Intel Publishes Internal Test Data on Meltdown Patches

By Published January 16, 2018 at 11:53 pm

Intel has released its own internal testing of architectures dated from Skylake to Coffee Lake, using Windows 10 and Windows 7, in A/B testing between the Meltdown kernel patch. We’ve done some of our own testing (but need to do more), but not with the applications Intel has tested. As usual, exercise grain-of-salt-mining for first-party numbers, but it’s a starting point.

Intel claims that it’s found its CPUs largely retain 95-100% of their original performance (from pre-patch, with some worst-case scenarios showing 79% of original performance – Skylake in SYSMark 2014 SE Responsiveness, namely. On average, it would appear that Intel is retaining roughly 96% of its performance, based on its own internal, first-party data.

Here’s the full chart from the company:

There’s been a lot of talk of an “Intel bug” lately, to which we paid close attention upon the explosion of our Twitter, email, and YouTube accounts. The “bug” that has been discussed most commonly refers to a new attack vector that can break the bounding boxes of virtual environments, including virtual machines and virtual memory, that has been named “Meltdown.” This attack is known primarily to affect Intel at this time, with indeterminate effect on AMD and ARM. Another attack, “Spectre,” attacks through side channels in speculative execution and branch prediction, and is capable of fetching sensitive user information that is stored in physical memory. Both attacks are severe, and between the two of them, nearly every CPU on the market is affected in at least some capacity. The severity of the impact remains to be seen, and will be largely unveiled upon embargo lift, January 9th, at which time the companies will all be discussing solutions and shortcomings.

For this content piece, we’re focusing on coverage from a strict journalism and reporting perspective, as security and low-level processor exploits are far outside of our area of expertise. That said, a lot of you wanted to know our opinions or thoughts on the matter, so we decided to compile a report of research from around the web. Note that we are not providing opinion here, just facts, as we are not knowledgeable enough in the subject matter to hold strong opinions (well, outside of “this is bad”).

China’s National Development and Reform Commission (NDRC) is looking into the possibility of DRAM price-fixing between the major memory and Flash suppliers, with specific interest from the Pricing Supervision Department of said commission. An official from the regulatory body, Xu Xinyu of NDRC, stated the following: “We have noticed the price surge and will pay more attention to future problems that may be caused by ‘price fixing’ in the sector.”

This comes following recent reports that Samsung initiated plans to increase supply by 20%, which still failed to meet rising demand. The NDRC told the China Daily, a state-run media outlet, that the NDRC has paid attention to DRAM pricing and demand over the past 18 months, and that memory suppliers are now under the eye of the NDRC. There are only four major suppliers in the industry, and those include SK Hynix, Micron, Toshiba, and Samsung.

We need some clarity on this issue, it seems.

TLDR: Some AMD RX 560 graphics cards are selling with 2 CUs disabled, resulting in 896 streaming processors to the initially advertised 1024 (64 SPs per CU). Here’s the deal: That card already exists, and it’s called an RX 460; in fact, the first two lines of our initial RX 560 review explicitly states that the driving differentiator between the 460 and 560, aside from the boosted clocks, was a pre-enabled set of 2CUs. The AMD RX 460s could already be unlocked to have 16 CUs, and the RX 560 was a card that offered that stock, rather than forcing a VBIOS flash and driver signature.

The RX 560 with 2CUs disabled, then, is not a new graphics card. It is an RX 460. We keep getting requests to test the “new” RX 560 versus the “old” RX 560 with 1024 SPs. We already did: The RX 560 review contains numbers versus the RX 460, which is (literally) an RX 560 14CU card. It is a rebrand, and that’s likely an attempt to dump stock for EOY.

Jon Peddie Research reports that the AIB market is likely returning to normal seasonal trends, meaning the market will be flat or moderately down from Q4 2017 through Q1 2018.

