All your Intel processors slowing down by 30% soon!

124

Comments

  • SeairthSeairth Posts: 2,279
    edited January 10 Vote Up0Vote Down
    Clock Loop wrote: »
    Meanwhile Intels profits are at record highs, and will continue to be, and no one, at all, will ever suggest that intel clean up their mistakes, instead 30% more cpu power use will happen all over the planet.

    Heres an IMPACT to discuss. Since the planet is melting and all...
    Hey shouldn't the EPA have a problem with intel allowing all that carbon waste(in the form of wasted cpu power), just cause they didn't want to recall and replace a faulty product?

    I don't see why people are being so hard on Intel. These vulnerabilities weren't bad hardware design (at the time they were designed), but hardware design that was later found to be exploitable in unexpected ways. To this point, ARM and Nvidia exhibit similar vulnerabilities, and I doubt they deliberately went out of they way to implement Intel's design flaws. It's easy to point fingers in hindsight, but think about how difficult it would have been for them to anticipate this with foresight. It reminds me of a prior boss that insisted one time for a project that we must "document all unknowns".

    As for the EPA, I've got to imagine that the e-waste of all those chips would be just as bad.
  • Clock LoopClock Loop Posts: 1,374
    edited January 10 Vote Up0Vote Down
    Seairth wrote: »
    It's easy to point fingers in hindsight, but think about how difficult it would have been for them to anticipate this with foresight.




    You DO know that, an while back, companies cut testing/reliability from their budgets... thats old news.


    The consumer is the tester. Where have you been? Public opinion worked around the 1900s, Today there is no such thing, so companies never get punished.
    To study the nature of randomness in a digital processor network using the same clock source, 54 prop chips were all connected to a master prop. http://forums.parallax.com/discussion/127983/55-parallax-propeller-s-parallells-processing-of-permanent-perturbations/p1
    Optic communication between homogenous and commensurable, 8-core, 635nm emitting, phase locked loop, bit salad tossing units? http://forums.parallax.com/discussion/comment/1248240/#Comment_1248240
    TheBlackBox: Release v2.0 - Propeller HSS FX/Sequencer with Digital Audio SPDIF output. http://forums.parallax.com/discussion/115258/theblackbox-release-v2-0-propeller-hss-fx-sequencer-with-digital-audio-spdif
    E-Tools - Mono555 calculator, resistor calculator, voltage divider calculator, RCtime calculator, LM317 calculator, Binary-Hex-Decimal calculator, Resistor color matrix, Series LED resistance calculator, OHMS LAW calculator.
    http://forums.parallax.com/discussion/81449/e-tools-html-java-script-electronic-design-tools-free-for-you
  • I do like an evolution analogy.

    It's like how humans evolved from ape like things and built civilization. And just when conditions were right the Black Death could wipe out a huge proportion of the population in 1340 something.

    Who saw that coming ?

    I was already an adult in the early 1980's. I think you are viewing the period through rose tinted glasses. Even then there were lots of shoddy consumer goods on the market. Even if they were made at home. It started long before that, ever hear of Earl William "Madman" Muntz ? Jees, not to mention the cars they built in that era!

    We can blame this current crisis on the lack of testing. But I'm not sure any amount of testing would have prevented it. If you were given the specifications and the circuit diagrams of an Intel CPU, or ARM or whatever, and tasked with testing it you could be there for a million years and never find the problem that has arisen.

  • Heater. wrote: »
    If you were given the specifications and the circuit diagrams of an Intel CPU, or ARM or whatever, and tasked with testing it you could be there for a million years and never find the problem that has arisen.

    True, but one must admit, the bar for testing is at an all time low.

    To study the nature of randomness in a digital processor network using the same clock source, 54 prop chips were all connected to a master prop. http://forums.parallax.com/discussion/127983/55-parallax-propeller-s-parallells-processing-of-permanent-perturbations/p1
    Optic communication between homogenous and commensurable, 8-core, 635nm emitting, phase locked loop, bit salad tossing units? http://forums.parallax.com/discussion/comment/1248240/#Comment_1248240
    TheBlackBox: Release v2.0 - Propeller HSS FX/Sequencer with Digital Audio SPDIF output. http://forums.parallax.com/discussion/115258/theblackbox-release-v2-0-propeller-hss-fx-sequencer-with-digital-audio-spdif
    E-Tools - Mono555 calculator, resistor calculator, voltage divider calculator, RCtime calculator, LM317 calculator, Binary-Hex-Decimal calculator, Resistor color matrix, Series LED resistance calculator, OHMS LAW calculator.
    http://forums.parallax.com/discussion/81449/e-tools-html-java-script-electronic-design-tools-free-for-you
  • How do we know that?

