The past two days, Intel once again came to the center of the storm.After the ME broke a serious security vulnerability, the Intel CPU once again burst a security vulnerability.
More terrible is this time a bug fixes will bring some performance loss.A variety of news all the time Crane 什, what CPU performance will fall 30%, Intel CEO sell stock in advance and so on.
But the gossip go gossip, we should still calm down to see how this loophole door to our daily use of how much influence.
About this loophole:
The loopholes broke into two parts, Meltdown and Specter, both of which are basically the same in principle but different in depth of attack. Meltdown attacks the system kernel (for example, the core part of the WIN10 system) and Specter Will directly access the system memory, so theoretically more destructive.
Now Microsoft system patches for Meltdown, Specter because more complex, so temporarily not yet repaired, but due to the attack more difficult, so there is no clear attack.
The current Meltdown loopholes will affect Intel and ARM will not be involved, AMD. Specter will affect Intel / AMD / ARM three manufacturers.
Because of Intel's strong dependence on speculation directives, so the most affected in this incident. ARM although some defensive measures, but some product line is completely fall. AMD Ryzen because it is redeveloped, so Meltdown will not Involved, but Specter will still be involved.
The reason why such a big controversy, mainly because of system performance after the patch will be reduced CPU.
In principle, in a nutshell, a malicious program can exploit a CPU vulnerability in the instruction set to trigger guessing instructions inside the CPU, allowing the CPU to access all parts of the system's memory and cache for sensitive information.
Only this attack mode need to be attacked data just appeared in the attack trigger memory, virtual memory or CPU cache, the virus must be smart enough, so the attack is more difficult.
More terrible is that this vulnerability can also attack RING 0 level, which is Intel ME this level of CPU manufacturers reserve area, in theory, can fully control this computer.
Then the question comes, why there is a CPU within a multi-year cross-loopholes? (Intel claims that the product since 1995)
The main reason is the balance between performance and security, and things like performance and security, stability, and cost are like seesaws, and product design should consider the balance between each other.
For example, our home memory, theoretically every 6 million read and write operations will inevitably be an error, but this is not a problem for the consumer level, so it retained. Corresponding at the server level, it is necessary to adopt ECC memory, but this will bring a lot of price, the price will be a lot more expensive, overclocking performance, the delay will be more ugly.
The CPU as a comprehensive processing chip, the internal structure of complex, using some tricks of the algorithm is well understood, otherwise the CPU can not do it.It is estimated that this vulnerability is caused by hardware architecture logic loopholes.
For example, the chip will have 'AND gate' this component, the two inputs into 1 and 2 are shown as true, this time the output will be displayed as true, otherwise false. Then when the first detection of 1 is false , Is not into the 2 can not detect, anyway, the output is false. Guess the purpose of the instruction is to reduce the link to improve efficiency.
The above text is really esoteric, in order to make it easier for everyone to understand, I would like to help you understand the analogy.
CPU manufacturers is like a restaurant to do mutton string.Replicate lamb skewers bamboo sticks must first clean, high temperature disinfection, and then according to UV, and finally to test to barbecue, but when the barbecue can actually bamboo stick sterilization Kill clean.
CPU manufacturers that his skewers are now on the string is now roasted, bamboo sign on the bacteria too late to produce toxins, so CPU manufacturers choose to wash, then roasted, the middle of high temperature disinfection, according to the UV to the province of this vulnerability is like It is the bacteria that use this time difference to produce enough toxins, and the result is that people who ate diarrhea are not particularly precise, but they are roughly the same.
Because this patch will make CPU part of the tricky algorithm is shielded, it will affect the performance of a certain.This has the greatest impact on the data center.
Next, I will conduct a preliminary test for the home environment.
testing platform:
This test platform is I5 7500. Here I use to do exactly half of the test. Originally wanted to do a 7500 contrast 8100 content, the results of the system environment has changed significantly, so the previous test is equal to void So this half done the test I was pulled over to compare.
Given from Intel, the 6th, 7th, and 8th generations are less affected.
For the old platform testing I also need time to prepare, so first for the market more concentrated product.
