Apparently a bug found in Intel processors.
Kernel Leak and once they do fix it will also slow down computers by between 5% to 30%, according to some researchers.
Just wondering if anyone knew about this.
You hear about Intel meltdown?
Printable View
-
01-06-2018, 09:24 AMZeonxYou hear about Intel meltdown?
-
01-06-2018, 09:29 AMSebazy
Whilst it's a pretty significant issue, the performance ramifications have been blown out of proportion somewhat. Google have already claimed their patch ended up costing them around 2.5% and they are pretty much in a worst case scenario compared to home users.
It's also interesting to note that Arm are similarly affected, whilst AMD seem to have dodged the bullet thus far. The good times just keep rolling for their CPU division. -
01-06-2018, 11:13 AMZfz
Heard about it and updated.
My take is that it affects mostly high CPU utilization applications, so you'd be talking about data centers and servers where it is important to get the most out of your CPU time. For us regular folks, the vast majority of the time our CPU isn't anywhere remotely near 100% utilization. For example I'm using a relatively old Xeon E3-1230v2 and most of the times in FFXIV I don't see anything over 70% utilization. Even if I'm hit with a 30% performance degradataion, I doubt I'd feel anything since a lot of what we feel are actually GPU related, not CPU related. -
01-06-2018, 11:52 AMValkyrie_Lenneth
It affects applications with a high amount of calls to the kernal. Gaming and most applications will see less than 5% impact. People love to panic.
Also, unfortunately, this is technically off topic, and will likely be closed. -
01-06-2018, 12:25 PMi3oi3o
The security issue is on CPU branch prediction and CPU's cache, Small memory in CPU to reduce loading data from RAM.
This allows hacker to access information which CPU try to predict.
If the game doesn't use programming technique which utilize CPU's cache, you won't get performance hitch.
By the way, Most game architecture cause a lot of miss in CPU's cache. -
01-06-2018, 12:33 PMMyvar
From what I hear, if you're the only one using your computer, you don't really have anything to worry about.
Quote:
In short, this vulnerability allows any process to read the private
memory of any other process, including unencrypted passwords, if any.
If you are the only user of your computer, all the processes are yours,
and there is nothing to worry about. If you are using a shared
computer, you might want to avoid running programs like password safes
that might keep unencrypted passwords in memory. Or you can simply not
worry about it.
-
01-06-2018, 12:43 PMTridusUnless someone has another exploit they haven't revealed that lets code escape a browser sandbox, and then anything viewing a webpage is potentially vulnerable. We don't know of such a possible exploit right now, but that doesn't mean it doesn't exist.Quote:
Originally Posted by Myvar
The patch will mitigate the worst of it, so anyone with autoupdate on doesn't need to think about it a whole lot. -
01-06-2018, 12:44 PMAlien_Gamer
Any security flaw like this is a serious issue but for most users this will be a non-issue once patched because very few programs operate in a way that could see a heavy impact from this.
Ars Technica has been publishing some articles on it that are a good read for the average person, maybe light on the technical details for IT professionals and programmers though.
https://arstechnica.com/gadgets/2018...oing-about-it/
https://arstechnica.com/gadgets/2018...erous-patches/
https://arstechnica.com/gadgets/2018...ecurity-flaws/ -
01-06-2018, 12:47 PMTridus^ This. Syscall heavy workloads suffer more. Games are relatively syscall light as are most tasks done by home users, so much so that many won't even notice (some benchmarks have shown no significant FPS impact in games). Some other workloads have seen far worse impacts.Quote:
Originally Posted by Valkyrie_Lenneth
It's not just about loading the CPU. It's about what you're loading it with specifically. -
01-06-2018, 01:09 PMBashum
Yes, I heard about it hours after it was announced, and didn't have any free money to put into AMD stock.
Their stock didn't soar as much as I was expecting, but it still jumped around 20%. Would have been a nice windfall. -
01-06-2018, 02:27 PMNedkel
I wonder will it affect consoles, MS official said the problem will not affect xbox consoles, but how about ps4? anyone know?
-
01-06-2018, 02:31 PMaestevalNo. Just because you're the only person using your computer doesn't mean that you're the only one running code on it. If you spend time on the internet, you never know what might be executing that you're not aware of. Granted data centers have additional things to worry about, but it doesn't mean you're safe.Quote:
Originally Posted by Myvar
-
01-06-2018, 02:34 PMaestevalDon't forget that XIV performance also relies on server performance. "Server limitations" is a known phrase for us.Quote:
Originally Posted by Zfz
-
01-06-2018, 02:37 PMaestevalI think Microsoft and Sony are both using AMD for their consoles and AMD is quite insistent that they're unaffected by Meltdown.Quote:
Originally Posted by Nedkel
The Switch uses ARM and some ARM processors are affected. Not sure if the Switch uses any that are.
