Slashdot Mirror
Intel Discloses Three More Chip Flaws (reuters.com)
Intel on Tuesday disclosed three more possible flaws in some of its microprocessors that can be exploited to gain access to certain data from computer memory. From a report: Its commonly used Core and Xeon processors were among the products that were affected, the company said. "We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices," the company said in a blog post. Intel also released updates to address the issue and said new updates coupled those released earlier in the year will reduce the risk for users, including personal computer clients and data centres. In January, the company came under scrutiny after security researchers disclosed flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices and ARM.
Intel realy needs to start cutting prices to keep up with amd.
And on the high end desktop line all cpu needs to max out pci-e lanes. Going as low as 16 is just an joke there.
The Reuters article quote Intel's blog: "...this further underscores the need for everyone to adhere to security best practices," the company said in a blog post.
That first best practice would be not buying Intel chips. Glad there's an alternative.
No doubt Intel found out that someone else was going to disclose these flaws, so they got out ahead of it. They're pulling a Rudy here; try to beat the scandal, but then create one with their attempt to deflect responsibility to someone else:
Yeah, Intel. Everyone. Including the folks who have done the worst job of adhering to security best practices... Intel. You guys skipped security checks until after they were necessary to gain a performance advantage over AMD, and now you're trying to deflect attention from that by suggesting that security is someone else's responsibility. But the CPU is the heart of the machine, and you're responsible for deliberately compromising its security for a business advantage.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
The lack of disclosed vulnerabilities does not mean vulnerabilities do not exist.
To think "no news is good news" is not that far from "Security through Obscurity".
A brief history...
Intel followed the very successful Pentium 3 design with Netburst, a radical new architecture that used a VERY long pipeline in the chase for a 10GHz (eventually) clock. It was terrible, but Intel paid outlets at the time, like Slashdot, to promote it as the second coming of chr-st.
Meanwhile AMD was using its newly aquired team of CPU architects to build the world's first 64-bit compatible x86 chip, and the world's first true dual core x64 chip. And it was fantastic.
No matter how much lies Slashdot et al were paid to say about Netburst, its hopelessness was obvious from day one (who would have guessed an ultra-long-pipeline stunk for this type of application). So after a few generations, Intel went back to the Pentium 3 design, crossed it with AMD's best patents (legal cos of a croos patent agreement between Intel and AMD), and made the Core 2 which today continues as the improved 'core' architecture in Intel's Slylake etc.
What we did not know at the time was that Intel removed hardware memory access tests that a multi-core and or multi-threaded architecture that shares memory resourses must use. These tests are supposed to take the form of "lock and key" where a thread has a 'key' (id number) that must be tested in a 'lock' for any shared memory access. No lock and key means MUCH faster memory access and higher clocks/lower power- curiously EXACTLY those benefits seen over AMD til the release of AMD's Zen (but even then Intel keeps the clock advantage).
Yes today's Intel parts, at best get 5Ghz while AMD's Zen+ is at 4.3 GHz cos of that 'illegal' (in computer science terms) Intel CHEATING. And that cheating is why Intel suffers from the terrible unstoppable exploits that Zen does not.
Buy Intel and you are buying broken by design. Buy AMD's Ryzen and you are getting 'best of class' unless that buggy 0.7 GHz really matters to you.
Tiday Intel compounds its cheating with buying the review methodology used to benchmark AMD products. So AMD just launched a 32-core 64-thread processor and Intel paid the usual suspects to bench only using programs known to use 8-cores or less. Whereas you or I would then run FOUR instances of the benchmark at the same time to actually stress the 32-cores, not one of the review sites even attempted this.
Actually the Linux reviews were different since so many key Linux apps scale to any number of threads. They, of course, showed AMD's new threadripper to be a monster. But the bought and paid for Windows 10 reviews sites all 'wondered' who would want a 32-core part, given that "no windows user ever does more than one thing at a time on their computer". This is Intel's dirty money in play.
PS I use the AMD 8-core 1700 in windows. It is jaw-droppingly awesome. Unlike Intel, you can just have everything working at the same time (and I came from Intel systems where one heavy app means you must close down other heavy apps first). Evey bad word currently said about AMD is financially sponsored by Intel's gigantic PR fund.