Support NeoGAF

[EventHorizon]

Couple of quick points.

1) The Microsoft patch isn't all that is needed to fix Meltdown. An OEM supplied firmware will also be needed. From ThreatPost.com:

As for Intel, all Intel processors released since 1995 are impacted by Meltdown, according to researchers. The company said Wednesday that OEMs will release relevant Intel firmware updates to address the issue.

Most, if not all, performance tests have been done with only the OS updates. My guess is that not much will change, but we'll have to wait for the firmware patches to see the full impact. Hardware Unboxed, who did tests yesterday, said: "The full fix will also rely on firmware updates from Intel, so I'll keep you guys up to date with news and benchmark results."

2) Here is AMD's response. Note that Variant One and Variant Two are Specter, while Variant Three is Meltdown. AMD is says only Variant Two is possible on their fully patched chips. That variant hasn't actually been shown to work on an AMD chip, and would be extremely difficult to pull off.

 

[blu]

I wonder though... I mean someone could release a demo in the marketplace that has some code to exploit it. Apparently web browsers are also exploitable too since it can be done via javascript, so popular gaming site gets hacked, some evil javascript is ran on console browsers.

Keep in mind we are talking of two distinctive exploits here: Meltdown and Spectre. The first is what caused all OS vendors to scramble and prepare patches for, as it's the easiest to exploit and of the most severe impact for potential future attacks. It's also the one mainly affecting Intel CPUs. The other exploit, Spectre, affecting non-Intel CPUs as well, is much harder to put to nefarious use but also has to be patched on an application-by-application basis. So browsers will be likely patched, as browsers provide the greatest attack surfaces. But something somewhere will remain unpatched. So Spectre is here to stay, unfortunately, until future CPU designs do something about it.

Leads to the question, what could really be stolen that's of any value in a console? Perhaps saved credit card information, passwords, your gamerscore (kidding). Perhaps your online identity, address?

Consoles are among the least-likely targets of this attack (well, outside of jail-breaking/piracy).

seems to be a big nothingburger at the end of the day

but stay tuned, situation is evolving rapidly...

it's certainly embarrassing for intel and amd and arm *oops*

Sooner or later that was bound to happen. It's the responses of the vendors that plays the major role here, and yes, Intel's response has been absolutely embarrassing. Not so from the other vendors.

 

[magnumpy]

ugh, this could be really bad

not just because of the existence of the bug, but the performance hit that computers of various sorts will take to implement the "fix"

intel processors of various sorts will be affected, as will amd processors so this will impact consoles too?

one "winner" in all this will be nvidia, whose processors don't seem to be impacted

 

[blu]

ugh, this could be really bad

not just because of the existence of the bug, but the performance hit that computers of various sorts will take to implement the "fix"

intel processors of various sorts will be affected, as will amd processors so this will impact consoles too?

one "winner" in all this will be nvidia, whose processors don't seem to be impacted

Are you intentionally trying to generate FUD?

 

[Meh3D]

The Guardian

A blurb I agree with on what will most likely happen with Google, Microsoft, Bank Institutions, etc...

But the incident is likely to spur cloud companies to press Intel for lower prices on chips in future talks, said Kim Forrest, senior equity research analyst at Fort Pitt Capital Group in Pittsburgh, which owns shares in Intel.

”What [Intel's cloud customers] are going to say is, ‘you wronged us, we hate you, but if we can get a discount, we'll still buy from you'," Forrest said.

 

[magnumpy]

Are you intentionally trying to generate FUD?

how am I doing? the fear part is no problem, but I think the uncertainty and doubt could be improved

 

[jrolson]

Guess games that use alot of the CPU, like Cities: Skylines & Planet Coaster will be slowed down. (lower FPS)

What a major clusterf*ck...

 

[DragonNC]

no wonder my old AMD Athlon II 965 still run games fine

 

[joesiv]

Keep in mind we are talking of two distinctive exploits here: Meltdown and Spectre. The first is what caused all OS vendors to scramble and prepare patches for, as it's the easiest to exploit and of the most severe impact for potential future attacks. It's also the one mainly affecting Intel CPUs. The other exploit, Spectre, affecting non-Intel CPUs as well, is much harder to put to nefarious use but also has to be patched on an application-by-application basis. So browsers will be likely patched, as browsers provide the greatest attack surfaces. But something somewhere will remain unpatched. So Spectre is here to stay, unfortunately, until future CPU designs do something about it..

Good point Blu!

 

[Kaleinc]

10 fucking years! Christ almighty!! It is for sure one of the greatest fuck-ups in hardware history. Who's gonna buy intel CPUs now after all this? Damn, AMD is probably LTAO right now.

I will. Also you probably missed the part where almost all modern CPUs are affected by Spectre.

 

[Keihart]

I can barely keep 90fps on some VR games, really hoping to no get kicked to hard by these...not sure if CPU was ever the bottleneck in VR , but i really hope it isn't now.

 

[Meh3D]

I will. Also you probably missed the part where almost all modern CPUs are affected by Spectre.

Are you implying Meltdown is equal to Spectre in severity? It looks like you're down playing Intel's issue which is much bigger than the other CPU IP vendors.

 

[magnumpy]

Are you implying Meltdown is equal to Spectre in severity? It looks like you're down playing Intel's issue which is much bigger than the other CPU IP vendors.

you can't blame any single thing for this... all cpus are from every major manufacturer are affected... it's truely insidious and pervasive

 

[Two Pikachus]

I can barely keep 90fps on some VR games, really hoping to no get kicked to hard by these...not sure if CPU was ever the bottleneck in VR , but i really hope it isn't now.

