Massive security flaw found in Intel CPUs, patch could hit performance by up to 30%

Can Krzanich be sued for this? Or do they have to target the corporation? If he could be sued I would find out exactly how much he made on his stock dumps in 2017 and if I was google or Amazon or M$ sue him for that amount :D. Even if they don't have huge lawsuits come out of this I think AMD just got some major gains in the server market for the next couple of years, EPYC was already a big threat now Intel has some major problems.
 
Almost every intel processor - so does this mean all apart from the MCS-4 , 8 series and 3 series? everything before pentium?
 
I agree about having the choice but it probably depends on your version of Windows. W10 is almost certainly going to be forced, whereas you can avoid it with W7 by disabling Windows Update service and simply installing patches manually. If that's the case, then for non-critical low-risk gaming machines, a lot of us still sticking to W7 are going to feel even less guilty about our "luddite-ness"... :)

Yep, with windows 10 it's either going to be you disable the update service entirely or get all the updates.
 
Replace an entire decade of CPUs or refund them? Ha, that's funny :D

The question is, given that it affects so many processors and it's going to affect so many businesses, what is the correct solution? I'm not a lawyer so I have no idea what Intel is liable for in this case.
 
Unless your workload involves a lot of syscalls (e.g. heavy networking or intense mass storage I/O, like in database servers or video rendering), you won't notice a damn thing, because most software relatively rarely enters kernel mode - and the switches between modes are the only thing that will get slower.
So video editing software may be affected? Not good.

BTW Doesn't it remind you the VW emissions scandal?
 
And because Intel knows how to $$$$influence$$$$ everything, the patch treats AMD CPUs like they also have the bug.


That is utter nonsense. The fix will not be installed on AMD cpus. Windows has AMD directories where AMD drivers and processor enhancements are installed NO Intel directories exist in an AMD windows installation.

Are you talking about the AMD64 folders that you see on your computer? If so, it's because the world (and eventually Intel) decided that the AMD 64bit solution for x86-64 instructions was much better than the Intel IA-64 instructions. Since AMD came up with the technology, they got to name it. So.... yeah, that's why you see an AMD folder in Windows most likely.

Now, as for the patch affecting AMD systems, currently it will for Linux, but there's a fix for that in the works as well. You can read more about that here: https://www.phoronix.com/scan.php?page=news_item&px=Linux-Tip-Git-Disable-x86-PTI
For Windows, who knows though. Hopefully they'll put in code to recognize secure from insecure CPUs.
 
The question is, given that it affects so many processors and it's going to affect so many businesses, what is the correct solution? I'm not a lawyer so I have no idea what Intel is liable for in this case.
This is very complicated, but I'm assuming that most of the big names in the industry already have a deal made behind closed doors. As for the rest, I'm not sure if a class action lawsuit will achieve anything.
If the affected party can prove that they were affected in some way by the bug or the incoming patch (got hacked or lost money) then they could theoretically have a case against Intel.
 
I own a i7-6700K, it has already had 2 or 3 microcode updates, then the Intel Management fix and now this. IMHO since the cpu itself cannot be fixed, I consider it defective, but I know, there really is no way for Intel to make this good. Older cpu's aren't even being manufactured anymore so what are Intel going to do? Redesign and remanufacture 10 years of product line?
 
Replace an entire decade of CPUs or refund them? Ha, that's funny :D

Sure. Intel has been aware of this by some reports since Feb 2017. That's almost a year. Yet they still kept selling the faulty product. They knowing sold defective products to consumers. That is fraud. Plain and simple. I will be happy to let Intel buy me a Threadripper and associated motherboard to make up for this injustice.
 
Sure. Intel has been aware of this by some reports since Feb 2017. That's almost a year. Yet they still kept selling the faulty product. They knowing sold defective products to consumers. That is fraud. Plain and simple. I will be happy to let Intel buy me a Threadripper and associated motherboard to make up for this injustice.

The problem is, if you use that reason in court, you have to be able to prove it. Remember back in the day Intel threatened companies to only sell Intel processors? Intel could have been / be doing the exact same thing now. Intel could be threatening these guys or they risk loosing access to Intel processors.
 
I own a i7-6700K, it has already had 2 or 3 microcode updates, then the Intel Management fix and now this. IMHO since the cpu itself cannot be fixed, I consider it defective, but I know, there really is no way for Intel to make this good. Older cpu's aren't even being manufactured anymore so what are Intel going to do? Redesign and remanufacture 10 years of product line?

They can buy all of us a comparable Ryzen/Threadripper CPU and compatible MB of our choice. Capitalism is a wonderful thing. You either make a good product or you go down the tubes. The bigger question is why did they continue to sell defective products after finding out. It's unacceptable for them to sell a (for example) 3.0GHz CPU that will now have to run at around 2GHz with the fix. That's a completely different product. It would be like buying a Porsche today and tomorrow the Porsche engineers come to your house, remove the 550 hp engine, install a 357.5 (ish) hp engine and tell you to like it, with no refund. You paid for the model with 550 hp at 20K more.
 
