Intel Releases CPU Benchmarks with Meltdown and Spectre Mitigations

[bug]

No one who wanted everyone to find out at least, sorry find it hard out of billions of people no one used these flaws that Intel know about and will not be paying up to all those now known dodgy cpu's that were sold with a critical flaw purposelessly.

I hope Intel get whats coming to them, but probably not like always.

I'll see your finding hard to believe and I'll raise you my "if Intel knew about this, in 10 years they could have tweaked their implementation already"
Everyone can speculate, but what we know at this point is Google only unearthed this through Project Zero.

 

[newtekie1]

You really sound like you are apologizing for Intel. This wasn't something that escaped their notice, rather something they deliberately chose to ignore and hope no one would find out as they continued to release new products with the flaw.

You realize that Google was the one that found it, it affected not just Intel processors but processors from pretty much every major processor maker including AMD and ARM and nVidia. And AMD, Intel, nvidia, and ARM all released products after they knew about the security issue?

They kept quiet about it because that is exactly what you are supposed to do in this situation. Why do you think Google didn't alert the world when they discovered it? Because when you know there is a security flaw that affects almost every computer in the world, you don't alert the world about it, you secretly work to fix it. If you alert the world about it, you let the malicious people know the flaw exists and those people instantly start looking for a way to exploit it.

This is definitely not a case of Intel doing nothing about the security flaw for the 6 months since they found out about it, and then just quickly whipping up a fix in the two weeks since the news about it broke. You don't figure out fixes like this to major hardware flaws in two weeks. They did not choose to ignore it, they were working on fixing it in secret, because that is exactly what you are supposed to do in this situation.

And at the same time, you don't put a major product release on hold just because it has a security flaw in it that is extremely complex to exploit, is basically unknown to anyone other than Google and other processor manufacturers, and has existed for decades.

 

[R0H1T]

I'll see your finding hard to believe and I'll raise you my "if Intel knew about this, in 10 years they could have tweaked their implementation already"
Everyone can speculate, but what we know at this point is Google only unearthed this through Project Zero.

You apparently missed the 3 other independent teams who found it using Intel manuals, all inside six months of GPZ informing Intel in June of last year. So there's every chance that -

(a) This was intentionally (designed) that way
(b) Getting one up on your competitor was more important than securing your chips, talking about meltdown here

 

[phanbuey]

You realize that Google was the one that found it, it affected not just Intel processors but processors from pretty much every major processor maker including AMD and ARM. And AMD, Intel, and ARM all released products after they knew about the security issue?

They kept quiet about it because that is exactly what you are supposed to do in this situation. Why do you think Google didn't alert the world when they discovered it? Because when you know there is a security flaw that affects almost every computer in the world, you don't alert the world about it, you secretly work to fix it. If you alert the world about it, you let the malicious people know the flaw exists and those people instantly start looking for a way to exploit it.

This is definitely not a case of Intel doing nothing about the security flaw for the 6 months since they found out about it, and then just quickly whipping up a fix in the two weeks since the news about it broke. You don't figure out fixes like this to major hardware flaws in two weeks. They did not choose to ignore it, they were working on fixing it in secret, because that is exactly what you are supposed to do in this situation.

And at the same time, you don't put a major product release on hold just because it has a security flaw in it that is extremely complex to exploit, is basically unknown to anyone other than Google and other processor manufacturers, and has existed for decades.

^ this.

 

[bug]

You apparently missed the 3 other independent teams who found it using Intel manuals, all inside six months of GPZ informing Intel in June of last year. So there's every chance that -

(a) This was intentionally (designed) that way
(b) Getting one up on your competitor was more important than securing your chips, talking about meltdown here

I have indeed missed that. Got a source?

 

[R0H1T]

I have indeed missed that. Got a source?

