Good start of the year for AMD – the Intel CPU flaw…

33

Just read the article about the Intel microcode flaw – https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Nice to take a 5-30% performance hit on your hardware… Is this the dawn of a new throttle-gate…? Sigh…

Comments (33)

33 responses to “Good start of the year for AMD – the Intel CPU flaw…”

  1. Paul Thurrott

    LOL yep. That's what you get for partnering with AMD :)

    • seapea

      In reply to paul-thurrott:

      ? I don't get the joke. This is an Intel specific bug/security issue.


    • jpwalters

      In reply to paul-thurrott:


      Probably should just respect this as a simple joke -- but I see a bit of tom foolery here Paul.


      I don't think it's wise to hold longstanding animus towards AMD for their previous blunders (Athlon, Bulldozer, etc.) -- as much as it may be justified -- much in the same way you point out that Microsoft should be free to make it's own chain of blunders without customers holding similar animus (Windows Mobile, Band, Groove).


      I think a more consistent philosophy with impartiality is caveat emptor! The "buyer" alone is responsible for checking the quality and suitability of goods before purchase is made. I think in the past that was what you were trying to promote -- we should all be responsible purchasers.


      It's funny the reason I picked Microsoft for it's Band, it's Phone, or AMD for it's Ryzen 7 processor is probably similar. I want to financially reward the underdog to disrupt a market that doesn't favor them. It's also why I bit on the OnePlus 5T, BTW.


      Much of Intel's world of hurt in my opinion in a sense is the karma deficit caused by the Andy Grove "Only the paranoid survive" mentality. For years Intel was a very oppressive company, dishing out 5% upgrades year after year, forcing new chipsets uncessarily at customer's expense. It made them very rich and made them command a heavy lead over time. We bought their chips because we had to. Now we don't. AMD represents at least a compelling alternative -- and we should acknowledge that wholeheartedly. As an aside Brad had bad luck with his ThreadRipper rig -- but think it would be worthy to consider an Alienware or some other machine for review ought to be on the radar, if not for self enlightenment, perhaps for impartiality.









  2. Polycrastinator

    My big concern here is that this sounds like a fairly drastic fix that will need to be applied to the OS. Will it be bug free? Will it break software?

  3. ianceicys

    Oh the fun is really hitting us in both aws and azure now due to the 'patch'.


    After the AWS and Azure forced reboot for Meltdown, Multi-MILLION CONSUMER FACING Service is seeing a pretty significant time drift on servers (~7 seconds per minute). We've hacked a scheduled job to continually sync time to avoid problems with API timestamps causing failures. We've reported an incident to both AWS and Azure and this IS a known issue. Latest response: Thanks for waiting. I advised you that there is currently a known issue where instances in M4 and R4 families show continuous time drift and a high severity investigation is being carried out. At this stage the only workaround is to change the instance type to C family such as C4.Xlarge.


    Same thing from Azure with the recommendation being to move to Standard_F64s_v2.


    This is gonna be pretty expensive pretty fast...


    m4 ~ $0.062 per Hour

    c4.XL ~ $0.126 per Hour

      • ianceicys

        In reply to offTheRecord:

        gladly. Lawyers love these types of things. We have 3 year contracts for Guaranteed Performance and well guess what what was a m4 a week a go is no longer an m4. Amazon and Microsoft lawyers are going to have a field day going after intel....but as an aws and azure customer we sure as heck aren't paying.


        For illustrative purposes:


        1/2/2018 - 1000 instances for 24 hours = ($62/hr x 24) = $1,488

        1/5/2018 - 1000 instances for 24 hours now cost: ($126/hr x 24) = $3,024


        Someone....cough cough cough intel is gonna be paying the $1,536 difference per day that's for sure....we aren't.


        Lawyers love contract disputes.

  4. JimP

    <quote>

    Protecting a Windows PC is complicated right now, and there’s still a lot of unknowns. Microsoft, Google, and Mozilla are all issuing patches for their browsers as a first line of defence. Firefox 57 (the latest) includes a fix, as do the latest versions of Internet Explorer and Edge for Windows 10. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or even macOS. Chrome, Edge, and Firefox users on Windows won’t really need to do much apart from accept the automatic updates to ensure they’re protected at the basic browser level.

    </quote>


    One wonders how the JavaScript can break out of its sandbox to access kernel memory in the first place.


    www.theverge.com/2018/1/4/16848976/how-to-protect-windows-pc-meltdown-security-flaw

  5. JimP

    Not so fast. AMD has a similar security vulnerability called "spectre".


    www.extremetech.com/computing/261439-spectre-meltdown-new-critical-security-flaws-explored-explained

  6. seapea

    how did this story got so blown out from what is actually true?

    what were the magic words that made so many people lose their cognitive ability?


  7. ianceicys

    Houston, we have a problem.


    https://meltdownattack.com/


    Intel screwed everyone. Microsoft Azure just lost billions and even 5% overhead blows Green/Carbon neutral Datacenter benchmarks to smitherians. Amazon AWS just lost billions, so did Google's GCP.


    Thougths on Meltdown?


    https://www.nytimes.com/2018/01/03/business/computer-flaws.html


    Chipmakers like Intel will have to do a full recall-- unclear if there's even manufacturing capacity for this-- OR customers will have to wait for secure processors to reach the market, and do their own risk analysis as to whether they need to swap out all affected hardware.