That all said, there's also another similar exploit called Spectre that isn't being patched for that potential affects all recent processors. -
01-06-2018, 06:42 PMZeonx
Question is what kind of chip are they using for the servers that run the game?
Is the servers run on high end intel processors or AMD. -
01-06-2018, 08:15 PMLalaRu
OMG a BUG has found in the processors!!! The world will melt.
This bug ain't more or less dangerous than all the dozens of zero-day laying in the hacker's lists. It is just some fuel for the press (to let us buy new hardware soon?). Or you all really feel you were more secure without this bug around?
The perfect software doesn't exists, and same applies to firmware too. Live with it. -
01-06-2018, 09:18 PMi3oi3oI think FF14's server is designed to scale.Quote:
Originally Posted by aesteval
Very likely, they choose available server instance which don't have much load and spawn a process to run.
Imaging this process as dungeon instance, each world map etc.
Not likely that a process will consume a lot of CPU except one scenario, 100 people enter the same map to hunt Rank S which very likely causes the process to consume CPU to almost full. -
01-06-2018, 09:29 PMlulunamiAny hardware bug that accidentally gives user applications (Ring 3) access to Ring 0 kernel memory is a very serious bug. If left unpatched, visiting a nefarious website could potentially expose sensitive data like passwords. Passwords to stuff like banking or security accounts. If that is so passe to you, I do not know what else to say.Quote:
Originally Posted by LalaRu
-
01-06-2018, 10:45 PMaestevalNo. The big deal that's being made about it is due to mitigation processes that are being implemented to rectify the exploit: OS level changes that will force a performance hit to some extent due to making things run safer but less efficient. People were just making a big deal about Apple slowing processor performance in iPhones when the phone has an older battery. This is slowing performance on a much wider scale but for different reasons. Theoretically, anyone who paid a premium for an Intel chip in the past 10+ years will no longer have access to the same level of chip they purchased.Quote:
Originally Posted by LalaRu
-
01-06-2018, 10:52 PMaestevalI'm actually thinking about everything to do with inventory and items in XIV's case. We're getting a saddlebag and not more inventory slots for a reason. However it's been designed would be with a certain margin of performance expectations in mind and if the servers do take a performance hit because of this it could be a really nasty goal post shift. A lot of speculation, but concerns (we don't know what hardware the servers are even running or what risk there may be to leave them unpatched.)Quote:
Originally Posted by i3oi3o
-
01-06-2018, 11:02 PMaesteval
https://arstechnica.com/gadgets/2018...n-and-spectre/
But all in all, the big outcome is what this could mean to Intel / repercussions. Class action lawsuits have already started, and this is a significant issue on a systems architecture level that's been lingering for a long time that has to be fixed via software because Intel is unable to fix the flaw without designing and releasing new processors. Their entire product line is now considered defective and they have to engineer new chips that are not affected. -
01-07-2018, 02:00 AMLalaRuAnd them will go nowhere. Nobody can guarantee perfect software or hardware. Lawsuits may have effects if Intel done that bug on purpose but I think hardly you can prove a so silly statement.Quote:
Originally Posted by aesteval
-
01-07-2018, 02:07 AMTridusEver heard of the Pentium FDIV bug? Lawsuits on that very quickly forced Intel into a voluntary recall program that cost $475 million. Intel didn't do that on purpose either. That was in 90s dollars when the market was a lot smaller. Dismissing stuff out of hand now doesn't go very well with past history of problems at this scale.Quote:
Originally Posted by LalaRu
Even without lawsuits, this will cost Intel. It hurts performance, and on the workloads where it hurts the most, AMD is already competitive and not affected to the same degree. That market buys a lot of processors, and the workstation folks tend to buy the higher end, higher profit models. -
01-07-2018, 02:18 AMaestevalClass action lawsuits have gone places over stupider things. I personally wouldn't place bets on how far this will or won't go, but you do you by all means. The entire thing where this exists because Intel processors are executing commands before verifying access permissions lays out the groundwork for an argument of negligence. If mitigation requires taking a performance hit that also means there's at least a decade's worth of processor sales that will effectively leave customers no longer having the product that they originally purchased.Quote:
Originally Posted by LalaRu
-
01-07-2018, 06:45 PMLalaRu
Oh, the issue is so evident that taken only 10 years to be discovered ?