    I don't know the size of Intel's testing team or how much time that get to do their job. Nor any other manufacturer.

    This particular confluence of complex features has taken almost two decades for anyone to see a problem with and think of a way to demonstrate it.

    What should we do to prevent such things happening?

  • Just to even the Windows vs Linux balance here, Ubuntu has decided to cripple machines with an update as well.
    https://www.bleepingcomputer.com/news/software/meltdown-and-spectre-patches-causing-boot-issues-for-ubuntu-16-04-computers/

    But, that is normal for Ubuntu :)


  • The flaw (Meltdown) is a very subtle one. Its relative, Spectre, is nearly harmless (for most things: Completely harmless). They are subtle because you need to be able to measure time spent in cache accesses in order to extract information. And the information is indirect too (by measuring time in something executed later, and infer what was there before depending on how long the later operation takes). It's perfectly excusable that the designers didn't see a need for an access check in the speculative path, when the access would be checked in any case if the data turned out to be used.
  • Tor wrote: »
    evanh wrote: »
    I adopted Kubuntu when I noticed Ubuntu came with automatic updating of nVidia OpenGL driver. The requirement to recompile the kernel for these type drivers is still a thorn in Linux's side, imho.
    Only the driver needs to be recompiled, not the full kernel. And of course there are distros which provide updated pre-compiled drivers matching whatever kernel is installed.

    As for auto-updates, what about blocking Microsoft's site in your wi-fi router? If someone can figure out the network blocks used, of course.
    Then when you *want* to update you could flip a flag in the router's firewall..

    Here is my problem in performing "the" windows 10 updates for Meltdown and Spectre...

    Windoze downloaded update code despite being connected to a wifi designated metered. This is my worst nightmare because about 3 months ago I performed an update by changing my metered wifi to unmetered because I had 3GB left for the month. It took 9GB and therefore cost me A$60 for the extra. Not happy Jan :(

    So downloading without my permission on a metered site is NOT ON !!! IMHO This is MS abusing my system!

    Now I have been having problems with this update and now I understand why I have just wasted 2 days and lots of my download.

    Windoze has been complaining I am not at the latest revision for the new Jan 9 updates, so it's been downloading the updates and installing them. But I happened to notice an innocuous message when Windoze restarted after installing yet another set of updates (4th I believe) that it was performing a rollback. Something is amiss, and all these downloads, and at least 2 on unmetered site (at my sons yesterday) and my direct request to update, it seems none of this is actually working. Just lucky I saw the problem flash by.

    Now I need to investigate what is wrong.
    My Prop boards: P8XBlade2, RamBlade, CpuBlade, TriBlade
    Prop OS (also see Sphinx, PropDos, PropCmd, Spinix)
    Website: www.clusos.com
    Prop Tools (Index) , Emulators (Index) , ZiCog (Z80)
  • As for Meltdown.. the more I understand of it the less dangerous it looks.. It can't be exploited from Javascript, so browsing is fine. Spectre may possibly be exploited from JS, although I'm still not convinced - and if it's true, there's not much use in it.
    Meltdown needs a local real binary. And I'm in control of what I execute on my own Debian box, so no worries. So I will probably leave my computer as-is, there's little need for those possibly troublesome patches.
    The section where this is critical is for cloud services where anyone can rent a VM - they need to upgrade as quickly as possible because a customer or someone with access to a VM may be able to read kernel memory of the VM host Itself, as soon as a complete exploit is developed.
    For all the rest of us - not much to worry about at all, if you install from safe sources (e.g. your vendor). If a package from there is hacked by someone before you install it it would be nearly infinitely easier to just write a normal rogue piece of code to exploit you the "nomal" way.
  • Heater.Heater. Posts: 20,075
    edited January 11 Vote Up0Vote Down
    The video below shows how to do the cache timing side channel attack in JS.

