eBay Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

One for OE:-

cee-dee
Guide

‎03-01-2018 4:05 PM

What do you make of this OE?:-

 

https://news.sky.com/story/computers-face-global-slowdown-due-to-flaw-in-intel-chips-11193992


It's life Jim, but not as WE know it.
Live long and prosper.

Message 1 of 3
See Most Recent
0 Helpful
2 REPLIES 2

One for OE:-

otherego
Contributor

‎05-01-2018 11:31 AM

Hi, CD.

 

'Tis all way over my little head. There are at least two vulnerabilities involved ("Meltdown" and "Spectre" - a plague on the fashion for cutesy names for these things - I think "Meltdown" is more Intel-specific but might have that back-to-front).

 

As far as I can see, CPUs do their best to guess what might be needed next in order to speed things up, and load their best guesses into memory (RAM) for immediate use, if required. At a guess, if one enters a user-name into a browser, the CPU then gets ready for the password...

 

From el Reg:

 

Whenever a running program needs to do anything useful – such as write to a file or open a network connection – it has to temporarily hand control of the processor to the kernel to carry out the job. To make the transition from user mode to kernel mode and back to user mode as fast and efficient as possible, the kernel is present in all processes' virtual memory address spaces, although it is invisible to these programs. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. When it is done, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel's code and data remains out of sight but present in the process's page tables.

 

I think it's OK to consider "kernel" as your basic operating system - the Linux kernel which your preferred distro sits atop, Windows 7, whatever.

 

Programs ("apps") need to let the kernel run things from time to time.

 

The kernel and the CPU trade ideas, and keep things in memory which might be needed for the execution of the task at hand.

 

Problems presumably arise when bits of information which are no longer needed (eg you've already logged in to your bank account) lurk in memory - and instead of being completely invisible to other software running on a computer (including javascript instructions, malware blah blah), might be accidentally offered to that software as a result of CPU design flaws making it difficult/impossible for the operating system to keep stuff still in memory the secret it should be.

 

I don't pretend to understand it, and I've probably messed that up completely - must take a closer look - bear in mind I'm intrigued by computers but have very little knowledge and less aptitude.

 

More from el Reg:

 

One way rival processors differentiate themselves, and perform faster than their competitors, is to rely on speculative execution. In order to keep their internal pipelines primed with computer code to obey, they do their best to guess which instructions will be executed next, fetch those from memory, and carry them out. If the CPU guesses wrong, it has to undo the speculatively executed code, and run the actual stuff required.

Unfortunately, the chips in our desktop PCs, laptops, phones, fondleslabs, and backend servers do not completely walk back every step taken when they realize they've gone down the wrong path of code. That means remnants of data they shouldn't have been allowed to fetch remain in their temporary caches, and can be accessed later.

 

 

For more information, these were the pages I copied that lot from:

 

http://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

 

http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/

 

I see that even the mighty Apple has fallen prey to the problem, and the bottom line is that whatever hardwear/software we use, we're now all vulnerable.

 

Patches to operating systems might or might not slow things down, but will need to be applied to reduce risk. The Register is rather underwhelmed with Intel's attempts to placate users:

 

http://www.theregister.co.uk/2018/01/04/intel_meltdown_spectre_bugs_the_registers_annotations/

 

but in all fairness, it looks as if no device is safe.

 

It's interesting to speculate that all devices might contain further yet-to-be-exploited bugs, yet organisations - even things like banks and government departments - try their best to get everybody to do everything on-line. There is clearly no guarantee that anything on-line will remain safe, even if it looks OK at the moment.

 

The on-line environment is just as dodgy as many of us always feared, and right at the moment, it's hard to see any reassurance that this incident will be the last to threaten our computing lives.

 

Oh - and if you're patching your Windows machine, for goodness sake check that your antivirus is fully updated first:

 

http://www.theregister.co.uk/2018/01/04/microsoft_windows_patch_meltdown/

 

Goodness knows what delights await those of us who use other operating systems.

 

Interesting times...

Message 2 of 3
See Most Recent
0 Helpful

One for OE:-

cee-dee
Guide
In response to otherego

‎05-01-2018 7:15 PM

Looking at it and thinking about it, it seems to me to be a fundamental programming fault with the chips and what they're trying to do is solve a chip fault with a software "update"?

 

It doesn't matter what device the chip is "in" or what operating system the device is using, the device has the same vulnerability come what may?

 

The chips may have been second guessing some upcoming functions to speed up the processing time and the "update" may stop the chips doing that thereby slowing the processing BUT, by how much? Will a "normal" user really notice?


It's life Jim, but not as WE know it.
Live long and prosper.

Message 3 of 3
See Most Recent
0 Helpful

Featured Posts

View All
Top