I think CPU designers are getting too much flak for this. The side effects of speculative execution has been around ever since their introduction. A compounding problem is how abstract software has become, it has made assumptions on the underlying execution model without a deeper understanding of its sublteties (sandboxing, containers, etc trying to guarantee process isolation). It’s the Law of Leaky Abstractions [0] at work. What is alarming is how long it has taken for us to collectively realize this is a problem. Hats off to the folks for uncovering this blind spot to us.
Intel's PR dept is in overdrive, but the truth about this vulnerability is that it's essentially worst-case.
It really only affects workloads where high performance is important. The average user might not see an impact but if you need fast IO God help you. The solution is to 'make less syscalls' but the problem is that syscalls have always been slow and the people making a lot of them are only doing so because they absolutely have to
I wonder if we'll start seeing more userspace storage drivers because of this.
If anything, for big shops like this one, I wouldn't be surprised if we saw a move away from hosted providers (the "cloud" .. god I still hate it when people use that word), and return to co-located setups.
At least for people who need immediately performance needs, AMD might make a lot of short term sales right now.
Isn't that like saying that it turns out this car we sold can only do 150, not 200. But it's okay because most of you never drive above 80 anyways.
You're right. Most people who just surf the Netflix and download the YouTubes will not notice. But it's still a form of fraud, even to those who never max out CPU. I think fraud is a strong word knowing that this wasn't intentional. But they sold a lesser product than they advertised and need to make customers whole. Otherwise it pretty much is fraud.
I think people are underestimating how bad webapps are. I do... a lot of computing and by far the most CPU intensive applications on my computer are webviews. Either Gmail in chrome or slack. I'm actually going to be upgrading my laptop soon because slack+3 organizations crushes my laptop.
Do you think browser vendors have been pushing JIT research forward, investing in webasm, and building things like servo because websites are so fast and light on CPU?
I’d go farther, anybody who is concerned with application performance may soon see/smell their hair smoldering.
We write a lot of code that needs to run as fast as possible (processing, post-processing, generating real-time weather/satellite data) and I’m concerned about time windows and whether we’ll be able to meet requirements.
I suppose these guys just don't apply the patch. They are not running in a public cloud with potentially hostile neighboring VMs; they run their own trusted code. They might choose to tighten perimeter security instead, in the short term.
Meltdown is aptly named, as that is what's gonna happen to the global corporate services market, "efficiently" hosted in the cloud and scraping for profitability.
For pure computational cases Meltdown vulnerability remediation might not impact you as much. Meltdown fixes would affect applications that do a lot of syscalls - lots of socket IO, IPC stuff, small and frequent disk IO ops etc.
You'll probably see a wide variety of benchmark results anything from no impact to things like above. So just make sure you measure carefully with your own workload.
Data processing where number crunching is the key problem may not be affected much. Data processing where fetching and assembling the data from many sources is likely to see larger slowdowns. Pure communications workloads are also likely to see larger slowdowns.
I've been too focused on the tech that I forgot about the legal part of this. Is this why they've all given wishy-washy responses that take no responsibility and seemingly don't even admit there's a problem? Sounds like they expect massive legal recourse and have no real choice but to listen to their lawyers who are telling them to admit no guilt.
Exactly why. Even if the performance impact is 3%, that means the world has lost maybe 2% of its CPU power overnight. That's an utterly massive amount of hardware, many billions of dollars, maybe a trillian.
It's not just the cost of the processors, but everything that contains them. Truly 'fixing' all the affected products would bankrupt a county but we should get a refund for the CPU's at the least
Yes. They’re facing potentially ruinous class actions from individuals, and the legal fury of uncounted corporations which are going to suffer. It’s hard to imagine Intel dying, but if the impact on performance is so enormous, it could happen. So yes, they are in ass-covering-survival-mode. Having said that, I wouldn’t expect Intel to go down in legal flames, but the endless PR dripping is going to have to become a flood for a long time to recover.
> Things happen. It's impossible to predict every contingency.
Normally I'd agree but not in this case. Notice that besides latest ARM it seems no other architecture is susceptible to Meltdown - s390x, SPARC, POWER, AMD etc.
Speculatively loading and executing code across protection boundary is something someone should have thought twice about. Doesn't mean other vendors knew or had PoC examples, but they could have had an instinctive hunch.
I've given this example before, say I have some sensitive data on a server. I could install a bunch of services and API endpoints on it, to access it faster, inspect it, extract it various formats etc. Or I could decide to lock it down and just install only the minimum number of needed things, locked everything down. Doesn't mean I knew all those additional APIs or services had vulnerabilities, but it's just a good practice.
If the server gets hacked and someone looks back, I think they would be justified asking "What the hell were you thinking installing all that crap you didn't need on it".
According to their patch notes Apple's ARM cores are also vulnerable. And it's not just the latest ARM, the A15, A57, and A72 are vulnerable to a less severe variant of Meltdown.
If you bought a car that needed to go 60mph and a subsequent update to the car from the manufacturer for safety meant it could only go 30mph, there would be legal consequences.