In a typical year, the AIB market is flat/down in Q1, down in Q2, up in Q3, and flat/up in Q4. The most dramatic change is usually from Q2 to Q3, on average a 14.4% increase (over the past 10 years). Q3 2016 was roughly twice that average with more than 15 million AIBs shipped, 29.1% more than Q2 and a 21.5% increase year-over-year.

MSI has updated BIOS versions for their Intel 100, 200, and 300 series motherboards. They’re the latest of several manufacturers, including Gigabyte a week ago, to address security vulnerabilities in Intel’s TXE (Trusted Execution Engine). Intel says they have “provided system and motherboard manufacturers with the necessary firmware and software updates,” so it’s now up to those manufacturers to implement them. An Intel tool that detects whether systems are vulnerable is available here, as well as a list of vendors that have already released updates.

Owners of affected MSI motherboards should visit and find their model. BIOS and other downloads can be found under the “service” tab for each board. Instructions are similar for most other manufacturers.

How to Check If Your Intel CPU is Vulnerable to Attack

By Published November 22, 2017 at 2:27 pm

Intel has released a detection tool to determine whether the host system’s CPU is vulnerable to the security exploit defined in Intel’s Management Engine. The company launched a Management Engine “critical firmware update” (SA-00086, available here, alongside the tool) with a utility that checks 6th, 7th, and 8th Generation Core series CPUs – everything dating back to Skylake, basically – for vulnerabilities exposed through the integrated MINIX operating system. Intel’s version of the Minix OS, originally built for educational purposes by Andrew Tanenbaum, operates on Ring level -3 (negative, as in: you have no access) on the CPU, with the vulnerability present on all Skylake, Kaby Lake, and Coffee Lake PCHs.

Intel’s firmware update addresses the following CPU families, and should be installed immediately:

FCC Attempts to Peddle Warm Piss For Lemonade

By Published November 22, 2017 at 12:50 am

Imagine an internet where AT&T will happily cover the costs of your data for using certain apps—provided you’re already an AT&T mobile customer, of course. Imagine an internet where Verizon can deliberately slow down Netflix traffic. Imagine an internet where exceedingly wealthy companies can pay for better connections, at the expense of throttling the connections of those who don’t or can’t pay. Imagine AT&T, Timer Warner, and Comcast being able to advantage and prioritize their own content—such as HBO, NBC, and DirectTV Now—by making it stream faster, or by allowing it to not count towards data plans, or by slowing down competing YouTube options. An internet where today’s few and powerful ISPs are the gatekeepers, raising the barrier and cost of entry for new startups or potential ISPs. An internet where ISPs can control exactly how consumers view content—not based on choice or quality, like it should be—but rather because they have the keys to the internet.

Gigabyte is releasing security updates for Intel motherboards making use of Intel ME (Management Engine) and TXE (Trusted Execution Engine). The first batch of updates will be for Z370 and 200-series boards, with older generations following. Gigabyte will be supplying patched BIOS versions as well as the latest Intel ME and TXE drivers on their website.

Gigabyte’s announcement follows a notice from the Intel Security Center about “security vulnerabilities that could potentially place impacted platforms at risk.” These vulnerabilities have to do with MINIX, a lightweight OS designed by educator Andrew Tanenbaum (as discussed in this week’s HW News), and its use in Intel’s ME. As reported by Tom’s Hardware earlier this month, a Google team led by software engineer Ron Minnich is responsible for uncovering MINIX’s role in the ME and expressing their concerns in a presentation bluntly titled “Replace your exploit-ridden firmware with a Linux kernel.”

EK Water Blocks has seemingly had a strong year, dotted with numerous major product launches and expansion into the mainstream market (with the EK Fluid Gaming series). In spite of this, TechPowerUp just broke news that EKWB’s CEO, CTO, Head of Marketing, and numerous R&D engineers have all departed the company. The company remains 90-strong, but has lost much of its R&D department and head management as of today.

We moderate comments on a ~24~48 hour cycle. There will be some delay after submitting a comment.


  VigLink badge