Thursday, January 04


The Reboot Heard Round The World

There is apparently a security flaw in every recent Intel microprocessor, and by "recent" I mean "since November 1995".

There's a patch, but it's messy, and slows software down by 10%-30%, and requires the server to rebooted.

When you ask "which server", the answer is "all the server".  Alllll the server.

This weekend.

Expect some things to be offline.

Posted by: Pixy Misa at 10:40 AM | Comments (10) | Add Comment | Trackbacks (Suck)
Post contains 65 words, total size 1 kb.

1 Phoronix reported some nasty slowdowns, around 20%, with MySQL, but closer to 0% slowdowns with a few games.
Ryzen CPUs (and maybe AMD processors in general) appear to not be affected.
This one looks nasty--it looks like speculatively-executed instructions don't get security checks.  Someone on Twitter claims to have an exploit that lets them read kernel memory.

Posted by: Rick C at Thursday, January 04 2018 11:21 AM (h8yX6)

2 It's what's known as a side-channel attack; you can't directly read kernel memory, but with a lot of trickery you can deduce some of the contents.

Posted by: Pixy Misa at Thursday, January 04 2018 11:30 AM (PiXy!)

3 Is this why I can't reach my blog ?

Posted by: David Boxenhorn at Thursday, January 04 2018 08:17 PM (h8yX6)

4 Seemed to work fine for me, so I'm guessing the answer is "no".

Posted by: Rick C at Friday, January 05 2018 05:34 AM (h8yX6)

5 David got in touch with me yesterday and I hit it with a wrench couple of times. wink

Posted by: Pixy Misa at Friday, January 05 2018 08:40 AM (PiXy!)

6 So is there any talk about what sort of "universal effects" this has had on PCs in general?

Posted by: Wonderduck at Friday, January 12 2018 11:03 AM (h8yX6)

7 The effects for most users will be minimal, but it can be pretty bad if you:

(a) Make heavy use of virtual machines
(b) Do heavy random I/O - databases are about the only thing that really does this.

Games are about 1% slower.  Most desktop apps will be affected even less than that.

Cloud servers are badly affected.  One multi-user game went offline when Amazon patch their servers because the load basically doubled for the same number of players.

I do know one developer who returned his brand new Intel 8700K system and replaced it with a cheaper AMD Ryzen 1700 machine (which is what I have) and got much better performance.  (AMD isn't affected by Meltdown, and is partly safe from the other bug, Spectre.)

Posted by: Pixy Misa at Saturday, January 13 2018 08:35 PM (PiXy!)

8 "databases are about the only thing that really does this."
Yeah, since that's my day job, I'm looking forward to that.

Posted by: Rick C at Sunday, January 14 2018 04:07 AM (h8yX6)

9 Not only is the Recent Comments widget broken, but the Edit Comments screen comes up blank.  

Posted by: Mauser at Monday, January 15 2018 01:52 PM (h8yX6)

10 Ah, that will be the same underlying query.

Will get both fixed ASAP.

Posted by: Pixy Misa at Tuesday, January 16 2018 05:40 PM (PiXy!)

Hide Comments | Add Comment

Apple pies are delicious. But never mind apple pies. What colour is a green orange?

46kb generated in CPU 0.09, elapsed 0.1923 seconds.
53 queries taking 0.1626 seconds, 268 records returned.
Powered by Minx 1.1.6c-pink.