Announcement

Collapse
No announcement yet.

MDS / Zombieload Mitigations Come At A Real Cost, Even If Keeping Hyper Threading On

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by birdie View Post
    If SkyLake doesn't contain hardware mitigations for most Spectre/Meltdown/MDS/whatever vulnerabilities, I will stop buying Intel CPUs.
    I assume you meant Cascade Lake, but I doubt that design is far enough out to have hardware corrections for this kind of thing. Probably more like Ice Lake or whatever.

    Comment


    • #22
      Originally posted by aphysically View Post
      One of the Intel writeups said that their 8th and 9th gen processors have hardware mitigations, but my 8th gen processor defaulted to the same "Clear CPU buffers; SMT vulnerable". Is it safe to disable the MDS mitigations on 8th and 9th gen processors? Will less aggressive mitigations be possible on those in the future?
      Only certain (very recent) steppings of the 8th and 9th gen CPUs have hardware mitigations for the MDS vulnerabilities. My brand new (under 1 month old) work laptop with an i7-8750H has an 'A' stepping CPU which is vulnerable, only the 'C' and 'D' steppings aren't vulnerable. Cascade Lake has one stepping vulnerable to two variants of MDS and two newer steppings that aren't vulnerable to any variants.

      Comment


      • #23
        Waiting for Intel to release marketing material with 50% performance boost between Coffelake and Cascade Lake C/D Stepping, obviously having Coffelake runnign with mitigations on and Cascade Lake all mitigations off

        Comment


        • #24
          Originally posted by Mr.Radar View Post

          Only certain (very recent) steppings of the 8th and 9th gen CPUs have hardware mitigations for the MDS vulnerabilities. My brand new (under 1 month old) work laptop with an i7-8750H has an 'A' stepping CPU which is vulnerable, only the 'C' and 'D' steppings aren't vulnerable. Cascade Lake has one stepping vulnerable to two variants of MDS and two newer steppings that aren't vulnerable to any variants.
          I'm in the same boat; I have a brand new work laptop (~3 months) with a i7-8750H that's vulnerable, and now being told I need to disable hyperthreading for all mitigations...

          Comment


          • #25
            Originally posted by kenjitamura View Post

            Some people keep raising the possibility that with Intel having much more market share they are the ones primarily being targeted by research institutes for vulnerabilities.

            So my question is this really Intel taking shortcuts and producing less secure architectures than AMD? Or is it just that AMD is getting less hammered by researchers and hackers looking for vulnerabilities?
            It's true that most of these papers include investigation on Intel hardware only. I'm not sure if this is because the researchers are unprofessional, because investigating on AMD or ARM hardware would be just as much work again, or because they honestly don't think AMD (or ARM) are important. It can't be the cost of hardware... But by and large the findings are that AMD is not vulnerable to a good bit of this (like Meltdown or 'Zombieload' here), and in other cases may be able to address the problem with less invasive mitigations.

            Intel is genuinely less secure overall, and you can be sure they will let you know in each case where AMD/ARM are also affected.

            Comment


            • #26
              Originally posted by Britoid View Post
              Fuck computers let's just go back to using stone and wood.
              Or AMD. Same-same

              Comment


              • #27
                Originally posted by DoMiNeLa10 View Post
                The sad part is that more mitigations are inevitable, and CPUs will get even slower. It's just a matter of time.

                Now, imagine the possibility that this is Intel's attempt at planned obsolescence, and that they're paying people to scrutinize their current chips so they can release expensive chips which are supposed to be "secure".
                This relies on the assumption that Intel is actually making or selling "secure" chips at all. So far they didn't.

                I'm actually pretty sure they won't and will rely on the OS and the "user choice"

                Comment


                • #28
                  This is really a mess. Even now it is difficult to find a proper AMD based Notebook. Intel got punished by the EU because of racket business strategies (quasi monopoly on the Notebookmarket is one outcome of their practices).
                  But they still profit of their former tactics...
                  Now a lot of people are sick of this but there is still a 1:10 distribution of AMD vs Intel availability on the Notebook market. And as mentioned by others even a brand new Intel Notebook doesn't grant you the latest hardware mitigated cpu.
                  That is what I hate about intel ....they have simply cut away the alternatives.

                  Its like a truck market filled with vehicles without brakes ...the only one with brakes is a small toyota ...thanks intel!

                  Comment


                  • #29
                    Originally posted by kenjitamura View Post

                    Some people keep raising the possibility that with Intel having much more market share they are the ones primarily being targeted by research institutes for vulnerabilities.

                    So my question is this really Intel taking shortcuts and producing less secure architectures than AMD? Or is it just that AMD is getting less hammered by researchers and hackers looking for vulnerabilities?

                    Though even if that is the case I guess your argument still stands because it doesn't necessarily matter which is inherently more secure and what really matters is which one has more severe vulnerabilities known to hackers and the public.
                    Intel had their own researches try to find AMD volunerabilities and what they found was basically bugger all, though they tried to lie about it.

                    I think AMD just haven't had the resources to make as many small performance hacks as Intel, and thus have less attack surfaces. But at least with Meltdown it seemed like they had better and safer approach to a performance "trick" they shared with Intel, but that could be a one off.

                    Comment


                    • #30
                      Originally posted by HadrienG View Post
                      • A while ago, they used to actively pessimize output code when targeting AMD CPUs.
                      I don't think that has changed, and they got code into glibc doing the same for AVX2 enabled libraries (oh, but we don't know if -march=haswell will work on AMD chips with all the required features..)

                      Comment

                      Working...
                      X