macOS 10.14.4, and the check says I'm upto date,
Manage to get it to see the update after 5 mins, now 10.14.5
Apple go ARM all in, intel x86 and x64 have reached the limit, the CISC is proving to be a thorn in its side preventing it to make it into smartphones and other issues
RISC has been proven the right choice after all, and ARM invented by Acorn a UK company will go down in history inventing the CPU that runs the world, and others like Intel, MOS, Motorola, Zilog tried but in the end they can only be one ARRRRRMMMM
For backward compatibility reason I still wish Mac would stick to x86, and would be nice if they use Ryzen or EPYC for Mac.
I'm glad that you can optionally enable full mitigation. I'd rather run at maximum speed with issues, since these attacks don't really affect my home machines at all.
From theregister.com: "Unfortunately for Apple customers with older Macs, Intel has not made microcode fixes available for Mac models from 2010 or earlier.". It's not that you don't need to patch the problem, it's that you can't.A 2010 Mac Mini running El Capitan is looking pretty good right about now
They don't need physical access, but they need to run code on your computer. If you have a Mac used by a single user, and a hacker can run his software under that user, then all data of that user is compromised, with or without that attack. So your risk hasn't really increased - if a hacker can run their code on your single user Mac, anything that is important to you is at risk anyway.Can someone explain to the amateurs what is the actual threat, the Macrumors article failed to report how these security holes could be exploited. I realize it is all theory since no known exploits are in the wild but how could the hackers utilize this?
Do they need physical access to our home computers? Do we need to click a link? Please further explain, thank you.
So, anything older than 2011 are safe?
The exact exploits don't work on ARM. Doesn't mean ARM doesn't have similar problems, only that nobody has publicly demonstrated them.Not really. This, like Spectre and Meltdown, are Intel specific. You can get a modern CPU without these vulnerabilities. Not in a Mac, but you can get Windows and Linux computers running on ARM, and pretty much anything that isn't a laptop, desktop, or server is going to be using ARM.
As a CPU designer who formerly had to compete with Intel
Still waiting for new silicon from Intel before a new hardware purchase.
Time to switch to Ryzen I think...
Did you work on PC hardware meant for consumers? Or was it for more specialized embedded stuff?
Also, I often wonder whether Intel is solely to blame here. Shouldn't kernel developers have started to get suspicious about this kind of stuff as well?
But what is the likelihood of similar, as-of-yet undiscovered flaws in the ARM (and/or AMD) architecture, I wonder?
While I've done this at home,
as someone who runs a bank data centre? This is just not something that's terribly reasonable right now. Though, would be a nice.
But holy crap, Intel. WHUT R U DOIN. we cannot afford to have constant security holes, nevermind 15-20% reported data centre performance hits from this fix.
Yeah the last year theres been all these security issues mostly with Intel CPUs, and a lot of the time it affects almost a decades worth of CPUs. Doesn't give me much faith that if I upgrade with another Intel CPU that there won't be issues in the future. Ryzen is 90% of the performance of a similar Intel CPU at 50% of the price. Theres not much good argument for buying an Intel CPU as a consumer or even prosumer right now.
My server is powered by Raspberry Pi - very happy!Not really. This, like Spectre and Meltdown, are Intel specific. You can get a modern CPU without these vulnerabilities. Not in a Mac, but you can get Windows and Linux computers running on ARM, and pretty much anything that isn't a laptop, desktop, or server is going to be using ARM.
So weird that Macs, once the only place you could escape from Intel to, are now the only place where you're forced to use Intel.
I love my Raspberry Pi.
(Then let’s consider the cost.)
From theregister.com: "Unfortunately for Apple customers with older Macs, Intel has not made microcode fixes available for Mac models from 2010 or earlier.". It's not that you don't need to patch the problem, it's that you can't.
They don't need physical access, but they need to run code on your computer. If you have a Mac used by a single user, and a hacker can run his software under that user, then all data of that user is compromised, with or without that attack. So your risk hasn't really increased - if a hacker can run their code on your single user Mac, anything that is important to you is at risk anyway.
What this attack adds is that _other_ users on the same machine are also compromised. So if your kids download software that they shouldn't in _their_ user account, it's not just their account that is compromised, it's yours as well.
But where it is really bad is for servers. You may have a server with ten virtual machines running. These virtual machines should be safe from each other. If one installs malware on one virtual machine, then obviously that machine is compromised but the other nine would be fine. With this exploit, they are all compromised. And if ten people installed virtual machines on the server, there is the risk that one of them actually installs this on their machine intentionally.
This is why Apple must ditch Intel CPU as soon as possible.
Lol, and go with what cpu? It's not that simple. You have contract obligations and millions of current intel spec'ed hardware to support. You don't just go ok, I'll go with your competition instead. We're not talking about a few hundred PC's.
If they were to migrate away from Intel CPU hardware, Tim Crook would've had this in his "upcoming pipeline" ages ago. The fact these hardware flaws keep showing up for Intel CPU's tells you how badly designed Intel CPU's are in general.
I would take a processor that is a bit slower than a fast one that has constant new exploits being found any day. This would hurt the server business more than any consumer cpu upgrade. If they are business smart they would contract out with AMD (lower cost contracts vs intel) and I'm sure you would also get lower thermals than these constant throttling Intel CPU garbage.
But we have a bean counter at the helm and so we end up here today with a half performance laptop for 2x the price all thanks to Intel.
AMD wouldn't be a terrible choice overall to migrate to to keep x86 either. Apple is already using AMD GPU's. A move to AMD APU would bring consistency, and performancelol Apple is already preparing for the migration from Intel to ARM for laptop series. AMD Ryzen is available so I have no idea what you are talking about. Both of them are x86 and already compatible.
What is the difference between the AMD and Intel implementations that makes Intel vulnerable?
lol Apple is already preparing for the migration from Intel to ARM for laptop series. AMD Ryzen is available so I have no idea what you are talking about. Both of them are x86 and already compatible.
If instead of hyperthreading you have separate structures for each thread, you aren’t as efficient but you have very clean interfaces that you can guard between the threads.
From reading about all of these issues (from spectre/meltdown to now), it seems that Intel basically ignored access control while performing speculative execution for performance reasons. To me it looked like a design decision, because the speed loss of the mitigations basically removes the SE performance bump...and at that point what's the point of SE?
If anything, it shows that there's a definite market split between fast and insecure vs slower and more secure. My machines are basically single-user, so fast and insecure is fine (i3/i5/i7/i9). Server side (Xeons etc) need the more secure versions...or some server-side systems need more secure CPUs (VM) and some need less (DB).