• Navigation
+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast
Results 1 to 20 of 74
  1. #1
    Salvage Bans
    Join Date
    Jun 2007
    Posts
    769
    BG Level
    5
    FFXIV Character
    Raiya Li'aurellia
    FFXIV Server
    Moogle
    FFXI Server
    Asura

    Intel fucked up thread: Unfixable Hardware Exploit affecting most intel CPU's over past decade.

    This started showing up this morning but apparently its a hardware issue that cannot be fixed affecting pretty much all CPU's since 2010. Issue it seems allows programs to read protected memory and steal passwords n shit. Some workarounds going out but the biggest kicker is that in some cases it can cause speed reductions of up to 30%.

    AMD and Nvidia dont seem to be affected by this. Was thinking of upgrading my skylake system later this year too.... that threadripper gonna be very tempting nao!

    https://www.theverge.com/2018/1/4/16...aws-google-cpu

    https://www.theregister.co.uk/2018/0...u_design_flaw/

  2. #2
    Special at 11:30 or w/e
    Sweaty Dick Punching Enthusiast

    Join Date
    Feb 2012
    Posts
    10,267
    BG Level
    9
    FFXIV Character
    Kalmado Espiritu
    FFXIV Server
    Gilgamesh
    FFXI Server
    Sylph
    Blog Entries
    4

    Ryzen 1700x fuck yeah!

  3. #3
    BG Content
    Join Date
    Oct 2005
    Posts
    62,817
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

    http://www.bbc.com/news/technology-42562303

    ARM & AMD chips added to known flaws.

  4. #4
    Salvage Bans
    Join Date
    Mar 2008
    Posts
    852
    BG Level
    5
    FFXIV Character
    Niya Kouya
    FFXIV Server
    Odin

    *sigh* Loving those "we're doomed" news when no (or not enough) actual information is available...
    I only have German sources available (so no guarantee that a G translate is good enough to understand it), but according to this the performance hit should be somewhere between 5% (according to Linux kernel developers) and 0.28% (according to a whitepaper about the KPTI technique that is supposed to prevent the issue).
    New information released today suggests that not only Intel is affected, apparently 64bit ARM chips are also vulnerable, and AMD processors can be affected at least partially (since their architecture prevents some of the attacks that work for Intel). More info will follow the coming days, MS wants to publish a patch that should fix most of the issues on the 9th.

  5. #5
    Mr. Bananagrabber
    Sweaty Dick Punching Enthusiast

    Join Date
    Dec 2005
    Posts
    47,685
    BG Level
    10
    FFXI Server
    Asura

    My understanding is it'll present a hit for certain business applications (database queries and whatnot), but the average consumer will see no negligible difference in performance.

  6. #6
    Salvage Bans
    Join Date
    Jun 2007
    Posts
    769
    BG Level
    5
    FFXIV Character
    Raiya Li'aurellia
    FFXIV Server
    Moogle
    FFXI Server
    Asura

    Some more info but it seems that there's 2 exploits.

    1) Meltdown: Primary affecting Intel CPU's only.
    2) Spectre: This one seems to be the bigger of the 2 as it affects some AMD and ARM models as well.

    Microsoft issuing emergency patches for windows 10 here http://catalog.update.microsoft.com/...px?q=KB4056892

    Some vendors are also issuing patches for the BIOS as well.

    It seems that the more severe performance reduction primarily affects older systems before 7th gen and high intensity applications as well.

  7. #7
    I Am, Who I Am.
    Join Date
    Nov 2005
    Posts
    15,994
    BG Level
    9
    FFXIV Character
    Trixi Sephyuyx
    FFXIV Server
    Excalibur
    FFXI Server
    Ragnarok

    From what i've been reading the slowdown will be negligible for most things outside of syscall type requests.

