There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.
this vulnerability is only really meaningful on multi-user systems
Well, that says it all. CPU manufacturers have no incentive at all to secure the computations of multiple users on a single CPU (or cores on the same die)… why would they? They make more cash if everyone has to buy their own complete unit, and they can outsource security issues to ‘the network’ or ‘the cloud’…
Years ago when I was in University this would have been a deathblow to the entire product line, as multi-user systems were the norm. Students logged into the same machines to do their assignments, employees logged into the same company servers for daily tasks.
I guess that isn’t such a thing any more. But wow, what a sh*tshow modern CPU architecture has become, if concern for performance has completely overridden proper process isolation and security. We can’t even trust that a few different users on the same machine can be separated properly due to the design of the CPU itself?
Fair enough, probably was hyperbole :) But performance does seem to be a higher priority than security; they can always spin PR after the next exploit, after all, users already have the CPU in their system, they’ve made their money; what are users really gonna do if an issue comes up after they’ve bought their box?
Im out of the loop with those. Are Arm and socs viable alternative for home computing?
Last time I checked I could not build a pc with Arm. Post above is right intel and amd are dominating home user market.
I have a macbook air m1 and this arm chips is imo just amazing. No fan no issues, fast as fuck. Id like to build a pc with arm. Maybe when Linux and windows show more support for arm64?
Linux supports ARM64 very well. Windows also has had ARM support for a quite a while. The main obstacles are 3rd party binary software (particularly on Windows) and lack of available hardware.
Are you aware that the majority of cpus sold today go to cloud computing? Believe it or not, but that is an application space with multiple users on the same machine.
Even on a single user machine, multiple users are very much a thing. Even Apple has left behind the DOS-like architecture where everything runs with the same rights. All current systems run with multiple concurrent users, notably root (or the Windows equivalent) and the keyboard operator (as well as dedicated ones for the various services, although that’s maybe more a thing in Unix/Linux than Windows).
Good point. But I think performance is still a greater priority for those who make purchasing decisions, rather than basic security, and that’s the problem.
Not at the enterprise level.
Security means compliance, which means getting/keeping contracts and not getting sued.
And they care more about performance-per-watt and density.
Processor manufacturers target their devices and sales towards cloud computing so they have a huge incentive to avoid having issues like these. It’s ridiculous to suggest otherwise.
You’re reading an awful lot into what I said that wasn’t put in there.
There’s nothing wrong with multi-user systems existing, there’s plenty of use for such things. This bug is really bad for those sorts of things. I was explicitly and specifically talking about consumer gaming computers, which are generally single-user machines. Concern for performance is a very real and normal thing on a gaming computer, it’s not some kind of weird plot. An actual multi-user system would obviously need to be patched.
When I was in university, they were probably running the same server, but with Ubuntu and for 500 sessions at the same time. That crap was totally unusable.
Well, that says it all. CPU manufacturers have no incentive at all to secure the computations of multiple users on a single CPU (or cores on the same die)… why would they? They make more cash if everyone has to buy their own complete unit, and they can outsource security issues to ‘the network’ or ‘the cloud’…
Years ago when I was in University this would have been a deathblow to the entire product line, as multi-user systems were the norm. Students logged into the same machines to do their assignments, employees logged into the same company servers for daily tasks.
I guess that isn’t such a thing any more. But wow, what a sh*tshow modern CPU architecture has become, if concern for performance has completely overridden proper process isolation and security. We can’t even trust that a few different users on the same machine can be separated properly due to the design of the CPU itself?
I’m not happy with what’s happening and I know that corporations are money making evil machines.
But to say that chip makers have no incentive at all to secure their hardware is quite the hyperbole.
Fair enough, probably was hyperbole :) But performance does seem to be a higher priority than security; they can always spin PR after the next exploit, after all, users already have the CPU in their system, they’ve made their money; what are users really gonna do if an issue comes up after they’ve bought their box?
What they will do is not buy from that company again.
Yeah, but we live in cpu monopoly. Intel and Amd Both companies put backdoors and all sort of shit in their cpus.
We don’t live in CPU monopoly. Arm and SoCs are also in the game.
Im out of the loop with those. Are Arm and socs viable alternative for home computing?
Last time I checked I could not build a pc with Arm. Post above is right intel and amd are dominating home user market.
I have a macbook air m1 and this arm chips is imo just amazing. No fan no issues, fast as fuck. Id like to build a pc with arm. Maybe when Linux and windows show more support for arm64?
Linux supports ARM64 very well. Windows also has had ARM support for a quite a while. The main obstacles are 3rd party binary software (particularly on Windows) and lack of available hardware.
Oh, for desktops? I don’t know. I was referring to macbooks and mac minis.
deleted by creator
Are you aware that the majority of cpus sold today go to cloud computing? Believe it or not, but that is an application space with multiple users on the same machine.
Even on a single user machine, multiple users are very much a thing. Even Apple has left behind the DOS-like architecture where everything runs with the same rights. All current systems run with multiple concurrent users, notably root (or the Windows equivalent) and the keyboard operator (as well as dedicated ones for the various services, although that’s maybe more a thing in Unix/Linux than Windows).
Good point. But I think performance is still a greater priority for those who make purchasing decisions, rather than basic security, and that’s the problem.
Not at the enterprise level.
Security means compliance, which means getting/keeping contracts and not getting sued.
And they care more about performance-per-watt and density.
Processor manufacturers target their devices and sales towards cloud computing so they have a huge incentive to avoid having issues like these. It’s ridiculous to suggest otherwise.
I see the reasoning, fair enough. Just grumpy this evening I suppose :p.
You’re reading an awful lot into what I said that wasn’t put in there.
There’s nothing wrong with multi-user systems existing, there’s plenty of use for such things. This bug is really bad for those sorts of things. I was explicitly and specifically talking about consumer gaming computers, which are generally single-user machines. Concern for performance is a very real and normal thing on a gaming computer, it’s not some kind of weird plot. An actual multi-user system would obviously need to be patched.
I am so incredibly happy that those terrible multi-user systems are a thing of the past. Multiple seconds wait time for every mouse click are no fun.
Hey! I’ll have you know that a 68000 based server was good enough for about 60 users running X11 desktops back in the day!
Kids today with their vodoo cards and whatnot.
When I was in university, they were probably running the same server, but with Ubuntu and for 500 sessions at the same time. That crap was totally unusable.