SoylentNews is people
SoylentNews
from the damned-if-you-do-and-damned-if-you-don't dept.
Computerworld has just posted a story warning that you should immediately hold off installing any of Intel's Meltdown/Spectre microcode fixes.
From Belay That Order: Intel Says you Should NOT Install its Meltdown Firmware Fixes:
The warning, which encompasses just about every Intel processor out there, from all PC manufacturers, takes effect immediately. And there's no indication when it will get fixed.
You know how you're supposed to flash the BIOS or update the UEFI on all of your Intel machines, to guard against Meltdown/Spectre? Well, belay that order, private! Intel just announced that you need to hold off on all of its new patches. No, you can't uninstall them. To use the technical term, if you ran out and applied your Intel PC's latest firmware patch, you're hosed.
In what appears to be a catastrophic curtain call to the "oops" moment that I discussed ten days ago, it now seems that the bright, new firmware versions — which Intel has had six months to patch — have a nasty habit of causing "higher system reboots."
According to executive vice president Navin Shenoy, on the Intel Newsroom site, the current advice is:
We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.
And that covers just about everybody in the sentient non-ARM universe.
While the affected products site[*] doesn't list individual chips, the breadth of the recall is breathtaking — second-, third-, fourth-, fifth-, sixth-, seventh- and eighth-generation Core processors, Xeon, Atom, and lesser Core i3, i5 and i7 processors — they're all in the bin.
From Intel Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners:
As we start the week, I want to provide an update on the reboot issues we reported Jan. 11. We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it. Over the weekend, we began rolling out an early version of the updated solution to industry partners for testing, and we will make a final release available once that testing has been completed.
Based on this, we are updating our guidance for customers and partners:
- We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
- We ask that our industry partners focus efforts on testing early versions of the updated solution so we can accelerate its release. We expect to share more details on timing later this week.
- We continue to urge all customers to vigilantly maintain security best practice and for consumers to keep systems up-to-date.
[*] Intel's updated security advisory lists the affected processors:
The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.
- Intel® Core™ i3 processor (45nm and 32nm)
- Intel® Core™ i5 processor (45nm and 32nm)
- Intel® Core™ i7 processor (45nm and 32nm)
- Intel® Core™ M processor family (45nm and 32nm)
- 2nd generation Intel® Core™ processors
- 3rd generation Intel® Core™ processors
- 4th generation Intel® Core™ processors
- 5th generation Intel® Core™ processors
- 6th generation Intel® Core™ processors
- 7th generation Intel® Core™ processors
- 8th generation Intel® Core™ processors
- Intel® Core™ X-series Processor Family for Intel® X99 platforms
- Intel® Core™ X-series Processor Family for Intel® X299 platforms
- Intel® Xeon® processor 3400 series
- Intel® Xeon® processor 3600 series
- Intel® Xeon® processor 5500 series
- Intel® Xeon® processor 5600 series
- Intel® Xeon® processor 6500 series
- Intel® Xeon® processor 7500 series
- Intel® Xeon® Processor E3 Family
- Intel® Xeon® Processor E3 v2 Family
- Intel® Xeon® Processor E3 v3 Family
- Intel® Xeon® Processor E3 v4 Family
- Intel® Xeon® Processor E3 v5 Family
- Intel® Xeon® Processor E3 v6 Family
- Intel® Xeon® Processor E5 Family
- Intel® Xeon® Processor E5 v2 Family
- Intel® Xeon® Processor E5 v3 Family
- Intel® Xeon® Processor E5 v4 Family
- Intel® Xeon® Processor E7 Family
- Intel® Xeon® Processor E7 v2 Family
- Intel® Xeon® Processor E7 v3 Family
- Intel® Xeon® Processor E7 v4 Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
- Intel® Atom™ Processor C Series
- Intel® Atom™ Processor E Series
- Intel® Atom™ Processor A Series
- Intel® Atom™ Processor x3 Series
- Intel® Atom™ Processor Z Series
- Intel® Celeron® Processor J Series
- Intel® Celeron® Processor N Series
- Intel® Pentium® Processor J Series
- Intel® Pentium® Processor N Series
(Score: 2) by pdfernhout on Tuesday January 23 2018, @02:10AM (3 children)
... as people replace generations of buggy processors.