    It's all about getting through Address Space Layout Randomization. Which itself is a bandaid added to operating systems to thwart attacks caused by buffer overruns and such in software.

    Not quite Spectre as far as I can tell but certainly on the way...





  • Tor wrote: »
    For all the rest of us - not much to worry about at all... ...If a package from there is hacked by someone before you install it it would be nearly infinitely easier to just write a normal rogue piece of code to exploit you the "nomal" way.

    +1

    I am the Master, and technology my slave.
  • Agreed, the problems are mostly for cloud servers. The other will be from viruses that install themselves to gain access to your secure data and can be best solved by being vigilant and using antivirus software.

    But of course we won't be able to stop the OS from sniffing our secure data and reporting home. But Windoze 10 already sniffs your data and sends it home without the meltdown or spectre issues, so no difference here :(
    My Prop boards: P8XBlade2, RamBlade, CpuBlade, TriBlade
    Prop OS (also see Sphinx, PropDos, PropCmd, Spinix)
    Website: www.clusos.com
    Prop Tools (Index) , Emulators (Index) , ZiCog (Z80)
  • Tor,
    For all the rest of us - not much to worry about at all, if you install from safe sources (e.g. your vendor). If a package from there is hacked by someone before you install it it would be nearly infinitely easier to just write a normal rogue piece of code to exploit you the "nomal" way.
    I do agree to a large extent. I'm not about to go into a panic over this.

    On the other hand...

    I don't know about you but I run a lot of code on my machines that is not from my OS vendor. Usually because the thing I want is not in their package system. More usually because the version in the official packages is ancient.

    I like to think I can trust the providers of such software and I build it from source (mostly). But there is always the possibility of a rogue actor sneaking in something bad along the way. However remote.

    All the protection mechanisms we have in processors, operating systems, JS sandboxes etc are intended to keep things isolated. These vulnerabilities show the possibility of breaking that isolation and so they should be addressed. No matter how unlikely it seems that someone could make use of them.
  • Seems Intel, and everyone else, has known about the possibility of such vulnerabilities since 1995.
    Have a look at this paper: https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf

    It was published by the IEEE and sponsored by the NSA.

  • Latest Windows update locks my laptop in a download ~5GB, install, and rollback loop :(

    My system has been hijacked by a Microsoft Virus that I did not authorise to download over my metered mobile hotspot and was not able to prevent its following installation, and then rollback.

    I only discovered the rollback by accident as the message is only on the screen a short time. I think it's done about 6-7 loops in the past 3 days!!! My productivity loss is quite high so far, and there is no resolution in sight.

    I have tried running a script found on the ms website without success.

    FWIW I have a ubuntu laptop winging its way to me. But I do need to be able to run my W10 laptop while online to the internet for the time being :(
    My Prop boards: P8XBlade2, RamBlade, CpuBlade, TriBlade
    Prop OS (also see Sphinx, PropDos, PropCmd, Spinix)
    Website: www.clusos.com
    Prop Tools (Index) , Emulators (Index) , ZiCog (Z80)
  • My wife is saved by the fact that the SSD is only 128GB.. and it's not big enough to handle the update, so the update gave up.
  • Wow, Tor, that is ingenius!

    A blindingly obvious way to prevent Windows updates. Just make it physically impossible. So obvious that I never thought of it and I have never seen it suggested in any discussion about preventing updates.

    Excellent.

    Assuming Windows is not so evil as to cache it's downloads on some other storage media you have plugged in as drive D: or whatever.

    (I know, big assumption there)


  • Cluso99Cluso99 Posts: 13,132
    edited January 12 Vote Up0Vote Down
    I am going insane. I would happily accept a 30% penalty at the moment.

    I am seeing a big hit while it downloads the update. Then I loose my laptop for something like 30 minutes (haven't timed it) while it installs and rolls back, and then it repeats! And that's on top of using my expensive mobile internet data too - if I run over my limit, it's $10/GBMB !!!