I am thinking we need to wait for the embargo to lift in a few days to get all the information. Starting to feel like a witch hunt for Intel where we don't have the complete picture......

I do admit it does look really bad at the moment but lets see what the real world performance hits are and all the information from Intel etc about it.

I really doubt gaming will be affected by this issue and unless you own server farms and virtual infrastructure it is more than likely going to make no huge difference to you
 
I am thinking we need to wait for the embargo to lift in a few days to get all the information. Starting to feel like a witch hunt for Intel where we don't have the complete picture......

I do admit it does look really bad at the moment but lets see what the real world performance hits are and all the information from Intel etc about it.

I really doubt gaming will be affected by this issue and unless you own server farms and virtual infrastructure it is more than likely going to make no huge difference to you

The impact is going to be there whatever you do. Nearly everyone runs Intel servers so if you use any online service you will be impacted. They are going to need to put up more servers to make up for the performance loss and that takes time.
 
I don't run any sensitive programs using my PC, just the usual games. Will it be possible to bypass the fix in the next Windows update? Personally, I would rather take the increased security risk than pay a performance penalty.

What about anything you put in a password for?
 
I own a i7-6700K, it has already had 2 or 3 microcode updates, then the Intel Management fix and now this. IMHO since the cpu itself cannot be fixed, I consider it defective, but I know, there really is no way for Intel to make this good. Older cpu's aren't even being manufactured anymore so what are Intel going to do? Redesign and remanufacture 10 years of product line?
No... they will make an OS patch and let you deal with the performance hit.
 
I am thinking we need to wait for the embargo to lift in a few days to get all the information. Starting to feel like a witch hunt for Intel where we don't have the complete picture......

I do admit it does look really bad at the moment but lets see what the real world performance hits are and all the information from Intel etc about it.

I really doubt gaming will be affected by this issue and unless you own server farms and virtual infrastructure it is more than likely going to make no huge difference to you

The impact is going to be there whatever you do. Nearly everyone runs Intel servers so if you use any online service you will be impacted. They are going to need to put up more servers to make up for the performance loss and that takes time.

There will be a performance hit but no one runs their virtual infrastructure at 80% load, there will be headroom that will mask this for the consumer end and people who use AWS and Azure etc will just buy more compute.

The providers such as Azure and AWS is where it is going to be felt but they would have been aware of it for some time so they will be prepared. Original date was over 6 months ago for when the issue was identified.
 
But flawed CPU have been on the market for years. Celeron = No release CPU but yet they release it and AMD had their own Sempron = No release CPU still do it too. They function very well until they hiccup, overheat and have HDMI audio issues from bad drivers and etc.. But we all still happy living with these known flaws. So what else is new. Patch Firmware on CPU to have it drop to 30% in performance Oh My!
 
But flawed CPU have been on the market for years. Celeron = No release CPU but yet they release it and AMD had their own Sempron = No release CPU still do it too. They function very well until they hiccup, overheat and have HDMI audio issues from bad drivers and etc.. But we all still happy living with these known flaws. So what else is new. Patch Firmware on CPU to have it drop to 30% in performance Oh My!
Both Intel and AMD keep a list of known bugs which they will never fix. This has always been something we had to live with.
But in this case the bug affects everyone including big enterprise VMs or even the army so it's a very serious issue. You can make an account on AWS and with a bit of tinkering get access to the entire server not just what was allocated to you.
 
I have a feeling that this "flaw" is either a deliberate built in method for testing the CPU or as part of a government mandated "back door" that Intel was compelled to implement and no one was meant to discover.
 
I have a feeling that this "flaw" is either a deliberate built in method for testing the CPU or as part of a government mandated "back door" that Intel was compelled to implement and no one was meant to discover.
Nah, for that there's IME ;)
 
Capitalism is a wonderful thing. You either make a good product or you go down the tubes.

Except that it doesn't really work like that in the real world. Intel is a global company and has a big market lead, so they can pretty much sell us what they want, since our options and influece are limited. Their stock will take a hit, someone may get fired, then they'll promise to do better in the future and life will go on.

The bigger question is why did they continue to sell defective products after finding out. It's unacceptable for them to sell a (for example) 3.0GHz CPU that will now have to run at around 2GHz with the fix. That's a completely different product. It would be like buying a Porsche today and tomorrow the Porsche engineers come to your house, remove the 550 hp engine, install a 357.5 (ish) hp engine and tell you to like it, with no refund. You paid for the model with 550 hp at 20K more.

Not selling anything is usually worse than selling something they _may_ need to compensate for later on _in some markets_. After all, this is not a vitamin pill that will kill babies, just something that will affect performance in some applications. Remember that Intel's only purpose is making money for its shareholders, as is the case with any company that has shareholders. If it stops selling it's product, it is not fulfilling it's purpose. This was a calculated risk, and one that they will likely not be punished for very severely.
 
Back