Set micro-grid launch WeChat IC: "Every day IC", big news immediately released, every day IC, every day set micro-network, micro-into a! Scan the end of the two-dimensional code to add attention.
1. Intel chip leaked leaked market share plunged 20 billion US dollars market value evaporated;
Since the US technology blog The Register first disclosed on January 2, 2018 chip-level security vulnerabilities caused by CPU Speculative Execution Specter (Chinese name "ghost", there are CVE-2017-5753 and CVE-2017-5715 two variants) , Meltdown (a variant of CVE-2017-5754), Intel, ARM, AMD, Apple, IBM, Qualcomm, NVIDIA and others have all admitted that their processors are at risk of being attacked.
Despite the safety loopholes triggered by the CPU underlying design architecture, which affects almost all chip makers, Intel, the global leader in chip industry, has become the most prominent loser. "China Business newspaper reporter noticed, Intel's stock price has dropped from $ 46.85 / share on January 2 to $ 42.50 / share on January 11, the market value has shrunk by 20.4 billion U.S. dollars. Also look at Intel's rival AMD, the company's share price from January 2 10.98 US dollars / share rose to 11.93 US dollars on January 11 / share, or nearly 10%.
Intel and other chip makers, Microsoft and other operating system vendors, Apple and other terminal manufacturers respond to the CPU security 'loopholes door' measures are pointing to 'patch.' Intel China's relevant spokesman on January 10 in the telephone and e-mail told China (2017) We began shipping firmware updates to OEM partners in early December and we expect the updates to be released in the past (past) week will cover more than 90% of Intel processors introduced in the past five years, with the remaining Will be released before the end of January 2018 (2018), and we will continue to release updates on other products. "The spokesman stressed that Intel will not" chip recall ".
'Vulnerability Gate' was leaked ahead of schedule
This round of CPU 'loopholes' reputation as the 'millennium bug' computing equipment in the history of the largest security breach.
What is the "millennium bug"? Is the computer 2000 problem. Because the computer memory is relatively small, the year is represented by two digits, such as 1980 is 80, to 1999, 80 years born is 99-80 = 19 years old , But in 2000, it became 00-80 = -80 years old. This is called the 'Computer 2000 Problem.'
The CPU 'loopholes door' is how is it? A Huawei technology expert told the "China Business" reporter, people issued instructions to the computer can be divided into normal can be executed, the exception is not implemented two, according to the original structure Designs, exceptions that are not executed are left in the cache without any trace, so it does not matter if they can see the memory confidential information, but it has now been confirmed that the instructions are still in memory Which left traces of clues, and can be exploited by attackers, leading to the disclosure of sensitive information users.
The Project Zero team at Google pioneered the discovery of these chip-level vulnerabilities triggered by CPU Speculative Execution and named them Spectre and Meltdown and tested to confirm that Specter effects include Intel, AMD, ARM and many other vendors, including chip products, Meltdown (fuse) is the main impact of Intel chips.
These vulnerabilities were first reported by the Google Project Zero team to Intel, AMD and ARM in June 2017. Because these security risks involve a variety of different chip architectures, they are notified by the Project Zero team and verified against the issue Later, Intel, AMD, ARM and other manufacturers quickly came together, and led by Google signed a confidentiality agreement, and under the confidentiality agreement to cooperate to ensure that the agreed deadline for disclosure of the issue (January 9, 2018) arrived Before finding a solution to the problem. "Intel China stakeholders told the" China Business "reporter.
Not only are Google's Project Zero team, but several more researchers independently discovered these vulnerabilities in the second half of 2017. "These researchers learned that these security issues have been communicated to chipmakers by the Project Zero team, and the industry is working together And stepped up development of the solution, they also agreed to keep their findings confidential until the disclosure time point agreed on by the industry (January 9, 2018), "said a Chinese official from Intel China.
However, as the disclosure time (January 9, 2018) approached, the CPU security 'vulnerability gate' was disclosed in advance on January 2, 2018. Google subsequently disclosed the relevant information on January 3, 2018. - The Project Zero team notified Specter to Intel, AMD, ARM on June 1, 2017, and Meltdown to Intel on July 28, 2017.
Baotuan deal
Although similar to the "Y2K", the root cause of this CPU security "loophole" is caused by the design of the underlying architecture. However, when the issue was disclosed, the focus of public opinion was mainly on Intel.
An industry insiders told the "China Business" reporter interviewed that, on the one hand because Specter and Meltdown two loopholes are involved in Intel, on the other hand because Intel is the world's chip industry's 'boss', its product coverage, Affected user groups is undoubtedly the largest.
Intel clung to CPU security vulnerabilities defined by the media as 'chip gateways' in Intel's security. "China Business Journal" correspondent said on January 3, 2018, "Intel's Response to Security Research Results" , These security vulnerabilities are not unique to Intel products. "Intel released an update on January 4 stating that Intel has released updates for the majority of processor products introduced in the past five years. By next weekend (January 14 Day) Intel is announcing updates that will cover more than 90% of processors introduced in the past five years.
According to the U.S. Oregon News, Intel CEO Ke Keqi also sent a memorandum to employees on January 8 stating that the company will establish a new Intel Product Assurance and Security department to enhance safety. In his opening speech at CES 2018 on January 9, Oddky again stressed that "within this week, the remediation will cover 90% of the last 5 years and the remaining 10% will be repaired by the end of January."
After Intel, AMD, ARM, Qualcomm, NVIDIA, Apple, IBM and other manufacturers have also admitted that the 'loopholes' have an impact on their own products, and said it can be resolved through the system patch update.
For example, ARM said in a public statement that "many Cortex family of processors exist vulnerabilities; AMD official statement acknowledged that some of the processors have security vulnerabilities; IBM said 'Google's potential chips potential attack on all microprocessors have an impact, including IBM Power series processor '; Qualcomm said,' for the recent exposure of chip-level security vulnerabilities products, the company is developing updates '; NVIDIA claims that part of the chip Specter influence, can cause memory leaks.The above companies are acknowledged by the' While at the same time, they also said they are or have been developing security patches to enhance the security level of the affected chips.
For example, Apple acknowledged on the official website that "all Mac systems and iOS devices are affected, but at the same time, Apple's official website acknowledged that" all Mac OS and iOS devices are affected Apple has also claimed that 'will update Safari to prevent attacks, but also to further study of the two vulnerabilities, will be released in iOS, macOS and tvOS updates new solution. '
The current class action
While chipmakers, operating system makers and end-product vendors are trying to solve this CPU security 'breach' crisis in a 'patched' way, consumers are not satisfied with the industry's response.
According to Engadget, a U.S. technology news site, Intel has suffered three lawsuits in the United States and all are class actions because of CPU security leaks. "Engadget believes this means that more consumers who are harmed can join the ranks of plaintiffs Claims.At present there is no outbreak of lawsuits against other manufacturers such as AMD.
In simple terms, there are two main reasons why consumers sue Intel. One is the disclosure of security risks after a lapse of six months. The second is that patching affects the performance of their computers.
For the extension of the disclosure of the issue, Intel China official said that this is in order to actively fight for time, learned from the existence of loopholes until now 6 months, Intel has been working with other vendors to speed up the search for solutions to the problem, 'a large Alliance of technology companies have been working together to study and prepare for the solution '.
Foreign media quoted a developer as saying that the fix to the CPU core will affect all operating systems, and most software applications will experience a "one-figure slide" (that is, below 10%) for software performance issues. , The typical performance decline of 5%, while the networking capabilities, the worst performance decline of 30%, that is, 'patch' to solve the security 'loopholes' will result in a 5% reduction in computing device performance ~ 30%.
However, Intel insisted in the e-mail that 'Meltdown and Specter two CPU vulnerabilities will not have a significant impact on computer performance', the company's' SYSmark test showed that after the 'patch' CPU performance decline of about 2% ~ 14 % '.
In fact, the "China Business" reporter noted that Intel and AMD and other manufacturers have occurred in the past CPU Bug events, such as the Pentium FDIV Bug found in 1994, Pentium FOOF Bug found in 1997, Intel discovered in 2008, Intel ME vulnerabilities, AMD Phenom TLB Bug, Ryzen Segfault Bug, etc. Among them, the Intel Pentium FDIV Bug is an out-and-out flaw, initially Intel did not pay attention, only decided to be partially certified Affected users to replace the CPU, then forced by public opinion and market pressure, Intel recalled all the affected CPU, when the loss of up to 475 million US dollars.Can be discovered after many CPU Bug events, Intel and AMD are through the 'patch 'Way to solve the problem.
In response to the security 'loopholes door', Intel will not recall its own chip? Intel China related spokesman quoted Ko again odd public opinion, Meltdown and Specter than the Pentium FDIV in 1994 easy to solve, and Intel has begun to address These vulnerabilities make it impossible for Intel to recall chip products affected by Meltdown and Specter vulnerabilities. "China Business
2. Intel CEO released an open letter finally made a commitment on security issues;
On January 12, Intel chief executive officer Kevin Cooper released an open letter on the issue of Intel's chip security breach, and finally made a commitment to Intel's customers.
Covey said in an open letter that by January 15, Intel's update will cover more than 90% of Intel CPUs released in the past five years, and other CPU updates will be released before the end of January. Subsequently, Intel will work hard to follow Customer prioritization, release updates for earlier products.
Sectioniche also stressed once again that customer data security is always the first priority, not a one-time event, and promised to work with the industry to share hardware innovations to accelerate industry-wide advances in handling side-channel attacks. It will also increase funding for academic and independent research on potential security threats.
Earlier, Intel worked with the industry to develop and deliver software and firmware upgrades to address potential security breaches of Google Project Zero, also known as 'Specter' and 'Meltdown.' As of now, Intel has not received any of these potential attacks Used to obtain customer data information.
At present, companies such as AMD and ARM also acknowledge chip vulnerabilities and risks of attack, in addition to Intel, and smart devices such as desktops, laptops, servers, smartphones and tablets, as well as baby monitors, smart cars and thermostats Can be targeted. (Li Wenyao)
Attachment: Intel Corporation Chief Executive Officer Reissue Technology Industry Leaders Open Letter
Intel has been working with partners since Google Project Zero team posted a potential security risk last week, and our common goal is to restore customer confidence in data security as soon as possible. As I said this week at CES, Degree of industrial cooperation is very great.I feel great pride in the solidarity of the industry.I thank everyone for their extraordinary cooperation.We are especially grateful to the Google Project Zero team for their responsible disclosure, to coordinate the entire industry to solve these New problems have created the conditions.
As our efforts move forward, I want to clarify Intel's commitment to our customers, which is our promise:
1. Customer First Urgency: As of January 15, we will be releasing updates covering more than 90% of the Intel CPUs released in the past five years, and updates of other CPUs will be released before the end of January. We will then focus on In accordance with the priority of customer discharge, release updates for earlier products.
Transparent and timely communication: We learned a lot about software and firmware updates, and we learned that the impact on performance will depend on the specific workload, platform configuration, and elimination efforts, and we are committed to: Continuously Patch progress, performance data, and other relevant information can be found on the Intel.com Web site.
3, Continuous Security: Customer data security is always the top priority, not a one-time event.In order to speed up the security of the entire industry, we promise: According to the principle of responsible disclosure, public disclosure of major security vulnerabilities.Moreover, We are committed to working with industry-wide efforts to share innovations in hardware to accelerate industry-wide advances in handling side-channel attacks, and we are committed to increasing funding for academic and independent research on potential security threats.
We encourage industry partners to continue supporting these initiatives, each of us playing a very important role: Timely adoption of software updates and firmware patches for consumers and system manufacturers is essential; for hardware and software developers For transparent, timely sharing of performance data is critical to speeding up the process.
All in all, the only way to work together is to create the fastest and most efficient way to restore customer confidence in their data security, which is what we all want and work hard to do.
3.Intel finally exposed 10nm: mass production next year!
Samsung / TSMC have mass production 10nm process, AMD is about to fully adopt GlobalFoundries 7nm, but as the semiconductor industry giants, Intel 10nm process has not come out, the earlier years of Tick-Tock architecture / process gradually gradual upgrade of the road is also slow Down.
At CES 2018, Gregory Bryant, senior vice president of client computing at Intel, finally broke the silence about his 10nm process and gave some specific information.
According to him, Intel will ship 10nm process processors to customers in 2018, which is consistent with the previous goal. In 2019, it will expand production capacity and enter mass production.
However, specific products on the 10nm process, Bryant did not disclose.
In fact, at the Taipei Computer Show in early June 2017, Intel showed a notebook that is supposedly equipped with a 10nm processor, but did not give any specific instructions.
From the current news, Intel's first 10nm process code-named Cannon Lake, followed by Ice Lake, and then the third generation of 10nm process (code-named Tiger Lake), but what are the positioning, When released, still need to wait
Based on 12nm Volta core: NVIDIA Quadro new professional card appeared
Based on the 12nm Volta core, NVIDIA already has Tesla V100 and TITAN V products, but the lack of specialized platform Quadro favorite.
Recently, TPU found the Quadro GV100 from the latest version of the v5.427.0 binary file from NVFlash BIOS Update Tool.
The original purpose of this update is to add support for TITAN Xp under the new driver, did not expect the 'big brother' hiding place was scared out.
Combined with the parameters of TITAN V and Tesla V100, Quadro GV100 graphics memory is expected to exist between 14GB ~ 16GB.
In addition the shape design and TITAN V also be different, in order to show distinction.
As for the launch time, for the Quadro, NV generally chose a 'surprise attack' and is expected to be the GeForce 20 line in late March or early March after the GTC in late March.