HEXUS Forums :: 21 Comments

Login with Forum Account

Don't have an account? Register today!
Posted by Tabbykatze - Wed 15 Aug 2018 10:14
Well…the spectre and meltdown flaw opened a can of worms!
Posted by azrael- - Wed 15 Aug 2018 10:29
AMD CPUs are not affected by L1TF.
is what I take away from this. Once again Intel is hit the hardest (or rather, singularly). Really shows how they've played fast and loose with processor security over the years …despite all their promises.
Posted by DanceswithUnix - Wed 15 Aug 2018 10:55
Tabbykatze
Well…the spectre and meltdown flaw opened a can of worms!

Interesting that this was discovered before Meltdown/Spectre were made public, I haven't heard whether the researchers knew about Meltdown before they started looking at this, would be interesting to know.
Posted by Tabbykatze - Wed 15 Aug 2018 11:14
DanceswithUnix
Interesting that this was discovered before Meltdown/Spectre were made public, I haven't heard whether the researchers knew about Meltdown before they started looking at this, would be interesting to know.

Did they know about these before Spectre/Meltdown?
Posted by rabidmunkee - Wed 15 Aug 2018 13:13
Does anyone know of a catalogue of flaws that you can check, by cpu, to see if its affected by and if/when a fix is available (I know, this is restricted by mobo peeps also)?

Keeping track of all these flaws is getting ridiculous.
Posted by LSG501 - Wed 15 Aug 2018 18:06
All I see from the recent ‘flaws’ in intel designs is that my next purchase will be an amd processor…. the odds were it was going to be anyways but still.

I wonder how many more are going to crop up, really does seem like intel have been ‘cutting corners’ to ensure they have the ‘performance’ crown.
Posted by CAT-THE-FIFTH - Wed 15 Aug 2018 23:28
Phoronix have tested the effects of the flaws under Linux:

https://www.phoronix.com/scan.php?page=article&item=l1tf-early-look&num=1
Posted by badass - Thu 16 Aug 2018 00:04
rabidmunkee
Does anyone know of a catalogue of flaws that you can check, by cpu, to see if its affected by and if/when a fix is available (I know, this is restricted by mobo peeps also)?

Keeping track of all these flaws is getting ridiculous.

Then don't bother. They aren't a concern to normal users.
Posted by CAT-THE-FIFTH - Thu 16 Aug 2018 00:16
badass
Then don't bother. They aren't a concern to normal users.

Meltdown/Spectre has impacted I/O performance,which does affect certain openworld and modded games more than the normal FPS games,most websites tested.

The Witcher 3 saw performance drop by nearly 10% according to DF and that is a very well optimised openworld game using a modern engine,and no wonder when you consider how some of these games work in the first place(a hint is how you can traverse large areas without hitting a loading screen). For normal games you did see a 3% to 4% drop on the latest Intel CPUs.

I certainly noticed it in FO4,especially the modded playthrough I am running now as the game is I/O dependent even in its basic form since Creation is a poorly optimised engine.Then Bethesda implemented a build system into the engine,which means if you build a very large settlement,there is a delay getting to build menus measured in how fast the primary storage is!

To put it in context,when the game is modded and with large settlements it can get unplayable when run off a normal hard disk - the patches have meant I will be upgrading earlier. There is far more stuttering now after the patches in areas which have a lot of assets loading involved(think city areas).

Plus for the batched RAW to JPG and DNG conversions I do with noise reduction,its bad enough the CPU is fully used,but there is an I/O bottleneck there too,so I make sure its done SSD to SSD.

Edit!!

Plus almost all of the tests are with SKL and newer not older CPUs like Ivy Bridge.

Second Edit!!

Also I checked on Reddit there was some comments from people with older CPUs running FO4 VR and modded FO4 who also saw similar issues too. The same stutters after the new updates.

I am not happy.
Posted by ETR316 - Thu 16 Aug 2018 01:57
10th gen cant come soon enough.
Posted by Tabbykatze - Thu 16 Aug 2018 05:53
badass
Then don't bother. They aren't a concern to normal users.

Security risks are concerns to everyone and to say otherwise is irresponsible.
Posted by DanceswithUnix - Thu 16 Aug 2018 07:50
Tabbykatze
Did they know about these before Spectre/Meltdown?

Before Spectre/meltdown were published, but I think after they were discovered. So either they knew before the rest of us because that is their job to be well informed, or this is one of those ideas where it was just the right time for it to be discovered.

Tabbykatze
Security risks are concerns to everyone and to say otherwise is irresponsible.

I interpreted what he said as “Don't bother tracking all the flaws, just patch as most users won't notice any difference.”

Obviously there are some outliers like Cat with his sluggish Fallout game, and Linux developers whose compiles might go 20% slower, but I hear very few people complain that their PC has slowed from the fixes.
Posted by Corky34 - Thu 16 Aug 2018 09:29
DanceswithUnix
Before Spectre/meltdown were published, but I think after they were discovered. So either they knew before the rest of us because that is their job to be well informed, or this is one of those ideas where it was just the right time for it to be discovered.

I think they were both around the same time, spectre and meltdown were (iirc) published around January and this seems to be around the same time give or take 3-4 weeks.