    Random Infos:
    https://meltdownattack.com/

    ELI5:
    https://www.reddit.com/r/funny/comme...rious/ds6ioag/
    1) you ask the bank teller what someones bank account information is.
    2) while the bank teller is waiting to confirm that you should have access to the account information, they go ahead and look it up and write the information down in a notebook so they're ready to give it to you as fast as possible once you're confirmed.
    3) you can't see the paper, but you watch them writing it down. that doesn't tell you the account information directly, but it does give you some indirect information about what was written.
    4) the bank teller figures out that you shouldn't have access, and shreds that notebook page instead of giving it to you.
    5) it doesn't matter because you've already gotten information about it.
    6) to make it secure we tell the bank manager to stop that and wait until your identity is confirmed before looking up the information. this takes longer.

  8. #8
    BG Content
    Join Date
    Oct 2005
    Posts
    62,817
    BG Level
    10
    FFXIV Character
    Six Souls
    FFXIV Server
    Gilgamesh
    FFXI Server
    Quetzalcoatl
    WoW Realm
    Malorne
    Blog Entries
    9

  9. #9
    BG's most likeable Québécois
    Pens win! Pens Win!!! PENS WIN!!!!!

    Join Date
    Sep 2007
    Posts
    37,802
    BG Level
    10

    This is geting out of hand, so much swarmed with job right now

    I Patched my windows machines, and ESET antivirus

    But we don't have a 'test' physical server so too chicken to patch ESXI lol

  10. #10
    It's all dicks and airplanes
    Join Date
    Jun 2009
    Posts
    2,030
    BG Level
    7
    FFXIV Character
    Cia Mir
    FFXIV Server
    Balmung

    So Meltdown is already fixed, variants 2 and 3 of Spectre are fixed, all of the aforementioned being software patches with BIOS patches coming from certain manufacturers. Variant 1 is the problem child, requiring a chip redesign. Intel is in denial, shits bad PR everywhere and wants no blame, has their CEO drop $24M in stock prior.

    That an accurate tl;dr?

    Linus Torvalds on the matter:
    https://lkml.org/lkml/2018/1/3/797

    Given that I use a modified BIOS and that I'm too lazy to patch a new one, I'm just going to patch Windows and call it a day. It's unlikely this goes anywhere for the typical home user, especially with Spectre's remaining variant being particularly difficult to exploit and requiring you to be stupid on the internet in the first place to receive malicious code.

    I'm more worried about the companies I've trusted with my data than my home use. Cloud devastation potential is very real. Performance hits are also a concern, but over time the patches should refine that issue.

    General thoughts is that Intel's PR combined with the CEO insider trading don't make for a very good looking company. I was all about that 8700k too.. guess I'll wait and see if they choose to redesign.

  11. #11
    I Am, Who I Am.
    Join Date
    Nov 2005
    Posts
    15,994
    BG Level
    9
    FFXIV Character
    Trixi Sephyuyx
    FFXIV Server
    Excalibur
    FFXI Server
    Ragnarok

    Big companies still use whiteboxes, so they wont be exposed to these issues.
    They were ahead of the times all along.

  12. #12
    The Real Cookiemonster
    Join Date
    Jan 2007
    Posts
    1,870
    BG Level
    6
    FFXIV Character
    Dark Depravity
    FFXIV Server
    Sargatanas

    Quote Originally Posted by Ratatapa View Post
    But we don't have a 'test' physical server so too chicken to patch ESXI lol
    This is me right now too. Do I dare?
    Thinking I might outsource it so I have someone else to blame.
    I saw the warnings about the AV issues as I read through the last documentation to see if there were any issues I needed to know about. Had to postpone clients a little.

  13. #13

    patched my esxi's without issue. Poweredge R720/R820

  14. #14
    BG's most likeable Québécois
    Pens win! Pens Win!!! PENS WIN!!!!!

    Join Date
    Sep 2007
    Posts
    37,802
    BG Level
    10

    Quote Originally Posted by Yabby View Post
    patched my esxi's without issue. Poweredge R720/R820
    Do you have a good step by step?

    I have 3 esxi 5.5 with a vcenter 5.5

  15. #15

    I've just setup VMware vSphere Update Manager, then put them in maintenance mode, remediate the host, it needs a restart, bring it back up. Nothing really different than a normal security update. I only update 3 of the hosts in my test secondary cluster (I have a few users that are always considered "testing" those users use a different VDI environment than my primary cluster). So with 3/10 hosts updated, i left it for a few days without issues, so if you wanted you can always test one host before updating the others if you want to play it safe.

    Primary cluster has about 20 hosts and i did those all at the same time, it's really easy using the update manager.

  16. #16
    BG's most likeable Québécois
    Pens win! Pens Win!!! PENS WIN!!!!!

    Join Date
    Sep 2007
    Posts
    37,802
    BG Level
    10

    Quote Originally Posted by Yabby View Post
    I've just setup VMware vSphere Update Manager, then put them in maintenance mode, remediate the host, it needs a restart, bring it back up. Nothing really different than a normal security update. I only update 3 of the hosts in my test secondary cluster (I have a few users that are always considered "testing" those users use a different VDI environment than my primary cluster). So with 3/10 hosts updated, i left it for a few days without issues, so if you wanted you can always test one host before updating the others if you want to play it safe.

    Primary cluster has about 20 hosts and i did those all at the same time, it's really easy using the update manager.
    Our servers are old, i<m just scared that they don't boot anymore since the guy before never updated them

  17. #17

    Hopefully you can work with a host down for a bit. Just write down all the configuration that you need for the one host, and do the update. Doesn't work, then just re-image the host with a fresh ESXi image and rebuild. I think from image to production it really shouldn't take more than a few hours to get a host back online. But i doubt you will have much trouble, I do security patches and updates to my host bi-weekly. I've yet to have an issue when updating.

  18. #18
    The Real Cookiemonster
    Join Date
    Jan 2007
    Posts
    1,870
    BG Level
    6
    FFXIV Character
    Dark Depravity
    FFXIV Server
    Sargatanas

    Quote Originally Posted by Yabby View Post
    Hopefully you can work with a host down for a bit. Just write down all the configuration that you need for the one host, and do the update. Doesn't work, then just re-image the host with a fresh ESXi image and rebuild. I think from image to production it really shouldn't take more than a few hours to get a host back online. But i doubt you will have much trouble, I do security patches and updates to my host bi-weekly. I've yet to have an issue when updating.
    Here's my problem, because my bosses are cheap, I can't afford a host staying down any significant amount of time. all 3 ESX' are running at 75%+ resources consumed. if anything goes down, I don't have the resources elsewhere really to move the VMs
    We've got plenty of VMs and redundancy on the systems managed there, just not on the hardware
    Reading that several big companies have had some problems with resources post-patch, I is nervous.

  19. #19
    BG's most likeable Québécois
    Pens win! Pens Win!!! PENS WIN!!!!!

    Join Date
    Sep 2007
    Posts
    37,802
    BG Level
    10

    Quote Originally Posted by Yabby View Post
    Hopefully you can work with a host down for a bit. Just write down all the configuration that you need for the one host, and do the update. Doesn't work, then just re-image the host with a fresh ESXi image and rebuild. I think from image to production it really shouldn't take more than a few hours to get a host back online. But i doubt you will have much trouble, I do security patches and updates to my host bi-weekly. I've yet to have an issue when updating.
    Same problem has Hellfury

    All 3 hosts are fully loaded since they are old stuff, and all the datastores are local on the drives, so if i rebuold a ESXI on that server it's by bye data

  20. #20
    BG's #1 Hatsune Miku fan!
    Join Date
    Dec 2009
    Posts
    7,435
    BG Level
    8

    They say they have released patches for some Intel chips but does anybody know which ones? I'm talking about the firmware. I searched around and couldn't find anything. I just did a manual search for Windows updates and one came up I'm assuming the drivers are in there.

    i5-3570k with Win7 64-bit.

+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast