Has there been a thread about the Intel security clusterfuck?


#1

i was about to buy a new laptop and now I’m not sure what to do.


#2

It seems like it could potentially be extremely… bad?


#3

Decent summary (and links) in these threads:


#4

crikey


#5

Here’s the thing…

There basically aren’t any CPUs on sale that aren’t vulnerable, and the typical lead time is 2 years on a new design, so we probably won’t see any until sometime mid-next year, so although the ideal option is wait until the actual design flaws are fixed, if you need something sooner that’s not really an option.

Of the two flaws being talked about, it looks like Meltdown is mostly being worked around in OS layer software and you can get around it by buying AMD. Spectre however affects pretty much every chip out there and is looking much harder to patch.

What to do?

As always, keep your patches up to date, make sure you’ve got all your security software in place, don’t go hunting for dodgy warez software and if you need a new laptop, bite the bullet but probably look at AMD rather than Intel for now.


#6

AMD means no Macs, i take it?


#7

Feeling really pleased that I just purchased an Intel-driven PC!


#8

It would. FWIW, AMD chips are safer right now, but once all the software patches are out there won’t be much difference between the two except for Intel ones probably being slower than they used to be.


#9

You and 90% of other buyers :slight_smile:


#10

I’ve seen some reports saying that the difference might be anything up to a 30% drop in performance after patching.

That sounds ridiculous.


#11

woah what jesus christ


#12

i read another post saying it depends. you’d need to be using it for something very intensive to get a 30% drop.


#13

not that that makes it ok.


#14

can’t be that bad they’ve got cute wee logos


#15

like music or film

so…

hmmph


#16

hope this link works properly, it should link to a single comment https://www.reddit.com/r/OutOfTheLoop/comments/7ntrvq/comment/ds4t30b


#17

Depends on workload. But yeah, 5-30% is what I’ve seen. For most people doing word/excel/web browsing, you probably won’t notice, but stuff like database work, software builds, graphics/music/video work and probably some games could well be impacted quite heavily I think.

The issue is that much of the speed these days comes from processors running ahead based on an assumption while waiting for data from memory. If the assumption is wrong, it goes back (which is where the Meltdown flaw lies) and has to redo the work, but a good chunk of the time it was right and you’ve used CPU cycles that would otherwise have been idle usefully.

Haven’t read up enough yet to find out about how software is patching this out, but I’d assume that it’s essentially turning off this functionality in some or all cases, so it does sound quite plausible that it’s going to be that costly on performance.


#18

Sounds like a lot of fuss over nothing


#19

Depends. On your local PC it’s a bit of an issue. On servers it’s a big one and in the cloud it’s basically catastrophic.


#20

cheers

that’s a useful link