Follow

At some point I'll have to ask for my money back...

Researchers discover new security flaw in all modern Intel processors:

thenextweb.com/security/2019/0

@fribbledom well it's broken but should we care? I'm not buying a new computer just because of some spectre scare. In fact I have all the mitigations off

@piggo

Well, I think we should. If you buy a new car and the air condition turns out to be a fire-hazard, the solution isn't to remove the AC you paid for, but to have it fixed.

@fribbledom well, sure, but Intel won't replace our processors. And even if they did, you'd need a new motherboard because they switch the socket so often. What's the alternatives? Get AMD, same problem plus a whole new unknown

@piggo

I really think they should and am still surprised this hasn't been taken to court so far. You paid for something that's now either a whole lot slower or insecure.

@fribbledom I agree it kind of lends itself to a class action

@piggo

I agree. It's certainly not a battle for you or me to fight, though. But imagine running a huge server farm with thousands of machines and suddenly you got to stock up by ~20%.

@fribbledom can we just... get rid of speculative execution at this point? surely things are fast enough without it now

@fribbledom I don't understand why this article doesn't name the issue but does include BitDefender's marketing stuff?

@shaderphantom

I wish I had a better article to link to, but I'm afraid all the good ones I've read are written in German.

@fribbledom HAhahahahahah.... there is nothing to do. Life just gets a little bit worse. Weh.

@fribbledom fucking straight up, I need my 6800K to last until AMD launches TR5. These nerfs are making that next to impossible.

@fribbledom Wait, the Spectre patches didn't patch Spectre 1a?! The Project Zero guys ought to get into it I guess.

@fribbledom If their security problems keep up, someday soon you’ll be able to just take the money back.

@a @fribbledom the advantages of it, like branch prediction, allowed the pipe to not have to flush as often. The downside, if you get it wrong in HW, you are basically vulnerable

@jeffmc @fribbledom I’m less and less convinced “if you get it wrong in HW” is the right framing. Instead, it seems like the idea is fundamentally vulnerable to certain classes of attacks, which require specific mitigations. “Working as designed”, just with a poorly-thought-out design.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!