In continuing follow up from the spectacle that surrounded the Meltdown and Spectre security vulnerabilities released in January, Intel announced that it has provided patches and updates that address 100% of the products it has launched in the last 5 years. The company also revealed its plan for updated chip designs that will address both the security and performance concerns surrounding the vulnerabilities.
Intel hopes that by releasing new chips to address the security and performance questions quickly it will cement its position as the leader in the enterprise compute space. Customers like Amazon, Microsoft, and Google that run the world’s largest data centers are looking for improved products to make up for the performance loss and assurances moving forward that a similar situation won’t impact their bottom line.
For current products, patches provide mitigations for the security flaws in the form operating system updates (for Windows, Linux) and what are called microcode updates, a small-scale firmware that helps provide instruction processing updates for a processor. Distributed by Intel OEMs (system vendors and component providers) as well as Microsoft, the patches have seemingly negated the risks for consumers and enterprise customer data, but with a questionable impact on performance.
The mitigations cause the processors to operate differently than originally designed and will cause performance slowdowns on some workloads. These performance degradations are the source of the handful of class-action lawsuits hanging over Intel’s head and are a potential sore spot for its relationship with partners. Details on the performance gaps from the security mitigations have been sparse from Intel, with only small updates posted on corporate blogs. And because the problem has been so widespread, covering the entire Intel product line of the last 10 years, researchers are struggling to keep up.
The new chips that Intel is promising will address both security and performance considerations in silicon rather than software, and will be available in 2018. For the data center this is the Cascade Lake server processor, and for the consumer and business markets this is known as Cannon Lake. Both will include what Intel is calling “virtual fences” between user and operating system privilege levels and will create a significant additional obstacle for potential vulnerabilities.
The chips will also lay the ground work and foundation for future security improvement, providing a method to more easily update the security of the processors through patching.
By moving the security mitigations from software (both operating system and firmware) into silicon, Intel is reducing the performance impact that Spectre and Meltdown cause on select computing tasks. Assurances that future generations of parts won’t suffer from a performance hit is good news for Intel and its customer base, but I don’t think currently afflicted customers will be satisfied at the assertion they need to buy updated Intel chips to avoid the performance penalty. It will be interesting to see how, if at all, the legal disputes are affected.
The speed at which Intel is releasing updated chips to the market is an impressive engineering feat, and indicates at top-level directive to get this fixed as quickly as possible. In the span of just 12 months (from Intel’s apparent notification of the security vulnerability to the expected release of this new hardware) the company will have integrated fairly significant architectural changes. While this may have been a costly more for the company, it is a drop in the bucket compared to the potential risks of lowered consumer trust or partner migration to competitive AMD processors.
For its part, AMD has had its own security issues pop up this week from a research firm called CTS Labs. While there are extenuating circumstances that cloud the release of the information, AMD does now have a template for how to quickly and effectively address a hardware-level security problem, if it exists.
The full content of Intel's posted story on the subject is included below:
Hardware-based Protection Coming to Data Center and PC Products Later this Year
By Brian Krzanich
In addressing the vulnerabilities reported by Google Project Zero earlier this year, Intel and the technology industry have faced a significant challenge. Thousands of people across the industry have worked tirelessly to make sure we delivered on our collective priority: protecting customers and their data. I am humbled and thankful for the commitment and effort shown by so many people around the globe. And, I am reassured that when the need is great, companies – and even competitors – will work together to address that need.
But there is still work to do. The security landscape is constantly evolving and we know that there will always be new threats. This was the impetus for the Security-First Pledge I penned in January. Intel has a long history of focusing on security, and now, more than ever, we are committed to the principles I outlined in that pledge: customer-first urgency, transparent and timely communications, and ongoing security assurance.
Today, I want to provide several updates that show continued progress to fulfill that pledge. First, we have now released microcode updates for 100 percent of Intel products launched in the past five years that require protection against the side-channel method vulnerabilities discovered by Google. As part of this, I want to recognize and express my appreciation to all of the industry partners who worked closely with us to develop and test these updates, and make sure they were ready for production.
With these updates now available, I encourage everyone to make sure they are always keeping their systems up-to-date. It’s one of the easiest ways to stay protected. I also want to take the opportunity to share more details of what we are doing at the hardware level to protect against these vulnerabilities in the future. This was something I committed to during our most recent earnings call.
While Variant 1 will continue to be addressed via software mitigations, we are making changes to our hardware design to further address the other two. We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional “protective walls” between applications and user privilege levels to create an obstacle for bad actors.
These changes will begin with our next-generation Intel® Xeon® Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel® Core™ processors expected to ship in the second half of 2018. As we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical. Our goal is to offer not only the best performance, but also the best secure performance.