Yes, the wired ~ TRIPLE MELTDOWN: HOW SO MANY RESEARCHERS FOUND A 20-YEAR-OLD CHIP FLAW AT THE SAME TIME

So beyond what we know, Intel is at least responsible for grossly neglecting the impact meltdown could've had on current & past gen processors. I can speculate as to whether they should be punished for keeping us all in dark, especially those who bought Intel chips in the last year, but there's ongoing lawsuits & they may set a precedent as to where the future course of action would be in such matters. This is a first for most of us, so let's see what happens from here.

 

[I No]

No one who wanted everyone to find out at least, sorry find it hard out of billions of people no one used these flaws that Intel know about and will not be paying up to all those now known dodgy cpu's that were sold with a critical flaw purposelessly.

I hope Intel get whats coming to them, but probably not like always.

Ahem.....
https://www.techspot.com/news/72729-amd-confirms-chips-vulnerable-spectre-rolling-out-fixes.html

oh and AMD knew about these as well before launching Threadripper and EPYC heck even Ryzen mobile.... stop looking at this thing as a "Intel only" problem it spans through the whole damn industry.

 

[bug]

Yes, the wired ~ TRIPLE MELTDOWN: HOW SO MANY RESEARCHERS FOUND A 20-YEAR-OLD CHIP FLAW AT THE SAME TIME

So beyond what we know, Intel is at least responsible for grossly neglecting the impact meltdown could've had on current & past processors. I can speculate as to whether they should be punished for keeping us all in dark, especially those who bought Intel chips in the last year, but there's ongoing lawsuits & they may set a precedent as to where the future course of action would be in such matters. This is a first for all of us, let's see what happens from here.

That's not how I read it. The other researchers could spot the vulnerability only after Intel and others already started working on a fix, prompted by Project Zero's report. The guy working on Project Zero was indeed looking at the manual, that's how he discovered the "side effect" was exploitable. But there was no documented "do X and you get privileged access" functionality.

 

[R0H1T]

That's not how I read it. The other researchers could spot the vulnerability only after Intel and others already started working on a fix, prompted by Project Zero's report. The guy working on Project Zero was indeed looking at the manual, that's how he discovered the "side effect" was exploitable. But there was no documented "do X and you get privileged access" functionality.

Not sure how you came to that conclusion & I'm not talking about the manual part ~

That night, none of the three Graz researchers slept more than a few hours. The next day, they sent a message to Intel warning them of a potentially industry-shaking flaw in their chips. They'd found a gap in one of the most basic security defenses computers offer: that they isolate untrusted programs from accessing other processes on the computer or the deepest layers of the computer's operating system where its most sensitive secrets are kept. With their attack, any hacker who could run code on a target computer could break the isolation around that low-privilege program to access secrets buried in the computer's kernel like private files, passwords, or cryptographic keys.

 

[bug]

Not sure how you came to that conclusion & I'm not talking about the manual part ~

You lost me. What's your point again?

 

[R0H1T]

You lost me. What's your point again?

Intel knew about meltdown, not necessarily the exploit but the design decisions they took which would render the chips less secure. Secondly they sold new products with the same flaw(s) even when they were informed about it, I'd argue deceiving their customers over the last 3 quarters.

 

[bug]

Intel knew about meltdown, not necessarily the exploit but the design decisions they took which would render the chips less secure. Secondly they sold new products with the same flaw(s) even when they were informed about it, I'd argue deceiving their customers over the last 3 quarters.

Again, there's no evidence they knew about this before Project Zero reported it. Everybody's free to believe what they want, but the evidence just isn't there.
Yes, releasing Coffee Lake with a known vulnerability was a rotten thing to do. Unless they knew at the time it's fixable by the time the vulnerability is publicly disclosed. (But again is something we have no evidence of.)

 

[softreaper]

Seriously, only i7 with HT to mask single threads impact on performance (Remember intel Using HT on Atom 230/33 to reduce the impact of In Order architecture and the lack of branch prediction ...)

Curious to see the results on a i5 or HT disabled i3 and i7

IMHO, HT is their trick, look at this, only Hyperthreaded CPUs, and only highly optimized multithreaded Benchmarks ..

 

[Tomorrow]

And AMD, Intel, nvidia, and ARM all released products after they knew about the security issue?

Wich CPU-s did AMD release after June 2017? Only Threadripper and some mobile parts in October. This does not even affect Nvidia as they do not use SE on their GPU's. Besides the only new archidecture they've relased was Titan V. Everything else was essentially 2016 tech refined.

Ahem.....
https://www.techspot.com/news/72729-amd-confirms-chips-vulnerable-spectre-rolling-out-fixes.html

oh and AMD knew about these as well before launching Threadripper and EPYC heck even Ryzen mobile.... stop looking at this thing as a "Intel only" problem it spans through the whole damn industry.

EPYC lanched in June. Likey it was already shipping when they learned about the issue - too late to do anything about it hardware wise. Threadripper maybe because there was ~2 months do do a resping but that would have been cutting it close to still launch in august. It is possible that at that time they dide not even have a fix. I mean hell microcode updates are coming out just now. Coffee Lake is a different beast thogh as it was launched later and in fact was pulled in from Q1 2018 (so now essentially) to launch in 2017. If Intel wanted they could have launched Coffee Lake now with updated microcode present and bybass the whole issue.

Instead for whatever reason they decided to pull it in to 2017 knowing full well thay would have to issue microcode updates later. It was likey to respond to Ryzen and up the core count. My guess is that if they would have launched now like originally planned they would have sold even more and being able to advertise as faster and more secure.

 

[Katanai]

The numbers at least as a home user and not data center/cloud environment raise the thought of whether to apply the patch for it or not. In theory the exposure as a home user would just be another vector for viruses or malware which your AV should catch. And if you're pretty good about not clicking bad links, attachments, etc. that decreases the likelihood even more of running into an issue with it.

It's still probably worth the 5-10% performance hit in my case, but it does at least make you ponder it. I'd bet a lot of home users out there opt not to apply it. There are loads of gamers out there still running older OS's and/or not patching, for smaller performance benefits than the hit this patch causes.

I will not install anything on my computer that degrades performance. For Windows 7 the update is KB4056894 I have already hidden it and will never install it...

 

[64K]

You realize that Google was the one that found it, it affected not just Intel processors but processors from pretty much every major processor maker including AMD and ARM and nVidia. And AMD, Intel, nvidia, and ARM all released products after they knew about the security issue?

They kept quiet about it because that is exactly what you are supposed to do in this situation. Why do you think Google didn't alert the world when they discovered it? Because when you know there is a security flaw that affects almost every computer in the world, you don't alert the world about it, you secretly work to fix it. If you alert the world about it, you let the malicious people know the flaw exists and those people instantly start looking for a way to exploit it.

This is definitely not a case of Intel doing nothing about the security flaw for the 6 months since they found out about it, and then just quickly whipping up a fix in the two weeks since the news about it broke. You don't figure out fixes like this to major hardware flaws in two weeks. They did not choose to ignore it, they were working on fixing it in secret, because that is exactly what you are supposed to do in this situation.

And at the same time, you don't put a major product release on hold just because it has a security flaw in it that is extremely complex to exploit, is basically unknown to anyone other than Google and other processor manufacturers, and has existed for decades.

Your argument makes perfect sense if that were Intel's only 2 options. Release Coffee Lake or not release Coffee Lake and inform hackers everywhere about the possible security exploit and the decreased performance from the patch as a result but there was a 3rd choice. Don't release Coffee Lake and don't inform the hackers about the security risks. They could have said anything was the reason for the delay in release. They could have released Coffee Lake later after the patch with full disclosure what this means to consumers so that they understand what they are buying.

Tech people may be understanding about what Intel has done but look at the average jury. Do you think they will buy Intel's defense that they had no choice but to release Coffee Lake anyway?

