Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Intel Chips Have Memory Access Design Flaw and Fix Could Lead to Performance Drop
- Thread starter MacRumors
- Start date
- Sort by reaction score
A random website running JavaScript can access the kernel, which would then relay passwords stored in the kernel back to the random website?
That's what I read. It doesn't seem believable?
If that's not true - then what level of security are we risking in exchange for losing 30% of our machine's computing power? And will we be allowed to decide whether or not to take that hit?
Or is this more in the vein of -
"Well guys, we hit Moore's Law. Nobody's buying these things - just got too darn powerful. What's that? Ooohh... yeah, but - oh, we can sell off our stock before we just make that up? Cool - let's run with that then. New computers all around! And we'll just keep pulling this stunt every decade? Gotcha."
That's what I read. It doesn't seem believable?
If that's not true - then what level of security are we risking in exchange for losing 30% of our machine's computing power? And will we be allowed to decide whether or not to take that hit?
Or is this more in the vein of -
"Well guys, we hit Moore's Law. Nobody's buying these things - just got too darn powerful. What's that? Ooohh... yeah, but - oh, we can sell off our stock before we just make that up? Cool - let's run with that then. New computers all around! And we'll just keep pulling this stunt every decade? Gotcha."
Last edited:
Which processors exactly are affected?
Core2Duos?
Or i3/i5/i7 onwards?
Also the newly released 8th Gen core series?
Xeons?
Core2Duos?
Or i3/i5/i7 onwards?
Also the newly released 8th Gen core series?
Xeons?
A serious design flaw and security vulnerability has been discovered in Intel's CPUs that will require an update at the operating system level to fix, reports The Register. All modern computers with Intel chips from the last 10 years appear to be affected, including those running Windows, Linux, and macOS.
Full details on the vulnerability aren't yet known as the information is currently under embargo until later in the month. The Register has unearthed some data, however, and it seems the bug allows normal user programs to see some of the contents of the protected kernel memory.
This means malicious programs can potentially, in a worst case scenario, read the contents of the kernel memory, which can include information like passwords, login keys, and more. It's not yet clear how severe the bug is, but The Register speculates that it's significant given the rapid changes being made to Windows and Linux.To fix the bug, the kernel's memory needs to be isolated from user processes using Kernel Page Table Isolation, which could cause a performance hit on some machines. According to The Register, Linux and Windows machines will see a 5 to 30 percent slowdown once the fix is in place.
It's not yet clear how Macs will be impacted, as there is little information available at this time. Software updates are in the works for Linux and Windows, and though not mentioned, Apple is also likely working on a fix for the issue.
Full details on what's known about the vulnerability can be found at The Register, and additional information will be available later this month when complete details on the design flaw are shared.
Article Link: Intel Chips Have Memory Access Design Flaw and Fix Could Lead to Performance Drop
Fasten your sit belts, close the windows and lock the doors... we are going for a ride of a life time.
It's more like giving someone the key to your home, and because of a mistake by the lock company, that key also opens your wine cellar, or your safe.
There can be no lawsuits because the processors are still going to run at the same GHz speed as advertised, it's the way the processor handles tasks that will be the cause for the slowdown.
If you read the license of your operating system carefully, you will find that you are not allowed to use any operating system for running a nuclear reactor, or anything else in potentially life threatening situations.
[doublepost=1514973223][/doublepost]
For example if Intel's boss didn't know about this when he sold shares. Remember it wasn't Intel who found the problem.
Up to 30% CPU performance drop is absolutely mind blowing.
That it's been in effect for a decade undetected similarily so.
I'd be surprised if Macs weren't similarly impacted as it seems this one is on such a fundamental level that it becomes OS independent.
That it's been in effect for a decade undetected similarily so.
I'd be surprised if Macs weren't similarly impacted as it seems this one is on such a fundamental level that it becomes OS independent.
There is no problem unless you have criminals attacking your computer. These processors work just fine unless criminals get involved.
I worry this will not happen because they aren't really sold on merits of guaranteeing X number of executed instructions per second, only a particular clock frequency.
[doublepost=1514973642][/doublepost]
Agreed, it's been a whole decade (!), god knows how many underground or state sponsored hackers who have known.
All modern Intel CPUs going back at least a decade. So, everything you mentioned and probably more.
I write software for MacOS and iOS, and I tell you this is not the case unless the software is written by an idiot.
[doublepost=1514973786][/doublepost]
No, the CPU speed doesn't drop. The CPU runs at the same speed. The CPU may have to do more work. How much more work, nobody knows.
Since it is a security problem, there was no issue until someone realised there is an issue.
[doublepost=1514974043][/doublepost]
Says who?
Apparently PCID can ameliorate the performance penalty, if apple decides to go that route.
You can find out if your cpu is recent enough by using the command line.
You can find out if your cpu is recent enough by using the command line.
Code:
Typhon:~ jeremy$ sysctl machdep.cpu.brand_string
machdep.cpu.brand_string: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Typhon:~ jeremy$ sysctl machdep.cpu.features
machdep.cpu.features: FPU VME DE PSE TSC MSR PAE MCE CX8 APIC SEP MTRR PGE MCA CMOV PAT PSE36 CLFSH DS ACPI MMX FXSR SSE SSE2 SS HTT TM PBE SSE3 PCLMULQDQ DTES64 MON DSCPL VMX SMX EST TM2 SSSE3 FMA CX16 TPR PDCM SSE4.1 SSE4.2 x2APIC MOVBE POPCNT AES PCID XSAVE OSXSAVE SEGLIM64 TSCTMR AVX1.0 RDRAND F16CThe vast majority of mining is done on GPUs and ASICs so it probably won't affect much. The only major crypto that you can mine profitably on a CPU is Monero.
Supposedly, it's fixed in Ice Lake. That 9700k is quite the processor. 10 cores, 4.9 Ghz, H.266 support and more!