    My Prop boards: P8XBlade2, RamBlade, CpuBlade, TriBlade
    Prop OS (also see Sphinx, PropDos, PropCmd, Spinix)
    Website: www.clusos.com
    Prop Tools (Index) , Emulators (Index) , ZiCog (Z80)
  • Ouch! that's truly bad. One way temporary workaround will be to outright block the key M$ update addresses to pause the loop.

    I've seen such comments on Slashdot a year or so back when M$ started all this shit with Win10 ... but I didn't pay attention to the details so can't really help any further.

    The Prisoner's Dilemma, in english - "Selfishness beats altruism within groups. Altruistic groups beat selfish groups." - Quoted part from 2007, D.S Wilson/E.O Wilson.
  • My friend's fairly new laptop just became useless after the update, it was so painfully slow that he backed up his files and gave the laptop to a guy to go and install Windows 7 on it instead. That's how bad it was.


    Btw @Cluso99 - who are you with that they charge $10/MB? Or do you mean GB? Anyway I might replace my cable connection with mobile broadband since the upload rate on 4G is super fast, and even though the data plan is only 140GB it works out cheaper and faster than my current 30Mbit cable connection. NBN is a total joke here in Oz and even the local state government is looking at creating its own broadband network for the people using existing fiber infrastructure.
    Tachyon Forth - compact, fast, forthwright and interactive
    useforthlogo-s.png
    Tachyon Forth News Blog
    TACHYON DEMONSTRATOR
    Brisbane, Australia
  • Heater.Heater. Posts: 20,075
    edited January 12 Vote Up0Vote Down
    That is painful.

    Here is Scandinavia we have multiple operators competing for our custom. Before Christmas I went to my operators phone store to buy a replacement for my old, dead, 3G USB dongle. He suggested I upgrade to 4G, unlimited data and 2 euro a month cheaper than the deal I had at the time. Ended up paying 70 Euro for the new dongle, which includes WIFI, and only 14 Euro per month for the new plan.

    Coverage all over is great. Just now I'm in a lakeside cottage, deep in the forest, 600Km from civilization and 30Km from the nearest town. Data is fine, though perhaps not up to the speed one might expect.

    What's up with the rest of the civilized world's internet and mobile?

  • Cluso99 wrote: »
    Latest Windows update locks my laptop in a download ~5GB, install, and rollback loop :(

    My system has been hijacked by a Microsoft Virus that I did not authorise to download over my metered mobile hotspot and was not able to prevent its following installation, and then rollback.

    I only discovered the rollback by accident as the message is only on the screen a short time. I think it's done about 6-7 loops in the past 3 days!!! My productivity loss is quite high so far, and there is no resolution in sight.

    I have tried running a script found on the ms website without success.

    FWIW I have a ubuntu laptop winging its way to me. But I do need to be able to run my W10 laptop while online to the internet for the time being :(

    I installed Linux Mint 18.3 on my old HP laptop to try it out and it is great so far. Since I was already using LibreOffice, Firefox, and Thunderbird the learning curve is virtually zero. About 15 minutes from installation to being comfortable with it. Now to find software to replace a few things like Propeller Tool, PCB layout, etc. and I will either wipe the drive on my Dell (or replace it with an SSD) and install Mint on it as well.
    In science there is no authority. There is only experiment.
    Life is unpredictable. Eat dessert first.
  • Heater.Heater. Posts: 20,075
    edited January 12 Vote Up0Vote Down
    Easy:

    Propeller IDE works very well as a Prop Tool. Or there is BST. Then Simple IDE if you are into C.

    KiCad works well enough for my humble PCB needs.

    Ironically, Microsoft's Visual Studio Code is my current favorite editor (Not Visual Studio). It runs on Linux brilliantly. As well as Mac and Windows.

    If you are into FPGA, Verilog, VHDL then Quartus and such come in Linux versions. But then there are nice Open Source tools like the Icarus and Verilator Verilog Simulators, GHDL for VHDL simulation. And a complete Open Source tool chain for some Lattice FPGAs. IceStorm.

    There is only one Windows program I really love and that is the LTSpice circuit emulator. Free from Linear Technology. Luckily it runs perfectly under Wine on Linux. Given how hit and miss it can be to run Windows applications under Wine I get the impression that Linear goes out of it's way to make sure LTSpice does work well under Wine.

