Reefa Posted January 25, 2018 Share Posted January 25, 2018 Intel plans to have versions of its processors directly addressing the Spectre and Meltdown security flaws on the market later this year, the chip-maker has confirmed today. News on the processor update came during the earnings call with Intel CEO Brian Krzanich, after the company announced better-than-expected results for Q4 2017. Indeed, while the market was predicting revenues of $16.34 billion for the three month period, Intel says it actually brought in revenues of $17.1 billion. That’s up $730m on revenues in the same quarter a year ago. Full year revenue for 2017 came to $62.8 billion. What many wanted to know, however, was just what Intel was doing about the Spectre and Meltdown issues that had been identified earlier this month. Three flaws, independently discovered by different teams of researchers including Google’s Project Zero group, could have a significant impact on computer and server security. By exploiting them, hackers could access data in supposedly secure parts of the system, for example. Krzanich opened the Intel earnings call with security at the top of the agenda, saying that the company was working “around the clock” to address the issues. Software fixes, however, aren’t sufficient the chief executive admitted, saying that Intel was “acutely aware” that it needed to do more. However, he also had information on just what that would be. Changes to processor architecture are in the pipeline to permanently bypass the Meltdown and Spectre loopholes. However, it’ll take a little time to get them ready, and Intel says that the updated chips won’t be available on the market until later in 2018. It’s unclear what ranges Intel is prioritizing, since the security flaws affect so many models. Nonetheless, it’s not hard to see this as a potential win for Intel in the long run. While Q1 may end up taking a hit since that’s when the Spectre and Meltdown situation was revealed, for many the only way to fix it – without the performance hit involved in the current patches – will be to buy new chips altogether. If Intel can prevent those customers from jumping ship, and minimize whatever sweetening of the deal is required, it could see a much faster turnover in processor lifecycle than it might have originally expected. For the moment, though, it’s software fixes to the rescue. They’re hardly finalized either, with Intel forced to recommend holding off on the previous batch of patches for certain processor families after users observed greater than average reboots as a result. source Link to comment Share on other sites More sharing options...
straycat19 Posted January 25, 2018 Share Posted January 25, 2018 Just another way for them to extract money from hard working people's pockets. What is really amazing to me still is everyone jumping out of their skin over a fault (I won't use the term vulnerability since the only time it has been exploited is in a lab, under lab conditions, and then only as a proof of concept exploit.) that has existed since 1994. And their could be others we don't know about. So if your machine is in a lab, and it is setup in the same specific way the test machine was, and you have the proof of concept code to run on it, then I would be concerned, but only if you are in fear of hacking your own data. Link to comment Share on other sites More sharing options...
flitox Posted January 26, 2018 Share Posted January 26, 2018 and in 10 years or less, we will heard that these new safe chips have indeed another flaw in them Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted January 26, 2018 Administrator Share Posted January 26, 2018 Last time I checked, whole change to the CPU architecture is said to take about a few years. So I'm not sure how they intend to fix it so fast. While AMD's performance on gaming is still below par even after slowing of Intel processors, AMD's processor are looking more and more good now I think. Link to comment Share on other sites More sharing options...
straycat19 Posted January 27, 2018 Share Posted January 27, 2018 On 1/26/2018 at 12:25 PM, DKT27 said: Last time I checked, whole change to the CPU architecture is said to take about a few years. So I'm not sure how they intend to fix it so fast. While AMD's performance on gaming is still below par even after slowing of Intel processors, AMD's processor are looking more and more good now I think. The good news is you don't need the latest and greatest CPU or GPU to play the games and get decent graphics. AMD processors looked very good back in the late 90s and were a good match for intel processors at a fraction of the cost. Then AMD was kind of quiet for a number of years. But the new Ryzen chips have a lot going for them if you are on a limited budget and want bang for the buck. CPU architecture hasn't taken Intel that long to change historically if you remember the 1994 Pentium 60 debacle. Shortly thereafter they released the Pentium 66 and it did not have the bug in it. Though that bug only applied to scientists who were doing calculations that required an extreme number of decimal points. For the normal user it had no effect. Link to comment Share on other sites More sharing options...
haxzion Posted January 29, 2018 Share Posted January 29, 2018 Good news from Intel and when those super safe chips will get released, i will demand a replacement of my 8700k cause when i bought this CPU for a premium price, Intel advertised it was fast and secure while they knew it wasn't. So it's either a replacement or a lawsuit, i'm just waiting. Link to comment Share on other sites More sharing options...
