Lol, it sounds like Itanium is completely immune to Spectre since it was designed as an in-order processor.
Ironic since Intel finally killed it off last year.
How far back does speculative execution go? I just realized my CPU is HELLA OLD. We’re talking Bloomfield (ie: 2009, but hey it still seems to run the games I want to play, so…ok.)
Is there a list of CPUs affected by this? Is this the universe telling me it’s finally time to upgrade?
It can’t be the universe telling you to upgrade, because any upgrade you might get now is vulnerable.
May be the universe telling you to put cash aside to upgrade in x months (optimistic)…
Decades. Pentium 1 was in-order. Pentium 2 introduced out-of-order/speculation. That was 1995.
Oh, shit. Nvidia says their GPUs are vulnerable. New driver updates rolling out immediately to mitigate for Variant 1. Variant 2 sounds like it will need further updates.
GPU drivers have low-level access and are attractive targets for local privilege escalation. Remember pretty much everything is susceptible to Spectre, all these changes just make it dramatically more difficult to usefully exploit the hole.
Just to be clear, speculative execution isn’t tied to being out-of-order. Any processor with a deep pipeline pretty much has to do speculative execution, or get slaughtered on branches. Take for example this blog post that was doing the rounds on yesterday about a funny speculative execution bug in the in-order CPU of the Xbox 360:
So are they just turning off the code that leads to the bug, so that better patches can be engineered over time? I’m trying to get a handle on whether the performance impact is permanent or not.
Basically mentions the driver updates. It’s possible that the news sites are trying to make more out of this than it is.
WOW
The iPhone took a serious hit in performance at every possible level. A lot of benchmark levels show a significant decrease in performance on the iPhone 6 up to 50% on some benchmark levels.
It seems strange that speculative branching would do anything that talks to external devices. I guess cache is a gray area between internal and external.
Wow, that is massive.
This is a great explanation in layman’s terms of the issue
https://stratechery.com/2018/meltdown-spectre-and-the-state-of-technology/
Are we sure the battery didn’t just have a birthday or something?
It’s most likely bullshit, or at least unrelated to these vulnerabilities. Here’s somebody’s results from running the same benchmarks on 11.2.1 first, doing the upgrade to 11.2.2, and running them again on the same phone:
https://browser.geekbench.com/v4/cpu/compare/6303880?baseline=6303560
The suggestion I’m seeing elsewhere is that 11.2.1 was the first version that started doing the battery-wear based throttling. And this guy was using an earlier version than that as the baseline.
What if you limit your browsing to a handful of official sites? I really don’t want to take a 20% hit on my 2010 early i7 extreme cpu on a PC that’s used almost entirely for gaming
Those sites probably run ads, which can execute javascript, which means you’re vulnerable. Even if you run an adblocker the site itself could be hacked to run first-party javascript. Update.
If the browsers have JS mitigations (basically reducing JS timer resolution), it’s unlikely to be exploitable. So no, he doesn’t need to update his BIOS etc, he just needs an up-to-date browser with JS mitigations.
That’s just spectre, would still be vulnerable to meltdown.