Announcement

**gigi** · 01 May 2021, 06:28 AM

hmm... spectre is back

it is not going to slow down neither spare anything
deadlines!!!! i really despise it now.

**skeevy420** · 01 May 2021, 06:36 AM

Well this sucks, but not a surprise when you think about it...especially in the era of "power stats can be used for exploits". Your cache caused an exploit...you don't say.

Why is it when something is exploited it goes into a whitepaper? Why are whites always the exploiters?

**Duve** · 01 May 2021, 06:58 AM

Originally posted by gigi View Post

hmm... spectre is back

Spectre and Meltdown where always going to come back given that neither Intel or AMD (or anyone else in the realm of performance computing) can engineer themselves out of the problem without take a massive hit to performance. I think that it will be some time before the compute industry at large has any answer(s) to those family of bugs without the sacrifice on the alter of speed.
By the look of it, I suspect that it will take a set of new architecture to do that.

Originally posted by skeevy420 View Post

Why are whites always the exploiters?

Their is something to be said about the lack of diversity within the computer industry in general but that is neither here nor there on this matter.

**ms178** · 01 May 2021, 07:00 AM

My take away: You might just as well run with mitigations=off and enjoy the better performance, there is no security in any current x86 architectures at all.

**skeevy420** · 01 May 2021, 07:05 AM

Originally posted by Duve View Post

Their is something to be said about the lack of diversity within the computer industry in general but that is neither here nor there on this matter.

I agree. I just hope people get a laugh and move on over reading too much into it.

**skeevy420** · 01 May 2021, 07:10 AM

Originally posted by ms178 View Post

My take away: You might just as well run with mitigations=off and enjoy the better performance, there is no security in any current x86 architectures at all.

Pretty much how I feel. I assume that half the software and firmware on my system is vulnerable already. Those mitigations don't fix sudo being exploited or buggy firmware in my GPU.

I still run with full mitigations. Going from Westmere to Zen 2....my new system is still faster than my old system with mitigations in place and my old system was fast enough to make me happy.

**birdie** · 01 May 2021, 07:24 AM

Originally posted by ms178 View Post

My take away: You might just as well run with mitigations=off and enjoy the better performance, there is no security in any current x86 architectures at all.

It's a bad illogical takeaway, but luckily the only computing devices that you probaly use are your PC/laptop and smartphone, so you don't quite understand the gravity of the situation. Hosting and cloud providers are keenly aware of everything on that front, cause otherwise their entire infrastructure will be compromised.

Originally posted by skeevy420 View Post

Pretty much how I feel. I assume that half the software and firmware on my system is vulnerable already. Those mitigations don't fix sudo being exploited or buggy firmware in my GPU.

I still run with full mitigations. Going from Westmere to Zen 2....my new system is still faster than my old system with mitigations in place and my old system was fast enough to make me happy.

Spectre protections are now built-in during compile time so you cannot disable them even with mitigations=off, you'll need to recompile pretty much everything to get back the performance. Lastly certain Spectre mitigations are in firmware and cannot be disabled as well. It's unlikely we'll ever get back to the time when people didn't know about them.

**ms178** · 01 May 2021, 07:25 AM

Originally posted by skeevy420 View Post

Pretty much how I feel. I assume that half the software and firmware on my system is vulnerable already. Those mitigations don't fix sudo being exploited or buggy firmware in my GPU.

I still run with full mitigations. Going from Westmere to Zen 2....my new system is still faster than my old system with mitigations in place and my old system was fast enough to make me happy.

Speaking of disasters, the heating just broke in our house, warm water just trickled through the old pipe of questionable quality (40 years old, Made in the GDR). Lovely.

**ms178** · 01 May 2021, 07:32 AM

Originally posted by birdie View Post

It's a bad illogical takeaway, but luckily the only computing devices that you probaly use are your PC/laptop and smartphone, so you don't quite understand the gravity of the situation.

Spectre protections are now built-in during compile time so you cannot disable them even with mitigations=off, you'll need to recompile pretty much everything to get back the performance. Lastly certain Spectre mitigations are in firmware and cannot be disabled as well. It's unlikely we'll ever get back to the time when people didn't know about them.

Well, what does it bring you if you barricade the door but leave all of the windows open? But you are right, I am not running a server farm, it is just my private gaming rig. I also re-build my Kernel turning off the "avoid indirect branches" option. I know that it is dangerous, but I don't want to pay any performance penalties and hope that the industry gets their act together and designs more secure products without sacrificing performance.

Announcement

New Spectre Variants Discovered By Exploiting Micro-op Caches

New Spectre Variants Discovered By Exploiting Micro-op Caches

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment