Microsoft Details Performance Impact of Spectre and Meltdown Mitigations on Windows Systems

Microsoft's Windows chief Terry Myerson on Tuesday outlined how Spectre and Meltdown firmware updates may affect PC performance. From a blog post: With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don't expect most users to notice a change because these percentages are reflected in milliseconds.

With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance. With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.

Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation. Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel.

Really?

This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

This is a complete cop-out.

People will need to balance their security against their performance.

While this isn't MS's doing, it's Intel, MS is essentially side-stepping this and saying "bummer, dude, but you should decide if you need performance or security".

No wonder this patch borked some systems, it sounds like it's something they half implemented, rushed out the door, and then threw up their hands.

Re:Really?

What — exactly — do you expect Microsoft to do? They didn't make the hardware and they can't fix this in software. I believe the fact that they're offering the choice (on Server at least) of suffering the performance impact or not shows an extraordinary degree of pragmatism. I honestly can't imagine a better response; how would you have them change it?

Re:Really?

Actually, this is a software (more precisely, a compiler) problem. The problem is that the modern compilers
make it difficult for these modern CPUs since they don't clearly instruct the CPU on how to proceed.
So the CPU has to speculate (a.k.a. guess) what instruction it should do next. If the compilers produced
better code in a more organized fashion, then the CPUs wouldn't have to be guessing all of the time, amiright?

(Hey, you know this is the next step in the blame game - watch somebody make a serious thread of this.)

CAP === 'spells'

Re:Really?

This is too:
"Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel."

It's pretty fucking obvious that MS are trying to take advantage of the situation to get more users to finally switch over to Spyware 10 by fearmongering.

Well I'm sticking to my Windows 8.1 Pro and I won't be applying the kernel patch AND I will be totally safe. We have lived with this "flaw" for more than two decades without a single person noticing it or being affected by it. That isn't going to change. I don't run untrusted software, I use AV, antimalware/antispyware and I have two firewalls in place. I am 100% unconcerned about the Meltdown "flaw" and I 100% guarantee that I'll suffer zero ill affects from not downgrading my kernel.

Re:Really?

Yea, that's not why speculative exists at all.

Re:Really?

How dare Microsoft (and Linux) (and Apple) program these CPUs as specified by the manufacturers... What were they thinking!?

Re: Really?

Nope, Meltdown can only read kermel memory, so it can steal your passwords perhaps but not hijack.

Re:Really?

>(Hey, you know this is the next step in the blame game - watch somebody make a serious thread of this.)
That was a joke?

Re: Really?

Nope, Meltdown can only read kermel memory, so it can steal your passwords perhaps but not hijack.

It's only Meltdown that has that property. Spectre, on the other hand, can exploit Javascript.

Spectre is spooky. Indeed, I wonder if anybody's fixes truly remove the threat.

Re:Really?

[spire3661]

I expect them to give me a choice to install this patch or not.

Re:Really?

[ArtemaOne]

Makes a lot of sense to me. Imagine a classified or close network. Those often require physical access, and often those ports are managed, which means you need to be logged in, so it's not even an issue if it isn't internet accessible.

Re:Really?

[ArtemaOne]

8.1 was worse than 10 for sure. I could get if you were defending 7, as that was a sweet spot.

Re:Really?

[K.+S.+Kyosuke]

Hey, you know this is the next step in the blame game - watch somebody make a serious thread of this.

Too late; Itanium engineers did this two decades ago. ;)

Re: Really?

Insider/industry colluding? I smell a lawsuit ;). /sarc

Re:Really?

[EndlessNameless]

It's pretty fucking obvious that MS are trying to take advantage of the situation to get more users to finally switch over to Spyware 10 by fearmongering.

Not at all.

Since Vista, Microsoft has been on a very deliberate path of reducing dependencies, streamlining interfaces, and stripping legacy cruft within Windows. They have been modularizing the Windows kernel and kicking more functionality into user space for over a decade. This isn't news. I'm sure they're glad that it finally paid off though.

You are conflating the architectural improvements with the intrusive telemetry. They are two entirely different issues. In fact, I wouldn't be surprised if the people who argued in favor of the current kernel design turned around and argued against the always-on telemetry. (Everyone wants telemetry during development; it only becomes stupid when you force users to transmit it.)

Windows 10 with ad hoc measures to suppress telemetry is a much more secure operating system than Windows 7 or 8. If you value security and require Windows, that is where you should land. This is doubly true for enterprise users, as they can acquire Windows licenses which allow them to completely disable telemetry.

Re:Really?

Of course I use uBlock Origin and uMatrix. That goes without saying.

Aside from that, JavaScript cannot other applications' memory as it's sandboxed in the browser.

Re:Really?

where's APK with his bullshit "speed improvements" since patching these vulnerabilities??

he's ghost.

Re:Really?

Nope. Windows 10 is Windows 8.1 + spyware + bloatware + forced updates. Windows 8.1 is infinitely superior to Windows 10.

Re:Really?

[mysidia]

I expect them to give me a choice to install this patch or not.

I want a highly-visible ON/OFF switch in Control Panel.
For most servers it should default to OFF.

Re:Really?

#define if(X) (rand() % 2)

I do this all the time.

Re:Really?

[110010001000]

"JavaScript cannot other applications' memory as it's sandboxed in the browser."

So adorable!

Re:Really?

It sounds like you are talking more about instruction reordering (aka out-of-order execution). That's where the CPU looks at the instructions, sees that there is a delay on instruction #1 (ex: a memory read, or an FPU operation) that holds up instruction #2 but not instructions #3 and #4, and reorders the execution on the fly so that it can execute instructions #3 and #4 while it is waiting for #1 to continue. I seem to recall that 20+ years ago, intel's compilers were optimizing for stuff like this, but it was obviously processor dependent as different generations or brands of processors take differing numbers of clock cycles for each instruction. For that reason, you'd have to pick a specific processor to optimize your compile for, and as a result execution may be suboptimal on other processors. That's why processors starting with the Pentium Pro (and just about every intel processor since then...not sure about things like the atom or ARM chips) have hardware reordering. Because the hardware supports it now, I'm really not sure what the state of the art is in compiler code generation (do they still bother reordering or just not care anymore).

But regardless, instruction reordering is a different beast. What we are talking about with spectre is speculative execution. This is not reordering the instructions that are definitely coming next. Instead, this is guessing at which path a conditional jump will take and getting a head start on executing those instructions. For example, if you have something like:

if ([value in memory] = 1) then x = a+b else x = c+d.

The memory reference is slow, but until it completes, you have no idea what you should be calculating. So the processor has to load the value from memory, wait for that to complete, then execute the appropriate calculation and wait for it to complete. Speculative execution would instead start loading the value from memory, make an educated guess that the value will be 1, start executing a+b, then when the value from memory is finally loaded and compared to 1, either use the already precalculated a+b, or discard that and calculate c+d.

Re:Really?

Optimising compilers bunch the instructions in an unpredictable manner. That's why modern CPUs use a separate internal microarchitecture to bypass the jumble of branchy code streams emitted by compiler. And in recent compilre we see __cflush() which are specifically designed to confuse the processor by force emptying the cache/pipeline.

If compiler produced a better code,CPUs would not need speculaotive execution.

Re:Really?

[Ryanrule]

Hey, we hate Microsoft and any left wing thing here.

Re:Really?

Yeah, look at how that worked for them.

Re:Really?

[fahrbot-bot]

They didn't make the hardware and they can't fix this in software.

I imagine Intel actually can fix this with a chip firm/software update, but won't because they don't want the responsibility of dealing with anything that goes wrong across the many, many varied CPUs affected. (Just a very cynical guess though.)

Re: Really?

You sir are the opiniated idiot of the day

Re: Really?

Oh god this guy is the worst kind of dumb person. The one who thinks he is in the know. Go read the white paper my man. Less conspiracy YouTube videos and more white papers for u in 2018

Re: Really?

Control it at the wsus level like you should...

Re:Really?

[Duhavid]

Yes, but Windows 8.1 is Windows 7 + rearranging the UI so you cant find anything + attempting to force you to use lame walled Garden apps ( aka Metro ) + lame home page "applets" ( aka Metro ) sucking all kinds of CPU and memory to tell you all kinds of things you cant see at the moment and really dont care that much about probably.

Windows 7 is infinitely superior to Windows 8.1

Re: Really?

Yes, because they can't lie in a document.

Show me a fucking LIVE DEMO of JavaScript reading the memory of other applications. Oh what's that? You can't because it's all bullshit, you clueless fuck?

Re:Really?

I use Start8 so none of that affects me.

Windows 7 on the other hand doesn't even have proper multi monitor support.

Re:Really?

That's rich coming from the guy spreading lies and shilling for AMD every other.

BTW, Intel isn't the only one "afflicted" by this "flaw". It's a purposeful CPU design choice that has existed perfectly fine for decades in multiple manufacturers' processors until someone fabricated an issue out of it.

Re:Really?

[Duhavid]

""It's pretty fucking obvious that MS are trying to take advantage of the situation to get more users to finally switch over to Spyware 10 by fearmongering.""

"You are conflating the architectural improvements with the intrusive telemetry. They are two entirely different issues. In fact, I wouldn't be surprised if the people who argued in favor of the current kernel design turned around and argued against the always-on telemetry. "

Where does the poster conflate them? The post seemed to be complaining about the intrusive telemetry.
Microsoft could make the architectural improvements to 7 and/or 8x, or they could allow people to opt in/out of the telemetry in 10.
They don't do either, because they want you to take 10 on. With the telemetry.

Also, note, Microsoft elected to push patches for Meltdown and Spectre for windows 10 this week. The patches for Windows 7 and 8x are available, but you have to wait for them. The patches are available, have to have been tested, or they would not be available, but somehow, it is less important for Windows 7/8 users to have them? I could argue the reverse, there is more security for the larger portion of the user base for Windows 7 and 8 to get priority, as those systems would be running on older equipment. ( My understanding is that the older CPU's are more susceptible to these issues, so if someone has to wait, the newer systems should. )

I agree with the other post, Microsoft is using this to push people onto Window 10.

Re:Really?

[Joce640k]

We have lived with this "flaw" for more than two decades without a single person noticing it or being affected by it.

Sure, but in 2018 every bad person in the world suddenly knows about it (and how to use it).

Re:Really?

[Joce640k]

I expect them to give me a choice to install this patch or not.

Yep. "We expect most users to notice a decrease in system performance" is corporate-speak for "you're fucked if you install this".

Most users wouldn't notice a slowdown until after the 30th Internet explorer toolbar.

Re:Really?

Wrong. Widows 7 runs the bloated, VIsta's kernel. PCs had just gotten faster between Vista and 7. Windows 8.1 runs a new, much improved and faster kernel.

Re:Really?

It's such a serious flaw that _nobody_ noticed it in all of that time?

Sorry, ain't buying it. So far all I have seen is a bunch of bluster so put your money where your mouth is and prove that a JavaScript can steal data from other programs running on my PC or even from other tabs in my browser. Otherwise, take off the tinfoil hat and stop spreading FUD.

Re:Really?

[TheFakeTimCook]

Actually, this is a software (more precisely, a compiler) problem. The problem is that the modern compilers
make it difficult for these modern CPUs since they don't clearly instruct the CPU on how to proceed.
So the CPU has to speculate (a.k.a. guess) what instruction it should do next. If the compilers produced
better code in a more organized fashion, then the CPUs wouldn't have to be guessing all of the time, amiright?

(Hey, you know this is the next step in the blame game - watch somebody make a serious thread of this.)

CAP === 'spells'

Actually, no. You're NOT right.

Speculative branch prediction happens because there is NO WAY for ANYONE to know whether a Branch based on DATA will have to be taken or not. Otherwise, there wouldn't have to be CONDITIONAL branches AT ALL!

I see software development is NOT your forte, amirite? ;-)

Re:Really?

[ls671]

I just submitted a patch to gcc so it makes more predictable code.

The patch:
if you write x=x+100;

This will now translate into:
for (int i=0; i<100; i++) {
  x++;
}

It will then be easier for the CPU to guess the next instruction is x++

Alternatively, one may use the brainfuck programming language:
https://en.wikipedia.org/wiki/...

Re: Really?

[silverdirk]

Did you miss the part about FONT RENDERING IN THE KERNEL? Sounds like 8 does it in kernel, and 10 does it in userspace. Says to me that there are significant improvements in 10

Re: Really?

[dryeo]

WTF is any operating system doing rendering fonts in ring 0? This was one of the reasons for the MS and IBM divorce, MS wanting to run stuff (video drivers) in ring 0 for performance and IBM refusing for security.

Re:Really?

[jezwel]

If they could they would - this is a PR disaster larger than the FDIV & FOOF bugs of yesteryear.
The fix requires permanent disabling of performance enhancing functionality, and is required a lot faster than BIOS updates could bring - hence the OS inclusions.

It will take over a year before Intel has new silicon out that does not have this flaw baked into their CPUs.

Re: Really?

https://www.react-etc.net/entry/exploiting-speculative-execution-meltdown-spectre-via-javascript
https://react-etc.net/page/meltdown-spectre-javascript-exploit-example

Re:Really?

[toddestan]

Windows 8.1 is actually pretty good in some aspects. Noticeably faster and more stable than Windows 7 (and Windows 10 for that matter). It's also the last version of Windows without all the forced telemetry and forced updates. That makes it really the last version of Windows you can use without handing control over to Microsoft.

Of course, the huge flaw is the UI. Though there are some fixes for that (Classic Shell), and I never really minded it that much, though I agree it is still a step back.

The other thing to consider is Windows 7 currently has just over 2 years of support left. With Windows 8.1 you've got another 5 years to finish your migration to Linux.

Re:Really?

What's the word we're looking for here... ah, that's it: WOOSH!

Re:Really?

[thsths]

No, Microsoft is the victim of this bug, not the perpetrator. They just try to mitigate the impact. The fact that they give customers this option implies that the performance impact is huge.

Re: Really?

There's more than one flaw. They are unrelated, yet Intel decided to lump them together for PR reasons. The serious wet-your-pants your data is wide open unless you slow your processor to a crawl flaw, Meltdown, is an Intel CPU flaw; AMD processors are not affected by it as they made sane design decisions. The flaw affecting all modern CPUs, Spectre, by comparison, is minor.

Re:Really?

they should offer the option to EVERYONE, some random dude with windows 10 that has no banking shit in his computer and has a 4 year old cpu maybe doesnt want to be bother with the patch, but that shit autoinstalls

i guess theres another reason to stick to older windows, easier to prevent that from happening

Re:Really?

[WhoBeDaPlaya]

You might want to check the batteries in your sarcasm meter ;)

Re:Really?

[torkus]

Windows 7 is infinitely superior to Windows 8.1

I wish they just went and updated 7 with some of the new tech in 10. Leave the &$%# UI alone already.

Re:Really?

[ArtemaOne]

I'll agree that 8.1 fixed most of the stuff I hated that 8.0 introduced. I had given it up and gone back to 7 before its release initially, but I was running it again before 10 came out because I used all my licences for the free 10 upgrades, and was far more impressed than I expected.

Re:Really?

[Duhavid]

My take: Windows and Office, they are not adding enough value to the actual product to get us to fork over cash for a new version.
So, take the existing product, smash up the UI to make it different, add a few things you could have added ( and, really, are ) to the original product, spin up the hype machine ( new! improved! ) and hope to sell the snot out of it. Oh, and leverage any external events like this to push people onto the new product. Stop selling the old product, do all you can to force people to the new, like no security updates to the insecure product sold after some period. I can sympathize with some of it, supporting too many products is inefficient.

Re:Really?

[TheFakeTimCook]

You might want to check the batteries in your sarcasm meter ;)

Maybe.

Maybe just too many hours fending-off the Slashtard Haters...

Re: Really?

You don't understand the term "LIVE DEMO" do you? All you linked to was more blustering garbage that doesn't actually let me see it working in action on my PC.

Thanks for tacitly admitting you are full of shit though.

Re: Really?

Meltdown is an alleged flaw allegedly affecting Intel, ARM and other CPUs with speculative execution, not just Intel.

If it is real, it would only affect people running systems that were shared by multiple users, not individual home PCs or workstations. So far, I still have yet to see a live demo of any of this though. Just a bunch of obfuscated documents, fake videos and FUD. Every time I ask to see proof, I get the run around.

Re:Really?

[Agripa]

What — exactly — do you expect Microsoft to do?

I expect them to not apply a performance sapping patch to my AMD system which does not require it.

Re:Really?

[zwarte+piet]

So why can't I get a 8.1 kernel on 7? (or xp)

AMD

Why is there no mention of AMD that does not suffer from the Meltdown vulnerability?

Re:AMD

Meltdown immunity isn't actually certain at the moment. I know you think it is because that's what AMD claims, but researchers still see some possibility of eventually finding Meltdown related flaws in AMD CPUs.

Re:AMD

[GuB-42]

No mention of AMD but :

From TFA:

In general, our experience is that Variant 1 and Variant 3 mitigations have minimal performance impact, while Variant 2 remediation, including OS and microcode, has a performance impact.

Spectre is Variant 1 and 2. Meltdown is Variant 3.

AMD original response is that there is a "near zero" risk of exploit for variant 2 and a "zero" risk for variant 3. Notice the difference.

And from a link page on the Microsoft website:

Microsoft is aware of a new publicly disclosed class of vulnerabilities that are called “speculative execution side-channel attacks” that affect many modern processors and operating systems, including Intel, AMD, and ARM.

So it is very likely that performance impacting mitigations are in place for AMD CPUs too. In fact, they are currently working with AMD on the issue, so it is probably too early to tell.

Re:AMD

[mysidia]

Spectre is Variant 1 and 2. Meltdown is Variant 3.

No. ALL three variants enable Meltdown and Spectre.... you're kind of confouding the description of vulnerabilities with the name for the attacks they made possible

Meltdown is the attack that can read arbitrary kernel memory, and Spectre is the attack that lets you leak secrets from another program.

AMD is vulnerable to Spectre, and it's likely part of the way at least towards a Meltdown type attack being possible, But so far it seems unlikely there will be the direct comparable issue to what Intel has, and AMD goes even farther to say there's Zero risk of the rogue cache read... That should be highly re-assuring to AMD users, but some risk remains, especially until Variant 1 is addressed in hardware on AMD.

Re:AMD

No. They are hoping to find some flaws in AMD CPUs. They are speculating that they can archive something, by doing something, So far the facts are that they have tried, and failed . AMD says "Good luck, our CPU doesn't work that way", and yet you believe people who make claims based on wishes, hopes and speculation.

Nothing is ever certain, but claiming AMD might be vulnerable at this juncture and measures need to be taken is FUD, plain and simple. Unless you're speaking for Intel, then I could see the need for measures to slow down AMD. But that would be inviting a tort suit.

Re:AMD

[Joce640k]

It doesn't matter, initial reports are that it's the Spectre patches that are causing the most system slowdown.

That affects AMD, too. :-)

eg. https://www.theverge.com/2018/...

Re: AMD

The title is wrong, article is about both Spectre and Meltdown. Clueless Journalists mix them constantly, only meltdown cause noteable perf issues. I wish they didnt release both vunerabilites at the same time, its a complete mess.

Re:AMD

[sl3xd]

AMD original response is that there is a "near zero" risk of exploit for variant 2 and a "zero" risk for variant 3

Claims about "near zero" or "zero" risk of exploit are traditional CYA effluent, after all...

Even AMD has claimed (for a different CPU errata) that problems "would not occur during normal desktop usage and we've never encountered it during our testing." The claim was funny, as all you had to do was fire up a VM... or the right benchmark... It didn't speak well to AMD's testing at the time.

Re:AMD

AMD's "near-zero" risk is based on 1) not using a non-default option that, if used, fully exposes it to Meltdown; and 2) ignoring the definitely non-zero risk of other types of Spectre. EVERY CPU design that uses speculative execution has SOME exposure to Spectre, but the Meltdown variant (arguably the most damaging) is largely (though not entirely viz. one ARM and non-default AMD) and Intel problem.

I don't appreciate the magnitude of slowdown on "older" chips. But what else did you expect? Intel to give you a new computer? Current i3/5/7 in Socket 775? Grow up and behave like a good little consumer, and consign your perfectly good, working computer to e-waste while you pay for the next year or 2 to Visa for your new one. Or else just ignore the whole thing. On the plus side, if you manage not to get the Windows update for this, you won't get any future updates either - hasn't nearly everybody been trying to figure out how to do that since Win10 started?

Re: AMD

Yes, what possible reason could Intel have for conflating a minor industry-wide issue with an unrelated giant Intel-only extreme fuck up? Oh, wait...

Re: AMD

Wow, Intel shill lying corps are out in droves today.

WHAT ABOUT AMD????

[Joe_Dragon]

The statement is all INTEL.

Re:WHAT ABOUT AMD????

[JaredOfEuropa]

AMDs are bricked, didn't you read the earlier news?

Re:WHAT ABOUT AMD????

[barc0001]

*Some* AMDs are bricked, older chips.

Re:WHAT ABOUT AMD????

A tiny percentage of AMDs crash when they boot. It's not all AMDs. And none of them are bricked.

Re:WHAT ABOUT AMD????

[chispito]

AMDs are bricked, didn't you read the earlier news?

Except no PCs were bricked. An unspecified subset of computers needed the OS reinstalled.

Re:WHAT ABOUT AMD????

Unfortunately an install in place doesn't work so you have to reformat your hard drive and lose all your data in the process (unless you have a Linux boot disk handy and know how to use it).

captcha: exorcist

Re:WHAT ABOUT AMD????

I have AMD A6-4400M. Is it old enough?

I've got hangs on web browsing and watching videos (CPU just stops with mouse stopping moving).

Uninstalled the update, alkl OK. But the update still appears in the Windows Update.

Re:WHAT ABOUT AMD????

Impossible to lose your data. Download a bootable USB Linux (Fedora/Ubuntu etc) by going to your sibling, neighbor, mother, police station, embassy, YMCA, ex-GF, university, shop, bookstore, etc. Then go back home them boot your system using your new USB Live Ubuntu or Fedora and start your backup process, then reinstall Win OS.

Re:WHAT ABOUT AMD????

[barc0001]

Q2 2012 release? Yeah pretty old. Then again I'm typing this from a 2017 Ryzen so I might be biased.

How is 2015 old?

I am sorry but how is 2015 called old? Most of 2015 was barely 2 years ago.

Re:How is 2015 old?

[dstyle5]

If you are using one of these "old" processors you haven't bought a new one and supported their good friends at Intel recently. Come on, get with the program, consumer. Also pick up a Pro or Enterprise version of Windows while you buying your new Intel processor, chum. ;)

Re:How is 2015 old?

[ripvlan]

I know! I'm with you. My 2 year old still needs diapers. As for my i7 quad-core from 2010 I might need to rethink upgrading... or putting that Registry key and preventing the update from downloading. It already is slow because it has a spinning HD.

But now I'm mad because "I have to" upgrade and pay them money for their mistake. However, proper CPUs don't exist yet. So I want to wait. And suffer in the meantime?

Grumble grumble.

Re:How is 2015 old?

[EvilSS]

I am sorry but how is 2015 called old? Most of 2015 was barely 2 years ago.

" older" is the word they used, not "old". Are you of the belief that something from 2015 is not older than something from 2017?

Re:How is 2015 old?

[KingMotley]

Actually, most of 2015 is closer to 3 years ago.

Re:How is 2015 old?

[KingMotley]

" older" is the word they used, not "old". Are you of the belief that something from 2015 is not older than something from 2017?

Of course not, it's just less new.

Re:How is 2015 old?

[NettiWelho]

I know! I'm with you. My 2 year old still needs diapers. As for my i7 quad-core from 2010 I might need to rethink upgrading... or putting that Registry key and preventing the update from downloading. It already is slow because it has a spinning HD.

But now I'm mad because "I have to" upgrade and pay them money for their mistake. However, proper CPUs don't exist yet. So I want to wait. And suffer in the meantime?

Grumble grumble.

That mechanical drive of yours is a much bigger bottleneck than any of these patches will be if your system is otherwise well equipped. Also try overclocking before buying new anything.

Re:How is 2015 old?

[tigersha]

I have an "older" Broadwell 14 Core Xeon and that thing kicks the ass of 99% of any "newer" chips. Performance drop or not.

Re:How is 2015 old?

I wonder if I should feel bad for still using a dual Xeon 5160 ( Q2'06 ) as my main computer (running Windows 7 and OS X). Poor Intel hasn't gotten any money from me for nearly a decade. And I managed to pick up RAM, CPU upgrades (originally 5130) on the used market for cheap over the years. It's amazing how far you can get in gaming with a 980 Ti and 32 GB of RAM. (to be fair, I mostly do MMOs and at HDTV resolution not 4K)

Re:How is 2015 old?

Yeah, how convenient that if you do buy a newer processor as a solution, Windows 10 is officially the only version of Windows that is supported on anything newer than Skylake. Between bad interface, ads, tracking and Windows Update stupidity (e.g., constantly breaking the trackpad driver on a friend's laptop), I really want to stay with Windows 7 or 8.1. Ditching Windows entirely is becoming a better option all the time.

Re:How is 2015 old?

I am sorry but how is 2015 called old? Most of 2015 was barely 2 years ago.

Do you have a problem with comparatives? A CPU from 2015 is older than a CPU from 2016, which is what the previous paragraph referred to.

We all used to be grammar nazis here, and new we can't even understand basic grammar?

