Computers threatened by getting slowed down by up to 30% due to necessary patches...
 

... of the Kernel in Intel CPUs of the past 10 years.

The bug, a Kernel memory vulnerability, is at the lowest chip level and allows attackers to directly access a normally hidden part of the chip where passwords and other elemental nformation like this get stored. Intel cannot solve it on hardware level, so rewriting the kernels for Linux and Windows is inevitable. Right this is currently being done, in great secrecy.

If things do not go well, users can face really substantial losses in speed and performance that cannot be compensated for by other means.

This bug is pretty much a worst case scenario that has become real. I wonder whether newest 8th generation CPUs are affected as well. if so, starting to sell these new chips just weeks ago while this bug already is known since months, to me oversteps the line to criminal acting and fraud. 8th generation intel chips are beign sold since Novembre 2017.

https://www.theregister.co.uk/2018/0...u_design_flaw/

I post this here and not in the PC subforum, since I think the importance and relevance for all intel users justifies to spread this a bit beyond that subsection of the forum.

Note that Linux users are as affected by this as are Windows users. Status with Apple users is unknown.

Users of already hopelessly messy Windows 10 and its enforced patch beta testing program for everybody, can only pray.

Its my habit since many years to NEVER store any login information for anything on HD, I always manually log in, I have all options for auto assists, auto login and auto fill off, and I manually control frequently the deletion of all temporary folders known to me.

I also have private data files like images, texts, photos, on external HDs and USB sticks and DVDs, but not on HD. I connect them when I want to access them, disconnect them immeidately when they are no longer needed - and clean the HD and reboot afterwards. I did not know of this bug, but I am not surprised that somethign like this shows up. I just waited for "safe features" like the above described things getting compromised.

I used to do some brokering stuff online until 2016 when I finsihed by withdrawel from all that, completely. I would not broker online anymore these days. But professionals's brokering still takes place via their computers. Its all a mess. Its frightening, absolutely frightening how vulnerable we all have been forced to become. And many of us still are stupid enough to apllaud all this and call it their comfortable life. Its a big gamble you make there and at stake is nothing else than the economic survival of the individual.

We need cashless payment, and all people havign all their property digitally, and everybody being online and in the cloud! Lets do it! Its safe. When will people stop to allow getting fooled by stupid lies and cheap fraudulent promises like these?

No, buy houses and cars even if you cannot afford it! And when all breaks down blame it on the government, never on your own behaviour! ;)

Oh look, another thread for Skybird to preach about the dangers of all things digital, ironically he does this on an internet forum, and nope Windows doesn't get a pass this time either as he moans about Windows 10 for a Intel's mess.

For this and all the countless of other blabberings, I bestow to you, Skybird, the honor of being the sole inhabitant of my ignore list. Bye! :salute:

Its a flaw that Intel cannot cure and that must be tackled by redoing the Kernel at its very lowest, most fundamental level, apart of it that usually gets acitvely hidden from all woreking software and incoming traffic, since it is most sensitive. The articles describe why this issue is so dangerous.

The fixes, if they will be fixes indeed, need to be distributed via security updates, most likely, for Windows and Linux. And Microsoft has a well documented, empirically well established reputation of - since being "turned into a service" - enforcing consumers and company customers alike to swallow many ill-designed, broken, misfunctioning "patches" that you can delay for 30 days in some higher W10 versions, but cannot avoid . Your computer is owned by Microsoft. They do not ask you anymore.

From some time on, you must pick it up and suffer from it - even if you know and there is verified documentation of that the given piece of "patch" damages your machine, your work flow, your company productivity. The past two years have been over and over full of such events. That is the bad truth about the new enforced cumulative patching policy by Microsoft. Its a mess.

And thats why I call them out over this.

The speed losses in testing of the Kernel fixes so far have shown to be in the range of 5-30%. Newer chips seem to be less heavily effected and get away with lesser speed losses, but losses nevertheless.

Like it or not, guys, but if in the near future you are one of those noticing performance losses on your Intel-machines or Apple computers using intel chips, you now know why that is so, and whom to thank for it. It'S Intel's fault, and Microsofts, Linux and Apples varying remedies, since Intel cannot fix this: its a fundamental design flaw.

AMD users seem to be safe from this mess.

Trust in all this blindly, Catfish and Dwoly, trust in all this blindly. "Digital" always and automatically means "better". Unconditionally. And you look so cool and are so much "in" with being digital, the girls and your clique love it.

And a correction, or better: an addendum: the Linux fix seems to aim at fixing AMD chips as well, but I do not find further info on that, so it is unclear whether that is to an unreported vulnerability of AMD chips as well, or just a precautionary measure.