As you suggest though all the speculative execution vulnerabilities were just about timing, (afaik) there had been a good few years of research from the security community on it, sort of like standing on the shoulders, i think they knew, theoretically, that it could be exploited so it was just a matter of working out how to do it, once they worked out how it opened the floodgates.
Posted by CAT-THE-FIFTH - Thu 16 Aug 2018 11:20
DanceswithUnix
Obviously there are some outliers like Cat with his sluggish Fallout game

I think it will be cheaper and less troublesome for me to stop playing it at this rate!! :p
Posted by Ozaron - Thu 16 Aug 2018 12:16
DanceswithUnix
Obviously there are some outliers like Cat with his sluggish Fallout game, and Linux developers whose compiles might go 20% slower, but I hear very few people complain that their PC has slowed from the fixes.
Strange how some people in the not so distant past crowed and rejoiced over the IPC and speed benefits transitioning from Ivy through to Kaby, then upon losing most of that clock for clock in security updates they “don't even notice”, it's almost as if they couldn't tell the difference to start with. That, or they're not interested in recieving the security they were meant to have at start and losing their precious 5-10 FPS.

CAT-THE-FIFTH
I think it will be cheaper and less troublesome for me to stop playing it at this rate!! :p
Well, you'd have far less “please Bethesda do something vaguely competent and make a game engine which isn't awful, or at least patch improve this one” social engineering work to do.
Posted by badass - Thu 16 Aug 2018 13:48
DanceswithUnix
Before Spectre/meltdown were published, but I think after they were discovered. So either they knew before the rest of us because that is their job to be well informed, or this is one of those ideas where it was just the right time for it to be discovered.



I interpreted what he said as “Don't bother tracking all the flaws, just patch as most users won't notice any difference.”

Obviously there are some outliers like Cat with his sluggish Fallout game, and Linux developers whose compiles might go 20% slower, but I hear very few people complain that their PC has slowed from the fixes.

Exactly. What almost everyone outside the security industry doesn't understand is that none of these processor flaws are easy to exploit. I've given up searching for exploits for any of these flaws using anything other than the proof of concept code as I haven't found any. 8 months later.

To provide context, typically exploits are written and are in active usage less than 4 hours after an MS patch Tuesday release.

I'm more worried about a meteor hitting my house in a direct hit than any of these flaws being exploited on my machine.

However, certain businesses absolutely need to be aware of the risks and mitigations. Like those that might be targets of nation state hackers for example.

The context of my response was the OP worrying about keeping track of all of these flaws and their possible fixes. There is no need for a home user to do that. Just cross your fingers you're not an edge case like CAT and that a windows update doesn't slow your game down. These are extremely low risk vulnerabilities for home users.
Posted by CAT-THE-FIFTH - Thu 16 Aug 2018 13:55
Ozaron
Well, you'd have far less “please Bethesda do something vaguely competent and make a game engine which isn't awful, or at least patch improve this one” social engineering work to do.

:p

Well I am less and less likely to buy Fallout 76 the more I hear about it,so at least its a start!! Its a shame since the Fallout universe is probably my favourite gaming universe.

badass
Just cross your fingers you're not an edge case like CAT and that a windows update doesn't slow your game down.

Well its more the case many reviewers seem to not understand the games they are benchmarking,ie,even with Fallout 4 many didn't seem to understand what areas need to be tested for CPU limitations,and one of them was user built settlements,ie,most of the benchmarks for the game were pointless especially since the game is capped at around 72FPS,since the physics go out of sync any higher than that,and review sites removed the cap. Its also the case with games testing with the patches - the only games which seem to have been affected by more than 5% are two openworld games. Even DF only saw that 10% decrease since they are more a gaming website who tests hardware,so have a bit of a clue where to test for CPU limited areas.

TBH,that could be an entire thread on its own regarding games testing,but I doubt much is going to change especially since companies seem to be giving less time for reviewers to actually test things now.
Posted by DanceswithUnix - Thu 16 Aug 2018 14:47
Ozaron
Strange how some people in the not so distant past crowed and rejoiced over the IPC and speed benefits transitioning from Ivy through to Kaby, then upon losing most of that clock for clock in security updates they “don't even notice”, it's almost as if they couldn't tell the difference to start with.

I think they generally couldn't see the gain either, but it amazes me how people see a 5% advantage on a benchmark graph and start using words like “destroyed” and “dominated”. In a proper blind trial, they probably couldn't tell if they were using a particular CPU or the generation before it.
Posted by CAT-THE-FIFTH - Thu 16 Aug 2018 15:01
DanceswithUnix
I think they generally couldn't see the gain either, but it amazes me how people see a 5% advantage on a benchmark graph and start using words like “destroyed” and “dominated”. In a proper blind trial, they probably couldn't tell if they were using a particular CPU or the generation before it.

I find it weirder when they say the same of games where all the CPUs are pushing past 120FPS or all the CPUs are pushing between 70FPS to 100FPS,ie,120HZ won't be doable and then say “destroyed” or “dominated”.

There are also other situations,where they misread the 720p graphs and don't seem to fathom the game is actually more GPU limited at 1080p and above.
Posted by kalniel - Thu 16 Aug 2018 15:33
CAT-THE-FIFTH
TBH,that could be an entire thread on its own regarding games testing,but I doubt much is going to change especially since companies seem to be giving less time for reviewers to actually test things now.

Go for it :p Of course, the more open world/user moddable a game is, the harder it is to test.
Posted by CAT-THE-FIFTH - Thu 16 Aug 2018 16:13
kalniel
Go for it :p Of course, the more open world/user moddable a game is, the harder it is to test.

Maybe but it's still important to kind of investigate the games you are testing and usually you get an inkling from forums where people start to see issues in the game.

HardOCP were the only site to test settlements and did a 5 minute test run:
https://images.hardocp.com/images/articles/14958035970qy2jlakgl_5_1.png



This is what put me off Ryzen MK1 and why I will never buy it.