 

[HisDivineOrder]

You realize that Google was the one that found it, it affected not just Intel processors but processors from pretty much every major processor maker including AMD and ARM and nVidia. And AMD, Intel, nvidia, and ARM all released products after they knew about the security issue?

They kept quiet about it because that is exactly what you are supposed to do in this situation. Why do you think Google didn't alert the world when they discovered it? Because when you know there is a security flaw that affects almost every computer in the world, you don't alert the world about it, you secretly work to fix it. If you alert the world about it, you let the malicious people know the flaw exists and those people instantly start looking for a way to exploit it.

This is definitely not a case of Intel doing nothing about the security flaw for the 6 months since they found out about it, and then just quickly whipping up a fix in the two weeks since the news about it broke. You don't figure out fixes like this to major hardware flaws in two weeks. They did not choose to ignore it, they were working on fixing it in secret, because that is exactly what you are supposed to do in this situation.

And at the same time, you don't put a major product release on hold just because it has a security flaw in it that is extremely complex to exploit, is basically unknown to anyone other than Google and other processor manufacturers, and has existed for decades.

All true, but here's the thing. Intel knowingly moved up two sets of product launches to well in advance of this flaw being announced around the same time they were apparently informed of the flaw. They knowingly marketed their CPU's as having a performance level that they knew would be taken away when the fixes came in. And their executives were dumping stock a month-ish before the flaw was to be revealed to the public.

Just because Intel shouldn't delay a product launch and just because Intel couldn't have predicted the flaw beforehand, it doesn't explain away their scummy/scammy actions since they found out.

 

[newtekie1]

Wich CPU-s did AMD release after June 2017? Only Threadripper and some mobile parts in October.

Why ask the question if you are literally going to answer it in the very next sentence you write? It boggles the mind...

This does not even affect Nvidia as they do not use SE on their GPU's. Besides the only new archidecture they've relased was Titan V. Everything else was essentially 2016 tech refined.

It certainly does affect nVidia. Do some research, they put out a security bulletin about it, and the latest driver(390.65) specifically includes a patch for the issue. TPU even did a 21 game test to see how the new driver with the patch affect performance. Or maybe their just patching their software for the vulnerability just for the fun of it? But I'm guessing the far more likely scenario is that the GPU compute aspects of their GPUs do actually use speculative execution.

Your argument makes perfect sense if that were Intel's only 2 options. Release Coffee Lake or not release Coffee Lake and inform hackers everywhere about the possible security exploit and the decreased performance from the patch as a result but there was a 3rd choice. Don't release Coffee Lake and don't inform the hackers about the security risks. They could have said anything was the reason for the delay in release. They could have released Coffee Lake later after the patch with full disclosure what this means to consumers so that they understand what they are buying.

Tech people may be understanding about what Intel has done but look at the average jury. Do you think they will buy Intel's defense that they had no choice but to release Coffee Lake anyway?

Sure, and AMD could have halted the release of Threadripper and Vega. But why? That isn't what you do as a company, and there really isn't even any reason to. This is a vulnerability that is already affecting every computer out there. It is also extremely complex to even exploit, and still even after it has been made public a few weeks ago has no known active malicious exploits in the wild.

Plus, I don't even think people understand what this exploit does. I think people think that it allows any program to just read any memory space it wants and will allow hackers to access all of your data. That isn't the case. From what I've read, the exploit isn't really targetable. Mean, that someone using the exploit can't decide what data to access, it is very random what data the exploit will spit out. It is also extremely slow to access data using the exploit. I believe in the best case, the people working on the exploit got about 2KB/s or reading random data from RAM.

So the jury isn't going to even hear that Intel had no choice but to release Coffee Lake, they are going to hear that when Coffee Lake was released the vulnerability was considered a low risk. So Intel, and AMD, and nVidia, all didn't consider the threat a high enough risk to delay the release of products.

