[...]
What Intel is not saying is that those figures are a lot higher than it expected to see for the newer chips. However the newer chips should hardly have been affected. On Skylake and beyond, Intel has refined the instructions used to disable branch speculation to be more specific to indirect branches, reducing the overall performance penalty of the Spectre "mitigation".
Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel.
Older chips which lack Skylake improvements will be gutted by the patches. We were expecting to see drops of 30 percent and yet Intel has failed to mention these older chips in its announcement. This figure is more important than the post-Skylake chips because there will be a lot more older Intel chips out there. Intel has promised to release figures for chips that are up to five years old which should cover the bulk of these older chips, but five years is no longer a long time in computing terms. There are a lot of PCs out there which are older than five years old.
[...]
If what Jay is saying is true, they have known about this for a very long time. It goes all the way back to the Intel® Core™2 Quad Q6600. Its totally unreal to me that this has not been fixed yet.@DrinkLyeAndDie, I don't use the latest and greatest CPU chips, Intel or AMD, I simply can't afford it. I fully expect the impact to be major for CPU intensive apps, no matter what. The security hole is just that deep, needing lots of fill dirt to plug.
[...]
The flaw has been part of Intel chips for at least ten years and is due to weak security in Intel's Active Management Technology (AMT) firmware - remote "out of band" device management technology.
The latest vulnerability - discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post - is one of those bugs which is supposed to be a feature.
But it means that notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer - even bypassing
BIOS passwords, Trusted Platform Module personal identification numbers, and BitLocker disk encryption passwords - by rebooting the computer, entering its BIOS boot menu, and selecting the configuration for Intel's Management Engine BIOS Extension (MEBx).
[...]
“InSpectre” is an easy to use & understand utility designed to clarify
the many overlapping and confusing aspects of any Windows
system's ability to prevent the Meltdown and Spectre attacks.
That fixed it. Thanks Ch3vr0n. I guess it was my Samsung m.2 NVMe 1TB SSDread the details more down Patch the BIOS with the firmware i linked earlier (3703 available for download on the motherboard download page), should fix that right up. Havent done that myself, so can't be fully sure. I don't like doing such "risky" things during the week. I prefer the weekend so i have some time IF things were to go wrong.
I guess it was my Samsung m.2 NVMe 1TB SSD
Intel released a new update on the state of the Meltdown and Spectre patches to reveal that the reboot errors it previously disclosed, which plague Broadwell and Haswell systems, also impact Kaby Lake, Skylake, Ivy Bridge, and Sandy Bridge processors.
[...]
The buggy firmware updates were distributed to motherboard manufacturers as part of a BIOS update. Vendors such as MSI, ASUS, and Gigabyte have issued press releases announcing the new BIOS revisions this week, but for now, it might not be wise to update to those versions. Users who haven't installed the latest BIOS are not affected, and Intel says that new patches will enter the validation phase early next week.
[...]
[...]
Intel's fix for Spectre variant 2 – the branch target injection design flaw affecting most of its processor chips – is not to fix it.
Rather than preventing abuse of processor branch prediction by disabling the capability and incurring a performance hit, Chipzilla's future chips – at least for a few years until microarchitecture changes can be implemented – will ship vulnerable by default but will include a protection flag that can be set by software.
Intel explained its approach in its technical note about Spectre mitigation, titled Speculative Execution Side Channel Mitigations. Instead of treating Spectre as a bug, the chip maker is offering Spectre protection as a feature.
The decision to address the flaw with an opt-in flag rather than activating defenses by default has left Linux kernel steward Linus Torvalds apoplectic.
[...]