But again, our work is not done. This is not a singular event; it is a long-term commitment. One that we take very seriously. Customer-first urgency, transparent and timely communications, and ongoing security assurance. This is our pledge and it’s what you can count on from me, and from all of Intel.
“AMD does now have a template
“AMD does now have a template for how to quickly and effectively address a hardware-level security problem, if it exists”
As in do nothing and hide the truth until exposed, release sloppy mitigation patches and only then expedite a HW fix, which is to appear at some point later in the year? Hardly exemplary.
The Meltdown(All on Intel and
The Meltdown(All on Intel and some others, but not AMD)/Spectre(AMD, Intel, and Others) where part of a two groups of vulnerabilities that had Google Project Zero having to extend their usual 90 or so days at the request of the entire security industry and Google’s Project Zero had to have had good reason also considering the severity of these vulnerabilities and the time required to fix them.
Intel’s management and their questionable stock trading or other decisions had/has to take 2nd place to the actual security concerns of getting these issues fixed in Intel’s processors as well as all the other affected respective processor maker’s processor hardware.
There are going to be some serious investigations by congress(Ongoing, and new) and the usual regulatory agencies(Just about to start) over what has happend related to security issues and stock securities wise related to Intel and the latest questionable security company that only gave AMD 24 hours notice before acting in the most unsecure and unprofessional manner with regards to AMD and following the proper security industry best practices protocols regarding reporting and classifying any “New” security vulnerabilities.
Intel, AMD, ARM, and the other processor makers all have some work to do as do the educational/academic experts regarding that Harvard CPU Microarchitecture on which all modern microprocessors are loosely based. That Branch Predection and Spectulative execution process is going to be the subject of plenty of Graduate/PHD thesis papers as well as government funded research grants over the next few years.
I don’t think you know what
I don’t think you know what happened at Intel, AMD, ARM when the issue was disclosed. I also don’t think you understand about the difficulties in patching silicon, especially silicon as complex as a CPU.
Yes, fixes should be acknowledged and rolled out as quickly as possible. No argument there. But there are categories of fixes that take significantly more time and effort to roll out than others. Remeber, 14nm hot lots take about 3months from tape-out to parts in hand, production quantities in about 6months. That’s once the fix has been made, validated, and test programs approved. So 6months allowing zero time to actually fix or validated the problem before parts are starting to appear.
On one hand, you have a valid point, on the other hand, you have no idea what you’re talking about.
I understand that a CPU is a
I understand that a CPU is a really, really complex beast and making changes to the silicon is a monumental task, it wasn’t my intention to indicate otherwise. But the core of my message still stands, whether I know what happened inside Intel or not – overall, from what an onlooker could gather from the media, Intel’s reaction was hardly optimal.
P.S. Ah, I see… The “do nothing” part was related to the lack of outside communication to affected parties; I’m not doubting work to mitigate the issues was started immediately.
With even some smaller parts
With even some smaller parts of a modern microprocessor’s functional blocks that can be considered processors in their own right with millions of transistors and logic circuitry thre are problems. So even on the fastest of supercomputers there is insufficient time to fully test any complex logic interactions or do any full and complete vetting of all the possible variables and how they interact with the even more complex whole.
There was a black hat conference video presentation where one expert attendee lectured on what was testable on a processor and what was to this day untestable due to there being so many variables that it made it intractable even using supercomputers to fully prove some logic designs and those logic designs with interactions with the larger whole testable.
Even the mathematicians are still struggling with some of the issues with mathematically modeling these complex interactions via mathematical axioms with some of newly established axioms even being utilized in an attempt to get some of the more complex state tracking variables testing made more tractable.
Look at even the usual boilerplate software warranty disclaimer and you will see some form of statement that even software can have those same sorts of intractable(Can Never Be proven Correct) sorts of issues even more so than in the hardware.
These Millennium Prize mathmatical problems that are applicable to computing(Some Of them Are) Have million dollar rewards tied to them(1). See the list of computing sicemces related problems(2) and there are many.
“The Millennium Prize Problems are seven problems in mathematics that were stated by the Clay Mathematics Institute in 2000. The problems are the Birch and Swinnerton-Dyer conjecture, Hodge conjecture, Navier–Stokes existence and smoothness, P versus NP problem, Poincaré conjecture, Riemann hypothesis, and Yang–Mills existence and mass gap. A correct solution to any of the problems results in a US $1 million prize being awarded by the institute to the discoverer(s).
