Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Intel process security bug

  1. #1
    Senior Member
    Join Date
    Jan 2014
    Posts
    3,860

    Intel processor security bug

    https://www.theregister.co.uk/2018/0...u_design_flaw/

    TLDR version: Massive security bug can't be patched in-processor, Windows, Linux (hence also MacOS) etc. speeds will all need to be patched which will result in double-digit % speed hits to all processors from the last decade.

    FFFFFFFUUUUUUUUUUUUUU and I smell class-action lawsuit.

    With that said, at least we got this out of it:

    The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
    Last edited by Yw-slayer; January 3rd, 2018 at 05:45 AM.

  2. #2
    Junior Potato
    Join Date
    Jan 2014
    Posts
    4,014
    Shhheeeeeit.

    Has Intel been using German-brand diesel-fuelled People's Processors or something?

    Metal-level security flaws? A lot of people will jump ship to AMD in the short term. I wasn't too keen on Ryzen but who knows now? Could take Intel years to fix this one.

  3. #3
    Crime Fighter Cam's Avatar
    Join Date
    Jan 2014
    Location
    Columbia, SC
    Posts
    2,986
    I'm not really a techie, but even I can tell that is a major eff-up.

    Not the first time Intel has faced a shitstorm. Remember back in the '90s when some scientists realized Intel processors did math wrong? Intel's response was basically, "We did not think anyone would notice."
    Last edited by Cam; January 3rd, 2018 at 09:38 AM.

  4. #4
    Dead Brand Ambassador dodint's Avatar
    Join Date
    Jun 2016
    Location
    'Trep
    Posts
    3,041
    This kind of reminds me of Superfish, but a lot worse.

  5. #5
    Senior Member
    Join Date
    Jan 2014
    Posts
    3,860
    http://fortune.com/2018/01/03/intel-...rity-flaw-amd/

    Apparently amd and arm are also affected, but to a different degree.

  6. #6
    As stated here: https://www.infosecurity-magazine.co...aws-confirmed/

    The National Cyber Security Centre (NCSC) claimed in a statement that it had seen ďno evidence of any malicious exploitationĒ and advised users and IT admins to install patches as soon as they are made available.
    Last edited by Jacee; January 8th, 2018 at 07:29 PM.
    MS MVP Consumer Security 2006~2016

  7. #7
    Dead Brand Ambassador dodint's Avatar
    Join Date
    Jun 2016
    Location
    'Trep
    Posts
    3,041
    Yeah. This is going to be a headache for me. At least Tenable already has plugins for it.

  8. #8
    Junior Potato
    Join Date
    Jan 2014
    Posts
    4,014
    Updates are rolling in for a bunch of devices. iOS 11.2.2 came in for my iPhone and iPad today. Apparently Microsoft was real quick with the Win 10 update as soon as this all leaked, but Iím not seeing any mention of it in the update notes for one that I received on the 6th.

    Iím getting mixed info from the (few) sites that Iíve checked, however. Iím still up in the air about whether I have to update the processor itself, as well as the OS. Iíve read some scary phrases such as BIOS update as well. This is all very confusing.

  9. #9
    Junior Potato
    Join Date
    Jan 2014
    Posts
    4,014
    Benchmarks from Digital Foundry:

    http://www.eurogamer.net/articles/di...ng-performance

    Overall thereís not much to worry about performance-wise if youíre a home user, and gaming performance only loses 1-5%; the worst of the games they tested being The Witcher III which is very CPU intensive in its heavily NPC populated areas.

    The main effects will be felt by workstation users and in data centres, where threads and cores take center stage far more than that sort of workload is seen on the average desktop.

  10. #10
    Senior Member
    Join Date
    Jan 2014
    Posts
    3,713
    Judging by my searches yesterday, it looks like I'm not the only one that just cannot get the OSX update to install.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •