Technology

59174 readers

2401 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

908

Intel 'Downfall': Severe flaw in billions of CPUs leaks passwords and much more (www.pcworld.com)

submitted 1 year ago by theunmentionable@lemmy.world to c/technology@lemmy.world

154 comments fedilink hide all child comments

Oh no.

you are viewing a single comment's thread
view the rest of the comments

[–] cybervseas@lemmy.world 188 points 1 year ago (31 children)

Intel claims most consumer software shouldn’t see much impact, outside of image and video editing workloads..

But that's, like the one place other than games where consumers are looking for performance. What's left, web browsing and MS Office?

[–] FaceDeer@kbin.social 52 points 1 year ago (26 children)

I just skimmed through the article and it seems like this vulnerability is only really meaningful on multi-user systems. It allows one user to access memory dedicated to other users, letting them read stuff they shouldn't. I would expect that most consumer gaming computers are single-user machines, or only have user accounts for trusted family members and whatnot, so if this mitigation causes too much of a performance hit I expect it won't be a big risk to turn it off for those particular computers.

[+] Arghblarg@lemmy.ca -7 points 1 year ago* (last edited 1 year ago) (12 children)

this vulnerability is only really meaningful on multi-user systems

Well, that says it all. CPU manufacturers have no incentive at all to secure the computations of multiple users on a single CPU (or cores on the same die)... why would they? They make more cash if everyone has to buy their own complete unit, and they can outsource security issues to 'the network' or 'the cloud'...

Years ago when I was in University this would have been a deathblow to the entire product line, as multi-user systems were the norm. Students logged into the same machines to do their assignments, employees logged into the same company servers for daily tasks.

I guess that isn't such a thing any more. But wow, what a sh*tshow modern CPU architecture has become, if concern for performance has completely overridden proper process isolation and security. We can't even trust that a few different users on the same machine can be separated properly due to the design of the CPU itself?

[–] Eggymatrix@sh.itjust.works 19 points 1 year ago (1 children)

Are you aware that the majority of cpus sold today go to cloud computing? Believe it or not, but that is an application space with multiple users on the same machine.

[–] Arghblarg@lemmy.ca -4 points 1 year ago (1 children)

Good point. But I think performance is still a greater priority for those who make purchasing decisions, rather than basic security, and that's the problem.

[–] towerful@programming.dev 6 points 1 year ago

Not at the enterprise level.
Security means compliance, which means getting/keeping contracts and not getting sued.
And they care more about performance-per-watt and density.

load more comments (10 replies)

load more comments (23 replies)

load more comments (27 replies)