Will Intel design flaw influence P3D performance?

[Nighthwk 566]

4 minutes ago, simbol said:

you need to apply BIOS updates to your PC for the MS patches to be "ACTIVE" and protect your PC.

*sigh* I’m not too sure I’m willing to update my bios, I’ve heard way too many horror stories to be enthusiastic about the idea of it.

[AAN1718A 20]

12 minutes ago, bgpearce01 said:

This is a ridiculous topic Btw. Chances are this won't affect home users as much as data centers. Your computer is not going to come to a screeching halt and this isn't y2k. 

You're half right. We won't know what is going to happen. You are correct, there really isn't a need to panic, but this could potentially affect a lot of users. It may very well be a significant impact for some, or hardly anything. It's easy to speculate. Until the patch comes out then we'll know.

I'm curious to find out if this is a global patch. My system is not vulnerable (according to the latest intel diagnostic they released). Running an I7-5930K which is not affected, however if this patch gets installed anyway ...

[simbol 5,821]

17 minutes ago, JoeFackel said:

See, and EXACTLY that is what is always happening: the user clicking on a link of an dubious website, opening an attachement from an email etc.

Not totally true, Malicious adware can execute JavaScript code which would run on your PC (Automatically) and exploit vulnerabilities on your browser without the need of any user intervention,  Facebook has been affected by this kind of problems in the past and I would not regard it as a dubious website as many Flying Sim users use it to share information about add-on's, simulation news, etc.

Look at this article: https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/ 

That is just an example, there are many others, you know that as you are a network admin yourself as you said it, I am sure you might be able to keep your PC safe given your vast experience on IT, but other users of the flying sim community might not be that lucky as they will walking around too many booby tramps by just using the Internet.

This is why the best advise is to tell them to keep their PC's protected and updated all the time.

 

Best Regards,
Simbol

Edited January 4, 2018 by simbol
Further Information

[simbol 5,821]

13 minutes ago, AAN1718A said:

I'm curious to find out if this is a global patch. My system is not vulnerable (according to the latest intel diagnostic they released). Running an I7-5930K which is not affected, however if this patch gets installed anyway ...

Why do you think you are not affected? can you elaborate on this? accordingly with my current information every Intel processor which implements out-of-order execution is potentially affected, and the I7-5930K is definitely using this technique!.

Source: https://www.bleepingcomputer.com/news/security/google-almost-all-cpus-since-1995-vulnerable-to-meltdown-and-spectre-flaws/

Regards,
Simbol

[PaulGR 168]

6 minutes ago, simbol said:

Why do you think you are not affected? can you elaborate on this? accordingly with my current information every Intel processor which implements out-of-order execution is potentially affected, and the I7-5930K definitely using this technique!.

Source: https://www.bleepingcomputer.com/news/security/google-almost-all-cpus-since-1995-vulnerable-to-meltdown-and-spectre-flaws/

Regards,
Simbol

He is confusing patches.

Somebody posted a link to one yesterday that was a completely different issue.

[fluffyflops 1,858]

You lot have just ruined my lunch.. 

And being a cynical git this whole caper will make these 2 very rich.   That's the winner of this year's apprentice, he's a recruitment consultant for IT professionals. 

Every IT contractor on the planet must be rubbing there hands in glee at the amount of business this will send them 

[Nemo 1,305]

34 minutes ago, JoeFackel said:

There are several tools (i recommend "ShutUP10" from O&O) where you can easily switch off windows updates, also on W10 Home.

Thank you. I did not know that this is possible. Concerning the particular W10 update that will probably cause the perfomance loss, is it possible to prevent win10 to apply a specific update using the before mentioned tools?

[fluffyflops 1,858]

Do you have home or professional edition of Windows 10

[ComSimPilot 623]

48 minutes ago, simbol said:

Daedalus, 

1) 30% is a figure estimated by some researches, this is yet to be determine by your current workload, at this stage we don't know how it will affect the Flying Sim community. The problem is OS independent, the issue is with the CPU and your 7700K is affected as all Intel CPUs are affected.

The drop in performance will happen when:

A) Your Windows 7 SP1 or Windows 10 (1703 or 1709) applies the patches 

AND

B) You installed the required firmware microcode upgrade provided by your hardware vendor.

So yes, just installing the patch don't fix the security problem (which is very severe!), you need to apply BIOS updates to your PC for the MS patches to be "ACTIVE" and protect your PC.

2) This is uncertain but we require Intel, AMD and ARM to redesign their CPUs for this reason I don't see any further patches allowing you to regain the performance as they cannot risk it and wait until CPU vendors create a new CPU type (which can take years).

3) Windows 7 is also affected and will receive the same patch, so the answer is no.

If you want to read all the technical details please follow this: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 

Microsoft explains with great detail what is required to be protected and what OS systems are being patched, I am now chasing DELL for Firmware updates to secure the company I work for Data centres in 12 offices around the world, a hell of a task, Dell was clueless, I had to explain them how MS patches work and they are now on the case, Google jumped the gun and released the security advisory too soon.

