Alleged Leaked Details on Intel Comet Lake-S Platform Require... You Guessed It... A New Platform

[CityCultivator]

Spectre, Meltdown etc. is basically irrelevant for end users, they require someone to execute their code on your CPU, find something useful, and then somehow extract that data out of your computer.

Though most end-users are not worth to exploit, all end users who browse the Web execute other people code.
Browsers do know this and did some work to further mitigate the risk of Spectre.
But running other people's code is done everyday. Ad networks and other such third parties are examples of code end users do not explicitly consent for, but do run.

 

[Tomgang]

It's still a warm comment section, don't have worry , be happy.

Well as an intel man overall. I am worried for Intels near future CPU´s. But even i this round will go AMD ryzen 3000 as intel´s offer is just not apealing to me and i am even starts joking on intel. That shut say a lot after i have been voting for intel the past 10-15 years. But the latest few years, Intel has been a joke. Not only with the 14 NM, but some of there releases before like
Intel® Core™ i5-7640X and Intel® Core™ i7-7740X on there HEDT platform, there prices on there HEDT CPU is a joke as well. There latest laptop releases on 10 and 14 NM cpu´s is gonna make a confusion or consumers as well. For not to forget there rushed lauch of 14, 16 ad 18 core cpu with there 7000 serie cpu´s. Intel lately has been a big mess. While AMD winning ground, intel is losing ground. That makes me sad, but it is the hard real story and you tell me to not worry...

 

[efikkan]

Moderators, please clean up all the trolling posts in this thread.

Though most end-users are not worth to exploit, all end users who browse the Web execute other people code.
Browsers do know this and did some work to further mitigate the risk of Spectre.
But running other people's code is done everyday. Ad networks and other such third parties are examples of code end users do not explicitly consent for, but do run.

What you can achieve in lab environments, and what you can achieve in practice are two different things. There are even proof-of-concept examples where people have guessed the encryption key from a laptop by analyzing the electromagnetic noise and knowing exactly which instruction the CPU is executing at the same time. But in real life, attacks like this are just a theoretical possibility.

Browsers do indirectly run untrusted code on your CPU when interpreting the JavaScript from web pages. If someone were actually able to effectively dump targeted memory addresses this way, it would be of course very bad. But you have to remember that the vulnerabilities we are talking about here are not a bypass of security, it's information leakage with very sensitive timing. You may have to do many attempts to read a single memory address, and when it's read you can't be really sure if you got the right few bytes or not, so assembling anything from this will be not only time consuming, but be in many cases impossible since you can't verify that something is correct, unless it's plain text.

Low-level timing attacks should not be possible through JavaScript, but just to be sure Chrome and Firefox are patched to make it even harder, so anything that causes system calls is intentionally unpredictable.

I think you should worry about more relevant things, like having an updated and patched router with no known vulnerabilities.

 

[Vya Domus]

What's wrong with progress?

New CPUs are progress, new sockets are not, they are a hindrance.

There are two possibilities here, either Intel are inept and can't make future proof sockets or they are intentionally changing sockets for some other reason beyond a technical one. None of these two options could be called progress.

 

[CityCultivator]

What you can achieve in lab environments, and what you can achieve in practice are two different things. There are even proof-of-concept examples where people have guessed the encryption key from a laptop by analyzing the electromagnetic noise and knowing exactly which instruction the CPU is executing at the same time. But in real life, attacks like this are just a theoretical possibility.

Browsers do indirectly run untrusted code on your CPU when interpreting the JavaScript from web pages. If someone were actually able to effectively dump targeted memory addresses this way, it would be of course very bad. But you have to remember that the vulnerabilities we are talking about here are not a bypass of security, it's information leakage with very sensitive timing. You may have to do many attempts to read a single memory address, and when it's read you can't be really sure if you got the right few bytes or not, so assembling anything from this will be not only time consuming, but be in many cases impossible since you can't verify that something is correct, unless it's plain text.

Low-level timing attacks should not be possible through JavaScript, but just to be sure Chrome and Firefox are patched to make it even harder, so anything that causes system calls is intentionally unpredictable.

I think you should worry about more relevant things, like having an updated and patched router with no known vulnerabilities.

Though this is fully exact, running random people's code is something most end users do; it's not something that a select few does. You underlined "their code on your CPU", so I'm pointing that that is no rare situation.
Still, random attacks will try to break browsers security first before trying Spectre attack.

 

[ZoneDymo]

New CPUs are progress, new sockets are not, they are a hindrance.

right? I dont even get it, if you need more pins...why not make socket 2066 the standard...

 

[eidairaman1]

New CPUs are progress, new sockets are not, they are a hindrance.

There are two possibilities here, either Intel are inept and can't make future proof sockets or they are intentionally changing sockets for some other reason beyond a technical one. None of these two options could be called progress.