  • Cluso99 wrote: »
    I am going insane. I would happily accept a 30% penalty at the moment.

    I am seeing a big hit while it downloads the update. Then I loose my laptop for something like 30 minutes (haven't timed it) while it installs and rolls back, and then it repeats! And that's on top of using my expensive mobile internet data too - if I run over my limit, it's $10/MB !!!

    Have you updated you BIOS or UEFI for the change? Windows is likely looking for system facilities that don't yet exist. Which make and model laptop?
    Any com port in a storm.
    Floating point numbers will be our downfall; count on it.
    Imagine a world without hypothetical situations.
  • potatoheadpotatohead Posts: 9,009
    edited January 12 Vote Up0Vote Down
    @Tor. Nice.

    I have two similar machines. Lenovo.

    The older, and ironically, the hotter and faster one, because speed step -- hold that thought, is on win 7.

    The newer one is Win 10. I like some Win 10 features. I hate having to constantly manage preferences.

    The 7 machine won't get these updates. It's fast. Because speed step, I can set it near a cold window, let the breeze filter in and hit near 4ghz on a laptop! Ask me how I found that out. Runs at 3.2 regularly. It's my big data, CAD machine. Someone paid hard for that, and I'm not gonna blow it.

    The 10 machine is about the same overall speed, when the win 7 one is at a similar clock. 2.8ghz.

    It's got the update, and I can tell. Mostly does not matter, but now it does an odd thing.

    Say I am in paint.net, and I have a big pile of pixels selected from a paste. I do this all the time. For simple, future proof docs, I do text and bitmap. Disks are cheap, and every machine out there can read them, create them. One set of skills, done.

    Before, smooth as glass using mouse. Latency is a frame, basically. Loved it.

    Today, it does that, until it doesn't. It will pause, buffer mouse moves, then the pixels I'm manipulating will jump to current when it gets around to doing it.

    Sucks.

    I found out the arrow keys do single pixel moves. So, no mouse now for precision. Get close with the jumpy thing, and a jump is every couple seconds, somewhat random to me, pause screen updates for nearly a second or so... It's ugly.

    Instead, get close, arrow key, tap, tap. It's like working on an older system, in this way. I didn't notice a big overall performance hit otherwise. Big docs, etc... will pause too.

    I'm sure there will be lots of other little annoyances. Hopefully, they all update away at some point.

    The 7 machine will only see light network use now. And it's got dual SSD. I've got the thing cloned pre all this mess. Can boot the clone to A/B test. Or recover from it, if I need to.

    It remains my favorite Windows machine ever. I got that one tuned just so. It rocks. Does not crash on me at all. It generally outperforms all but the most expensive newer machines, and it's 6 years old. Bit of a tank though.

    On another side note, I one thought of 3d printing a bin to hold dry ice. Just let the laptop consume it like fuel for the highest speed on really big projects. LMAO.

    Wonder what Apple will have to go through to avoid this kind of glitchy UX?




    Do not taunt Happy Fun Ball! @opengeekorg ---> Be Excellent To One Another SKYPE = acuity_doug
    Parallax colors simplified: http://forums.parallax.com/showthread.php?123709-Commented-Graphics_Demo.spin<br>
  • Heater. wrote: »
    Easy:

    Propeller IDE works very well as a Prop Tool. Or there is BST. Then Simple IDE if you are into C.

    KiCad works well enough for my humble PCB needs.

    Ironically, Microsoft's Visual Studio Code is my current favorite editor (Not Visual Studio). It runs on Linux brilliantly. As well as Mac and Windows.

    If you are into FPGA, Verilog, VHDL then Quartus and such come in Linux versions. But then there are nice Open Source tools like the Icarus and Verilator Verilog Simulators, GHDL for VHDL simulation. And a complete Open Source tool chain for some Lattice FPGAs. IceStorm.

    There is only one Windows program I really love and that is the LTSpice circuit emulator. Free from Linear Technology. Luckily it runs perfectly under Wine on Linux. Given how hit and miss it can be to run Windows applications under Wine I get the impression that Linear goes out of it's way to make sure LTSpice does work well under Wine.

