Anybody installed the Windows Patch for the Chip Security "Meltdown/Spectre" Issue yet?

a reply to: ArMaP

So, how much damage could this breach do to the average computer user?

ETA
And I see there are two separate issues, one that targets Intel, the other is an issue for all processors:
hothardware.com...

This is definitely the nastier of the two exploits and affects all modern processors (Intel, AMD, ARM, etc.) and operating systems that we know of. Spectre in effect tricks "error-free" applications that follow "best practices" to provide access to arbitrary locations in their memory. Spectre, like Meltdown, breaks down the barriers between applications, but researchers indicate that "the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre."

looks like to be totally safe, you need to get a firmware update as well:
support.microsoft.com...

originally posted by: DontTreadOnMe
a reply to: ArMaP

So, how much damage could this breach do to the average computer user?

As much as the damage done by any program that the user executes, the only difference being that it can have access to other program's memory. The average user is more likely to execute any malicious program by mistake or lack of suspicion than to be targeted by an exploit of these bugs.

As the article on your link points, the worse problem happens with Spectre, and the fact that a program running on a virtual machine can get access to other virtual machines and the programs running there is a huge problem for companies hosting, for example, web pages, as someone can host a malicious program on their virtual server and have access to all other virtual servers running on the same machine, and today that's one of the most common methods of hosting web pages.

originally posted by: ArMaP

originally posted by: SR1TX
This is more than likely a back door purposefully put there.

I don't think this was a back door, as, although it gives access to all of the memory, it's not an easy way of getting information about what people are doing in the computer, as they would had to know what was on the memory, and while a simple text file is easy to understand an image or a video is not, and it would give them a lot of work just to know what someone was doing.

Correct. They're making this out to be so much bigger than it is. Chances of someone getting hacked through this "non flaw" is likely less than zero. Supposedly it's never been compromised. Had Intel never said anything about it, no one would have been the wiser and the flaw likely never used. Even if it will be used, it would be very difficult and not worth the worry.


I'm not patching $#!^

I'm not going to patch with something I know even less about and compromise my system performance (up to 30% and maybe more) when I built this rig for performance. Instead, they should give me a new rig or the money for one that will fix the issue and give me the performance I have and what I paid for.

This is like buying a new car and the company saying, sorry... we have to fix your engine but it'll make your car 30% slower and 30% less torque or more... Isn't Apple getting sued for something kinda similar ?

originally posted by: StallionDuck
Instead, they should give me a new rig or the money for one that will fix the issue and give me the performance I have and what I paid for.

This is like buying a new car and the company saying, sorry... we have to fix your engine but it'll make your car 30% slower and 30% less torque or more... Isn't Apple getting sued for something kinda similar ?

I doubt this will result in Intel getting sued (well, I suppose they will get sued, as people sue other people for all motives) and forced to compensate users.

First of all, most Intel clients are not final users like you and me, as very few people buy CPUs to put on their computers.
Those that do it (like I have done in the past), when they buy the CPU, they are not getting a certificate stating that Intel guarantees that the CPU is flawless, they only guarantee that it will work as advertised, and they do.

a reply to: ArMaP

It's not just the CPU though. If that were the case, AMD wouldn't be affected (unless AMD stole the design from intel). It's anything with an intel chip set.

As I have Windows 10 my computer updated itself during the night, but, as I was expecting that, I ran a benchmark program before as soon as I could, and this morning I reran the benchmark program (the trial version of Geekbench), and this is what I got:


Before                     After
Single-Core Score=1832     Single-Core Score=1697
Multi-Core Score=2870      Multi-Core Score=3006

That shows a reduction in performance in single-core operations of around 7.3%, but an increase in performance on multi-core operations of 4.7%.

A more detailed description of the scores:

Single-Core Performance
                       Before      After      Difference
Crypto Score             133        129          -3.0%
Integer Score           2345       2162          -7.8%
Floating Point Score    1613       1528          -5.2%
Memory Score            1429       1298          -9.1%

It looks like memory performance was the area most affected.


Multi-Core Performance
                       Before      After      Difference
Crypto Score             237        234          -1.2%
Integer Score           3915       4044          +3.2%
Floating Point Score    2722       2934          +7.7%
Memory Score            1402       1474          +5.1%


I suppose that shows what I was expecting, that some parts of operating system were already optimised, so they were negatively affected, while the ones that were based on rushed or obsolete software, after being rewritten, would be better than they were before, so even the extra work was compensated by the fact that the new version is better software than the original.

a reply to: StallionDuck

I think the problem is a design problem, not an implementation problem, and that's why it affects more than just Intel processors.

PS: about my benchmarks, I reran the benchmark and got slightly different values (as expected), and the differences appear to be closer to the benchmark error margin.

