Intel launches their new CPUs with Radeon RX Vega M Graphics along with two new 'NUC' mini-pc models

I know it takes years.. but really I can't help but feel they should focus on fixing their existing shit first rather than release new shit that meltdowns.

Quoting: minjI know it takes years.. but really I can't help but feel they should focus on fixing their existing shit first rather than release new shit that meltdowns.

Well, the existing stuff essentially cannot be fixed, the flaws run too deep. They can be mitigated but ultimately entirely new designs are needed which indeed takes a good while to get going. These CPUs were announced a while back and designed even further back so just canning them until the architecture is fixed is probably a big waste of money.

Although it is a good point to bring up that these CPUs are likely just as susceptible to Meltdown and Spectre as their previous offerings. Personally I wouldn't upgrade my CPU in a good while to ensure an upgrade to an architecture that has these flaws fixed.

These new NUCs make for an awesome steam machine... too bad they are rather pricy (the bigger one seems to go for $1000 and you still need to add RAM and a SSD).

Rumor has it though that AMD is going to launch a similar chip with Ryzen also... probably as part of their deal to allow Intel to use their graphics in this.

Besides that... yeah Intel did some pretty shitty PR when it comes to Meltdown/Spectre, but this entire debacle very much sounds like someone a decade ago cut some corners to get a few percent extra speed (still mattered a bit more back then) with the assumption that there wouldn't be a practical way to exploit it. And nearly the entire industry seems to have thought along similar lines, given how wide-spread the general issue is. In hind-sight not great, but it's not really anything to get angry towards Intel about.

Edit: Obligatory xkcd: https://xkcd.com/1938/


Last edited by Julius on 8 January 2018 at 12:12 pm UTC

I'd rather have something AMD when buying a mini-PC again, so I hope they do something similar. My china boxes all have ME disabled so that was kinda taken care of anyway but I can't justify giving Intel more money until they have proven that they care. Their statement on their latest issues just made that clear as day.
Won't make a dent in their budget ofc but I've gotten better at putting my money where my mouth is, so I even buy Linux games I don't really plan on playing :P

Quoting: HoriThe Meltdown vulnerability was the final straw. I completely lost hope in Intel. It's too late to bring me back (and many others).

I understand your feelings, but if that's how you feel, then you shouldn't use computers. There's always a bug/vuln/exploit in your hardware and/or software. You can definitely get upset with Intel's leadership on aspects of the Meltdown issue, but more often than not (Developer AND Systems Engineer here) it simply hadn't been found until last June/July. There's a lot that goes into looking into what needs to be done to fix an issue once it's found without breaking too many things on a system.

Another HUGE thing to note when it comes to Security issues is that there is a difference between potential risk and actual risk. The potential risk of both Meltdown and Spectre are pretty scary and can be huge issues, but as was discussed at work the other day (I work at a Managed Security Services Provider), the chances of Meltdown and Spectre being successfully exploited is going to entirely be based on a couple of key points:

• How secure external facing systems are - this will be where the new patches MUST be installed, without exception


• Are firewalls blocking certain types of return traffic - this one depends on several factors, but making sure that any unexpected types of network traffic flowing from your home or work network are blocked by default.


• Are users' browsers up to day - really important one, probably more so than the firmware mitigations and the kernel updates since many of the risks associated with the exploits (specifically Spectre) are through browsers


• Are you/have you been susceptible to Social Engineering/Phishing in the past? - Ties back to the firewall comment a bit. These exploits are only going to be easy to execute against people and businesses where their security at the edge (Firewall, Modem, Router) is lax OR they are extremely susceptible to Social Engineering/Phishing. Attackers have to get access to your machine before they can exploit it, which is much harder to do if the network devices are secure and users are being smart with their email.

Of course the above doesn't account for everything, nor does it mean you shouldn't patch your system (I'm definitely NOT advocating for that). That said, as someone working in the InfoSec arena, I can tell you that there is a business behind making these things seem scarier than they practically are (not to mention it makes for good news stories). I can also tell you that the Spectre exploit is far more scary than Meltdown due to the fact that it's a bit more complicated to fix and has multiple attack entrance points. Spectre is also the one that DOES affect AMD as well as Intel and ARM. The performance issues from Meltdown on Intel are going to be entirely workflow dependent and probably affect businesses (like my job) where there is extremely high amounts of data and/or processing being done on the systems.


Last edited by EagleDelta on 8 January 2018 at 3:22 pm UTC

Quoting: EagleDelta

Quoting: HoriThe Meltdown vulnerability was the final straw. I completely lost hope in Intel. It's too late to bring me back (and many others).

I understand your feelings, but if that's how you feel, then you shouldn't use computers. ]

The way Intel handled this wasn't bad PR, it's a catastrophe. They were notified in June, did pretty much nothing except push harder for Kaiser (now KPTI in Linux, the fix) to be implemented in various places they had influence.