Re:How is 2015 old?

[EvilSS]

I have an "older" Broadwell 14 Core Xeon and that thing kicks the ass of 99% of any "newer" chips. Performance drop or not.

But I bet it's still older than chips made in 2017

Re:How is 2015 old?

skylake is supported on windows 7:

Skylake systems supported on Windows 7 and Windows 8.1 https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwj4iNnpk87YAhVnwYMKHVwKApMQFggpMAA&url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F11675%2Fwindows-7-windows-8-1-skylake-systems-supported&usg=AOvVaw0lS9A2EQwci3JkKNRTijv-

security versus performance tradeoff

Interesting. Sounds like security is the inverse of performance.

Which is total bullshit. Intel needs to fix CPUs. We wouldn't have bought those CPUs if we knew that there were gross security vulnerabilities baked into them.

Re:security versus performance tradeoff

[bit+trollent]

I'm getting terrible performance in Grand Theft Auto 5 and other games. I shelled out big money for a 6 core Intel CPU specifically so it would last a long time.

I can't even play the games that used to run perfectly on the system with acceptable performance.

Anything short of a full recall that replaces my CPU with one that performs at the level I paid for is completely unacceptable. Intel will never recover from this if they screw their best customers.

Re:security versus performance tradeoff

[jwhyche]

I find that statement interesting. I was playing GTA 5 on a i7-6700K last night and didn't' notice any performance impact from the game. I was running over goats just as well as I always have been. Do you have any benchmarks you can provide, before and after?

Re:security versus performance tradeoff

Try playing online.

Re:security versus performance tradeoff

[Aaden42]

so it would last a long time

Hate to break it to you, but that knocks you out of the running for "their best customers." Any small to medium business that refreshes machines every three years to stay within vendor support will buy more CPU's in a month than you'll buy in a lifetime. Intel manages to fleece gamers for some high-margin parts, but their real money is in the volume sales for mid-range plus Xeon's to business.

Re:security versus performance tradeoff

So his single-use case needs to be validated, but yours doesn't?

You have any benchmarks to back up your claim?

Re:security versus performance tradeoff

[AmiMoJo]

Here's a real world example of the performance loss from the patch:

https://www.epicgames.com/fort...

Looks like about 60% for that server workload. My guess is that Microsoft made it optional on server versions of Windows after seeing similar numbers.

Re:security versus performance tradeoff

Yes he does. He made extra ordinary claim and was called on it. It is now up to him to prove his claim. Not for someone else to disprove it.

Refund

So, how do I apply for a partial refund from Intel for my CPU?

Planned Obsolescence

[xxxJonBoyxxx]

>> With Windows XX on older silicon (2015-era PCs with Haswell or older CPU)...we expect...a decrease in system performance. (So plan to buy a new proc from our licensed PC distributors soon.)

Re:Planned Obsolescence

"...older silicon (2015-era PCs with..."

Uh, that's "older"? My NEW laptop is 2013-era. We don't need to burn and turn computer hardware today like we once needed to. My home computer is a 2010-era C2D. Runs Ubuntu perfectly fast (so far, no fix yet, we'll see).

I could see considering 2012-era "older", and 2007-era "obsolescent".

Re:Planned Obsolescence

>> With Windows XX on older silicon (2015-era PCs with Haswell or older CPU)...we expect...a decrease in system performance. (So plan to buy a new proc from our licensed PC distributors soon.)

You mean the chips where Intel didn't have PCID? Haswell only having a less robust version. SAY IT ISN'T SO. This is on Intel. You are spreading FUD.

Re:Planned Obsolescence

[freeze128]

With "Older" silicon, you can probably buy a faster CPU to put into your older motherboard. It's not really a "NEW" CPU, just a faster one to compensate for the performance hit.

Re:Planned Obsolescence

[dyfet]

Indeed...translation; "Intel fucked up, and we fucked it up even more in our crappy design decisions, but we are both going to make huge profits from selling everyone new hardware and software, so all is good."

Re:Planned Obsolescence

[link-error]

    Except Intel changes the socket format so frequently, I've almost always been forced to by a new motherboard... and new memory.

Re:Planned Obsolescence

Which is why he was talking about buying a new old CPU. One from the same family. Just a higher clock speed.

Re:Planned Obsolescence

[Dog-Cow]

Yes, that's older. It's how time works. Look into it when you have some.

Re:Planned Obsolescence

[Dog-Cow]

If you had someone rip your head off, you wouldn't be bothered by the fact that MS patched a security bug. And we wouldn't be bothered by your imbecility. It's a win all around.

Re:Planned Obsolescence

I've got an 'older' Intel processor. I'm going to buy a new system soonish. An AMD system.

Re:Planned Obsolescence

[Lothsahn]

Core 2 doesn't just run Ubuntu perfectly fast, it runs modern games perfectly fast.

My son's computer is a C2Q 9500 with Windows 10. There's no specific release date published on Intel's ARK, but C2Q 9550 released in Q1 2008 (10 years ago!), so it's at least that old. He plays Overwatch on it in Ultra Quality at a constant 60 FPS (limited by his display). That's a 10 year old computer (with a newer GPU) running games at full speed that you're "supposed" to buy multi-thousand dollar computer setup for. He got it on Craiglist for $50, plus a couple spare parts I had lying around and a $150 GPU.

CPU scaling has really slowed down--a 10 year difference used to be a world changer, and now 10 year old CPUs are fast enough.

Re:Planned Obsolescence

[Lothsahn]

Yes, you can do exactly that. My son upgraded from a C2Duo to a 2.8 GHZ C2Quad for $25. The extra two cores would more than compensate for the performance losses from these OS fixes.

Doesn't always work if you have a laptop (many CPUs are soldered in these days), and it does involve some cost on your own, especially if you don't do the work yourself.

Re:Planned Obsolescence

We're long past the point of diminishing returns.

Re:Planned Obsolescence

Shut the fuck up, fatboy.

Re:Planned Obsolescence

[jezwel]

I just did. My 4790k was released in 2014 and runs at 4GHz.
It took Intel 2 CPU generations to equal that single core speed (with only the 6700k in Aug 15), then the 7700k finally beat it (just) @ 4.2GHz a year ago - Jan '17.
The 7740X @ 4.3 followed in June '17 (and pulls 25% extra power to get that less than 10% increase...).
The 8 series tops out at 3.7Ghz.
They are all still running the 4 cores.

Sure it's "older". It's certainly no-where near obsolete.

Re:Planned Obsolescence

[toddestan]

That also assumes you can upgrade your CPU. My main computer runs an i7-3770K which I believe is the fastest CPU ever offered on Socket 1155. The other computer is also Socket 1155 and runs an i7-2600K. While that could be upgraded, the 2600K isn't really that much slower than the 3770K. I suppose I could overclock them as they are unlocked, though I haven't bothered because it hasn't seemed worth it.

Re:Planned Obsolescence

[thegarbz]

What's a GHz? Is that some irrelevant performance metric from the 90s?

In other news The Pentium 4 had more GHz than the competition. Ever wondered why it was laughed at?

Re:Planned Obsolescence

[Cederic]

Well, now that raw processor speed is suddenly more important, the GHz numbers could start being relevant again.

Re:Planned Obsolescence

Although my PC is still 'new', I'm seriously considering a new smaller ITX Ryzen system. Performance is likely better now (it was about even), price less than half, the only annoyance is the TDP - 65W runs a little hot for a totally silent PC.

TFA is quite informative...

[FrankSchwab]

Kudos to Microsoft and Terry Myerson - great article with excellent details...

as long as you're running an Intel processor. Inquiring minds want to know where in the performance-hit list a Ryzen shows up. Does it have the " refined...instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation."?

Re:TFA is quite informative...

[DigitAl56K]

Kudos to Microsoft and Terry Myerson - great article with excellent details...

It's a well laid out article, but it's a shame they've shied away from posting any actual numbers, leaving us to guess what kind of impact they're talking about, and for everyone to have to run their own benchmarks. They could have said something like "typically xx-xx%, with workloads having heavy I/O most affected".

Sandy Bridge processors info

Or are they ancient and not worth reporting?

Re:Sandy Bridge processors info

It seems obvious to me they fall under "Haswell or older" since Sandy Bridge immediately preceded Haswell.

Re:Sandy Bridge processors info

No it didn't, Ivy Bridge did. Sandy Bridge was second generation Core i series.

Re:Sandy Bridge processors info

[Hal_Porter]

Your performance will be fucked six ways to Sunday if your workload does a lot of user to kernel mode switches. Unless you fancy waiting for Intel to release fixed chips and then buying a new CPU and a new motherboard to put it in.

