.com/story/intel-ceo-sold-millions-in-stock-after-company-was-informed-of-vulnerability-before-disclosure-2018-01-03 https://spectreattack.com/ Quote Link to comment Share on other sites More sharing options...
Contributor ajz3d Posted January 5, 2018 Author Contributor Report Share Posted January 5, 2018 https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html Quote Link to comment Share on other sites More sharing options...
Advanced Member Nossgrr Posted January 8, 2018 Advanced Member Report Share Posted January 8, 2018 I dont agree about the update being shoved down our throats.. It doesnt have much of an impact security wise for regular users.. Malware has to been installed on the PC or someone have local access to it in order to exploit the flaws.. At which point they're already in your system. Same goes for companies with local data centers (ie: non shared hardware).. I think it should be up to us to decide if we want this update.. a possible 30% is a big deal for our data center.. Most servers are already fined tuned and dont have much headroom.. Could cause major outages and costs. As for my local workstation? Leave my CPU cycles alone and keep your patch! Anyways, that's my opinion on this whole mess.. Quote Link to comment Share on other sites More sharing options...
Member Mr.Panka Posted January 9, 2018 Member Report Share Posted January 9, 2018 16 hours ago, Nossgrr said: I dont agree about the update being shoved down our throats.. It doesnt have much of an impact security wise for regular users.. Malware has to been installed on the PC or someone have local access to it in order to exploit the flaws.. At which point they're already in your system Really ? AFAIK, these 2 attacks can works with just a webpage, and virtual machine or other security mesures are useless. Do you have more infos on it ? For the 30%, it was one benchmarks on one server with a security fix that slow it down. Most benchmarks for gaming software show no real slowdown. Let's hope the intel patches are good. Quote Link to comment Share on other sites More sharing options...
Advanced Member Nossgrr Posted January 9, 2018 Advanced Member Report Share Posted January 9, 2018 Hi Mr. Panka, That's the thing, they need to exploit your computer first to gain access.. So in the case you mentioned, they would need to run an exploit (non meltdown related) to gain access to your system and memory.. Only then could they access the cpu prediction bug. The more scary aspect of this is with hosted companies.. You could technically rent hosted space and then from there, access the Host Server's memory to spy on other tenants on the server. That's how all cloud companies operate so you see how this can be a huge deal there.. Also bear in mind that the information you get is totally random, there's no way to predict what the HOST CPU prediction branches will discard. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.