back to article Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes …

Re: I finally switch from AMD to Intel, and this is what happens.

If you bought a Coffee Lake CPU, then it's not affected.

4
6
FAIL

Re: I finally switch from AMD to Intel, and this is what happens.

Wonder if the SEC is going to investigate this.

Of course they're not going to be doing that, most regulations in the US that held back predatory forms of capitalism have been neutered and the ones that are still in place are not being enforced.

18
2

Re: I finally switch from AMD to Intel, and this is what happens.

Oh Wow, SEC on alert?

1
0
Silver badge
Trollface

GURU MEDITATIONS! PRESS LEFT MOUSE BUTTON TO SLOW DOWN 30%

IANAL but surely the chips we have, once patched, will no longer be performing as advertised?

I don't think it said on the box "Guaranteed Security At Top Performance For Any Possible Kernel"

3
15
Silver badge

Re: I finally switch from AMD to Intel, and this is what happens.

The Securities and Exchange Commission in the US? I don't think this falls in their area, does it?

No, this is a job for ...for...Bat Man?

1
0
Anonymous Coward

Re: "I wonder where we stand legally now?"

Under Australian law this probably fails the ACL guarantee and would be classed as a major problem, in which case consumers are entitled to a remedy of repair, refund, replace. The choice of remedy is down to the consumer.

Quoting the ACCC:

A product or good has a major problem when:

* it has a problem that would have stopped someone from buying it if they’d known about it

* it is unsafe

* it is significantly different from the sample or description

* it doesn’t do what the business said it would, or what you asked for and can’t easily be fixed.

I think you can certainly argue that it has failed the first of these, and probably the 3rd and 4th as well.

More details here:

https://www.accc.gov.au/consumers/consumer-rights-guarantees/consumer-guarantees

https://www.accc.gov.au/consumers/consumer-rights-guarantees/repair-replace-refund

15
1
Anonymous Coward

At the AC, re: legal stance.

If you're in the United States then the phrase you want to suggest to your lawyer is "Defective By Design". I am not a lawyer, but if it takes a major software fix to ensure security, that's pretty much spot-on the definition of a DBD claim.

If an auto maker had to fix a serious issue that robbed the engine of nearly 30% of its power delivery capacity, there would probably be a general recall & more lawsuits than you could shake a stick at. So a CPU that has to be fixed & the fix robs it of ~30% computational capacity? Yup. DBD.

15
0
Anonymous Coward

Re: I finally switch from AMD to Intel, and this is what happens.

"This year I think i will switch back to AMD. Finally some competition (again)!"

Well, for the last ten years, AMD have been competitive, it's been a trade-off between performance hit on AMD for a security hit on Intel.

AMD published their performance specs, Intel didn't tell you their hardware was compromised, but made much of their higher performance with regard to AMD.

Turns out your confidential data has been exposed on Intel hardware for ten years. But you got improved performance. That trade off could have been a commercial decision, Intel concealed the information, that makes it a problem.

12
0

Re: I finally switch from AMD to Intel, and this is what happens.

The chips will still work as advertised, it's the kernel that is being made slower.

3
15
Bronze badge

Re: I finally switch from AMD to Intel, and this is what happens.

Intel's GOJF card

They are not slowing the processor, the OS is, so no comeback on Intel

OS is slower because "security" and they are informing you before it happens, so no recourse to MS

SO basically we all get srewed and Intel MS et al. get to keep their mnega bucks

5
2
Gold badge

Re: I finally switch from AMD to Intel, and this is what happens.

The new Ryzen processors are good, but there's not a lot of software optimised for them as of yet.

0
0

Re: I finally switch from AMD to Intel, and this is what happens.

> They are not slowing the processor, the OS is, so no comeback on Intel

I don't think that argument will work for Intel. Their chips are not working to specification: the user-mode/kernel-mode separation is supposed to be policed by the CPU, and it's leaky. There is no chance of them hiding this fact.

They could try to spread the blame by claiming that some of the slowdown is due to badly coded workarounds by Microsoft etc but they can't escape the blame for workarounds being needed.

15
0

Re: I finally switch from AMD to Intel, and this is what happens.

Since the 19 nineties, I have personal experience with the shady side of Intel, hence I have stayed loyal to AMD. Many former Intel employees have voiced their knowledge of Intel's dark side.

