Hugh MungusAMD is only vulnerable to variant 1, which is easily resolved with basically no performance hit. Nice!

Also, 3 flaws now, so the problem tripled! Variants 2 and 3 affect ARM and Intel it seems. Not nice!

GenericAMDFanIt's a good time to upgrade to AMD

FYFI13Plus IME has been hacked a while ago. No wonders Intel CEO sold most of Intel stocks.

ssdproIt is funny how on day1 the reports are Intel "and maybe others" suffer from the "variant 1" problem. Then in the middle of the night sites pickup most cpus including AMD are affected by variant one. Everyone gets the OS update with "negligible performance degradation". All over some potential exploit nearly none of us basic consumers would ever be vulnerable to. What is due here is a big thank you to google for working to keep computing safe for those that are too lazy to make sensible, responsible choices.

dj-electricCan't tell if incredibly well made, sarcastic account, or just a genuine response.

lexluthermiesterNow that more details have surfaced, it seems AMD jumped the gun a bit. All CPU's are vulnerable regardless of architecture and OS platform, the sole exception being Apple's iOS. But even that is likely to have a certain level vulnerability as more details of this are discovered/uncovered.

TheGuruStudNot really, AMD is only vulnerable to the one type (there's 3) and the fix has a negligible perf impact.

Intel wants to pretend AMD is in the same boat.

lexluthermiesterThat would be incorrect.
isc.sans.edu/diary.html?utm_content=bufferbb5f4&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
meltdownattack.com/
These vulnerabilities have been shown to affect every CPU with execution prediction on all OS platforms. Only Apple's iOS is relatively safe, but there are indications that it too has some susceptibilities.

This is NOT an Intel problem. It is VERY much an everyone problem.
(Sometimes I feel like a broken record..)

1. A PoC that demonstrates the basic principles behind variant 1 in userspace on the tested Intel Haswell Xeon CPU, the AMD FX CPU, the AMD PRO CPU and an ARM Cortex A57 [2]. This PoC only tests for the ability to read data inside mis-speculated execution within the same process, without crossing any privilege boundaries.
2. A PoC for variant 1 that, when running with normal user privileges under a modern Linux kernel with a distro-standard config, can perform arbitrary reads in a 4GiB range [3] in kernel virtual memory on the Intel Haswell Xeon CPU. If the kernel's BPF JIT is enabled (non-default configuration), it also works on the AMD PRO CPU. On the Intel Haswell Xeon CPU, kernel virtual memory can be read at a rate of around 2000 bytes per second after around 4 seconds of startup time. [4]
3. A PoC for variant 2 that, when running with root privileges inside a KVM guest created using virt-manager on the Intel Haswell Xeon CPU, with a specific (now outdated) version of Debian's distro kernel [5] running on the host, can read host kernel memory at a rate of around 1500 bytes/second, with room for optimization. Before the attack can be performed, some initialization has to be performed that takes roughly between 10 and 30 minutes for a machine with 64GiB of RAM; the needed time should scale roughly linearly with the amount of host RAM. (If 2MB hugepages are available to the guest, the initialization should be much faster, but that hasn't been tested.)
4. A PoC for variant 3 that, when running with normal user privileges, can read kernel memory on the Intel Haswell Xeon CPU under some precondition. We believe that this precondition is that the targeted kernel memory is present in the L1D cache.

R0H1TYou can look at google's project zero - you know the ones who're actually responsible for the disclosure? AMD is not affected by meltdown, spectre (1 & 2) are in theory applicable for Ryzen but they've not shown any demonstrable exploit for it yet.

Hugh MungusBasically old AMD was rubbish, new AMD is amazing and Intel is still the irresponsible, whining rich kid!

lexluthermiesterYou two need to actually read the documentation instead of making lazy assumptions or cherry-picking selective information that fits your limited, agenda focused narrative. The knowledge of these problems are a working progression. ALL CPU's are affected by these vulnerabilities equally. All, as in every CPU made in the past 20 years. Why do you think whole governments are scrambling to implement preventive measures? This is NOT an AMD vs Intel problem. It affects everyone, everywhere on all devices with a working CPU.

So does that make ARM equally irresponsible? Or does it mean that these things have caught everyone in the industry by surprise? Which do you think is more likely? Hmm?

Hugh MungusTry reading my comment.

Hugh MungusWe KNOW Intel knew about the vulnerability quite some time BEFORE releasing Coffee Lake and basically changed nothing.

lexluthermiesterYes, but they did act on it and started fixes for it. You can't expect a company to halt a major product release over a vulnerability that was, and is still, not completely understood and has no known exploits.

Hugh MungusAMD on the other hand likely only knew two months befpre releasing Ryzen there was a vulnerability AND likely isn't at risk.

Hugh MungusThat makes a HUGE differemce in my eyes!

Hugh MungusO, and ARM doesn't seems to have the same level of performance hits if any

Hugh MungusIntel still has the most crap on its plate which isn't entirely their fault

Hugh Mungusbut is the only company trying to push this off on other companies and has the biggest performance hits!

lexluthermiesterHmm..

lexluthermiesterCitation please.

lexluthermiesterOh, of course it would..

lexluthermiesterCitation please.

lexluthermiesterThat's an assumption not backed by merit.

Hugh MungusYour post

TheGuruStudkeep shillin