steven36 Posted January 29, 2018 Share Posted January 29, 2018 Sounds like Y2K all over again Get your computer Y2K ready https://www.theguardian.com/technology/1999/sep/08/y2k The Revolutionary Armed Forces of Colombia put in beta copies of Windows 2000 because everyone believed that all windows 98 pcs ans older would stop working . and they still work today if you still have one lol. It just like people who kept using XP after 2014 would catch a zombie virus and it never did happen. this why i hardly even read the news any more or even use windows it's all marketing and about selling you something new . I just sit back on Linux on my old AMD and Intel boxes and it auto updates my firmware to patch these scare monger vulnerabilities and on windows you will be even lucky to find patches for a older PC . Only reason anyone needs windows anymore is if they game or are some kind of business that sold there soul to Microsoft products. Most consumers have switched to android . Even most videophiles use a phone to access the Internet and a TV box hooked to the Internet to watch videos anymore . You can buy one for a 100 bucks lol. I still use PCs and i'm considered old skool, just not with windows anymore very often. I still have windows on a partition on one my pcs but it's too much trouble wasting hours of my life hunting down software updates so i don't bother booting into it very often . On Linux once i install some kind of software I only have to do it once and then from then on it Auto updates for up to 5 years for free so I spend most of my time doing things i enjoy . While the consumer version of windows gets 2 unstable versions a year to beta test for business . All most 3 years in and Windows 10 has not got anymore stable and it never will tell the next CEO comes in and redoes marketing lol. Microsoft turned there back on us all , unless you want to beta test new versions of windows 10 every 6 months or have money to buy a long term solution like Enterprise they could care less about you, and they use to really back a release for 10 years for everyone. So i turned my back on them, while the Linux Desktop market may still be small, it keeps growing more and more with every new version of Windows 10 . The mobile market and the version that uses Linux has over took windows . They wont never be a year of the Linux desktop, just like they want be another year of Windows again . Desktops are going become more and more niche as time goes by . Normal people are not interested in buying new CPUS for these dinosaurs . You would be lucky if you could get them to fork out a few 100 bucks for a top of the line TV box to install Kodi on lol, many buy cheap China android boxes for a 100 bucks . In this day and age you have to have a reason to still use PC ether you use old hardware keep in mind most windows 10 boxes came with Vista- Win 8.1 . Only people who buys new PC hardware are gamers and business witch account for only like 60% of the PC market and business don't by new hardware but about every 6 years. Anymore i spend 80% most of my spare time time around the real piracy scene witch has been over token by streaming and even 80 old year old grandmas do it and its full of people who care less about it , there mostly noobs . And I spend the other 20 % of my time around you technical people who still use PCs you're a dying breed . Even at this site the mobile part of the forum be jumping and some old timers don't like it lol. Link to comment Share on other sites More sharing options...
straycat19 Posted January 29, 2018 Share Posted January 29, 2018 Windows is definitely only for gamers and businesses, although we use a lot of linux systems at work for various things also. Personally, I keep windows systems because I game and because I am on everyone's speed dial if they have a computer problem. I have two new high end windows systems that haven't been turned on since I built them and installed windows. I have a Kaby Lake system (i7-7740X, ASUS ROG Rampage VI Extreme LGA 2066 X299, 128GB DDR 4200, Samsung 960 Pro M2 2TB, Samsung 860 Pro SSD 4TB, and EVGA GeForce GTX 1080 DirectX 12 8GB) that I built only to prove that I could install windows and it would update in contravention to what Microsoft claimed. One of these days this will be a gaming machine, in the meantime it is one very expensive paperweight. I also point out that in 2017 linux recorded 453 CVE vulnerabilities while Windows 10 had 268 CVE vulnerabilities, so linux isn't the ultra secure OS that many people claim it to be. But as @steven36 pointed out, updates are not a problem and much less time is spent on 'fixing' the system. And although linux isn't malware free, it is many times more secure than windows since there isn't much interest in attacking a platform that isn't predominant in any part of the world. And we all remember Y2K and all the articles on the possibility of all the computers in the world crashing. It never happened. The Pentium 60 bug didn't cause space vehicles to crash or fly out of orbit because a calculation to 150 decimal points was one digit off. Nor will the spectre/meltdown cause everyone to lose their important login and account data just because a couple people with too much time on their hands were able to find a flaw in chips that has been around for 24 years. These things always remind me of the Chicken Little story (http://www.mainlesson.com/display.php3?author=treadwell&book=primer&story=chickenlittle). Chicken Little being the researchers and the sky being whatever vulnerability they found that might be able to be exploited under specific lab conditions. In the meantime, turn on your computer, whatever the OS, and do what you do, with the confidence that your system isn't sitting in someone's lab for them to spend hours figuring out how they might be able to get to your data. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted January 29, 2018 Administrator Share Posted January 29, 2018 I again maintain that these vulnerabilities would not have given much care if it was not for it's fix's impact on the performance. Another thing is, as gaming is mentioned above, graphics card have got driver updates to prevent this vulnerability, because one of them depend on CPU for some things. Now, even though this may not cause issues. But after installing those driver updates, benchmark show atleast a few percent of effect on performance. But guess what, it does not impact the gaming much. Infact, last time I checked these vulnerabilities have effected gaming from not much too highly enough. It is said that games do not use CPU much and even if they do, they do not use kernel much, atleast not as much as other things do so. Link to comment Share on other sites More sharing options...
