URGENT Issues with Intel and IOS CPUs security and Performance

To @everyone Remember to update your ios and Windows today. There was an enormous security flaw with amd/intel chips and ios systems that have been updated today. It was so big that the CEO of intel sold half his stock on the company 6 months ago when he learned about it. This flaw would not only slow down your cpu during heavy loads by 5-50% , but also create a leak in security leaving files open for accessing by hackers.

Ios, AMD and Intel, all affected

https://semiaccurate.com/2018/01/04/kaiser-security-holes-will-devastate-intels-marketshare/

Link is thanks to Mishikal

 

FYI - the flaw isn't what might slow down your CPU - it's the fix - but Intel is disputing the 5-30% number reported (of course..).

Also - AFAIK - updates aren't yet available yet for iOS - and Microsoft's initial patch won't be installed automatically if you are using most non-Microsoft antivirus software.

From what I read, Intel is releasing firmware updates to OEMs (Dell, HP, etc) for some of its CPUs that can be patched that way - if you built your own system, you're on your own for possible firmware updates as Intel isn't providing them directly.

This is still a developing issue..

 

Just update guys, that is all

 

Is this the Intel Management Engine issue, or something different altogether?

 

One of the three methods:
https://spectreattack.com/spectre.pdf

 

There are two vulnerabilities - Meltdown & Spectre. The article below explains what these vulnerabilities are and extent of the risk quite simply & clearly :

http://www.businessinsider.com/intel-chip-bug-meltdown-and-spectre-explained-2018-1

Meltdown affects Intel processors only while Spectre affects AMD, Intel & ARM CPU's - but is harder to exploit. Both are vulnerabilities are on the hardware level , you probably won't be seeing any indicators or signs on the Windows ,Linux, Apple OS or Android system logs.

Am I in immediate danger from this?


There's some good news: Intel and Google say they've never seen any attacks like Meltdown or Spectre actually being used in the wild. And companies including Intel, Amazon, Google, Apple, and Microsoft are rushing to issue fixes, with the first wave already out.


The most immediate consequence of all of this will come from those fixes. Some devices will see a performance dip of as much as 30% after the fixes are installed, according to some reports. Intel, however, disputed that figure, saying the amount by which computers will be slowed will depend on how they're being used.


The Meltdown attack seems to work only on Intel processors. You can guard against it with software updates, according to Google. Those are already starting to become available for Linux and Windows 10.

Spectre, by contrast, appears to be much more dangerous. Google says it has been able to successfully execute Spectre attacks on processors from Intel, ARM, and AMD. And, according to the search giant, there's no single, simple fix.

It's harder to pull off a Spectre-based attack, which is why nobody is completely panicking. But the attack takes advantages of an integral part of how processors work, meaning it will take a new generation of hardware to stamp it out for good.

In fact, that's how Spectre got its name.

"As it is not easy to fix, it will haunt us for quite some time," the official Meltdown/Spectre FAQ says.

 

EVEN THE LINK YOU HAVE SAYS:
"it is unlikely to cripple a consumer desktop PC or phone but will probably cripple a server. Workload dependent, we meant it."
"The big problem is with variant 3 which ARM claims has a similar effect on devices like phones or tablets, IE low single digit performance hits if that. Given the way ARM CPUs are used in the majority of devices, they don’t tend to have the multi-user, multi-tenant, heavily virtualized workloads that servers do. For the few ARM cores that are affected, their users will see a minor, likely unnoticeable performance hit when patched."
"Because in those heavily virtualized, multi-tenant, multi-user workloads that most servers run in the modern world, the patches for 3 are painful. How painful? SemiAccurate’s research has found reports of between 5-50% slowdowns, again workload and software dependent, with the average being around 30%. This stands to reason because the fixes we have found essentially force a demapping of kernel code on a context switch."

https://www.pcworld.com/article/324...cpu-kernel-bug-faq-how-it-affects-pc-mac.html
"Will my games get slower?
Probably not. Phoronix also tested Dota 2, Counter-Strike: Global Offensive, Deus Ex: Mankind Divided, Dawn of War III, F1 2017, and The Talos Principleon a Linux 4.15-rc6 machine with a Core i7-8700K and Radeon Vega 64. None saw a frame rate change outside the margin of error range.

Hardware Unboxed tested a handful of DirectX-based Windows games in the video linked above. With DirectX hooking so deeply into Windows, gamers were worried about a potential performance degradation there. Fortunately, Hardware Unboxed observed virtually no frame rate loss in Ashes of the Singularity, Assassin’s Creed: Origins, or Battlefield 1. Phew."

To normal human, this means nothing. Patch your windows, like you should do automatically.

I see this all over the facebook now, everyone yelling and screaming.

THERE's ALWAYS VULNERABILITIES, YOU NEED TO KEEP YOUR PC UPDATED ALL THE TIME, not just when facebook tells you.
Patching this, according to internet, will not affect normal gaming pc at any noticeable level nor any phone or console, tablet nor anything that is not run in very heavy, server like environmnet.

 

I'll bet the performance hit is insignificant compared to the slowdown you get from updating iOS and nobody is raising a stink about Apple's shenanigans.

 

Cleaning up some quoted posts, please keep this on track, thanks.