If accurate, this doesn't look good (for many applications): http://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
This is horrifying. [:@] I hope it turns out not as bad as initially reported.
My opinion: It's much too early to judge. Not enough info has been released and much of what is in the articles I've read is speculative. Early reports on the Linux patch show about 15-17% on some apps. Games don't seem to be affected, again on Linux patch. It seems it may affect IO intensive apps and virtualization platforms the most, which hits Logos. There's much speculative wording in every article I read. I would guess that once the security flaw is patched, there will be another round or two of patches, finding ways to optimize. Most newer CPUs may be less affected by the issue. AMD CPUs do not have the flaw, but it's unclear whether the OS patches will apply the security fix to both; it's reported that the Linux patch does apply the fix to both processors. This issue affects every PC or device using an Intel chip, independent of OS, so it impacts Windows, Mac, and Linux users.
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.
Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.
Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.
Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.
Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.
There's a fairly lengthy discussion on Slasdot and the consensus is that this only effects Intel processors. https://it.slashdot.org/story/18/01/02/221254/kernel-memory-leaking-intel-processor-design-flaw-forces-linux-windows-redesign Once the patches are available next week and the embargo on reporting is lifted we should know exactly what the problem is and how effected each of our personal computers may be. Either way, as Intel admits, it's not a question of if but of how much our computers are going to be slowed down. I smell class actions in the air. Do you? It reminds of the Pentiums that couldn't do math. That fiasco was minor compared to this.
There's a fairly lengthy discussion on Slasdot and the consensus is that this only effects Intel processors.
If that's what it's still saying, it's wrong. https://www.nytimes.com/2018/01/03/business/computer-flaws.html
There are two vulnerabilities, "Meltdown" and "Spectre."
The Meltdown flaw is specific to Intel, but Spectre is a flaw in design that has been used by many processor manufacturers for decades. It affects virtually all microprocessors on the market, including chips made by AMD that share Intel’s design and the many chips based on designs from ARM in Britain.
Also of significance is that there is apparently no microcode or software fix for Spectre. Only new CPUs can correct the problem. That's the latest I've seen on the issue, through last night and into this morning (Thu Jan 4).
-Donnie