Its additional money to force end users to switch.

 

[efikkan]

Though this is fully exact, running random people's code is something most end users do; it's not something that a select few does. You underlined "their code on your CPU", so I'm pointing that that is no rare situation.
Still, random attacks will try to break browsers security first before trying Spectre attack.

Well, JavaScript is an interpreted language, and while it ends up as machine code running on your CPU, it's up to the JavaScript engine of your browser to generate this machine code. There have been hundreds if not thousands of nasty JavaScript engine bugs over the years, including many leading to accessing things outside the sandboxing. These are logical bugs where security is bypassed, and is of course a serious problem.

But as I said the CPU bugs we are talking about here are not bypassing security, but an information leak leveraged by a timing attack. Timing attacks become much harder when you can't directly control the machine code. These attacks work by tricking the privileged kernel code to read the data you want into a register, and then somehow accessing the CPU register from your unprivileged code within a few clock cycles later before something else overwrites it. I don't have time to teach you machine code, but in essence, CPU registers are mostly overwritten every few instructions, and high-level languages like JavaScript don't have any control over them, and just a few lines of high-level code may take hundreds of clock cycles to execute. So the only way to achieve this would require you to exploit undefined behavior of the JavaScript engine and somehow generate machine code where you end up reading a specific CPU register you are not supposed to at just the right time.
Edit: To make matters harder, modern JavaScript engines executes most functions async, so timing anything outside a few lines of dense code is very hard.

 

[Hardware Geek]

This is the reason why I went with Threadripper and have no interest in AM4 or this new platform.

Precisely this. I'm planning to get the next threadripper. I want to be able to put a ton of SSD storage with the ability to add more as needed and not have to rely on slower sata speeds.

 

[jaggerwild]

Well as an intel man overall. I am worried for Intels near future CPU´s. But even i this round will go AMD ryzen 3000 as intel´s offer is just not apealing to me and i am even starts joking on intel. That shut say a lot after i have been voting for intel the past 10-15 years. But the latest few years, Intel has been a joke. Not only with the 14 NM, but some of there releases before like
Intel® Core™ i5-7640X and Intel® Core™ i7-7740X on there HEDT platform, there prices on there HEDT CPU is a joke as well. There latest laptop releases on 10 and 14 NM cpu´s is gonna make a confusion or consumers as well. For not to forget there rushed lauch of 14, 16 ad 18 core cpu with there 7000 serie cpu´s. Intel lately has been a big mess. While AMD winning ground, intel is losing ground. That makes me sad, but it is the hard real story and you tell me to not worry...

dude you got an 11 year old system, Smmh!

 

[Tomgang]

dude you got an 11 year old system, Smmh!

Yeah i am well aware of that. Thats also why its time for an upgrade. My original plan is to get a intel 10 NM CPU, but given Intels 10 Nm problems and i am tired of waiting. I will be upgrading to Ryzen 3000 (waiting for ryzen 9 3950X to come out). Intels 14 NM release one after another is a joke and i will not finance Intels old 14 NM tech after so many years. They have used 14 NM for way to long.

 

[lexluthermiester]

New CPUs are progress, new sockets are not, they are a hindrance.

Opinion not supported by historical evidence.

There are two possibilities here, either Intel are inept and can't make future proof sockets or they are intentionally changing sockets for some other reason beyond a technical one. None of these two options could be called progress.

Opinion clearly based on feelings and bias instead of objectivity and fact.

Moderators, please clean up all the trolling posts in this thread.

I'll second this.

 

[phanbuey]

Edit: To make matters harder, modern JavaScript engines executes most functions async, so timing anything outside a few lines of dense code is very hard.

+1 - This is one of the trickiest things to understand about node.js/js and how it executes. You have to structure your code around async/await or promises but even then, anyone who successfully pulls of a real life hack using this exploit :

 

[Vya Domus]

Opinion not supported by historical evidence.

Fair enough, could you present said historical evidence against this ?

Opinion clearly based on feelings

If you need to put out a new socket, is not logical to assume that this happens either because of some technical limitation or because you seek to artificially kill existing platforms ? Explain how this is untrue.

You know, by just saying that I am wrong without providing any explanations, you're the one that looks 100% biased and driven solely by feelings. Don't shot yourself in the foot.

 

[lexluthermiester]

Fair enough, could you present said historical evidence against this ?

How about the release of every CPU generation made by AMD or Intel for the last two decades?

If you need to put out a new socket, is not logical to assume that this happens either because of some technical limitation or because you seek to artificially kill existing platforms ? Explain how this is untrue.

I don't need to. Those are assumptions made by YOU. They are factless, meritless accusations.

You know, by just saying that I am wrong without providing any explanations, you're the one that looks 100% biased and driven solely by feelings. Don't shot yourself in the foot.

Except that YOU made the accusations. YOU need to prove up, not me or even Intel.