6
0
Silver badge

Re: I finally switch from AMD to Intel, and this is what happens.

I have a Ryzen, and have yet to notice any noticible performance problems, be those from unoptimised software or just generally.

And i'm running Win7 (which apparently can't be done...?) so if there is a patch released to cripple my machine then i'm not installing it on the basis that this bug doesn't affect AMD chippery anyway.

And a point? The opposition has just slowed down by between 5% to 30%, depending on workloads. I think this has just handed AMD's Ryzen processor the performance crown.

While I tend to roundly ignore benchmarks on the basis of them being utterly artifical and very unlike real world conditions i'd be very interested to see how much of a difference this makes.

7
0
Silver badge

Re: I finally switch from AMD to Intel, and this is what happens.

"While I tend to roundly ignore benchmarks on the basis of them being utterly artifical and very unlike real world conditions i'd be very interested to see how much of a difference this makes."

Not enough. AMD's top offerings benchmark about 25% lower than Intel's. Unless Passmark have added a lengthy SQL operations section to their benchmarking this year, AMD are unlikely to be taking the top spot.

In price-per-Ghz, on the other hand, they were already running away with, and this has just turned that into an even more substantial lead.

1
0
Bronze badge

Re: I finally switch from AMD to Intel, and this is what happens.

Turns out your confidential data has been exposed on Intel hardware for ten years. But you got improved performance.

But look at the bright side; it can be compromised that much FASTER!

3
0

Re: "I wonder where we stand legally now?"

I'm wondering how this will affect the contractual relationships between compute cloud vendors and their customers when the N processors the customers are paying for no longer get the job done. Oh to be a fly on the wall during those discussions...

6
0

Re: I finally switch from AMD to Intel, and this is what happens.

So, it's a case of: Faster, Cheaper, Secure... pick two.

4
0

Re: GURU MEDITATIONS! PRESS LEFT MOUSE BUTTON TO SLOW DOWN 30%

/I don't think it said on the box "Guaranteed Security At Top Performance For Any Possible Kernel"/

No, but it did say in the CPU documentation that it definitely wouldn't allow this...

0
0
Anonymous Coward

Re: I finally switch from AMD to Intel, and this is what happens.

@EnviableOne

"They are not slowing the processor, the OS is, so no comeback on Intel"

I don't think this will wash under Australian consumer law as one of the key guarantees a product must meet is that it has a major problem entitling the consumer to a repair/refund/replace remedy if (quoting the ACCC):

* it has a problem that would have stopped someone from buying it if they’d known about it

If you had been told at the point of purchase that x months down the line, a software patch is going to be required due to a flaw in the CPU that would slow it down by a significant margin would you still have bought it?

Going a bit off topic...

If you are really stuck for something to read, the legislation setting out these guarantees is part of Schedule 2 of the Competition and Consumer Act 2010

https://www.legislation.gov.au/Details/C2015C00327

For something more readable, I would heartily recommned that everyone has a look at this:

https://www.accc.gov.au/publications/electrical-whitegoods-an-industry-guide-to-the-australian-consumer-law

I always print this out to take with me whenever I need to take something back to a retailer. It is amazing how quickly they change what they are saying when you show them that you know the law.

Shout out for KMart, Bunnings and BigW as in my experience they usually provide excellent customer service and will refund or replace even when they don't have to under the law.

Big boo to JB HiFi who basically lie to you about your consumer rights and have to be shown the document above to get them to do anything. Their weasel word "Minimum Voluntary Warranty Policy Guide" states that your rights can't be restricted then goes on to attempt to restrict your rights by stating that you are not allowed a refund after 3 or 6 months, depending on the price of the goods in question. The in store staff will always tell you that these are hard limits and you can't get a refund after these times, assuming that they haven't instead tried to fob you off to the manufacturer, which is also illegal.

https://www.jbhifi.com.au/Documents/Consumer%20Warranties%20and%20Refunds%20docs/YourRights_July2014_HR_02_v3.pdf

This is from personal experience at two seperate JB stores. Maybe others are better, but considering this guide comes from their head office I won't be holding my breath.

