RIDL vulnerability hits Intel - new Side Channel Attack potentially is worse than Spectre and Meltdown
Click here to post a comment for RIDL vulnerability hits Intel - new Side Channel Attack potentially is worse than Spectre and Meltdown on our message forum
Reddoguk
3000 can't come quick enough as i'm in for a 3600X and a X570 switch. Enough is enough.
Intel is riddled with security flaws, issues and holes bigger than we could have even known.
mbk1969
No thank you.
I am happy with my 4930k. And will be for some time.
user1
No its not fishy , these "fixes" aren't actually "fixes", they are essentially just turning off broken functionality of the cpu or modifying the behaviour to avoid the situation where it happens, both of which eat cpu cycles.
Would be like if you had an engine that missfired every 1000 revolutions, and to fix it you just skip injecting fuel to the effected cylinders when it is supposed to happen, you lose some power in the process. but it mitigates the problem.
No tinfoil hats required.
lucidus
Latest cu's for windows 10 seems to have patched this problem.
BuildeR2
No kidding. Every week something is pushing me towards Zen 2/Ryzen 3000 instead of an Intel 10th series chip. I'll likely update when I can get a nice 7nm GPU that is ~50% faster than my 1080Ti and a 7nm or 7nm+ Ryzen CPU. I look very much forward to that day, since my poor old 4770k just keeps getting more and more crippled with every OS "fix" for all of these Intel vulnerabilities...
Back when I got this CPU I had a 4c/8t 186cb single threaded monster, now I'm just supposed to be fine with a 4c/4t 170cb single thread score?
Alessio1989
Yes they did it breaking things like application guard and sandbox in the 19H1 preview build (which looks not from being ready for release than ever before), but Intel microcode update is still required: https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot
mbk1969
And the text of the news is somewhat misleading: may be it is simple enough to inject some malicious code to utilize RIDL, but any side-channel attack requires hours to collect any meaningful information.
TheDeeGee
Does the Windows Update still require a Microcode Update?
Because i don't even have a Meltdown Microcode, as this garbage company called Gigabyte no longer supports their products after 2 years.
abula
Honestly people need to understand that lots are affected, intel gets targeted a lot more because has the market share, thus meaning most use it. When AMD dominates the market, you guys think they will be flawless or exploit free???
toyo
Happy to report that on a 8700K, Win10 1903 x64, with the new microcode, and the new updates, and the mitigations enabled, there's no visible impact on any AIDA64 score, Assassin's Creed Origins/Odyssey benchmarks, or CPU-Z bench.
Astyanax
its timing based attack, already dealt with in firefox months ago.
Alessio1989
except this is a hardware fault and cannot be patched only on application/OS side.
Alessio1989
no, honestly this happens double on Intel archs then ARM v7/v8 + AMD all toghether because they never cared about cache synchronization issues in the name of +1/2% score in synthetic benchmarks.
Astyanax
Ok
Neo Cyrus
*Laughs in Zen+*
There's a Windows update pushed out today that address another Spectre variant. And now this.
Elder III
I don't know about you guys, but if AMD hadn't pulled a rabbit out of the hat with the Ryzen line of CPUs, I'd be pretty dejected right now. Thankfully 7/8 of the desktops in the house now are on AMD.
heffeque
So basically Intel has been charging higher prices while cutting corners for years to get ahead of AMD (IPC-wise)... and now the security fixes will cost Intel's users the performance boosts that they payed for. Great!
fantaskarsef
I am honestly curious how this changes CPU's performance... mitigation after mitgation, windows patches that cripple your performance by up to 15%, now disabling hyper threading... it's as if Intel did everything wrong since they introduced the core2 architecture. And even if they did not do wrong, they still "missed" some details. In the last ten years.
Every year there's another problem that eats away half of their "7%" yearly performance increase, exaggeratedly speaking. So basically Intel offers even less than what I though, they're losing ground to AMD if you take everything into account. "Older" node, AMD IPC catches up, CPUs will probably run just 500MHz lower than Intel and not 1GHz like it was at times, AMD doesn't need 2/3 major security mitigations of 2018 / 2019... they're cheaper...
If I was personally responsible for sensitive data and valubable IT infrastructure, I'd get the f away from Intel. I would simply not have trust in their security anymore.
Every 6 months there's another issue, requireing a OS fix and / or a microcode update.
First breaks stuff again, second isn't even availble! I STILL cannot get all the fixes for my CPU unless I work them into the BIOS myselves, right? Thanks... but this is enough for me personally.
Astyanax
the articles reference to timing changes directly influences this new bug.
Evildead666
(Bolding in quote mine)
I agree.
I almost fried my Motherboard Bios last time, trying to update the microcode for Meltdown/Spectre.
(Bad Bios flash,managed to get replacement Bios chip)
Will be going back to AMD anyway now.
X570 here we come.