If Intel is releasing a new line on CPU's that needs more data lines, requiring the need for a new socket type, that is their business plan. If you don't like it, don't buy it. Whining about your dis-satisfaction will not change their minds and assuming them of shady dealing without a shred of logic or evidence to back it up only makes YOU look like a fool.

 

[Vya Domus]

I don't need to.

Then don't reply if you feel like you shouldn't explain yourself, or are incapable of doing so depending on the situation. This is not how this works, if you a problem with something, you state what you want to state and back up your reasoning. If you don't I have to assume you simply can't and I see no point in continuing the discussion.

If I made certain remarks and you feel like I haven't provided any proof then you don't get to say that I am wrong and claim that the burden of proof is still on me. Seriously, I would expect this level of argumentation from a 4th grader not a grown adult.

 

[Wavetrex]

Most attacks on the internet are in the shape of:

Click here to download video of {insert female celebrity name here} naked !

And what do you know, it works !
CPU is vulnerable indeed... the CPU inside user's head.

 

[Th3pwn3r]

Ah well, sometimes news isn't really news at all. Intel just likes to make new junk I guess, necessary or not they make new stuff...

Maybe it's good and they'll drive their own prices down on the stuff they started selling...last week.

 

[TheMadDutchDude]

Ahhh, another new socket. Well, to be fair, we've had our two "generations" on the same socket, so it's time for a new one.

I wonder if it will still ultimately be the same socket but with different pin outs, just like 1151 on Z170/Z270 was going to Z370/Z390. It'll be interesting to see what Roman comes up with for this.

 

[yotano211]

My retirement account thanks all for buying AMD processors.

 

[ZoneDymo]

How about the release of every CPU generation made by AMD or Intel for the last two decades?

I don't need to. Those are assumptions made by YOU. They are factless, meritless accusations.

Except that YOU made the accusations. YOU need to prove up, not me or even Intel.

If Intel is releasing a new line on CPU's that needs more data lines, requiring the need for a new socket type, that is their business plan. If you don't like it, don't buy it. Whining about your dis-satisfaction will not change their minds and assuming them of shady dealing without a shred of logic or evidence to back it up only makes YOU look like a fool.

and how does that proof new sockets are needed? AMD is doing fine improving while sticking to socket AM4.
Intel made plenty of processors on good old 775 that showed plenty of progress.

Soo you are wrong.

and on the last part, if that is truly your vision on how this all works then...why are you here? why are you trying to silence people with the argument that everyone should be silent while not being silent yourself so you can spread that message....
really you are just asking to have a comment section removed and lets be honest, you are only doing that because you are sad people arnt happy with the "progress" Intel seems to be making.
Just...take a look at yourself man.

(Also the EU has put down a pretty hefty fine on Intel for shady dealing so idk what evidence you want, heck you will probably just deny that as well as just being greedy EU or something. Just as long as your image of the world stays intact right? for what reason I dont know though, you are not Intel, you are not linked with the company, nothing bad the company does reflects poorly on you so why are you so hellbend on this fanboy act?)

 

[bogmali]

Deleted a lot of low quality posts...if you happen to notice your post/s being gone, it means I removed it and consider it as a warning

 

[K!NG_OF- NOTH1NG]

Mah FPSess will explode!



Behind ... in games.

Which, when you look at every modern game and essentially every game engine being built and coded on Intel CPU's that shouldnt be surprising.Although, unless you have 144, 240hz monitor therenothing more youre gonna gain. The AMD CPU's are the more impressive hardware and the more powerful. Even surpassing intel in a lot of single threaded workloads. I'm still on my 8700K. (I bought at launch and lucked out with it being able to do 5.2ghz daily) but I'm switching over to AMD if not with the 7 refresh, then with the release after. Not to mention using intel hardware at this point is a security hazard.

 

[dj-electric]

AMD good intel bad, now in theaters.

 

[efikkan]

Which, when you look at every modern game and essentially every game engine being built and coded on Intel CPU's that shouldnt be surprising.

That's nonsense. There is nothing to optimize for, they use the same ISA. Intel just happens to have a better CPU front-end and some lower latencies.

The good news for gaming is that the CPU only needs to be fast enough not to bottleneck the GPU. Intel is already past the point where current games gain any substantial average FPS, and while Intel will still hold the records, Zen 2 is getting close enough for most gamers.

I'm still on my 8700K. (I bought at launch and lucked out with it being able to do 5.2ghz daily) but I'm switching over to AMD if not with the 7 refresh, then with the release after.

Well, if your use case is gaming, there is no reason to replace your current CPU until it causes problems for you. An i7-8700K is going to be plenty for gaming for several years, unless you're doing heavy stream encoding etc. while playing. Save your money until you need an upgrade.

Not to mention using intel hardware at this point is a security hazard.

No more than AMD.