If you have more questions feel free to ask.

Regards,
Simbol

Simbol, I would like to thank you very much for your extensive and easy to understand reply. You are a person with deep knowledge on the field, and unlike many of us your input is very much appreciated.

I don't know what to wish at this point for this problem, as it seems indeed severe. I tend to think that I would rather live with the vulnerability than lose 30% of my processor. Its a sad story and I'm impressed this kind of problem could ever happen. I always had the impression that all kind of vulnerabilities are software only related.

[Nemo 1,305]

5 minutes ago, tooting said:

Do you have home or professional edition of Windows 10

If this concerns me, I have Win10 Home.

[fluffyflops 1,858]

Then  windows will update automatically , you cant pause it for 30 days like in professional .

Just think of all the work this will bring IT contractors to huge corporations like NHS, Government , etc etc etc

In my company we must have 1000+ pcs and laptops and some guy will have to update all the pcs and bios.  Thats his contract extended...  

[JoeFackel 760]

20 minutes ago, Nemo said:

Thank you. I did not know that this is possible. Concerning the particular W10 update that will probably cause the perfomance loss, is it possible to prevent win10 to apply a specific update using the before mentioned tools?

With the tool you can't prevent just ONE specific update. About the patch itself i know to less at the moment that i could say which things have to be met  that you will receive it or not ...

[simbol 5,821]

2 minutes ago, Daedalus said:

I don't know what to wish at this point for this problem, as it seems indeed severe. I tend to think that I would rather live with the vulnerability than lose 30% of my processor. Its a sad story and I'm impressed this kind of problem could ever happen.

My recommendation is to monitor the situation and decide what to do at a later stage as it stand many hardware vendors are not ready yet and therefore it will take at least a couple of weeks for the BIOS updates to become available.

Having said that Google Chrome and Mozilla confirmed their browsers are vulnerable and are releasing as we speak patches for these, so the best thing to do in the mean time is:

1) Update Chrome and Mozilla to mitigate the exploit via JavaScript when you browse the internet.

2) Install the patches anyway as these don't become "Active" until you apply firmware updates (BIOS update) which is under your control.

3) Remain extra vigilant against phishing attacks as it is now certain hackers will exploit these vulnerabilities while they can (there are 3 vulnerabilities no just one), so you should be very careful with which content and links you click.

4) Wait until the flying community reports back what happens with these patches enabled regarding P3D / FSX, I will be installing the patches as soon as I can, so I would be one of those users reporting what sort of performance drop we are really talking about, but I am sure that @Rob Ainscough and other will be also bringing his incredible amount of knowledge when the time is right to provide all of us with usable feedback and information allowing many users to decide what to do.

If you want my personal advise there is no performance loss that would be worth loosing any private details or information due to a security breach, your security and personal information is far more important than anything else.

Best Regards,

Simbol

[Nemo 1,305]

17 minutes ago, simbol said:

My recommendation is to monitor the situation and decide what to do at a later stage as it stand many hardware vendors are not ready yet and therefore it will take at least a couple of weeks for the BIOS updates to become available.

Having said that Google Chrome and Mozilla confirmed their browsers are vulnerable and are releasing as we speak patches for these, so the best thing to do in the mean time is:

1) Update Chrome and Mozilla to mitigate the exploit via JavaScript when you browse the internet.

2) Install the patches anyway as these don't become "Active" until you apply firmware updates (BIOS update) which is under your control.

3) Remain extra vigilant against phishing attacks as it is now certain hackers will exploit these vulnerabilities while they can (there are 3 vulnerabilities no just one), so you should be very careful with which content and links you click.

4) Wait until the flying community reports back what happens with these patches enabled regarding P3D / FSX, I will be installing the patches as soon as I can, so I would be one of those users reporting what sort of performance drop we are really talking about, but I am sure that @Rob Ainscough and other will be also bringing his incredible amount of knowledge when the time is right to provide all of us with usable feedback and information allowing many users to decide what to do.

If you want my personal advise there is no performance loss that would be worth loosing any private details or information due to a security breach, your security and personal information is far more important than anything else.

Best Regards,

Simbol

Thank you for this excellent and comprehensive answer!

[AAN1718A 20]

1 hour ago, simbol said:

Why do you think you are not affected? can you elaborate on this? accordingly with my current information every Intel processor which implements out-of-order execution is potentially affected, and the I7-5930K is definitely using this technique!.

Source: https://www.bleepingcomputer.com/news/security/google-almost-all-cpus-since-1995-vulnerable-to-meltdown-and-spectre-flaws/

Regards,
Simbol

Perhaps I am mistaken. It's quite possible that I checked for the Intel ME issue instead.

1 hour ago, PaulGR said:

He is confusing patches.

Somebody posted a link to one yesterday that was a completely different issue.

Who isn't confused about all this  lol

Edited January 4, 2018 by AAN1718A
Typographical