    Thanks for the suggestions. I was already planning on using Propeller IDE for Spin and Simple IDE for C. I will definitely download and try KiCad, Wine, and LTSpice as well.

    Not really doing any FPGA development so far but I will make a note of your other suggestions for future reference.
    In science there is no authority. There is only experiment.
    Life is unpredictable. Eat dessert first.
  • potatohead,
    For simple, future proof docs, I do text and bitmap. Disks are cheap, and every machine out there can read them, create them. One set of skills, done.
    That's gross.

    I do see you point though. I have sometimes thought of giving up with trying to make nice looking web pages, that stay nice looking everywhere including when printed from a browser, with HTLM, CSS etc. Why not just render my content to a huge png and send that to the browser? !

    I know, that is what people use PDF for. But yuk, no thanks.
  • potatoheadpotatohead Posts: 9,009
    edited January 12 Vote Up0Vote Down
    Yup. Gross. Those two are my source material. I author there.

    Easy.

    Now, say I want it in PDF, or in some knowledge base. Both happen regularly. I can quickly assemble material into one of those. The current one I'm stuck with (have never liked any of these monstrosities), takes text, cut n paste, and easy image upload.

    I'll do that, then generate PDF, whatever from there.

    Not as pretty, but I no longer care.

    Don't mind that.

    But the core work? No way. Completely open data. I really dislike when tools change, or mangle work I've had to think through. So I just don't author that way.

    It also means making relevant and useful material on anything. I did one with a freaking Apple 2 a while back. Fun curio.

    Now, the bonus happened to be mobile. I've added audio to the mix. Wav. Need to settle on a video codec.

    Because I've worked up all the basics in very open data, authoring on a mobile is a doddle. Camera is right there, as is a stylus, etc... cake, and a big time saver.

    I'll probably not put core work in video, but will do audio, in addition to the text and bitmap.

    I can put it into things, as can others. That all I will ever need.

    Heck, I'll be able to view, edit, my stuff on a P2. :D

    Circling back to this slowdown.

    It's noticeable. The cloud CAD system I'm using for current project pauses now too. Just ran it a few minutes ago. Ugh.

    Oh, for mechcad, a similar thing. STEP, DXF 2D and 3D. Make sure the output is done, and in those formats. Goes back into any CAD. Same idea. Can't reasonably author in those, because CAD works how it works, but archive data ends up in those formats. Can jump on any tool, import and go.

    (And even very old systems can take them. (Archive in older, proven STEP versions, same for DXF.)

    Edit: LMAO at PNG to browser.

    The other option is to relax style guidelines. Write to the very basics. They probably will render consistently forever.

    Wrote programs for a CAD system that way in the very early 90s. They still work. Almost nothing else does. Used the core of the language, and simple menu UI, both intrinsic to the system. Won't break, unless the entire thing does. Got a couple users still out there. Original 90s era code doing just fine.

    I don't want to even think about those programs again. I may not even know how. But they got the code. Let them do it. I've moved on.




    Do not taunt Happy Fun Ball! @opengeekorg ---> Be Excellent To One Another SKYPE = acuity_doug
    Parallax colors simplified: http://forums.parallax.com/showthread.php?123709-Commented-Graphics_Demo.spin<br>
  • I'm with you.

    As far as I'm concerned text should be in ASCII. At worst UTF-8. I should be able to read it with the most stupid editor. I should be able to search, manipulate, etc, with the most stupid software. Heck I should be able to dump a file as HEX and have a good chance of reading it. We all know our ASCII codes right?

    Similarly image files, sound files, etc should be in the most simple format possible.

    The PNG web pages was half in jest. But really, it's so hard to make consistent looking web pages. Starting from the fact that they are not "pages" at all. The browser renders an infinitely long scroll of whatever you have got, rearranged however it thinks fit. That is OK for many things but often it is really annoying. I want a page damit!


  • Yes, and it all changes. I watched what a contractor had to do to make a fairly simple page render nicely on most devices.

    No thanks. It's a raw mess.

    Do not taunt Happy Fun Ball! @opengeekorg ---> Be Excellent To One Another SKYPE = acuity_doug
    Parallax colors simplified: http://forums.parallax.com/showthread.php?123709-Commented-Graphics_Demo.spin<br>
Sign In or Register to comment.