Please note that I don't blame the shop floor staff. I have worked in retail and know what it can be like. The problem comes from corporate policy and training. The staff seem genuinely surprised when you show them the ACL guide and point out where they are breaking the law.

Sorry. Rant over.

1
0
Silver badge

Re: I finally switch from AMD to Intel, and this is what happens.

Watching video rending test shows that that it's more like 5% difference. and I mean test with people doing encoding actual not simulated test.

1
0

Can you hear it?

That’s the sound of the world slowing down...

19
0

Re: Can you hear it?

Well, that just about wraps it up for blockchain mining!

22
0
Silver badge

Re: Can you hear it?

I assume block chain mining can be done on custom os if really needed. Else other work arounds?

5
0
Silver badge

Re: Can you hear it?

And apparently the earth's core (magnetic, not DDR) is slowing down enough to cause massive earthquakes in 2018.

I imagine that if one of those plate tectonic things decides to nudge its neighbor a bit more forcefully than usual then we won't really give two shits about a couple of nano-seconds off our processor speed.

2
12
Silver badge
Devil

Re: Can you hear it?

And apparently the earth's core (magnetic, not DDR) is slowing down enough to cause massive earthquakes in 2018.

Oh hey, someone found another copy of "Nostradamus' Terror Predictions That Are The Same As Last Year" while cleaning the attic on the 1st?

I predict war with Iran on behalf of Israel btw. My bookie says odds are good.

24
0
Silver badge

Re: Can you hear it?

**Intel Marketing Memo - Strictly Confidential**

OPERATION SNAILPACE

You’ll have read in the press about this new ‘bug’ which cripples the performance of our CPUs - this applies, of course, only to older models for which we are no longer making any money. Unfortunately, customers had begun to notice that our latest chips are not significantly faster than our older models. With this exceedingly cunning plan we are now able to market our new silicon as 50% faster than the old stuff (after adding on the standard 20% hyperbole)

This isn’t a one off either - from now on each tock will come with a crippling bug that destroys performance of older CPUs and each tick will fix the problem.

But remember - this is top secret so don’t let the press find out.

22
0
Silver badge

Re: Can you hear it?

I assume block chain mining can be done on custom os if really needed. Else other work arounds?

Intel CPUs haven't been anywhere near powerful enough for blockchain on Bitcoin for many years. GPUs have also been left well behind.

It's all ASICs.

7
0
Silver badge

Re: Can you hear it?

"Well, that just about wraps it up for blockchain mining!"

I'd have thought that something computationally intensive would be least affected as it would make fewer syscalls.

5
0

Re: Can you hear it?

> Well, that just about wraps it up for blockchain mining!

Blockchain mining is CPU-intensive, not syscall intensive (if it is then you're doing it wrong)

1
0
Bronze badge

Re: Can you hear it?

Oh hey, someone found another copy of "Nostradamus' Terror Predictions That Are The Same As Last Year" while cleaning the attic on the 1st?

I've heard 2018 is the year of the USABLE MSWindows Desktop

3
1
Paris Hilton

Re: Can you hear it? blockchain

AMD should change the name from Threadripper to Chainripper.....

Here's Paris looking for some chains right now............................................^

1
0
Silver badge

Dear Intel

You owe me five laptops and one desktop.

Please.

38
1
Silver badge

Is it time?

To just leave my Windows 7 install offline (except for games... I'm not expecting too much exploits through there) and Linux for online?

I'll need a bigger SSD for the dual boot. :( But at least I'll be safe and avoid slow downs (30% on webpages in linux is ok, but not in games :( )

16
6

Re: Is it time?

Read the article - Linux is affected too as well as Mac O/S

6
8
Anonymous Coward

Re: Read the article

He did. Re-read his post.

12
0
Silver badge

Re: Read the article

If your running Amazon S3 or Microsoft's cloud then you can't possibly ignore this. The threat is really in multi user enviroments where one user could run software that compromises another.

However, this is not so critically serious threat for a single user desktop. Ok, the flaw exists and can be exploited and could be as serious as a keylogger. But... we've been dealing with that with AV software since forever and one could choose to take a view that they could accept the risk of a malware infection that could exploit this in a single user enviroment.

4
0

Re: Is it time?