Not much accountability when you are essentially a de-facto monopoly (even given AMD and ARM).
In other news, everyone seems to have forgotten about Equifax's breach already...
May this Saturday Night Live skip applies to more than presidential politics but any big power center, sigh?
"What Even Matters Anymore - SNL"
https://www.youtube.com/watch?v=ZJkc_C5-Cd8 [youtube.com]
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 2) by choose another one on Tuesday January 23 2018, @10:56AM (2 children)
> ... as people replace generations of buggy processors.
With what?
Correct me if I'm wrong, but aren't Intels very latest processors still listed vulnerable, and even the status of the upcoming 9th Gen isn't clear (probably vulnerable given dev timescales).
So the only current "replace" option would appear to be "replace processor with non-intel" which means at least a new motherboard and very possibly a new box, and non-intel so no sales bump in it for them.
(Score: 2) by pdfernhout on Wednesday January 24 2018, @05:38AM
I mean replace in a year or two once Intel has new offerings they claim are fixed. In a couple years, Intel will likely be pushing "high security" processors and everyone will flock to them.
Until then, for good or bad, most people will probably just bumble along as best they can with Intel and hope they won't get hit -- same as people now live with the massive Equifax identity breach without doing much about it.
Have companies even fixed Row Hammer yet? https://en.wikipedia.org/wiki/Row_hammer [wikipedia.org]
Of course, likely the same processes that made the current flawed social processes that made today's Intel processors (including lack of accountability for a de-facto monopoly) will lead to a next generation of flawed processors to then eventually be discovered which drives more even more Intel sales in five or six years times -- and so on. The wages of sin are... more wages?
==== Some tangential late night rambles:
A lot of these computer breach issues ultimately are social issues and need to get solved by social means (including social codes embodied in computer software) -- which is difficult because breaches cross lots of borders.
Related: http://shirky.com/writings/group_enemy.html [shirky.com]
"Writing social software is hard. And, as I said, the act of writing social software is more like the work of an economist or a political scientist. And the act of hosting social software, the relationship of someone who hosts it is more like a relationship of landlords to tenants than owners to boxes in a warehouse."
Without widespread social consensus and follow through on appropriate behavior, there is a high cost to society of lack of trust. As others have pointed out, our physical infrastructure depends heavily on trust to be cost-effective. For example, most power lines are not defended 24X7 against copper thieves. People have breakable glass windows in their homes left open when they go out instead of security shutters and armed sentries. Our food supply and medicine supply assumes lack of widespread malicious intent. Highway driving assumes very few motorists are going to intentionally create trouble. And so on.
Contrast with, say, countries where social trust and the rule of law has broken down and vast amount of effort go into preventing crime -- like by having armed guards everywhere, metal bars on all windows, armed cars, everyone carries a weapon, no one can talk casually to a random stranger without great risk, and so on.
Eventually a society and its technical infrastructure in crisis will probably reshape itself to re-balance issues of cost versus trust. Some of old thinking on that rebalancing (from the 1980s): http://pdfernhout.net/princeton-graduate-school-plans.html [pdfernhout.net]
Of course, most people will probably just ignore the issue.
Until maybe slaughterbots show up? https://sciencealert.com/chilling-drone-video-shows-a-disturbing-vision-of-an-ai-controlled-future [sciencealert.com]
Two old quotes:
From 1946 by George Orwell: http://orwell.ru/library/articles/nose/english/e_nose [orwell.ru]
"The point is that we are all capable of believing things which we know to be untrue, and then, when we are finally proved wrong, impudently twisting the facts so as to show that we were right. Intellectually, it is possible to carry on this process for an indefinite time: the only check on it is that sooner or later a false belief bumps up against solid reality, usually on a battlefield."