steven36 Posted January 29, 2018 Share Posted January 29, 2018 6 hours ago, straycat19 said: I also point out that in 2017 linux recorded 453 CVE vulnerabilities while Windows 10 had 268 CVE vulnerabilities I point this out Why are there fewer vulnerabilities in other operating systems, compared to Windows? Quote Marc Verwerft, IT Specialist at IBM In order to compare something to something else, you need metrics. Is X larger/better/faster/… than Y? For simplicity sake, I’ll briefly compare 3 producers: Microsoft Server 2008, MacOS and Linux. Feel free to further investigate other products, but eventually, the conclusions will be the same I think. Number of distinct vulnerabilities per product CVSS Score Distribution For Top 50 Products By Total Number Of "Distinct" Vulnerabilities does provide that. This lists the products (vertically) and the number of vulnerabilities separated by their scores horizontally. The linux kernel has a total of (as I write this) 1837 vulnerabilities, MacOs has 1821, Windows server 2008 has 846. Now take a good look at the numbers: Linux: 566 for a score of 4–5, and only 116 for 9+. MacOs: 412 for 6–7 score and 331 9+ Windows Server 2008: 296 for 7–8 and 276 for 9+ You don’t need to be a genius to see that there’s a large difference. Have a look at the second part of the table (in % of total), there it’s even clearer: Only 6% of vulnerabilities in linux are 9+. For Windows server 2008, it’s a staggering 33% !!! One vulnerability out of 3 detected for this OS is a gigantic loophole. For MacOs, it’s 18 % - almost 1 out of 5 vulnerabilities gives an attacker a chance to easily compromise the system. Reasons for better reliability and security of Linux Free & open source Many reasons can be traced back to the fact that Linux is “Free Software”, managed by a very intelligent guy (Linus Torvalds) using a sophisticated methodology for inclusion of new features or bug fixes in the kernel tree and using a terrific toolset from GNU. Anybody can read and investigate the code since it is freely available. Anybody can contribute, but each contribution is thoroughly tested and reviewed before Linus accepts it. They have a complete audit trail of each and every modification to the kernel. Unix philosophy Linux is a unix system. The design philosophy of a unix system (dates back to 1978!!): Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features". Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Avoid stringently columnar or binary input formats. Don't insist on interactive input. Design and build software, even operating systems, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them. Use tools in preference to unskilled help to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them. Multi-user, multitasking from the ground up Unix, from the very beginning, was always an OS for “more then one person” that worked on the same computer. As Linus told: his first codings had to do with resource sharing before anything else. Compare that to the idea of a ‘Personal’ computer where the assumption was that only 1 person at the time could use the system. Only afterwards, multi-threading/tasking and multi-user was added to MS windows. Polylithic (vs. monolithic) design The GUI centric design of Windows ‘encourages’ the design of more monolithic programs. The user interface of a program is usually closely inter-related with the business layer. Often the internal modules of the windows system are not cleanly separated. In unix, it’s customary to write a program that can be started from a commandline. You hand over all arguments and options thru ‘switches’ (like -v gives the version of a progrm). A GUI would then interface only to the commandline, not to the inner structure of the program. Standards conform (or not invented here syndrome) Linux (to a very large extent) has always tried to adhere to standards or use a standard, already existing implementation for anything they design/write. Back in 1990 or so, the idea of MS was to ‘distinguish’ itself from other software by doing it their way. The idea behind it was to provide some ‘personality’ an to ensure vendor lock-in after a while. Alas, it is also the source of many flaws and inconveniences (like CRLF vs LF, // vs \\, …). As the saying goes: Those who do not understand UNIX are condemned to reinvent it, poorly. -- Henry Spencer, programmer. https://www.quora.com/Why-are-there-fewer-vulnerabilities-in-other-operating-systems-compared-to-Windows Windows 10 is only 2 and half years old it has since 2015 (95 ) 9+ Vulnerabilities The Linux Kernel has only (124) 9+ Vulnerabilities since 1999 % Of Total 6 Windows 10 has a staggering score of 19 witch are the ones you have to really worry about . Vulnerabilities are rated on a scale from 0-9 there not all the same lol. Most bug fixes i install on Linux are not marked urgent . The longest I remember anyone waiting on a patch that involved a Linux Distro since i been using it, was when Ubuntu released a botched Intel Driver in the Linux Kernel that upstream (Linus and the rest ) told Ubuntu to never turn on to began with, that bricked new lenvo laptops with Ubuntu 17.10 . The fix was already there all you had to do was install Linux Kernel 4.14 with Ukuu and it fixed it. They removed Ubuntu 17.10 from downloads and redone the ISOs with the SPI driver disabled. Anything else since I been using Linux by the time it makes it to the news it already on updates no matter how bad it is. Only reason it took Ubuntu a few weeks it was the Holidays when updates slack off tell after the new year. What it done was brick the bios were if you was dual booting with windows you could not get into windows after you installed it on new Lenvo laptops but all you had to do was update the kernel and it fixed it because upstream never enabled it . But people had a panic attack. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.