Ironically Intel forcing people to buy new motherboards to switch between very similar CPU generations coupled with the fact that any Intel CPU you buy now still has the bug means that its just as easy to buy an AMD CPU and motherboard than an Intel one.

Then again a new Intel chip has Process Context ID support which means the workaround for the bug is relatively low impact.

Re:Sandy Bridge processors info

Ivy Bridge was just a Sandy Bridge die shrink, not a new micro-architecture.

Re:Sandy Bridge processors info

Not worth supporting is more like it. It may sound like this is going to spell losses for Intel, and I'll grant that they've seen a momentary dip in stock prices, but you can bet good money that this will ultimately result in a rush on new Intel hardware to replace "bad" hardware. And people will just throw piles of cash at them, because reasons.

Give it another week or two to settle, then buy Intel stock. Watch and see.

Re:Sandy Bridge processors info

[WaffleMonster]

Not worth supporting is more like it. It may sound like this is going to spell losses for Intel, and I'll grant that they've seen a momentary dip in stock prices, but you can bet good money that this will ultimately result in a rush on new Intel hardware to replace "bad" hardware. And people will just throw piles of cash at them, because reasons.

There is no new Intel hardware available for sale to replace "bad" hardware. There *IS* however new AMD hardware.

Re:Sandy Bridge processors info

[NettiWelho]

Not worth supporting is more like it. It may sound like this is going to spell losses for Intel, and I'll grant that they've seen a momentary dip in stock prices, but you can bet good money that this will ultimately result in a rush on new Intel hardware to replace "bad" hardware. And people will just throw piles of cash at them, because reasons.

Give it another week or two to settle, then buy Intel stock. Watch and see.

I am still on 2011 made i5-2500K and and with upgraded GPU new games still run at highest settings; If I have to upgrade both mobo and memory because of these shenanigans my next machine won't be an intel system, thats for certain

Still running at stock speeds thought, will try overclocking before buying anything new.

Re:Sandy Bridge processors info

It wasn't just a die shrink. Ivy Bridge introduced tri-gate transistors. It was third generation, Haswell was fourth generation.

Notice how the cutoff is Haswell and not Broadwell (fifth generation), which by your definition is "just a die shrink"? That's because they are separate generations with different features.

Re:Sandy Bridge processors info

[slashdot_commentator]

Too bad Threadripper and Ryzen doesn't have hardware virtualization support. I'm not even sure they can cleanly run hyper-v or kvm.

Re:Sandy Bridge processors info

Too bad Threadripper and Ryzen doesn't have hardware virtualization support. I'm not even sure they can cleanly run hyper-v or kvm.

That's false and I'm curious what led you to make such a blatantly incorrect claim. AMD has a history of supporting virtualisation features even on consumer chips, with no arbitrary gating of the features behind higher-priced SKUs, and they've continued that with Ryzen and TR.

I'm using an R7 1700 on an x370 board and have no problems at all running a GPU passthrough setup with KVM, just had to make sure IOMMU and SVM settings were enabled in the BIOS. (Turning off SVM effectively disables the virtualisation features, and turning off IOMMU support does what one would expect.) I believe Ryzen even has SR-IOV support, but I have no hardware to test with to be certain.

I've heard the TR IOMMU groups are weird, but that hasn't been an issue with my Ryzen chip. Only other problem was a long-standing kernel bug that surfaced with Ryzen's release, but that's 1) not a hardware fault; 2) fixed in new kernels; 3) only relevant for passthrough; and 4) it was only an occasional performance issue for GPU passthrough.

Time to upgrade

[postmortem]

Folks, your CPUs 2015 and older are obsolete ... how convenient for Wintel.. get that fancy new CPU and another copy of Windows 10, because what you have today is OEM version, so with a new CPU you'll need a new Windows copy.

Re:Time to upgrade

[FrankSchwab]

"Obsolete"? My home PC just blue screened from outrage at such a statement. Its Deneb processor from 2009 is just fine, thank you, and even ran DOOM 2016 acceptably (well, it did after I stole my son's video card).
Methinks your definition of Obsolete is different than mine...

Re:Time to upgrade

[postmortem]

Not *my* definition of obsolete, just a small dose of sarcasm. It is definition that intel + Microsoft are going to be pushing.

Re:Time to upgrade

[cogeek]

Methinks you don't understand sarcasm.... There really should be a font for that.

Re:Time to upgrade

[swb]

You can't talk about obsolete on Slashdot or you're inundated with people running Pentium I systems, ancient Nokia phones, etc. It's an audience that takes pride in wringing the last bits of life out of old hardware.

Re:Time to upgrade

[FrankSchwab]

you're right; I RTFA'ed, but didn't fully RTFC. I stopped after the first phrase. I hang my head in shame...

Re:Time to upgrade

You didn't go back nearly far enough. One guy who hangs around here is running a website on his Apple II GS.

Re:Time to upgrade

If you are the type of person that builds their own computer and could replace just the CPU, then you either bought your very own Windows license or pirated i it. Nice trolling, tho.

Re:Time to upgrade

[eclectro]

And your point is????

Re:Time to upgrade

Except this affects Linux and MacOS with the same flaw because it is based in HARDWARE. Damn you open source, forcing us to buy new hardware. How dare you Apple for forcing this on us?

Re:Time to upgrade

[NettiWelho]

Folks, your CPUs 2015 and older are obsolete ... how convenient for Wintel.. get that fancy new CPU and another copy of Windows 10, because what you have today is OEM version, so with a new CPU you'll need a new Windows copy.

I am on windows 7 using a 2011 made i5-2500K and after upgrading GPU and switching to SSD the machines performance is still good enough to run things like PlayerUnknowns Battlegrounds on Ultra setting(GTA 5 is a bit choppy on ultra but runs buttery smooth on high).. And I haven't even overclocked the CPU yet.

I am yet to install the patches, but if the performance degrades beyond tolerable I'll first crank the OC to max, maybe try to find a deal on a faster socket 1155 processor as there are couple..

But if I have end up having to upgrade motherboard and memory because of these shenanigans then I will 100% buy my next CPU from someone else than Intel.

Re:Time to upgrade

If you are the type of person that builds their own computer and could replace just the CPU, then you either bought your very own Windows license or pirated i it. Nice trolling, tho.

The build your own folks often use the OEM version of Window. Its less expensive than the "retail" version. Both OEM and "retail" versions of Windows are commonly available in retail stores that cater to hobbyists.

So no, he is not trolling by referring to OEM. Whether a CPU upgrade invalidates Windows validation when all other monitored components are the same is a different question. I had an old AM3 motherboard die, replaced it with a new AM3+. Same CPU, disc, video etc. The caused validation to fail, I had to contact MS, tell them what happened, and they issued a new Windows key. Replacing failed hardware is something MS seems to consider within the OEM license.

Re:Time to upgrade

Folks, your CPUs 2015 and older are obsolete ... how convenient for Wintel.. get that fancy new CPU and another copy of Windows 10, because what you have today is OEM version, so with a new CPU you'll need a new Windows copy.

I sure hear a lot of blusterous bitching about this but I haven't EVER had to buy a retail copy of Windows and I build almost all my machines from scratch. MS is very flexible with their home user licensing. They will absolutely let you move an OEM key, you just might have to make a phone call. I've scavenged keys from all kinds of old hardware. Literally dozens of personal Windows installs over the years with no pirated keys and I've never had a problem beyond very occasionally having to reactivate for some random reason.

Re:Time to upgrade

[Lonewolf666]

how convenient for Wintel.. get that fancy new CPU and another copy of Windows 10, because what you have today is OEM version, so with a new CPU you'll need a new Windows copy.

And don't forget a new motherboard, because the CPU socket changed from Socket 1150 to Socket 1151 with Skylake.
Well, perhaps some people will actually throw away their computers and I can loot some memory from those. Not gonna touch the Intel CPUs though ;)

Re:Time to upgrade

[MachineShedFred]

Unfortunately, that font will be rendered in kernel space, because there have never been any security vulnerabilities in fonts...

Who the hell decided that was a good idea?

Re:Time to upgrade

[Wrath0fb0b]

You know they fixed that and now fonts are no longer rendered in the kernel. Or you would know that, if you RTFA.

Re:Time to upgrade

[Wrath0fb0b]

Spectre is actually applicable to Intel, AMD, and the various ARMs (Samsung, Qualcomm, ...)

You're thinking of Meltdown, that's Intel specific.

Re:Time to upgrade

You don't have to pay for windows 10 copies. You don't even have to activate them - they run forever.

Re:Time to upgrade

It simply hadn't changed from DOS days.