From 1908 from GK CHesterton: http://www.ccel.org/ccel/chesterton/orthodoxy.x.html [ccel.org]
"We have remarked that one reason offered for being a progressive is that things naturally tend to grow better. But the only real reason for being a progressive is that things naturally tend to grow worse. The corruption in things is not only the best argument for being progressive; it is also the only argument against being conservative. The conservative theory would really be quite sweeping and unanswerable if it were not for this one fact. But all conservatism is based upon the idea that if you leave things alone you leave them as they are. But you do not. If you leave a thing alone you leave it to a torrent of change. If you leave a white post alone it will soon be a black post. If you particularly want it to be white you must be always painting it again; that is, you must be always having a revolution. Briefly, if you want the old white post you must have a new white post. But this which is true even of inanimate things is in a quite special and terrible sense true of all human things. An almost unnatural vigilance is really required of the citizen because of the horrible rapidity with which human institutions grow old. It is the custom in passing romance and journalism to talk of men suffering under old tyrannies. But, as a fact, men have almost always suffered under new tyrannies; under tyrannies that had been public liberties hardly twenty years before. Thus England went mad with joy over the patriotic monarchy of Elizabeth; and then (almost immediately afterwards) went mad with rage in the trap of the tyranny of Charles the First. So, again, in France the monarchy became intolerable, not just after it had been tolerated, but just after it had been adored. The son of Louis the well-beloved was Louis the guillotined. So in the same way in England in the nineteenth century the Radical manufacturer was entirely trusted as a mere tribune of the people, until suddenly we heard the cry of the Socialist that he was a tyrant eating the people like bread. So again, we have almost up to the last instant trusted the newspapers as organs of public opinion. Just recently some of us have seen (not slowly, but with a start) that they are obviously nothing of the kind. They are, by the nature of the case, the hobbies of a few rich men. We have not any need to rebel against antiquity; we have to rebel against novelty. It is the new rulers, the capitalist or the editor, who really hold up the modern world. There is no fear that a modern king will attempt to override the constitution; it is more likely that he will ignore the constitution and work behind its back; he will take no advantage of his kingly power; it is more likely that he will take advantage of his kingly powerlessness, of the fact that he is free from criticism and publicity. For the king is the most private person of our time. It will not be necessary for any one to fight again against the proposal of a censorship of the press. We do not need a censorship of the press. We have a censorship by the press.
This startling swiftness with which popular systems turn oppressive is the third fact for which we shall ask our perfect theory of progress to allow. ..."
See also: https://en.wikipedia.org/wiki/Societal_collapse#Theories [wikipedia.org]
And maybe even see also (for its historical examples of people walking away from collapsing societies back to hunter/gather roots -- although with nukes and other WMDs that may not be feasible anymore): https://en.wikipedia.org/wiki/New_Tribal_Revolution [wikipedia.org]
And something I put together recently on how to build healthier organizations: https://github.com/pdfernhout/High-Performance-Organizations-Reading-List [github.com]
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.
(Score: 2) by pdfernhout on Friday January 26 2018, @02:32AM
Kind of predictable story in the news today about Intel not being affected by the chip flaws -- just like the Equifax situation, where a monopoly's value is unaffected by major incompetence:
https://www.reuters.com/article/us-intel-results/intel-data-center-sales-surge-warns-of-potential-security-flaw-fallout-idUSKBN1FE307 [reuters.com]
"In an interview ahead of Intel’s earnings call with investors, Chief Financial Officer Bob Swan said the company sees no “meaningful impact” on corporate earnings from the vulnerabilities."
He's probably too good at PR to admit they probably expect a massive revenue increase soon from chip replacements?
That said -- every person and every company makes mistakes. Dealing with mistakes could be arguably said to be baked into the cost of a product. It's up to the consumer (and government) to decide how they feel about various mistakes.
The biggest challenge of the 21st century: the irony of technologies of abundance used by scarcity-minded people.