    Reading unprotected memory is a huge issue for cloud providers....things like SSNs in memory, Credit Cards are not required to be encrypted in memory, passwords, it's truly frightening.


    “Whereas Meltdown is an urgent crisis, Spectre affects virtually all fast microprocessors,” Mr. Kocher said. An emphasis on speed while designing new chips has left them vulnerable to security issues, he said.


    We’ve really screwed up,” Mr. Kocher said. “There’s been this desire from the industry to be as fast as possible and secure at the same time. Spectre shows that you cannot have both.”

    • Polycrastinator

      In reply to ianceicys:

      A full recall? That's hilarious. Always someone there to be breathlessly panicked. This may turn out to be bad, but that's absurd.

      • ianceicys

        In reply to Polycrastinator:

        Oh the fun is really hitting us in both aws and azure now due to the 'patch'.

        After the AWS and Azure forced reboot for Meltdown, Multi-MILLION CONSUMER FACING Service is seeing a pretty significant time drift on servers (~7 seconds per minute). We've hacked a scheduled job to continually sync time to avoid problems with API timestamps causing failures. We've reported an incident to both AWS and Azure and this IS a known issue. Latest response: Thanks for waiting. I advised you that there is currently a known issue where instances in M4 and R4 families show continuous time drift and a high severity investigation is being carried out. At this stage the only workaround is to change the instance type to C family such as C4.Xlarge.

        Same thing from Azure with the recommendation being to move to Standard_F64s_v2.

        This is gonna be pretty expensive pretty fast...

        m4 ~ $0.062 per Hour

        c4.XL ~ $0.126 per Hour

  8. wunderbar

    So, this keeps getting more wild. There's no confirmation that it actually goes back this long, but the feature that this bug is in was first introduced in the Pentium Pro Processor. In 1995. It's called speculative execution and it's designed for the processor to predict what task is next and load that into memory before being asked.


    Again, the bug might not go back quite that far because I'm sure that the speculative execution piece has evolved over the years, but the fundamentals are the same so it is entirely possible that this is a bug that has existed in Intel silicon since 1995.

    • matsan

      In reply to wunderbar:

      If it goes back more than one year it would be a disaster, all of the computers in use needs to be replaced or run with crippled performance.

      I guess the Linux guys will be first out of the gates and we'll see the performance penalty then.

  9. jimchamplin

    NOT looking forward to this. I’m a buyer of used hardware and this is going to affect me for years longer than people who can afford new machines. I can only hope that my use - light desktop work, gaming, and non-pro development - isn’t overly drained.

  10. John Scott

    First management engine and now this. I have to wonder how this will affect Intel. From what I have read so far its sort of up in the air how significant a hit on performance this will be. Certainly the CPU is a big hardware expense in terms of hardware in a PC. Also had read some ARM CPU's could also be affected.

    • wunderbar

      In reply to John_Scott:

      It's hard not to get super technical when trying to parse this, but the bug seems to be in a feature where intel CPU's guess what micro code needs to be loaded next, and loads it before the ask, so it's ready to be executed right away. there's a memory leak in that function which causes the issue. AMD is not affected by this because they don't have that technology in their processors.


      that indicates that the types of systems that will see the biggest impact will be highly sequential, predicable tasks. Things like highly virtualized environments, database actions, etc. More "unpredictable" workfolows will be less affected.


      If that does turn out to be the case, the average home PC won't see much of an impact at all. It'll be server farms and datacenters that see the biggest impact.

  11. wunderbar

    AMD should be hitting the marketing on this super hard, as soon as possible. This bug is specific to skylake and newer intel processors (on the consumer side. there are a bunch of Xeons affected as well), AMD handles the kernel memory different and isn't affected by this.

    • Jules Wombat

      In reply to wunderbar:

      AMD and ARM chips are also impacted by Specter <sp> as well, this is NOT just an Intel issue

    • John Scott

      In reply to wunderbar: Completely agree, but interesting that this Intel issue is probably a big feature that has placed it ahead of AMD in terms of speed. I've read it goes as far back as Hazwell CPU's possibly more. Only the beginning of Intel's problems I think.


      • wunderbar

        In reply to John_Scott:

        While saying it's hard to speculate until more concrete info comes out, I'm going to do it anyway and make a guess based on what I'm reporting that this might go all the way back to the initial Core processors. That was the last time Intel had a completely new architecture. Everything since has been an iterative upgrade based on the same fundamentals.


        I could be wrong, it's hard to tell with very little in the way of official word yet. We have the general idea of what the problem is, but without any technical documentation released we don't really know yet.

  12. ianceicys

    This is really really bad. Would love to hear Paul or Brad chime in on this. Opportunity for ARM?


    https://news.ycombinator.com/item?id=16060855

  13. Nic

    This is going to be really bad. Database admins are ready to storm Intel.

  14. Polycrastinator

    It'll be interesting to see whether Microsoft et al just decide to sandbox the kernel everywhere, regardless of the processor that the OS is running on: that this fix is apparently being applied to ARM architectures too would suggest that, in which case AMD gets no benefit from this. Kind of a shame, a 30% hit might bring AMD's single threaded performance in line with Intel's.

  15. ianceicys

    Consider if a major car brake manufacturer discovered that there was a design flaw in the brakes that prevented them from functioning in certain situations. It'd be facing multiple lawsuits by now whereas Intel is going with "our chips are the most secure ever" line.

Leave a Reply