Of course you can't predict every contingency, but some of them you pay for.
That's new for a company, and it's not indicated by their PR spin right now.
What I think happened : a company produced a product with a problem. Probably not out of malice, but ignorance.
One of two things happened after, which can kill the 'good faith' argument ; the problem was found internally and hushed, or the problem was found externally and minimized to reduce financial burden arising from fixing the problem and the PR related.
We have no way of knowing how well it was known about internally, but we can all see the PR going on from Intel right now, and I hope i'm not the only one who reads into those press releases to establish intent.
Well this type of attack has been theoretical for years. The Project Zero referenced some papers from the mid-2000s that talked about it. But the implementation, even today, isn't exactly trivial.
Modern processors are insanely complex systems. Branch prediction, out of order execution, hardware virtual memory management, hardware virtualization, etc. Not to mention that these are side-channel attacks. It's not a direct vulnerability, it requires executing some code and measuring timing very precisely; similar to and oscilloscope and a very expensive safe.
Of course Intel is going to be spinning this however they can for damage control. That's what PR departments do. I still doubt engineers at Intel really thought this attack was plausible, or else they wouldn't have been engineering chips this way for the past decade.
And until we align their market incentives properly, silicon vendors are going to continue to ignore this fact when it comes to verification. Intel is especially bad here; they’ve had an unreasonable number of hardware bugs in recent years.
Intel got a report about this vulnerability from Google in July. Intel's CEO decided to sell stock in November, scheduling the sale in October. Intel also decided to pull the Coffee Lake desktop launch in from early 2018 all the way back to the start of Q4 2017 to try stop the momentum AMD was building with Ryzen, while knowing this vulnerability was present - they're still planning on launching Cascade Lake the first half of this year and god knows if meltdown will be fixed in it or not.
Right now, I think the problem started out of ignorance - but they have abused Google's policy of responsible disclosure to hide the flaw as long as they could and take advantage of their market position while the unknowing public kept buying their products. Now they are pulling the four D's of propaganda in their PR statements all while we are seeing huge performance deltas in graphs from Epic and more?
This is straight up deceptive, I'm glad I switched back to AMD with my new gaming rig and I already have plans in the works to purchase multiple EPYC servers with our datacenter move starting next month.
I know almost nothing about law but I would assume a large company would be insured against contingencies like this.
I remember reading something about how rich people can get 'everything else's insurance that's basically applicable to anything bad that could happen to them. Maybe its the same with companies?
You can insure almost anything, assuming you’re willing to pay the premium, and that the insurers are satisfied with their due diligence. BUT... that insurance company will look for any technicality, any little way that you failed the extensive duty to protect your insured assets, and try not to pay out.
So really, in this case insurance is just another word for “more lawyers to drag through the courts for people years, with uncertain results.”
If no one saw it coming, why is it all over papers which suddenly appeared in the last few days here? It seems that in the world of high assurance security, this was largely assumed, but not provable due to propriety walls.
It doesn't have to be gross incompetence. If you pay for something and it doesn't deliver as promised, you may be entitled to a partial or full refund.
If you know that your product is flawed, do you keep selling it or will you pull it from the shelves?
To this date I can still buy broken Intel CPUs....
They knew about the flaw in June. Yet they still kept selling Coffee Lake CPUs.
If my 8700k wouldn't still be significantly faster than Amd Ryzen (or I wouldn't have to also return the MB), I would have switched to an Amd in a heart beat.
To be fair to Intel, mitigating this type of issue isn't at all trivial. If it were, it could have been fixed in a microcode update. You can't rush a chip design for something as complicated as x86_64. There are long multi-year development cycles and tons of regression tests.
With this they need to add even more tests before they can start on attacking the issues with the design.
> To be fair to Intel, mitigating this type of issue isn't at all trivial.
It's understandable that they may not have been able to mitigate it in the 8th gen CPUs in just a few months, but they also put those CPUs out on the market, advertised them, and sold them, all the while they knew of their design flaw, without saying anything about it to the unsuspecting customer.
Doesn't stop people from filing one. They already have, in fact. I agree that it shouldn't get anywhere, but I'm not as sanguine about whether or not it actually will.
Speculatively loading data across a protection boundary which is what happens in Meltdown can be argued to be incompetence or sneakiness. It certainly helps with benchmarks.
Moreover it would be hard to say "everyone is doing it" because it seems so far besides the latest ARM processors, most of the other CPU architectures don't do it.
But back then, Intel could not deny that the FDIV bug was an actual bug in the CPU. Intel's press release on Meltdown is carefully worded to avoid admitting it's a bug in the CPU.
But since the USA have the highest lawyer-per-citizen ratio in the world, it would be very interesting to see what happened if, say, Google sued Intel because from one day to the next, Google's electricity bills rise steeply, their servers crash, because the AC cannot handle the extra heat, ... , and Google demanded Intel pay for their damages.
[0] https://www.joelonsoftware.com/2002/11/11/the-law-of-leaky-a...