Re:Time to upgrade

[MachineShedFred]

I did know that. However, they still made the decision to do that at one point, and they didn't reverse that until the somewhat recent past.

So the question stands: Who the hell decided that was a good idea?

Re:Time to upgrade

[AmiMoJo]

I've written a formal request for compensation to Intel. I have three older CPUs (an i7 2700k, an i7 3000 series and a Xeon) which will all be affected badly by this.

Since I had to waste time fixing their ME bugs with a patch as well I'm billing them for that time too.

I've had enough of this crap from Intel. Pay up or see you in small claims court.

Re:Time to upgrade

Maybe majority of /. readers are environmentalists. No extra e-waste for the planet. But wait, are you sure you're NOT ONE of those screaming GLOBAL Warming due to CO2 emissions?

Re:Time to upgrade

Stop shilling for intel. He's better off not rewarding intel, and waiting for april Ryzen 2 deals to upgrade.

Free speed upgrades for Appdoze 10!

[PingSpike]

That's the nice Windows 7 you got there. It'd be a real shame if something happened to its performance.

Re:Free speed upgrades for Appdoze 10!

[cogeek]

Winning!

Re:Free speed upgrades for Appdoze 10!

[maeltor]

Its Slashdot. I expect nothing less. When the OP's thread subject has the word "Appdoze" in it, you can basically discount it as bullshit hyperbole. I'm half shocked he didn't spell Microsoft with a $.

Re: Free speed upgrades for Appdoze 10!

Get that MS dick out your ass. For fuck sakes.

Re:Free speed upgrades for Appdoze 10!

[drinkypoo]

I can't believe you're donning your tinfoil hat in response to a bug that Microsoft had no control over.

When Microsoft released Windows NT 4.0, which as compared to NT 3.51 merged the Kernel and GDI memory spaces in the name of graphics performance, many of us complained. "Leave that kind of insecure cockamamie bullshit in the kiddie desktop OS, and leave our Server and Workstation OS with some privilege separation," we cried. But all unheeding, Microsoft proceeded apace down the path of compromising security in the name of gaming performance (literally!) and gee, look where we are now:

Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel.

It's right there in TFS, font rendering taking place in the kernel. That is epic bullshit, and it's exactly what I'm talking about when I bring up Microsoft merging formerly-separated memory spaces in NT4... and beyond.

I can't believe you're donning your tinfoil hat in response to a bug that Microsoft had no control over.

The correct answer when someone says "I think we need to render fonts in the kernel" is *SLAP*. Not "yes, let's do that." Microsoft doing font rendering in the kernel to improve performance is exactly like Intel checking to see whether access has been violated after execution to improve performance. It's obviously wrong, and it has led to security holes and ultimately is resulting in reduced performance. I almost can't believe that you're making excuses for Microsoft. But since I've seen fanboys and shills before, I can manage it.

Re:Free speed upgrades for Appdoze 10!

Or better yet, don't run EOL software.

Retard alert! Win7 has more than two years before EOL.

Re:Free speed upgrades for Appdoze 10!

[Wrath0fb0b]

Dude, they agreed with this conclusion and moved font rendering out of the kernel.

I can't imagine being your coworker if every time someone admits they made a mistake and correct it, you harp about how wrong they were in the first place. We get that you are Very Smart and were in fact right along along, being ungracious about it is not making you seem smarter, it's making you seem just as smart but more of a jerk.

Re:Free speed upgrades for Appdoze 10!

Making a mistake is one thing. Making an idiotic, obvious mistake, you know the kind that paints itself pink and then starts singing "bad mistakes are here again" while dancing polka on your roof is something entirely different.

Overall performance hit/gain

Does the "mitigation" eliminate any performance gain from branch speculation?

Re:Overall performance hit/gain

[EndlessNameless]

Probably. I assume any such reductions are already included in the overall performance metric.

Forced obsolescence!

It’s all a nefarious plot to force people to upgrade their old computers to the newest models!

Re:Forced obsolescence!

Probably not a conspiracy of any sort, but you're being naive if you think they're crying about it. Happy coincidences aren't bunk just because they're nefarious.

Complexity unfortunately means Holes.

[foxalopex]

I don't think this is really that surprising. Modern CPU's are almost like mini-computers in themselves breaking down and reorganizing code on the fly internally. Fixing them means ugly workarounds which will usually cost a bit in performance. As time goes on, expect more of these issues rather than less. It's why most modern CPUs have a BIOS loaded table that makes workaround fixes in hardware although this problem is probably too big to fix there.

Re:Complexity unfortunately means Holes.

[Gilgaron]

I know I share many slashdotters reticence to try out some of the latest smart devices for fears of the security holes therein, I wonder if there will be a new interest in processors that just brute force everything through without any 'tricks' that could be exploited? I suppose that might be impossible to achieve and have compatibility with the rest of modern computing platforms; I don't know much about what instruction requirements might be needed to keep up with current Windows and Linux if these security flaws go all the way back to 1995...

Re:Complexity unfortunately means Holes.

[110010001000]

"Modern CPU's are almost like mini-computers"

Genius!

Re:Complexity unfortunately means Holes.

[Wrath0fb0b]

You could make it fully compatible with x86, no problem. That's not the issue at all.

The cost would be much more than 10% of performance. OOO and speculative execution would probably cost at least 50% of the performance (and, for mobile, this is perf/watt, which translates directly into usable battery life).

Think about it this way: the CPU hits a plain old branch. The branch has a condition variable that's in L3 or main memory. In your "brute force" model, the processor sits idle for 200-300 instructions while the operand is fetched. In the speculative execution model, it uses that (otherwise idle) time to precompute one of the branches. If it's wrong, the cost is a rollback to the branch point (10-16 instructions), it it's right, the win is 200-300 instructions (time that would have been idling around waiting). It's a huge improvement.

Re:Complexity unfortunately means Holes.

[Gilgaron]

Great explanation, hadn't thought about mobile impact with battery life...

Wow amazing coincedence

[Neuroelectronic]

PCID is only supported on newer cpus and just so happens speeds up the performance of isolating kernel tables in software, which is required to block this decades-old exploit. And now Linux is having tons of undocumented patches to support this as well.

Well, at least we have nothing to worry about and go back to working, knowing that there's no way that anyone could use our sensitive information to proxy nefarious activities.

Re:Wow amazing coincedence

[TheDarkMaster]

My CPU is a I7 4930K and it have the PCID (so says the HWiNFO64 and AIDA). But I think I will pass this "fix" if in the background his truly goal is to force me to buy a new desktop and force the use of Windows 10.

Re:Wow amazing coincedence

[sl3xd]

PCID is only supported on newer cpus

Having run across a nearly four-year old CPU having PCID (Haswell Xeon E3-1276), I'm less inclined to say that "newer" is entirely accurate; more that it was less common...

Re:Wow amazing coincedence

[ChoGGi]

PCID is supported on Westmere (2010) and up.

Re:Wow amazing coincedence

I have an Ivy Bridge EP that doesn't appear to support PCID.

Re:Wow amazing coincedence

[ChoGGi]

Probably depends on your OS as well (I think Linux only added it in 4.14?).

Re:Honest reasons why 'Windows 7' isn't good enoug

[GuB-42]

AFAIK, most of the issues people have with Windows 10 are about policies and the GUI. And on these aspects, is is reasonable to consider Windows 7 superior.

On the core technical aspects however, most people seem to agree that Windows 10, and even 8 are superior to 7.

Sounds like

[110010001000]

Sounds like this isn't a big issue after all. Good job by Microsoft and Intel with their timely fixes!

Re:Sounds like

[Wrath0fb0b]

Want to make it sound more impressive? Microsoft currently has 45 supported variants of Windows. They shipped patches for 41 of those versions.

Of course, it's crazy to support so many different variants. At the same time it's crazy to support Windows 7 for years after 10 comes out, but people will complain mightily if you EOL it and don't provide security patches.

And it's even more crazy that none of this was Microsoft's fault to begin with.

Re:Sounds like

It's largely Microsoft's fault. I would happily pay for and use Windows 10 if it allowed me to completely disable the spyware and adware and bloatware (like Cortono), and control my updates and reboots. I think a lot of the Windows 7 and Windows 8 holdouts would feel the same. That would have reduced the burden on Microsoft immensely, but they chose to be dicks about it and now they are suffering the consequences.

Only here

[maeltor]

Only on Slashdot could a company like Microsoft issue a well worded statement on performance degradation in relation to a hardware issue they have no control over, and be vilified over it and subjected to bullshit standard conspiracy theory garbage. Actually I take that back. They'll be vilified out of principle on pretty much every tech news site.