Got the update.. Intel Centrino 2Ghz processor.. no noticeable difference... yet.

a reply to: ArMaP

What is memory performance?
How long it takes a page to load?

a reply to: DontTreadOnMe

Memory performance is not something we notice, it's too fast, even with slower memory.

a reply to: ArMaP
Thanks for that

Bottom line.....how critical is this update/patch/fix?
I am so leery of what they are saying versus the actual danger.
And, sure as heck don't what MORE slowdowns.

a reply to: DontTreadOnMe

If I wasn't forced by Windows 10 I wouldn't bother updating, as these new flaws can only be exploited when a program specifically made for that is executed on the computer, and the user is the one that can start it, so the vulnerability isn't, in that respect, worse than most.

After updating I don't see any noticeable slowing down, my computer is as slow as it was before.

originally posted by: ArMaP
a reply to: StallionDuck

I think the problem is a design problem, not an implementation problem, and that's why it affects more than just Intel processors.

PS: about my benchmarks, I reran the benchmark and got slightly different values (as expected), and the differences appear to be closer to the benchmark error margin.

Thanks for those benchmarks. That's some pretty good insight on the difference. How old is your rig? It might do more/less based on the age of the system. I dunno if I want to bother with it, still.

I'm actually using Win7 still. On purpose of course

a reply to: StallionDuck

I'm not sure how old it is, but it's a relatively old Intel Core 2 Duo E8400 that came with Windows Vista, so it's probably around 8 years old.

a reply to: ArMaP

LOL
I have a Dual Core E5200.....not new by any standards.
Running Win7.
Happily.

Not that this makes ANY sense to me.....
www.redhat.com...’s-what-you-need-know?sc_cid=7016000000127NJAAY

Some info on where the most slowdowns will happen,
www.tomshardware.com...
And,FYI.... no patch for Spectre

The Spectre exploit is much more nefarious and impacts Intel, AMD, and ARM. This exploit can access kernel memory or data from other applications. Researchers contend that fixing this exploit would require a fundamental re-tooling of all processor architectures, so we'll live with the threat of this vulnerability for the foreseeable future. Fortunately, this exploit is extremely hard to execute and requires an elevated level of knowledge of the interior workings of the target processor.

If anyone is having trouble installing the "patch"....it may be your AV is not yet compatible:
www.zdnet.com...

Antivirus firms are gradually adding support for Microsoft's Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.

As Microsoft warned this week, it's not delivering its January 3 Windows security updates to customers if they're running third-party antivirus, unless the AV is confirmed to be compatible with it.

a reply to: DontTreadOnMe

I'm opting out so I wont be a good source of 'after patch' information, other than hearsay.

I found that there are some negative comments about this post patch in various areas of interest. One of my past times is MMO FPS (first person shooter) games that require a bit of processing power, video memory and power as well as overall memory power. Two of which are Planetside 2 and Empyrion. Empyrion is a bit more needy since it's still in open beta and the graphics cost are more demanding.

From what I gathered, some of which was pretty obvious:

- For text based (internet browsing, word, excel and the like) software, there are zero issues. No one seems to notice any difference at all.

- Game based 'shouldn't' be affected, according to the articles going around about issues discussed here but I'm seeing a good many people saying that their performance is degraded and the frames per second for the above mentioned games have fallen to a very noticeable level.

For Planetside 2 (not very demanding graphics wise), some users were able to get past the issues after installing the patch only after updating their bios. This is odd to me since they should have seen the performance depletion before the patch if the problem was an outdated bios but they only noticed after the intel patch. Maybe it was just a state of delayed perception where they only noticed once they were made aware of possible issues. Maybe it's also possible that the bios update was also related to this vulnerability. I don't know. The jury is out on this one, for me.

For Empyrion, which is very graphically and memory/processor demanding (because the game is beta and has not been adjusted for across the board requirements), some are saying that they noticed a serious degradation. So far, no one mentioned bios updates.

The above mentions might be more related to the actual video cards than anything else, though. I'm guessing the ones that fixed the issues might have also updated their video drivers and they are using invidia cards. From my understanding, these exploits pretty much involve everything computer related from phones to PCs to well, everything. As one article mentioned:

The Meltdown virus is specific to Intel, while Spectre affects devices including laptops, desktop computers, smartphones and internet servers.

Newsweek

On my rig, I checked for bios updates and found none. I'm running an intel i7 processor and a gigabyte board with win7. I do a lot of high resolution graphic arts, some online MMO FPS gaming as well as plenty of movie/TV streaming. I rather just not worry about the overblown hype and leave my system alone without windows related updates. I'm happy with my performance and I'm decently careful about bugs/hacks/viruses... So much so that I've never used a virus scanner and I think I've gotten a virus only once some 15 years ago and took care of getting rid of it myself without tools. The most protection I have on my system is Spybot Search and Destroy. That's not even really a virus scanner. (Well, over the recent years it has added something of one) It's mostly there for blocking known affected sites and great for cleaning junk out of my registry, which I don't recommend unless you know what you're doing. That's just me. I've been a puter 'nerd' for the past 30 years.