At present, the only Millennium Prize problem to have been solved is the Poincaré conjecture, which was solved by the Russian mathematician Grigori Perelman in 2003.”(1)
Any Company’s Reaction has to go through their legal department after the CEO(BOD breathing down that CEO’s neck) and their underlings have taken their whack at working up a responce. Things get bounced back and forth between legal and those others more times than a ping pong ball at a championship ping pong tournament. And that mostly results in Legal as well as CEO/middle management CYAs sorts of statments. Intel has its share of blemishes over theyears and Intel has earned some much deserved bad karma.
(1)
“Millennium Prize Problems”
https://en.wikipedia.org/wiki/Millennium_Prize_Problems
(2)
“List of unsolved problems in computer science”
https://en.wikipedia.org/wiki/List_of_unsolved_problems_in_computer_science
This is all great and good
This is all great and good news when that new silicon arrives, and probably not in large numbers in 2018 as it may be just starting to arrive towards the close of 2018. That type of hardware mitigation work takes time for any CPU/Procesor maker.
But the online press is focusing too much on the PC motherboard OEMs with little attention paid to the laptop OEMs that are also the ones in control over their respective laptop SKU’s BIOS/UEFI firmware update process. So even if the laptop OEMs have a laptop motherboard third party sub-contractor that the laptop OEMs uses for their custom motherboard designs, the laptops’ end users still have to get their Firmware upgrades from their Laptop’s respective OEM.
For Now Intel has begun releasing microcode as far back as SandyBridge/Ivy bridge and the Laptop OEMs many not be as focused on their millions of older laptop SKUs until they can get their latest generation laptop products secured.
The press need to engauge with more laptop OEMs regarding their mitigation progress overall but also for the SandyBridge/IvyBridge beased older generation of laptops that for laptops end users who will be needing their firmware updates provided by the respective laptop’s OEM.
Osbourne effect test?
Osbourne effect test?
Deleted
Deleted
I don’t know how much I would
I don’t know how much I would trust such quickly implemented hardware fixes. I still plan on building an AMD system after the Ryzen 2 release, so I guess I will not be in the market for a new Intel processor anyway. From cpu architecture stand point, I am curious as to how they will be fixing these things. The meltdown vulnerability may not be that difficult to fix. They just need to disable memory speculation across a user to kernel boundary. That may be a small performance hit, but it is probably too difficult to roll back the state of the cache after speculative loads.
The branch predicor fixes are a bit more interesting. It doesn’t sound like they are even fixing all of them. That will have to wait for a proper redesign a few years out. I have thought that an address space identifier, with both a user and kernel space component, on the branch prediction tables could solve this. If Meltdown is fixed such that they don’t need to isolate kernel page tables, then separate kernel and user space identifiers will be necessary. It would require a small number of caches tables, each with an identifier. I don’t know how workable that is though. The branch prediction is a latency sensitive operation, so there may be no time to use an address space identifier to choose between multiple tables. Also, this wouldn’t protect from code running in a sandbox within a single address space. They are probably doing something somewhat quick and dirty in this release since there has been little time for major design changes, so I expect performance to suffer a little.
Hopefully there won’t be any
Hopefully there won’t be any major issues like with what happened with the early patches for this.
Wow, this article sounds like
Wow, this article sounds like an add for Intel. You use interesting terms for a journalist that are not very objective. You say that it is impressive for Intel to bring out the updated chips, but how do you know they are not just temporary workaround silicon? Are you so sure it is a major architectural change?
You praise Intel, yet they floundered very badly with the updates, something the meagre AMD was able to deliver with just one hiccup.
You also say that there is a handful of lawsuits. How much is a handful? From what I understand in English, it means only a few, for sure less than ten, yet the last time I checked, which was quite a while ago, it was more than 30. I would not call that a handful.
It is also nice to again drop in the notion of the new AMD threats without again disclosing the issues of fraud that is surrounding it. Yes you do mention it in a way, but people who do not know what is going on, won’t understand what you say and would probably not follow your link, since most people are too lazy.
It would have been objective to also focus on the fact that Intel is not addressing all the bugs. Maybe it is important!
So it seems that the revelation that PCPer was paid by Intel, is proving to be true. It is sad.
It is more than 30 and
It is more than 30 and growing. And Intel has only worried about IPC above all else, forcing all the others CPU/Processor makers to do the same to a lesser degree.
The problem with the majority of the technology press is that they are not stdents of computer architecture and are at best, for the most part, technicians who make use of the tools(Benchmarking software, other hardware/software)tools developed by the PHDs/Software Engineers(With Real Engineering Degrees) that help these technicians do their analysis. And why single out one onlne website as they are all operating under what basically can be described as a cunflict of interests business model. A model that comes with with free review samples(with strings attatched) and others advertising/affiliate perks without which these sites can not remain doing what that are doing.