Re:Only here

[110010001000]

You are right. You can't expect Microsoft to fix their older operating systems that are under support. They just don't have the manpower or money. Everyone should just install Windows 10 (starts at only $119). And you also shouldn't expect Intel to fix their stuff either. It isn't like they have money to fix their stuff either. Just buy a new chip when it comes out. Problem solved.

Re:Only here

This did not happen overnight. MS screwed many people over and now techie people don't trust them. In fact, some techie people hate them.

Re:Only here

[EndlessNameless]

You are right. You can't expect Microsoft to fix their older operating systems that are under support.

They are fixing them.

There are patches for Windows 7, 8, and 10. Because the kernel architecture has evolved over time, the performance deltas are different when patching each OS. Microsoft has been streamlining and modularizing the Windows kernel for a decade, so this performance difference should be expected.

E.g., Microsoft kicked font rendering out of the kernel going from Windows 7 to 8---this means fewer transitions between user and kernel execution when rendering web pages or Office documents. Since the patch penalizes transitions between user and kernel code, this has a direct impact on how badly the patch will affect the system's performance.

Bear in mind, this is only one relevant change. Microsoft makes a lot of changes under the hood with each release of Windows, and I expect there are quite a few more examples. The overall trend of kicking non-essential code out of the kernel (good idea in its own right) is working to their benefit here.

Re:Only here

Yes, how dare people complain that MS have effectively said that if you're on the still-supported Win7 'sucks to be you'.

Re:Only here

[110010001000]

I agree. Microsoft software gets better and better. Always upgrade to the newest!

Re:Only here

This did not happen overnight. MS screwed many people over and now techie people don't trust them. In fact, some techie people hate them.

Yet those 'techie' people still use their stuff.

Re:Only here

[ET3D]

Windows 10 was a free update!

Re:Only here

The IT Industry is maturing and becoming older as a whole; vendors, in order to bilk the maximum amount of capital out of markets that are largely done and settled or just plain survive, are continuing to create problems for the sake of it.

Consider the possibility the new Syscall API's are no longer based on Linux, Unix, Windows, or any other OS, but instead the new standard is UEFI. Once you realize that, then it explains a lot of the squirrlyness out of them. Once you can deploy an app as a self-contained VM to a computer and the window you open is just an app window, Their government-granted monopoly is hosed, and during the transition to something else, everyone is going to blame them for everything becuase they are being abandoned. Windows 10 is largely an OS that creates problems for the sake of it.

The "Just upgrade to windows 10 it's only $119" is such of a naieve comment; most environments that require a modicrum of security are actively ditching windows 10 for linux kiosks not due to price. It's only a matter of time before what I mentioned, happens. And it'll probably happen in a form nobody thinks of.

Re:Honest reasons why 'Windows 7' isn't good enoug

[Hylandr]

Windows 10 sucks (quantify that)

1. Keyloggers that send your keystrokes to Microsoft to serve targets ads in the OS. *cough* I mean 'Telemetry'.
2. Inability to control patches / updates
3. Reduced control over a system I *own*

There's a good start.

Re:Honest reasons why 'Windows 7' isn't good enoug

[TheDarkMaster]

Windows 10 is a nice kernel but with an GUI made by preschool children on top of it... Maybe I change my mind and switch to it when the interface be made by real professionals, until then I'll continue with Windows 7.

Re:Honest reasons why 'Windows 7' isn't good enoug

[FrankSchwab]

>>> 3. Reduced control over a system I *own*
I find this the most fascinating part of modern computing - "Here, pay me $700 for this smartphone so I can see everything you do, know everyone you know, and sell that information to anyone who'll pay me a dime for it. And, no, you're not allowed to stop me, or to even find out what information I'm collecting". Windows 10 moved that smartphone concept down to the PC.
This whole concept of paying large amounts of money for something that isn't yours (because you're not allowed to make unauthorized changes to it) and that's going to be used to make money off you is so new, and so foreign, that I have trouble with it. Maybe I'm just too old.
I remember when I trusted Quicken to not upload my whole financial database to Intuit for their perusal - and that now I assume that it does. I remember when I refused to get a supermarket loyalty card because I didn't like them tracking my purchases - until they implemented punitive pricing measures that "encouraged" my compliance. I remember when the concept of a car that stored my accelerations and speed for 10 seconds prior to an accident seemed like a huge invasion of privacy - and yet I have a Tesla Model 3 on order that will be able to count how many times I picked my nose on the way into work, and will likely use that information to advertise nasal sprays to me on the central display screen.

Really?-NICs.

They say I/O. I wonder how the newer NICs with co-processors and deep buffers would do? They don't hit the CPU as hard.

Re:Honest reasons why 'Windows 7' isn't good enoug

[NettiWelho]

Stick with it just stop pretending to be experts, telling others Windows 10 sucks (quantify that) and encouraging NOVICES who would benefit from architecture improvements to stay away from it because YOU don't like it.

Windows 10 fails to run quite a bit of legacy software developed for windows platform that functions just fine on windows 7 and earlier, this includes some very simple software using nothing but windows libraries.

Windows 10 fails to routinely respect user choice in things like allowed update install and reboot times.

On windows 10 the user is not in control of the machine even if logged in as administrator.

If you look on Nvidia forums theres a +100 page complaint thread about performance issues appearing over 2017 windows updates and smaller thread on microsofts own forums where their employees have been regularly responding and requesting additional telemetry on the issue after each patch..

No similiar complaints about windows 7 despite 7 being still more popular and I guess running with older hardware on average as well..

As a matter of fact I have hard time figuring any advantages windows 10 has over 7 except the "get help"-program that actually connects you to a microsoft employee, an actual person, at any hour of the day by a hit of a button, which I guess does make it more user friendly for tech-illiterates by leaps and bounds

don't worry

[edxwelch]

The decrease is performance only happens if you manage to update the BIOS and there's fat chance of doing that on a Haswell motherboard! It'll have reached non-support EOL long ago.

Re:don't worry

[TechyImmigrant]

The decrease is performance only happens if you manage to update the BIOS and there's fat chance of doing that on a Haswell motherboard! It'll have reached non-support EOL long ago.

My Haswell laptop's BIOS & FW was updated this morning. This gave me a good excuse to get more coffee while not worrying about the paranoid fantasies of those that live in a world of imagined facts.

Re:don't worry

[edxwelch]

count yourself lucky then

Re:don't worry

Prove it, what model?

Re:Honest reasons why 'Windows 7' isn't good enoug

[Hylandr]

And you let all these things happen.

Android phones can be re-imaged. Nobody forced anyone to use quicken or any software that uploaded everything to the could. I drive older cars not because I am broke but for how solid they are built, and they don't report shit.

If it's new, 'Free' has 'consequences'. For now, it's still my choice.

Hysterical reply much?

I bet your fun at partys.

Re:Hysterical reply much?

[TechyImmigrant]

I bet your fun at partys.

I bet you're a hoot at grammar conferences.

Re:Honest reasons why 'Windows 7' isn't good enoug

[MachineShedFred]

Windows 8 was preschool children - it may as well have had the "tiles" outlined in crayon.

Windows 10 is at least 3rd grade UI.

How to avoid the patch?

[fireman+sam]

I've got a Windows machine just for playing games. I don't have any sensitive information in the machine, nor do I really care if I have to reinstall at any point (slightly annoying). So, how can I say to Microsoft "Thanks for looking out for me, but I'd rather the extra performance"?

Note that the machine on which I game is from 2015 so the "fix" would have a noticeable slowdown. I've already turned off automatic updates, but this would likely be classes as an emergency update which ignores the settings.

Re:How to avoid the patch?

[NettiWelho]

I've got a Windows machine just for playing games. I don't have any sensitive information in the machine, nor do I really care if I have to reinstall at any point (slightly annoying). So, how can I say to Microsoft "Thanks for looking out for me, but I'd rather the extra performance"?

Note that the machine on which I game is from 2015 so the "fix" would have a noticeable slowdown. I've already turned off automatic updates, but this would likely be classes as an emergency update which ignores the settings.

Make sure you have full disk image of pre-patch state and keep it up to date so you can easily revert everything.

You could also try overclocking your system, my CPU is an i5-2500k from 2011 and latest games still run fine after upgrading just graphics card and switching from hdd to ssd

Re:How to avoid the patch?

[fireman+sam]

Thanks.

I also saw another post that says to disable the update service, dosvc, and bits. So I've done that as well. A quick test showed that my games still work - so I might be safe.

Re:How to avoid the patch?

[Megane]

The thing about all this is: Why should I care?