But, will not deny how serious is the issue. But is no different than other serious exploit discovered in the years. This one just got highlighted by the media because, well, because they can? Intel hate? Who knows.
Anyone remembers when flash player born? That piece of software was the best and greatest place for virus, malware, remote control, any kind of pestilence to your computer, its creator deserves to be called the greatest hacker of history, because made one of the best pc infection door and made it to be even installed by default in PCs, and excluded by antivirus as legit software. That man is legend. -
01-07-2018, 07:52 PMRiardon
Ah another backdoor feat..erh security vulnerability I mean. It was there for 10 years. It makes you wonder how many more security holes are baked into hardware but didn't see the light of publicity yet. And how many have already been patched silently.
I guess XIV has Intel servers and I really wonder what the hit of performance will be on XIV's servers after the patch. Fortnite devs already saw a performance hit. I guess we don't need to worry or do we? -
01-07-2018, 09:06 PMKewitt
I did ffxiv she benchmark before and after patching my computer. Load times up about 10% from 18.533 seconds to 20.031 seconds
Fps unchanged in 5 before and 5 after within margin of error.
I7 3770
16 GB ram
Nvidia 1070
SSD 256
On a side note desktop sales down so why not make it so everyone has to upgrade to protect themselves. -
01-08-2018, 02:04 AMAllyriadil
Stop defending Intel, what they did was a terrible oversight and skimping on security.
"No real peformance impact"
https://lh6.googleusercontent.com/Mw...ejv9tvVBHfgSKr
This was reported by Epic Games.
Also their CEO sold stocks right before meltdown became public knowledge, he has been aware of it since summer 2017 thanks to a heads up by Google.
Proprietary software and hardware is terrible, this is just another reason to support open source.
The future needs RISC-V open instruction sets for processors, so this stuff can be prevented. -
01-08-2018, 02:23 AMNedkelThe patch itself affect the reading and writing speed of the SSD's much more than the in game performance.Quote:
Originally Posted by Kewitt
The security holes of the intel cpu's sounds very familiar, its like i have heard about it long time ago, but everyone was making a fun of it calling it a conspiracy tin foil haters, it came out to be true, thats funny. .
It is a hardware security hole which cannot be repaired with the software updated, thats why.Quote:
Originally Posted by LalaRu
The thing was an open doors for anyone who know how to use. -
01-08-2018, 02:42 AMClaviusnexThat still might not have prevented this problem. The instruction set does not determine how the manufacturer implement the specification on the silicon or in their firmware so they could still have security holes.Quote:
Originally Posted by Allyriadil
-
01-08-2018, 02:45 AMAllyriadilIt would be at least a step in the right direction.Quote:
Originally Posted by Claviusnex
-
01-08-2018, 03:04 AMAlexanderThorolund
I don’t think this is going to affect the game at all.
-
01-08-2018, 05:43 AMTridusA broken clock is right twice a day. Doesn't mean it's anything other than a broken clock.Quote:
Originally Posted by Nedkel
Meltdown can be fixed in software by clearing the TLB whenever the kernel needs to switch between ring 3 and ring 0, whereas it used to keep some kernel stuff in it even while in ring 3 for performance reasons. That's why the patches are having a performance impact (again, how much impact depends on the type of workload, as it can range from barely measurable to horrific).Quote:
It is a hardware security hole which cannot be repaired with the software updated, thats why.
The thing was an open doors for anyone who know how to use.
Spectre doesn't appear to have any software fix and can't be fully fixed without redesigning how CPUs work. Fortunately, Spectre is also far harder to exploit. -
01-08-2018, 05:47 AMValkyrie_LennethThis isn't an issue caused by the instruction set, or AMD would have been effected by it as well. Also, just using new instructions means new OS, new CPU's, new software to run on it.Quote:
Originally Posted by Allyriadil
-
01-08-2018, 06:11 AMFhaerron
I hope all you guys know that this bug has been here for years.
Yes, the world will end tomorrow.
/sarcasm.
I'm not saying this bug is ok but seriously we've had this bug for years, nothing is suddenly going to change overnight, the world didn't end yesterday and it won't end tomorrow either.
This is just news fuel and of course money is to be made out of it (you'd be surprised to know how corrupt the corporate bussiness actually are on the background).
I'm not really into old news and quite frankly this has been an 'issue' for years so it's pretty old news to me. -
01-08-2018, 10:35 AMZfzBug was there for years, but the patch that will affect performance is only released now. So yes, some things will change overnight, or over the reboot after you finish the update. The bug is a security problem, while the patch will cause the performance problem. The two are distinct.Quote:
Originally Posted by Fhaerron