Three new vulnerabilities in Intel processors discovered - L1TF
Click here to post a comment for Three new vulnerabilities in Intel processors discovered - L1TF on our message forum
Dazz
2017 and 2018 has been a couple of rough years for Intel.
lucidus
Processors with Windows XP level of security and removing features from the i7 ... bleh. Patches were included in yesterday's Windows Updates afaik.
nosirrahx
It will with a new security focused architecture.
The issue is that entire current architecture prioritized performance over security. Predicting all potential exploits is impossible and patching them involves breaking stuff the processor depends on to be fast. This is a lose/lose proposition.
Intel's own Optane and VROC tech are some of the biggest victims. These both have 25% or greater performance hits from these ongoing patches.
anticupidon
Saw this yesterday, another day, another vulnerability. I just couldn't be bothered anymore. Just hope that future architectures will be more security focused and maybe big companies will realize that is better to release when it's ready, not when suits the company or the shareholders.
rl66
On other hand on a machine with high end component Optane bring almost nothing in real condition despite being a "revolution" on paper...
rl66
Not only for Intel, for AMD too despite being less in number they are still not solved, and some ARM maker too...
The most complex the CPU is the more chance you have to get a vulnerability.
oli3
The bigger they are the harder they fall.
Kaarme
Not really. The stock price has dropped less than a percent as a result of these news and the company is generating excellent profit. So, the flawed CPUs sell the same as ever. Security doesn't seem to be a priority for pretty much anybody.
mbk1969
I guessed the meaning behind "TF".
nosirrahx
I have not found that to be the case although Optane is only really useful in cases that Intel does not support.
The 58GB 800P combined with a SATA SDD at the 2TB level is more than 100$ cheaper than a 2TB EVO and is also much faster.
Intel does not support this configuration though for reasons that they wont even explain.
I have a feeling that part of the reason Optane had such a rocky launch was that it was pushed up to help ensure that people see Intel as innovators after AMD delivered some amazing CPUs.
Optane could have been a killer product but the price, annoying form factors, hoops to jump through just to use it and low capacity all stood against it. Its a great technology that came to market doing everything wrong.
schmidtbag
I'm pretty sure most of these vulnerabilities were honest mistakes. Intel has barely done anything noteworthy since Ivy Bridge, so when you consider the vulnerabilities of modern hardware, they've had plenty of time to fix these issues (assuming they were aware of them in the first place). Intel is losing the interest of shareholders every time one of these vulnerabilities is revealed, so obviously if they were actually rushing anything, that has clearly backfired.
To put it in another perspective: their 10nm fabs can create working products, but don't yield enough good results to be usable for the mainstream market. Every half-year they hold this back, it makes them look worse (and affects shareholders). So, although I think Intel has been underestimating AMD and taking advantage of their customer loyalty, I don't think they're deliberately being negligent.
JamesSneed
I just get this feeling EPYC on 7nm is going to have a lot of momentum in data centers due to bugs like this one.
insp1re2600
yep, saw these patches drop yesterday in a cumulative update
fantaskarsef
Honestly, can't wait to build my next rig, and it probably won't be Intel based. This constant update patch fix thing is getting on my nerves... makes me want to make a tin foil hat again also.
insp1re2600
I hear ya, I have envy of the 2700x build i did for my fiancee, while she sits there playing theme park world on it. 🙁
gx-x
Sure. Until hordes of people start looking into what can be exploited there, as they are now doing on intel.
It's basically PC vs Mac situation. PC has viruses. Well duh, no one bothered to look into exploiting the sub 10% market when they could go for the other 90%. And now, since Apple uses intel tech on Macs, almost all Macs are vulnerable to these hardware exploits too. But hey, no one is talking about that, yet.
edit: it's a trend that gained momentum. It's not the first, or the last to come around. It will pass.
TieSKey
I'm not so sure. Not all but a lot of this flaws came from things/decisions/behaviors that we would call a "code smell" in the software side. That means, things that work, and nobody wrote a test to break them yet, but you know just by looking (or from an static analysis of the code) that is very likely to be conditions under which they will break and become a bug.
I think they knew there were this "hardware smells" and just bet on nobody finding the right conditions to exploit them (probably forgetting to test the effect of new hardware features and changes in speed, like the high precision timers needed to exploit most of this flaws).
TieSKey
And that exactly is what I am calling a "hardware smell". (It was just a high lvl analogy)
At the time, leaving data in the caches was not known to be exploitable, but just by looking at it, u know it is a weak point and it could be exploited in the future if the right conditions are found or come to be (by means of new features added afterwards).
Dragondale13
Yawn!!! Wake me up when a big a$$ corp. falls victim, loses billions forcing them to fire 95% of their staff and the world economy reaches a pubic hair away from turning us into cannibals.
tsunami231
intel announced eh? guess few years it gona be exploit this exploit that announced, I haven't even bother to do microcode update for original exploit , and at the rate they being account and fixed Im not gone. I just gona use my system as i normal do which only to play steam games
I prefer the snake plisken effect, EMP the world and no worried about electronics or any of this crap
I still think I was born in the wrong era;)