Sure, this is a potentially big problem for people who run virtual server farms, but for my Windows game box (which runs Windows 7, and has had updates turned off since all that "gwx" bullshit), what is the point? Even if I did get it in malware (how? I don't do general web browsing on that computer, just one or two specific games, not even Steam, it's behind NAT, and I also disable a lot of useless services), they would do better to force ads on me... oh wait, but I'm not even web browsing.

And on my main computer, which is a MacBook Pro from 2012, running OS X from a few major versions back, even if they could get it working in javascript (browsers are likely to change their timing support to be less precise by default), that's a lot of work to try to find something I probably won't even have.

Add in the "herd immunity" of it being patched soon for most people, due to updates and normal computer replacement, and I can't see it being worth the effort to use on me, except in a very targeted attack. Only on something like a virtual server, where you can expect them to all be running the same OS and hardware, and with other people's private data, does it begin to get useful.

I haven't even heard of proof of concept beyond "oh look, I can dump a bunch of your RAM in a few hours!" Great, now do something interesting with it. With my RAM, and the oddball stuff I run, not that specific version of whatever you installed for the demo.

So I don't want the patch, because I don't care. It's a read-only attack, so it won't cause anybody to crash my computer, much less root it, and it is slow, too. It won't cause computation errors like the divide bug. And the attacker still has to know what to do with the data dump. The exploit sounds scary, but just how hard is it to exploit on a random computer? I'm going on the side of OS diversity and herd immunity.

Windows bricked itself on AMD CPUs

Windows bricked itself when running on some AMD CPUs.
GNU/Linux, for instance, did not brick itself.

Re:Honest reasons why 'Windows 7' isn't good enoug

[EndlessNameless]

Windows 10 fails to run quite a bit of legacy software developed for windows platform that functions just fine on windows 7 and earlier, this includes some very simple software using nothing but windows libraries.

People complained about this a lot going from XP to Vista/7. The culprit, in most cases, was a better security model for the operating system which broke old applications. I am perfectly fine with this kind of change.

Windows 10 fails to routinely respect user choice in things like allowed update install and reboot times.

This is largely resolved in v1709. You set your active hours, and you can override it when prompted if you're outside the active hours.

Or, for an unsanctioned fix, disable the Windows Update service until you want to install updates.

If you look on Nvidia forums theres a +100 page complaint thread about performance issues appearing over 2017 windows updates

There were all kinds of performance issues with XP, Vista, and 7 in the first couple years after release. And I expect 8 got a free pass because hardly anybody used it. This is not new, and FWIW, I think Vista still holds the crown as the most broken OS.

As a matter of fact I have hard time figuring any advantages windows 10 has over 7

There's lots of little things, which you would probably find if you tried the OS instead of complaining about it. Pinning windows to any/all desktops is the one thing I couldn't live without if I were considering going back to 7/8.

Notice a change

[enriquevagu]

we don't expect most users to notice a change because these percentages are reflected in milliseconds.

Most users don't even notice that percentages are dimensionless, so it makes no sense to translate them to milliseconds.Yes, I understand that he pretends to mean that the penalty for each instance of the problem only causes a delay of milliseconds, but still, the performance drop is there and many consecutive penalties aggregate into a noticeable slowdown.

Apart from this joke, this is a good move from MS.

Re:Honest reasons why 'Windows 7' isn't good enoug

Why do you limit it to Android? You know APL is doing it.

If you believe what they say, well, you're not a reasonable person. APL said so: "no reasonable person would believe [us]". Even if they don't do it themselves, there's tons of companies out there with user tracking software for all platforms, so they're profitting (again) by user ignorance.

At least with Android, you're able to disable software entirely, and even inthe integrated software like the Contacts request permission to do more (like showing you appointments you might have with them).

Re:Honest reasons why 'Windows 7' isn't good enoug

[NettiWelho]

This is largely resolved in v1709. You set your active hours, and you can override it when prompted if you're outside the active hours.

Or, for an unsanctioned fix, disable the Windows Update service until you want to install updates.

I use windows 10 on my work laptop and in the up to date version I have installed on the option to change the active hours have been completely removed, futhermore microsofts own update prevention tool that lets you select individual updates doesn't work, at all, in my experience; If I let microsoft update the graphics drivers it completely breaks any gaming performance whatsoever, it also does the same every time theres a large patch and I have to remove all graphics drivers using DDU then reboot and hope windows hasn't started installing drivers against all settings so I can do clean install myself that will result in functional computer.

Re:Honest reasons why 'Windows 7' isn't good enoug

Also 1) was only in preview version of the OS, so your bias is showing. =P

2) Simply set your connection to Metered or grab the Pro version. If you want to manage the updates yourself, you're a pro. I read up on this and didn't have any problems disabling updates.

3) I don't see any reduction in control. You go in as admin, you disable the Windows Update services or whatever other telemetry you dislike.

So, no.... not a good start. So what are your ACTUAL complaints?

Re:Honest reasons why 'Windows 7' isn't good enoug

https://www.windowscentral.com/how-stop-updates-installing-automatically-windows-10

or just get the pro version, since if you're disabling forced updates, you BETTER be a pro.

linux benchmarks

I know about how some people hate phoronix.com but he's got a lot of linux benchmarks comparing before and after with both meltdown and spectre patches (kernel and gcc).

https://www.phoronix.com/scan.php?page=article&item=clear-kpti-retpoline

This particular article and the others I've looked at pretty clearly indicate that MS is full of crap, performance hits are generally uniform across the board with some variations. Interesting some of the very worst deltas are from the core i9.

Re: Honest reasons why 'Windows 7' isn't good enou

Yeah, good luck with that. Microsoft "fixed" that: Pro ignores group policy, you can defer but not disable auto updates.

Wants Everything, Contributes Nothing

Just because you can ask the question, doesn't mean there is an answer for it. Not everyone knows everything and your post is proof of that.

Also, a little less all caps, if you please.

I haven't noticed any slowdowns

[jonwil]

I am running a Skylake Core i5-6500 with 8GB RAM and a 250GB Samsung SSD with Windows 7 Home Premium and I have the patch installed and haven't observed any slowdowns.

Just kicked of a full compile (in VS 2017) of a large (~2100 files) project I have here and I saw no noticeable slowdowns compared to how fast the thing compiled before the patch. And such a thing would be highly I/O bound (reading all the input source files and things, writing out compiled obj and other files, reading toolchain binaries etc) and likely making a lot of kernel-user transitions.

I have no games on here that are demanding enough to show any observable difference between old and new so I cant test those.

Re:I haven't noticed any slowdowns

[JohnStock]

To be honest, unless you've ran benchmarks that produce figures for comparison, would you be able to perceive a 5% slowdown anyway?

Re:Honest reasons why 'Windows 7' isn't good enoug

If a company offers you a free service, then you are the product being sold

So you are saying MS is pulling an Apple

and arbitrarily and artificially slowing down older kit extra to "protect the users" from their problems, while encouraging new sales of course.

Microsoft is sorry

And the only thing that will make them feel better is more of your money spent on a new Windows 10 license..

Re:Honest reasons why 'Windows 7' isn't good enoug

With bonus tracking and forced updates, so, sure, 3rd grade, but you're still forced to wear diapers and are monitored by cameras all day.

Re:Honest reasons why 'Windows 7' isn't good enoug

Wow. And I thought the constantly breaking trackpad driver on my friend's laptop every update was annoying.

What the hell is Microsoft's problem? Do they not understand that removing sane control over updates is driving people away from Windows 10?

Re:Honest reasons why 'Windows 7' isn't good enoug

[green1]

That used to be the case, but it's completely changed now. Now you pay big money, and you are still the product being sold. In fact there's absolutely no way to not be the product being sold with most new products these days. I miss the days when you could say that only the free services were selling you as the product, now you have to assume that every service does that. No matter how expensive.

Re:Honest reasons why 'Windows 7' isn't good enoug

Maybe replace "sold" with "farmed"

font rendering in the kernel?

[sad_]

how do they come up with these idiotic ideas?

ClearLinux

[NewYork]

What is the impact of Spectre on ClearLinux?

Re:Honest reasons why 'Windows 7' isn't good enoug

>>> 3. Reduced control over a system I *own*
and yet I have a Tesla Model 3 on order that will be able to count how many times I picked my nose on the way into work, and will likely use that information to advertise nasal sprays to me on the central display screen.

Checking our databases shows that you used to shave going to work - Now it is "picking your nose" so that information has been updated. Thank you!

Didn't MS stop updates for Win7+newer CPUs?

[lpq]

Didn't MS put in code to disable Windows updates for Win7 users if they upgraded their CPU to a newer CPU?

I wonder if this policy will change?

Hmmm....