Major design flaw in Intel chips

Discussion in 'Science, Technology & Car Chat' started by xaznxryux, Jan 3, 2018.

  1. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    Huge security flaw in intel chips produced in the last 10 years, including ARM, meaning most of PCs running on intel chips, most android phones running on ARM

    tl:dr two major vulnerabilities are found

    1. Meltdown, affects Intel chips and lets hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory and steal passwords.


    2. Spectre, affects chips from Intel, AMD and ARM and lets hackers potentially trick otherwise error-free applications into giving up secret information.

    [​IMG]

    The entire technology world is talking about it, as concerns over performance dips after patch is applied

    https://www.reuters.com/article/us-...ly-all-phones-computers-at-risk-idUSKBN1ES1BO
     
    #1 xaznxryux, Jan 3, 2018
    Last edited: Jan 3, 2018
    • Informative Informative x 1
  2. nikkyh

    nikkyh Well-Known Member

    833
    103
    180
    That Spectre logo is cute~
    I liked how Intel CEO dumped his shares back in Dec :lol:

    But yeah, only real performance hit so far, are databasing and compiling workloads, High I/O High network activities. None of which concern the average consumer...directly.
    Consumers with PCI-E NVME SSDs however will be affected badly though...but that's a small number of people...
     
    • Like Like x 1
  3. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    yea i'm in charge of patching 5000 servers right now as an emergency, fuck my life lol, our fear is the performance hit will affect mostly our database servers running on sql server, i'm also reading that it might affect virtualization, which we have a lot of as well :(

    the intel CEO dumping his shares just screams of inside trading
     
    • Agree Agree x 1
  4. ailyeric

    ailyeric Well-Known Member

    1,268
    350
    415
    CEOs does that all the time. Equifax, WellsFargo, Groupon....... i can go on and on and on lol
     
  5. Jeff

    Jeff 神之馬壯

    7,976
    576
    497
    Jesus christ it's basically all of the Intel processors lol

    Which security software's are you guys running or do you guys don't even run it?
     
  6. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    we use ESET as our security software but I was POCing a software called solarwinds that can automate the windows patching. I don't really need it for Linux as i can script those.
     
  7. ailyeric

    ailyeric Well-Known Member

    1,268
    350
    415
    i just use the microsoft security on windows7 and windows defender on windows 10. no worries from me. sextapes goes strait to external hard drive and i never save pw on laptop lol
     
    • Like Like x 1
  8. Jeff

    Jeff 神之馬壯

    7,976
    576
    497
    Yep, basically only Windows Defender as well. Usually I just run a Malwarebytes every once in a while as well. I figured if you know what you're clicking/downloading on the web, you don't really need to install another one.

    Should ask shinobi what he uses to protect his PC from all the sextapes :shino:
     
    • Like Like x 2
  9. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    I actually use ESET at home as well, imo, it's worth the money, especially i have a lot of work files on my own computer, it's firewall is very sensitive (which could be good or bad depending on situation), for me it can get annoying if i am doing a lot of work revolving insecure ssl
     
  10. nikkyh

    nikkyh Well-Known Member

    833
    103
    180
    Oh dear, yeah...If you're running servers + virtualization, you'll definitely feel the hit. Feel sorry for you :sad: Basically anything that involves a lot of syscalls, you're screwed.

    I also feel bad for the less technical consumers. They'll wake up in the morning after a windows automatic update and get a performance hit, especially on older systems without PCID, and wonder, what's going on...


    Technically all x86 based processors are affected, Intel, AMD and ARM (smartphone)


    :lol::lolwut:
     
    • Like Like x 1
  11. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    yup, it's not entirely bad, i was able to convince them a fast rollout will be more catastrophic than anything. If we learned anything with wannacry, we patched a database server and it went hard down and never came back up, so with this we are able to slow roll, so gives me time to whip up some handy scripts
     
  12. nikkyh

    nikkyh Well-Known Member

    833
    103
    180
    I suppose, people aren't able to remotely exploit it yet...though still a long road ahead, because it's a software patch, hackers will now know where to look and attack the fix itself. Will still need a hardware overhaul later down the line...AMD's opportunity to snag some market share in the data center ;)
     
    • Like Like x 1
  13. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    to be fair, most of these exploits needs server access in order to access the vulnerability, if you somehow has root access anyways, you probably won't need that vulnerability lol.

    on the other hand, i am hearing a lot of good things about EPYC, I believe Microsoft Azure and at least Amazon has start using EPYC, it'll be good to see AMD snatch some market shares as well :)
     
    • Like Like x 1
  14. ailyeric

    ailyeric Well-Known Member

    1,268
    350
    415
    competition = lower price :)
     
    • Like Like x 1
  15. xaznxryux

    xaznxryux Well-Known Member

    2,723
    392
    467
    i'd love to build an AMD Ryzen machine one day if they can keep up what they're doing