Worry not, the performance difficulty in VR is almost all rendering. This shouldn't affect VR too much if at all.

 

[blu]

you can't blame any single thing for this... all cpus are from every major manufacturer are affected... it's truely insidious and pervasive

Keep on spewing.

 

[comshoplesce]

My next system is AMD for sure.

 

[Randy Monk]

My next system is AMD for sure.

Same.

Intel can fuck off, so long and thanks for the 2500K cunts.

 

[EventHorizon]

Heads up. Part two of the fixes are starting to hit. The BIOS update needed to mitigate Spectre is showing a large impact on drive use. This is just one report and is preliminary, but at least so far it is not looking good. Since this is a BIOS update, it has the potential to affect all OSs just like the Spectre exploit. However AMD is claiming they are vulnerable to only one Spectre variant, so it is possible they are only impacted by part of patch.

Has anyone tested storage performance with the Spectre BIOS update? I'm finding it's killing performance on my SATA and NVMe drives. Huge reductions in write performance!
https://twitter.com/HardwareUnboxed/status/949576058440843264

 

[Nikodemos]

Same.

Intel can fuck off, so long and thanks for the 2500K cunts.

It's not their fault, though. Some of these weird exploits have become possible only recently. Also, what might seem visible to somebody from the outside might not be necessarily evident to the people inside the dev structure.

Not an Intel fan, BTW. Never forgave the repeated market distorting crap they kept pulling. Ryzen 7 and RX 580 8 GB here.

 

[Robbit_80]

I take it there's no way to avoid this update? I'd rather take my chances than gimp my 4790k.

 

[TheHellsLord]

In general it's not advisable to skip security updates. Also gaming workloads should not see that big of an impact. As far as the Windows Update is concerned - if you've auto updates enabled you already have it. Also it's part of the cumulative updates so you basically would have to stop installing updates altogether - which clearly is not advisable.

As far as the BIOS update goes - well, the majority of machines don't install BIOS updates on their own. So avoiding that would be easier - still not advisable though.

As for who screwed up the worst: it's not a straightforward issue which is why it's been undiscovered for so long. Side-channel attacks in general are fairly well known but mainly focused on chip cards and other security related chips in the past. Hardening general purpose processors against stuff like that wasn't high on the agenda for anyone.

In the end Intel now is affected the most due to them being most agressive when it comes to their predictive execution. I'd hazzard a guess though that AMD and ARM are not less affected because they thaught of the possible issue but rather that this happened by chance.

All in all I don't think that there's too much of a reason for this to affect future purchasing decisions. Still I personally would like to see AMD's market position strengthened, if only to see more competition in the x86 CPU market.

 

[qa_engineer]

I take it there's no way to avoid this update? I'd rather take my chances than gimp my 4790k.

go off the grid and never use the internet again.

 

[Kalisto]

Is there any way to know if this is affecting me? I'm finding really hard to follow this

 

[TheHellsLord]

Is there any way to know if this is affecting me? I'm finding really hard to follow this

It's hard because there's actually 3 different issues that are kinda related. All of them affect Intel CPUs. So if you have a CPU manufactured by Intel since 2006 and it's not an old Intel Atom you definitely are affected.

Two of the issues affect ARM CPUs (like in Smartphones). These however are harder to exploit and the impact is not as big. They can not be patched on the OS level - changes on the application level are necessary.

One of the issues is also present on AMD CPUs. It's one of those that also affect ARM. Again - OS level patches don't fully help there.

As for the patches effects on performance - we still will have to wait and see but for now it seems that Gaming won't take a big hit.

 

[Xdrive05]

So can future models of CPU be adjusted at the silicon level to fix this issue in such a way that the software slowdown won’t need to apply to those new models?

Because if so then the next gen CPUs could simply address this issue and just a little faster, and that would make them a substantial leap forward in context.

 

[Panajev2001a]

So can future models of CPU be adjusted at the silicon level to fix this issue in such a way that the software slowdown won’t need to apply to those new models?

Because if so then the next gen CPUs could simply address this issue and just a little faster, and that would make them a substantial leap forward in context.

It is difficult to say... the biggest issue is that some of the mechanisms we use to make CPU’s fast are also making them more exploitable... and this possibility is what is worrrying CPU designers and developers.

 

[Sinfamy]

These updates might destroy battery life of devices as there is now an abstraction layer, and multiple cycles are required to complete the same task.

 

[Sophist]

From what i have seen intel + patch is still better than AMD gaming wise.

 

[michaelius]

We will see early benchmarks show home tasks are barely afected so it could be worse.

 

[Guyver]

I assume the 9th gen cpu "ice lake" will be going back to the drawing board, to fix this problem.

 

[Meh3D]

Microsoft has released some performance estimates. LINK

Summary

• With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
• With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.
• With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
• Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

Unfortunately, I'm part of the Haswell club (4700K.) I was contemplating switching to Intel 8th Gen or Ryzen but those memory prices are awful.

 

[Soltype]

Any benches yet for older CPUs?

 

[llien]

From what i have seen intel + patch is still better than AMD gaming wise.

Care to link where you have seen that?

 

[Sophist]

Care to link where you have seen that?

windows update + microcode update

https://www.techspot.com/article/1556-meltdown-and-spectre-cpu-performance-windows/page2.html
http://www.eurogamer.net/articles/d...-cpu-security-flaws-impact-gaming-performance

~10 fps lost at most.