Sides... We can't do anything about Specter if we wanted to. The other, it probably wouldn't be worth the hassle for a legit hacker to use it because there are much easier ways to use keyloggers built into webpages and affected through emails/documents and supposed image files to have the same effect. Most of all, I'm seeing where some sites are saying you need to be affected with a virus anyways before these exploits can be used. Simple viruses get this data regardless.


The conspiracy theorist in me thinks that this was something the gubment was using as a back door to our systems for all these years anyways, if not Intel itself. Someone saw the flaw and they had to report it because of it. They knew about this for some time before they even came out with it.

How can you have 2 viruses or trojans that no one has ever used for a 'non flaw' that no one had ever known about?
- The exploits were created by Intel to test their flaws? ehhhh no. If they had, they wouldn't have mentioned it as though it was out there in the wild unless it was taken and distributed by someone in house.
- Why does no one used these trojans?
- Who created them?
- Why have we never heard of them before?

Something doesn't fit here.

I'm guessing that Specter and Meltdown are just names they gave the exploits. It's just odd that these 2 came up at the same time, yet the names (at least one of them anyways) doesn't really fit the issue.

originally posted by: StallionDuck
The conspiracy theorist in me thinks that this was something the gubment was using as a back door to our systems for all these years anyways, if not Intel itself. Someone saw the flaw and they had to report it because of it. They knew about this for some time before they even came out with it.

I find it unlikely, getting access to "raw" memory is too much work, as you have to know what to do with the data. Is it text, image, sound, video, processor instructions? Too much trouble. Now that operating system inside Intel chips is a different thing, as it can have direct access to the disk while we think the computer is shut down.

How can you have 2 viruses or trojans that no one has ever used for a 'non flaw' that no one had ever known about?

There aren't any viruses or trojans, only the detected flaws and the exploits. Exploits are just a description/example of how to take advantage of the flaw, to prove that it's a real flaw with more or less worrying consequences.

- The exploits were created by Intel to test their flaws? ehhhh no. If they had, they wouldn't have mentioned it as though it was out there in the wild unless it was taken and distributed by someone in house.

Apparently, the flaws were discovered by Google's Project Zero, a team of bug hunters, and while they were still secret were discovered by three other teams. There's an interesting article about it here.

a reply to: ArMaP

Makes sense. I thought it may be just a name of the issue such as a code name but it took a few articles to realize that it wasn't an actual virus.

I'm still under the impression that the only way to use any of these flaws is to piggy-back it on a trojan/virus or to access it manually and after digging a bit, it looks like that may actually be the case.

An attacker would have to be able to put some code on to a user's computer in order to try to exploit either Meltdown or Spectre.

This could be done in a variety of ways, but one - running such code in a web browser - is already being closed off by companies such as Google and Mozilla.

Users can also, for example, use Chrome's "site isolation" feature to further protect themselves.

Some cyber-security experts have recommended blocking ads, browser scripts and page trackers as well.

Even if an attacker did get access, they would get only "snippets" of data from the processor that could eventually be pieced together to reveal passwords or encryption keys, says cyber-security expert Alan Woodward, at the University of Surrey.

That means the incentive to use Meltdown or Spectre will at first probably be limited to those prepared to plan and carry out more complex attacks, rather than everyday cyber-criminals.

If ad blocking didn't affect sites overly much, it just might now. This is a win for ad blockers. A big one!


Since I was on the story, I found a little more direct information on the topic that clears up a lot for me. Might be helpful for anyone curious.


How does it work?

When it is working, a computer shuffles around huge amounts of data as it responds to clicks, commands and key presses.

The core part of a computer's operating system, the kernel, handles this data co-ordination job.

The kernel moves data between different sorts of memory on the chip and elsewhere in the computer.

Computers are engaged in a constant battle to make sure the data you want is in the fastest memory possible at the time you need it.

When data is in the processor's own memory - the cache - it is managed by the processor but it is at this point that the newly revealed vulnerabilities come into effect.

Spectre essentially gets programs to perform unnecessary operations - this leaks data that should stay confidential.

Meltdown also grabs information - but it simply snoops on memory used by the kernel in a way that would not normally be possible.

Both attacks exploit something called "speculative execution", which prepares the results of a set of instructions to a chip before they may be needed.

Those results are placed in one of the fastest bits of memory on the computer's processor chip.

Unfortunately, it turns out that it is possible to manipulate this forward-looking system (for example by getting the processor to perform extra operations it wouldn't normally do).

Bit by bit, this technique can allow an attacker to retrieve bits of sensitive data from the computer's memory.

Source


For those bitcoin miners out there... You guys lucked out. You wont be affected overall since that uses GPS mostly. Though it could depend on your card. nVidia seems to be affected. If you use CPU mining, you could be affected. CPU mining isn't ideal for crypto but some people do use it since their CPUs are better than their graphics card, those may be affected. (If you're mining with your CPU, you're probably spending more on electricity than you're gaining crypto but hey... Who am I to judge?