Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 3, 2018.

  1. xgman macrumors 601

    xgman

    Joined:
    Aug 6, 2007
    #51
    In order to see what this is really doing someone is going to need identical macs with different OS versions running the exact same tests in real time.
     
  2. sevvere Suspended

    sevvere

    Joined:
    Oct 20, 2017
    #52
    Silly rabbits ... this isn’t a design flaw.

    It’s an NSA backdoor and just like all backdoors, can be used by people whom the door was not meant for.

    Remember when Wikileaks released all the companies with NSA backdoors which included Apple, and Apple had the immediate “security update” ..... yea ... wake up.

    Intel has implemented backdoors for a long time in their circuitry. Intel Management Engine anyone?
     
  3. jav6454 macrumors P6

    jav6454

    Joined:
    Nov 14, 2007
    Location:
    1 Geostationary Tower Plaza
    #53
    Exactly, sorry I forgot about those. Yes, VMs are actually the most hardest hit. For OS X users, that'd be running Fusion or Parallels.
     
  4. Abazigal macrumors G3

    Abazigal

    Joined:
    Jul 18, 2011
    Location:
    Singapore
    #54
    Because I don’t think there is any way to explain this without their intentions being grossly misinterpreted or taken out of context by the media, and without causing undue misinformation and unnecessary panic amongst users. People are just going to latch onto the “May slow down your computer” bit to confirm their age-old conspiracy theories of forced obsolescence, despite whatever Apple says to the contrary.
     
  5. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #55
    It's going to be 100% dependent on what you're doing and the app you're using. Certain types of call will make some apps slower but again it's totally dependent on the individual app.
     
  6. juanmj93 macrumors newbie

    juanmj93

    Joined:
    Jan 3, 2018
    #56
    Yes
     
  7. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #57
    This is what most here don't seem to understand. It's not a straight drop in performance across the board. Apps that make a lot of system calls are the ones that will be most impacted.
    --- Post Merged, Jan 3, 2018 ---
    Found the guy that has absolutely no idea what this issue entails!!!!!
     
  8. fairuz macrumors 6502a

    fairuz

    Joined:
    Aug 27, 2017
    Location:
    San Francisco
    #58
    I'm guessing my Xeon x5670s are heavily affected. So... If I'm on a single user system, does the vulnerability even matter that much for me? I don't know what in my kernel address space is more sensitive than that in my user space.
     
  9. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #59
    No they won't. You simply run benchmarks before and after the update. No need for a second identical machine.
     
  10. WaruiKoohii macrumors regular

    Joined:
    Oct 4, 2015
    Location:
    Boston
    #60
    This isn't necessarily true. Games it seems aren't impacted much if at all, however, it has nothing to do with residing in RAM (which games generally don't due to their size, anyways.) They're not impacted much, if at all, because they don't make many syscalls.

    Likewise, video encoding likely won't see much performance impact, as well as video editing. Server type applications, as well as virtualization software and software compilers .

    It really remains to be seen what sorts of performance impacts we will see. Linux is our best look right now since people can test the patches already.

    Standard benchmarks will not be a good indicator of what sort of performance impact these patches have unless your workflow mimics them (it probably doesn't).
     
  11. TonnyM macrumors newbie

    Joined:
    Oct 5, 2017
  12. rmcq macrumors newbie

    Joined:
    Jul 15, 2009
    #62
    This whole thing is just a conspiracy by Apple and Intel to get people to upgrade. Playing the long con this time.
     
  13. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #63
    Yes. A remote attacker could leverage a separate vulnerability at the software level, (ring 3) and execute code which then leverages this vulnerability.

    Edit: The significance of Kernel space compromise is that if the attacker takes over the Kernel, they can take complete control of your computer at a system level. They could encrypt your hard drive with ransomeware, or install systems that spy on your usage and report back to them without revealing their presence to the OS. Kernel level compromises are the most severe of all vulnerabilities.
     
  14. xgman macrumors 601

    xgman

    Joined:
    Aug 6, 2007
    #64
    Well I can see this will be the new scapegoat for why everyone will be complaining about their slow computers.
     
  15. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #65
    On a completely not-Macintosh related side I was told that most affected are database applications with lots of hard drive access, and CPU operations are not affected at all. So HandBrake should run at full speed, if you run the database for your website on a Mac server (or any other server), there would be more of a slowdown. Just what I read but sounds reasonable.
    --- Post Merged, Jan 3, 2018 ---
    I didn't know that compiling makes lots of system calls.
     
  16. Mayo86 macrumors newbie

    Joined:
    Nov 21, 2016
    Location:
    Canada
    #66
    What’s the wallpapers they used in that picture?
     
  17. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #67
    That's according to Intel not a possibility.

    An attacker could read things they are not supposed to read, but wouldn't be able to modify anything. Of course "things they are not supposed to read" might include passwords.
     
  18. CrashX macrumors regular

    Joined:
    Apr 13, 2012
    #68
    For anyone interested, using the Potts-Kant benchmarks on the latest releases of both concurrent versions of Mac OS -

    We're running benchmark processes concurrently with PCID disabled, employing supplementary reservoir matching sequences throughout our lab here at Duke.

    The testing has just begun - so I'll be posting the results here in about an hour, for anyone interested in how their machines might be affected.

    Students have been instructed to take the machines through a variety of real world tests -

    So we'll be posting that, as well as the conclusive results provided by our benchmark studies - to hopefully help clear the air and provide a more balanced issuance of the possible affections of data-protected kernel-modeling architecture implications.
     
  19. WaruiKoohii macrumors regular

    Joined:
    Oct 4, 2015
    Location:
    Boston
    #69
    Yeah, exactly. There's a lot of misunderstanding about what the issue is here. The issue is reading memory. Still extremely bad.
     
  20. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #70
    Thats also a bit misleading. Usually 'sensitive information' in this case is memory addresses that allow for KASLR bypasses, which then allow an attacker to execute code on the kernel once the address map is known. Information Leaks often lead to Code Execution, though often it takes more than one leak to get what you need.
     
  21. picaman macrumors newbie

    picaman

    Joined:
    Oct 6, 2005
    #71
    I’m running 10.13.2 on a 2009 iMac (yes you can!) and though it is probably coincidental and unrelated, since going from 10.13.1 I’ve had much slower wake from sleep and slower overall performance. I’d noticed it before this story and was just living with it. Who knows. I’m limping along until either I can’t upgrade or Apple upgrades the Mini to my satisfaction.
     
  22. fairuz macrumors 6502a

    fairuz

    Joined:
    Aug 27, 2017
    Location:
    San Francisco
    #72
    But I don't care any more about them encrypting my entire disk than I do about them encrypting my entire user directory. They can do the latter without the CPU vulnerability. The only thing besides my user is my system, which doesn't matter to me.
     
  23. dooyou macrumors regular

    Joined:
    Jun 5, 2007
    Location:
    Munich
    #73
    Uhm, okay ... got my new iMac 27“ today (i7).

    Does that mean, that I bought an expensive machine for foto editing and video editing which is now slower than expected?
     
  24. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #74
    I can see that perspective, but nevertheless it is still a concern.
     
  25. juanmj93 macrumors newbie

    juanmj93

    Joined:
    Jan 3, 2018
    #75
    That's awesome, please put them in this thread
    --- Post Merged, Jan 3, 2018 ---
    You're right is Compilebench as a whole (wich makes a lot of I/O), The linux kernel compiles in the same time in their benchmarks https://www.phoronix.com/scan.php?page=article&item=linux-415-x86pti&num=2
     

Share This Page