Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Saturday January 06 2018, @10:51AM   Printer-friendly
from the ??? dept.

Submitted via IRC for Bytram

Hoping the Meltdown and Spectre security problems might mean Intel would be buying you a shiny new computer after a chip recall? Sorry, ain't gonna happen.

Intel famously paid hundreds of millions of dollars to recall its Pentium processors after the 1994 discovery of the "FDIV bug" that revealed rare but real calculation errors. Meltdown and Spectre are proving similarly damaging to Intel's brand, sending the company's stock down more than 5 percent.

[...] But Intel CEO Brian Krzanich said the new problems are much more easily fixed -- and indeed are already well on their way to being fixed, at least in the case of Intel-powered PCs and servers. Intel said Thursday that 90 percent of computers released in the last 5 years will have fixes available by the end of next week. "This is very very different from FDIV," Krzanich said, criticizing media coverage of Meltdown and Spectre as overblown. "This is not an issue that is not fixable... we're seeing now the first iterations of patches."

Source: Nope, no Intel chip recall after Spectre and Meltdown, CEO says


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Informative) by Anonymous Coward on Sunday January 07 2018, @06:05AM

    by Anonymous Coward on Sunday January 07 2018, @06:05AM (#619030)

    Matt Dillon in http://lists.dragonflybsd.org/pipermail/users/2018-January/313758.html [dragonflybsd.org]

    I should note that we kernel programmers have spent decades trying to
    reduce system call overheads, so to be sure, we are all pretty pissed off
    at Intel right now. Intel's press releases have also been HIGHLY
    DECEPTIVE. In particular, they are starting to talk up 'microcode
    updates', but those are mitigations for the Spectre bug, not for the
    Meltdown bug. Spectre is another bug, far more difficult to exploit than
    Meltdown, which leaks information from other processes or the kernel based
    on those other processes or kernel doing speculative reads and executions
    which are partially managed by the originating user process. Spectre does
    NOT involve a protection domain violation like Meltdown, so the Meltdown
    mitigation cannot mitigate Spectre.

    These bugs (both Meltdown and Spectre) really have to be fixed in the CPUs
    themselves. Meltdown is the 1000 pound gorilla. I won't be buying any new
    Intel chips that require the mitigation. I'm really pissed off at Intel.

    He found some other bugs in CPUs ~10 years ago. http://undeadly.org/cgi?action=article&sid=20070630105416 [undeadly.org]

    Or OpenBSD's Guenther https://marc.info/?l=openbsd-tech&m=151521435721902&w=2 [marc.info]

    Personally, I do find it....amusing? that public announcements
    were moved up after the issue was deduced from development discussions and
    commits to a different open source OS project. Aren't we all glad that
    this was under embargo and strongly believe in the future value of
    embargoes?

    It seems the big boys mostly forgot BSDs, and they found out from the "cryptic" commits. All while PR dep was smearing the issue around for everyone.

    I'm glad we still have some FOSS peoples that don't follow party lines.

    Starting Score:    0  points
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   2