More damning is one of their chief engineers dumping over $50M of Intel stock this year. Intel are saying "it was a scheduled stock movement", but in fact, it was scheduled in October, long after disclosure of Meltdown in June.

And if you want a conspiracy theory, apparently Intel, as early as January this year, were pushing hard for KASLR adoption across the industry - KASLR is the predecessor to the KPTI/Kaiser fix for Meltdown. So it looks like Intel saw this bombshell coming from a long way off... but continued to sell their faulty processors without any disclosure.

I expect they've just lost a massive amount of pricing power with their (big) cloud customers who will be rightly pissed at their attitude. Playing their cards so close to their chest and the stock dump after disclosure is the icing. I imagine there will be huge lawsuits out of this, and possibly some jail time for insider trading if the SEC get involved.

Fun and games.

Quoting: EagleDeltaI understand your feelings, but if that's how you feel, then you shouldn't use computers.

Such a long post to justify something that actually could be avoided if testing before releasing were done properly, then Intel jumping into new models and products while old stuff is still broken isnt good. Im pretty sure intel will keep pushing new stuff in order that people forget about this meltdown problem because they cant fix it, those models are just too deep broken.
"I understand your feelings" no you dont, and stop telling people to stop using something just because they expect quality and responsibility from manufacturers.

Quoting: orochi_kyo

Quoting: EagleDeltaI understand your feelings, but if that's how you feel, then you shouldn't use computers.

Such a long post to justify something that actually could be avoided if testing before releasing were done properly, then Intel jumping into new models and products while old stuff is still broken isnt good. Im pretty sure intel will keep pushing new stuff in order that people forget about this meltdown problem because they cant fix it, those models are just too deep broken.
"I understand your feelings" no you dont, and stop telling people to stop using something just because they expect quality and responsibility from manufacturers.

Except that it's not that simple. No amount of pre-release testing can guarantee the finding of fringe, real-life edge cases. That's just the nature of things. And it's not just Intel that ends up with these types of issues. Any hardware or software manufacturer can make mistakes that only show up after release, and sadly, there is no perfect debugging or testing method. It's just not a realistic expectation. All that can be done is to learn from the mistakes and try and avoid them next time around, which Intel is actively trying to do.

Quoting: orochi_kyo

Quoting: EagleDeltaI understand your feelings, but if that's how you feel, then you shouldn't use computers.

Such a long post to justify something that actually could be avoided if testing before releasing were done properly, then Intel jumping into new models and products while old stuff is still broken isnt good. Im pretty sure intel will keep pushing new stuff in order that people forget about this meltdown problem because they cant fix it, those models are just too deep broken.
"I understand your feelings" no you dont, and stop telling people to stop using something just because they expect quality and responsibility from manufacturers.

The flaw isn't something that could be tested for. It's an inherent design flaw, a bad decision made in the name of performance. Their reasoning would largely have been "Well, who the hell is going to manage to exploit that?"

Everyone here should read this thread on twitter explaining meltdown and spectre instead of making these weird armchair assessments.

The one thing I agree on is that Intel handled it bloody poorly.

Quoting: Luke_Nukem

Quoting: orochi_kyo

Quoting: EagleDeltaI understand your feelings, but if that's how you feel, then you shouldn't use computers.

Such a long post to justify something that actually could be avoided if testing before releasing were done properly, then Intel jumping into new models and products while old stuff is still broken isnt good. Im pretty sure intel will keep pushing new stuff in order that people forget about this meltdown problem because they cant fix it, those models are just too deep broken.
"I understand your feelings" no you dont, and stop telling people to stop using something just because they expect quality and responsibility from manufacturers.

The flaw isn't something that could be tested for. It's an inherent design flaw, a bad decision made in the name of performance. Their reasoning would largely have been "Well, who the hell is going to manage to exploit that?"

Everyone here should read this thread on twitter explaining meltdown and spectre instead of making these weird armchair assessments.

The one thing I agree on is that Intel handled it bloody poorly.

Apart from someone trying to use Twitter to explain such a technical subject, I completely agree with you. BUT, while that design decision was made as long ago as 1995 when security was 99th on a list 100 priorities, this is 2018 now and Intel (and AMD and probably to a certain extent ARM) can only be described as wilfully negligent in overlooking this behaviour in the modern day.

As I said earlier, I suspect that Intel knew about this much earlier than June, probably for years and kept a lid on it. Their pushing KASLR so hard (for unrelated attacks, such as KRACKS and the whole Intel ME cock up) was probably done in the hope that a software remedy would be found and accepted early, so that they wouldn't have to acknowledge the extent, reach and scope of this hardware design flaw.

I'm not a fan of the The Register, but they sum it up pretty perfectly here:

QuoteRecent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect.

Translation: Pleeeeeease, pleeeeease do not sue us for shipping faulty products or make us recall millions of chips.

Before the kernel devs called their Kaiser implementation KPTI, they were mulling over whether to call it FUCKWIT. I think that tells its own story!