Short answer: no. The problem is in the cpu, not the OS, so your course of action is to either buy an AMD cpu, or use an older version of an OS that doesn't apply the throttling and then make sure you only use trusted software (e.g. an audio or video production workstation where you control every application that is installed and you don't browse random websites). Switching from Windows to a *n*x while keeping your affected cpu trades the same problem for the same problem.

3
0

Re: Is it time?

To just leave my Windows 7 install offline (except for games... I'm not expecting too much exploits through there)

Ben, you might want to consider some additional research. Malware targeting online games and digital marketplaces has been around for quite some time. Comparatively speaking, game consoles probably offer a somewhat reduced attack surface, but hacks of both the PlayStation Network and Xbox Live attest that nothing is 100% secure.

0
0
Silver badge

How convenient

Intel likely to sell a bunch of new chips - $PROFIT$

How about a free issue replacement chip of the appropriate generation to everyone so that we don't have to have a performance penalty or for their mistake - think its called warranty. MS will probably need to disable the hardware change = new licence thing though.

Intel could also regain trust by wrapping in the fixes for other big screw-ups too - like the management chip, which can be disabled or better still removed.

Oh and don't forget all the microcode changes too.

27
0
Silver badge

Re: How convenient

Intel could also regain trust

What, after this? And following so quickly on the Puma 6 fuckup, and the Intel Management Engine fuck up, and a good fistful of older mistakes. Intel are as trustworthy as Microsoft, Google, or even Uber. The US tech sector at its finest.

Intel: Fuckups R Us.

76
0
Bronze badge

Re: How convenient

"Intel could also regain trust by wrapping in the fixes for other big screw-ups too - like the management chip, which can be disabled or better still removed."

That wouldn't regain my trust at all. Trust is only regained over time, by having a track record of not doing bad things.

37
0
Flame

Re: How convenient

Ahh, an opportunity to phase out all those old, exposed and patched NSA backdoors with a bunch of new ones, globally, all while making nice profit selling new CPUs without upping any specs. How convenient indeed.

24
0
Silver badge

Re: How convenient

"Trust is only regained over time"

And a lot, lot more slowly than it gets lost.

23
0
Silver badge

Re: How convenient

Intel could also regain trust by wrapping in the fixes for other big screw-ups too - like the management chip, which can be disabled or better still removed.

That would be a step in the right direction, getting rid of their mis-management chip might help clear complications in design.

It's like that damn IOT, always adding new 'features' and 'snoop'.

When exactly did good sensible engineering go out the window in favour of marketing ideas which seemed great in endless ego preening meetings and then were badly implemented in a hurry on the way to the next ego preening session,..

...Just asking....I've not bought Intel since Atom. The only d/w purchase I regret of late, an Nvidia GPU, nothing but an ugly boot up and a series of weird incompatibilities...

7
0
Silver badge

Re: How convenient

How about a free issue replacement chip of the appropriate generation

Which *might* be OK for desktops and mini-PC formats (assuming that the processor isn't soldered in place) but isn't going to work for laptops (I've yet to see a laptop made in the last 20 years where the processor isn't soldered in place).

Nope - it's going to have to be a nice new AMD-based MacBook Pro for me, paid for by Intel..

(And 4 new Xeon chips for my server, without the bug plus compensation for the downtime and effort of replacement - probably easier for Supermicro to just send me a new server sans drives and let me just swap them over..)

And 400 new processors for work.

5
0
Silver badge

Re: How convenient

all while making nice profit selling new CPUs without upping any specs

What is this "selling" you speak of? I think you mean "replacing free of charge while not admitting liability..".

3
0
Silver badge

Re: How convenient

"When exactly did good sensible engineering go out the window in favour of marketing ideas"

Probably about the time model numbers were replaced by names.

3
0
Silver badge

Re: How convenient @CrazyOldCatMan

You may be right about soldered processors in Ultra books or NetBooks, but I can assure you that many business laptops from people like IBM/Lenovo, HP and Fujitsu still have their processors in sockets.

It's just the ones where the supplier does not care about maintenance and also tend to use glue to hold the systems together that don't.

2
0

Re: How convenient

"Nope - it's going to have to be a nice new AMD-based MacBook Pro for me, paid for by Intel"

Do you know something we don't about Apple's plans, because last I looked there was no AMD based MacBook Pro, and I doubt there will be.

2
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018