If anything that whole review sample carrot and stick sort of arrangement needs to be regulated by the FTC/Other relevent regulatiry agencies where by the product makers are forced to turn over their revise sample slection process(Prevent Cherry Picking of Review samples by their makers) and a random lottery that randonly chooses along with the review samples which press will be chosen to receive that review sample. That and also forcing the makers to have to publish their review manuals and NDA’s that these companies are forcing the reporters/reviewers to sign. With any terms and conditions that are not deemed fair and constitutional with respect to the rights of the press and the public’s right to now disallowed. product makers should be forced to contract with a certified impartial indipendent third party entity that is put in charge of the review samples and thereview sample selection process.
Right now as things are not one website online can be fully trusted that is in any sorts of arrangement that can be classified as a conflect of intrests. And folks do not appear to willing to take the time to snail mail their elected officials ar even taking ant government agenct to court and forcing the assoicated agency to enfrce the antitrust laws already on the books or the trade laws that are aleady on the books with the state and federal agencies that are charged with enfircing these laws and reuglations.
That citizens united decision effectively decalred all US citizens naves to the large corporations that are not really people but where artificially treated as such by the highest cout in the US. And the only way to overturn such a decision is for congress to create the laws that can reverse that high cort decision in a way that can pass judicial review. Campaign finance laws have been attampted but like the online review industry that process is sumverted by conflicts of interests. Say hello to your new merchant princes and enjoy your new glided age of Technology Trusts.
[note: Google’s search history hits on merchant princes only leads to the game by that name, or even science fantasy and alternate history and other pulp fictional history entertainment sorts of things. So Google the merchant princes of Italy, or use other such quilifying terms or phrases. Really Google’s search results are evil by AI design with the actual Historcial meanings of these terms and phrases supplanted by the commerical and non factual content where commerical intersts are more important than disseminating real and factual knoledge]
Edit: cunflict
To: conflicts
Edit: cunflict
To: conflicts
Edit: ant government
Edit: ant government agenct
To: any government agency
The dyslexia and/or aphasia is bad today.
Being able to provide a fix
Being able to provide a fix in silicon 12 months is fast.
Suspiciously fast.
Almost as if they had designs defeating the vulnerabilities before they were supposedly made aware of them.
It depends on what changes
It depends on what changes are made. I suspect they only modified the silicon to bypass the problem temporarily. So basically they have just added the software and microcode workaround to the CPU.
It is great to see fixes
It is great to see fixes coming out but at what expense? Will these fixes make all CPU’s slower in same way or another? Yes we have had lots of sites testing a few games and going oh the performance hit is next to nothing. Then we have others testing and saying oh the Io performance seems to be way down when testing high speed SSD drives.
We also have not seen any real testing done on older CPU’s such as first gen core series and second gen core series or even third gen core series. Those are the CPU’s that will be hit the hardest by all of this and probably even forth gen Haswell as well to some extent. All the sites have focused on the new CPU’s that have some of the hardware inside that will make the effects of the patches seem like there is no performance loss at all.
The older gen core series does not have the needed hardware to fight off the performance hit that might happen but we don’t know for sure because no one took the time to test those CPU’s and hardware. I remember one Youtube channel doing the game tests on a shiny new 8700K and concluded that there was no performance hit from the patches.
I straight up asked why not test the older CPU’s since there are still millions of those out in the wild in use today. His reply was oh he did test a Sandy Bridge i7 2600K and it also did not lose performance in games except in 4K where the numbers dropped off the chart with patches installed.
This told me basically nothing because it was just 1 source of info and that info was not even included in the rest of the tests. I have a i7 2600K@5.1GHz and I for one am not going to allow these patches and microcode updates on my system until I know for sure what kind of hit my CPU will have to take in the name of being secure I already checked there is a bios update coming for my MB very soon I would like to know how much it will kill my system before I flash it into my board.
My next CPU is going to be most likely Ryzen not sure yet I do like my Intel branded CPU’s though it is just to bad this all had to happen & now that other stuff about all these flaws in AMD Ryzen’s and the chip set now as well whether it is real or not only time will tell.
All of this in the name of being secure the problem is nothing is ever secure there will always be someone that will hack and go around security blockades to mess with someones tech it is just a fact of life.
I just wanted to add that the
I just wanted to add that the saddest part is there is only so long someone like me will be able to avoid the Windows 10 Patch that sucks some of the performance away. The next version of 10 will have it all baked in and no way to avoid it. The only hope will be that MS found better ways to do the patch and make it so it is not a performance sucker and also keep things from being unstable as well. We are talking about changing the way the CPU works and was not meant to work that way so yes things do tend to break when it was not designed that way..anyways this became a rather long post again…laters
Why not just sue Intel, they
Why not just sue Intel, they stole your performance in the first place!