More info, thanks to Rotareneg at SBP forum for linking it:

https://www.reddit.com/r/sysadmin/co..._bug_incoming/

Most people are expected to be hit by losses in the one digit percent range. But in tests some get hit really hard, up to -50%, depending on the running tasks.

This is a real nasty way to start the year. Cloud computing: compromised. VM: compromised. The Linux patch seems to not have much effect on gaming under Linux, but effects on DirX remain to be seen. Certain other tasks under Linux however need to digest a massive blow in performance.

:oAbsorb Sky's good and leave his bad ... he's still a useful member of subsim.

What do you recommend Sky for a personal carry around USB device?

Rugged, shock proof, water proof etc 64gb min or perhaps a small ssd?

I like this one: SanDisk 128GB Ultra Flair CZ73 USB 3.0 Flash Drive, Speed Up to 150MB/s (SDCZ73-128G-G46) $37.00

never mind that one it has bad reviews I like this one better: Samsung 128GB FIT USB 3.0 Flash Drive, Speed Up to 150MB/s (MUF-128BB/AM)

I posted too quick they both have bad reviews ... I can't afford to lose my data :o

HD is the best storage device (even before CD/DVD), because even if it breaks down, you still have a good chance that data can be retrieved by a specialist, if it is vital for you. USB sticks tend to break the moment when you can need it the last. SSD in principle are big, faster USB sticks. I mean, flash ROM is quite vulnerable. I do not really trust it.

If you do not desperately depend on fast speed, a HD with solid USB 3.0 connection.

And backup copies on a secondary, depending on your data value: tertiary device, DVD, stick.

When it comes to just editing texts and photos, speed is no argument, the data files are simply to small. Even a rewritable CD then will do.

Google delivers statement saying that CPUs by Intel, AMD and ARM are affected.

https://security.googleblog.com/2018...-you-need.html

https://www.theverge.com/2018/1/3/16...w-bug-response
https://www.theverge.com/2018/1/3/16...windows-10-fix

Windows patches for ARM, AMD and Intel CPUs are now in the wild.

In fact a whole armada of patches is reported by some admins to come in, outside the usual timeline of Microsoft.

It also gets vrpeported by some people that if AV is not compatible with these patches, they will not install automatically. Woody Leonhard's well-known blog is at Defcon 2, so status and quality of these patches also currently is unknown and unconfirmed.

Its all a damn nasty and confused mess. Currently companies start to point fingers at each other, maybe breaking communication embargos to save themselves.

What a FUBAR mess.

Its important to understand that there can be no repair and no fixing of this problem, it is a hardware-based issue that cannot get fixed - except by replacing all affected CPUs and mainboard chips. Whatever is being applied in software fixings, is and can only be a workaround.

https://www.youtube.com/watch?time_c...&v=_qZksorJAuY

Benchmarking the i7 8700K pre and post update. Gaming seems to be unaffected, but 4k reading from SSD takes a 20-25% dive in speed.

Desktop user sin generla may not see too worrying differences, but for server centers, single effects could add up and accumulate to severe final end effects (performance drops).

For Intel, who already had AMD breathing down their neck last year, this is a nasty kick into their family jewels.

For the time being: avoid, avoid, avoid.

https://www.askwoody.com/2018/multip...up-kb-4056894/

... and I keep getting prompted on my Win7 systems to install the dad-blamed thing, even though I have MS updates turned off... Skybird, have you read anything about this affecting older Core 2 Duo machines? All I can find is stuff on the iCore stuff... ?? :salute:

Wowh, that is an old CPU. I remembere that some days ago there was something on KB4056894 endlessly reinstalling from beginning, but I cannot find or remember anymore where it was, I think it was under Windows 7. But probably not related to that old processor.

What I remember is thnat the guy said he was prompted to install the opatch, but could not hide or suprerss it. Cannot recall anymore whether he was on W7 or W10. He finally got it fixed, somehow, the prompt got superssed/hidden - but he was some IT pro with lots of knowledge.

Windows 7 has gotten increasing problems and troubles with regular updates over the past 12 months or so, however. It seems Microsoft is determined to mess patching up wherever it can.

Sorry, I cannot help.

I wonder what all the AMD users do who got locked out their systems after installing KB4056894, which makes many AMD systems BSODing on booting - the patch comes as regular Windows monthly quality rollup patch, mind you, not evcen clearly mentioning in its description what it is, just the usual stereotypic empty phrases and text blocks that mean nothing anymore these days.