All true, but here's the thing. Intel knowingly moved up two sets of product launches to well in advance of this flaw being announced around the same time they were apparently informed of the flaw. They knowingly marketed their CPU's as having a performance level that they knew would be taken away when the fixes came in. And their executives were dumping stock a month-ish before the flaw was to be revealed to the public.

Just because Intel shouldn't delay a product launch and just because Intel couldn't have predicted the flaw beforehand, it doesn't explain away their scummy/scammy actions since they found out.

I don't believe Intel knew at all until near the end of the patch process what, if any, performance impact fixing this flaw would have. Especially on the consumer side, which don't run a lot of programs the heavily rely on SE.

Heck, when the news first broke, we had people guessing 30%+. Now we are seeing actual numbers largely in the single digit %s. And if they continue to refine the fix, those performance hits might even get lower as time goes on.

 

[Prima.Vera]

Damn son, I've gotta get me one of those monitors too! I was always gimped on low space on my desk. This candle like monitor it would be perfect

 

[Assimilator]

I will not install anything on my computer that degrades performance. For Windows 7 the update is KB4056894 I have already hidden it and will never install it...

Aren't you the badass. Betting your next post will be "OMG my pc got exploited because of meltdown intel is teh evil no of course it's not my fault that i didn't install the mitigation because i'm a moron".

 

[HisDivineOrder]

I don't believe Intel knew at all until near the end of the patch process what, if any, performance impact fixing this flaw would have. Especially on the consumer side, which don't run a lot of programs the heavily rely on SE.

Heck, when the news first broke, we had people guessing 30%+. Now we are seeing actual numbers largely in the single digit %s. And if they continue to refine the fix, those performance hits might even get lower as time goes on.

But I think it's reasonable to assume they suspected there would be impact. If you're Intel, you know more about estimates than random observers. You know how your chips are designed and you know why you originally designed them the way they were designed, what the consequences for taking away certain compromised features would be. And of course, there's also the fact that they'd been working on it since June. Do you really think it took until well after they launched Coffee Lake to realize it was going to hit hard?

All their actions over the course of last year, once attributed to supposed competition from AMD, make much more sense in the context of an industry-wide scandal hitting them when they'd be normally content to launch a new mainstream i7 line. Intel was scummy. Just say it. Acknowledge it. You can even say that no one should expect anything different from a company than to do a new product launch in the midst of an upcoming scandal if you like, but it's scummy no matter how you slice it.

 

[WikiFM]

This info I found kinda shows how Intel and Microsoft are in a programmed obsolescence patch, cause older CPUs and Windows will be more affected by the patch, from my point of view seems like a very convenient workaround for them.
"In general, our experience is that Variant 1 and Variant 3 mitigations have minimal performance impact, while Variant 2 remediation, including OS and microcode, has a performance impact.
Here is the summary of what we have found so far:
With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.
With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
For context, on newer CPUs such as on Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre mitigation. Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel."
Source: https://cloudblogs.microsoft.com/mi...-and-meltdown-mitigations-on-windows-systems/

 

[Tomorrow]

Yeah that's what they (Intel and MS mostly) want you to believe. Like the misinformation they won't even bother correcting about Win7 not supporting newer CPU's and chipsets (yet they themselves provide Win7 drivers for newer devices). The bechmarks infact show that Skylake+Win7 is faster in 6 tests, Skylake+Win10 is faster in 7 tests and one is a draw. So both lose equally much in performance after patches regardless of OS. Win7 with older CPU's is not more affected.

 

[WikiFM]

Win7 with older CPU's is not more affected.

Are there any benchmarks with older CPUs (Haswell, Sandy Bridge, etc)?

 

[Tomorrow]

Are there any benchmarks with older CPUs (Haswell, Sandy Bridge, etc)?

Sandy and Ivy Bridge are unlikely to ever recieve a microcode update. Haswell should recieve it before end of the month. I guess we will know by then.