It wasnt a ryzen v intel post, just sympathy for those poor intel users, pay more for better and it turns out to be the same(nearly) or worse. Im waiting for ryzen 2300x and 2500x, i will skip ryzen 3 next year then wait for its refresh line.
Meltdown & Spectre are getting ridiculous now, I have had to update my BIOS 6 times since November 2017, this is my first Intel CPU (i7 6700) since my first PC a Pentium II in like 1998 or something. Intel on the inside, your data visible outside
hello, i've read many articles about spectre/meltdown and i really don't manage to know which information is true or false until now considering the many points of views that you find here and there. it seems that my machine is vulnerable to only spectre so is there any update that i can install on my machine to protect against spectre vulnerability ? i read that bios update is needed in some cases to protect against both spectre/meltdown but i don't know if my machine is concerned. i have i5 5200U cpu (laptop with win7 pro x64)
i still have not seen any disastrous effects from this spectre/meltdown hoax, except a drop in performance if you try in vain to patch it. i doubt very much if there is any practical way to abuse those vulnerabilities. and once again i get a truckload of doubts about the motives of this`team`to seek the publicity.. yes. i understand that they want to get paid, like everyone. but if you scream about something that cannot be done in the last 2 decades, i doubt about their bona fides..
So lately Microsoft isn't the only company to blame. This is what happens if you put technology in the pressure cooker, BUGS.
People and their "blame this and this", haven't you guys understand anything it's not anymore about using alternatives or not .. choosing a "right" product or not, it's how fast companies handle security threats. Every software and hardware is vulnerable and always was. The story is not that there is a security risk, it's not a big thing it's more like that Intel didn't really took it serious until big names like Torvalds etc pushed this matter, AMD is also affected but not as much as Inte but AMD at least tries to response to everything as fast as possible and you get the feeling they care more about this aspect. I think only troll pages like AskWoody reporting "blame MS" because none of these guys have ever used Linux and they don't understand that software isn't perfect. People want new features, changes on the OS to e.g. get rid of old stuff and on the other side they complain about that some things are maybe broken. So what to do, back to the 1999? And wait a year for a service pack (which also wasn't perfect? and in the meantime?). I think changes are okay but we need people which actual report useful bug reports and not only "*hit ain't working" if I would be working in such forums I would also ignore BS like this. MS and Intel reacted to the critics (slow or fast doesn't matter) so it's not that they don#t try to change stuff but this is a serious flaw which no one predicted and you simply can't test your software/hardware against all known/unknown attacks because you never know what's coming next. I think we should stop crying about every hole/bug when it's clear that this matter is difficult to handle, some things are simply not reproducable or only happen in rare situations. It's also questionable if you can absue the new holes in the real world because that mostly requires additional workarounds or an outdated OS.
How is Microsoft to blame here? And no...This is what happens when you have layers upon layers of code. You try your best to maintain backward compatibility, but every so often something sneaks in. And as Chef said: It takes a lot of testing and a -specific- set of conditions to make it work. Most of our machines will not meet the criteria for this to work.
Compatibility minus "backward" definitely has something to do with it, e.g. the niche knowledge and oversights that made sense 20 years ago, but bewilders new and inexperienced developers, unintentionally framing them. Layer (components) define their own interface, and cannot put each other at risk unless they're inherently flawed, hence by no means a security risk.
I think it's about way more and actually an ideology. Meltdown and Spectre do not use soft-bugs nor are they holes. We're talking about CPU design and algos and ideas of CPU designer to gain market shares. It's about a security concept and what can be allowed to water down it to gain advantage over an competitor. Nobody actually can assess Meltdown and Spectre. Not even the experts of M$ and Mr. Torvalds. And nobody can assess their consequences. Everybody of us can make an own opinion on this with a relative value..so I have my own technical opinion. But that doesn't matter....what matters most is the entire drama that has been created because of this. 'We' have to apply what 'those experts' do release. We have no other choice. 10th kernel update or even more on Linux since then... There's exaggeration, blaming of each others, trivializing......elements of drama of big players... 'Our' crying is nothing compared to the created drama of the big players involved. And as long as I have the feeling it's only about money and reputation and not about the thing itself (processor design) I have no good feeling about. Patching the OS with huge performance loss.....good for them to sell new CPUs! Can they convince me it is worth to patch because Meltdown and spectre are really serious flaws that I have to take that compromise? Yes they could IF there would be a final patch! But there is no.....as long as the security on predictions is different Every modern CPU / SoC has security flaws. CHEF-KOCH is right here. It's reasoned by the fact that if I make predictions to gain performance and I do not apply the same security concept on those predictions the entire security concept of the 'real' branch becomes flawed. A concrete question here would be:"Is it OK to speculatively use kernel data at all?!?" And what about the ring (domain) order then when those data can be accessed in a cache that does not represent the same security? To get this logic I do not need to have any skills on CPU design.
@Yen: So true. I have my suspicions that this is designed to scare novices into upgrading to hardware that favors Windows 10 and locks out earlier Operating Systems.
Yes. I guess many do not know how to categorize Meltdown and Spectre. The idea that new stuff (probably) is less of danger in this regard -because it has new ideas realized- I think it strongly depends on the purpose of the OS and services. We have 'us', people running an OS on their home devices. And we have 'the servers' companies offering a service on those. Clouds, shops, banks.... I don't think our devices at home are much of a target of Meltdown and Spectre attacks. Anyway to expect that those servers from service offering companies are getting patches, are using patches in time, are using 'new' CPUs (some Intel gen9 CPUs have got hardware design changes), are using latest OS ..is reasonable. It is also reasonable, because the measures which can be applied against both are different depending on the particular CPU model. Some have (own) microcode updates, others have not. Linux kernels have approaches such as retpoline, what they do on windows nobody actually knows... I think the most important thing from the technical side people should know is that Meltdown and Spectre is all about leaking protected data from RAM. To evaluate the risks of both THIS has to be considered in relation to the own usage of the OS. A reasonable 'what would be if' evaluation is no crying.... A server that handles login data of many accounts is more of a target. I have read that some of such servers / service providers have introduced additional server-reboots until the first fixes have been released. The fact that Meltdown and Spectre attacks are hard to assess justifies the phrase :"Better safe than sorry" here, though. CHEF-KOCH mentioned that we should stop crying about every hole/bug when it's clear that this matter is difficult to handle...yes, I agree. And we probably should change our idea on security. Casually: "Take care of your login accounts and don't cry about every new hole that has been discovered." We gain much of security when we link 2 factors (which can have such holes) together. The keyword is 2FA. I personally consider 2FA (for me at home) as a much better measure against Meltdown and Spectre as all those patches AND better as buying a new CPU, because the patches are not final. (As we can see at the news I have posted). After Meltdown and Spectre have been published the first time I have thought about my OS usage, and I have enabled 2FA at amazon and paypal. It's not much of efforts and OS independent. The bank accounts have got 2FA already before. To downplay anything can be dangerous. To exaggerate anything is of no use as well. 2FA is an universal measure against any kind of vulnerability, there where it can hurt. And IMHO any service where money plays a role should offer 2FA. Just my 2 cents.
hmm I do not know for sure but at least with my workstations I was never hit by one of these "things" that run on the network; Am I lucky? since I do not use any anti-virus only my beloved Adguard Premium does the service without fail, and sense too of course only my another 2 cents...
[ nah!! you are wrong, depend your CPU, I have severals workstattions working(AMD/AND INTEL so the in the world and never had issues, so you need verify your security sections is simple dude for me is not not only CPU but Administrators sorry independent of INTEL or AMD