|
|
#
?
Mar 5, 2019 17:03
|
|
|
|
| # ? May 24, 2024 22:55 |
|
|
PC LOAD LETTER posted:There are different versions of the Rowhammer attack and the ones used to defeat ECC (yes it can defeat some types of ECC RAM though I don't think its been shown to work with DDR4 yet, but the researchers thought it could, note that their work is different than this new SPOILER thing) can take days or weeks to be effective. for context have a christmas carol the chips from all vendors were all flawed before this new variant was discovered, it's just another hole in the sieve
|
|
#
?
Mar 5, 2019 17:44
|
|
|
BangersInMyKnickers posted:thunderbolt is still the only game in town if you want egpu. being able to pass through native pcie makes it much better for docking stations including chaining displays Not entirely the exact same thing, but worth mentioning that you can get the same functionality as an egpu with an nvme slot and an adapter that passes through to a full-size graphics card in an external enclosure (if your motherboard supports it of course).
|
|
#
?
Mar 6, 2019 03:06
|
|
|
So that seems bad. Is it something that should worry regular desktop users like me or is it more of a concern for enterprises?
|
|
#
?
Mar 7, 2019 08:25
|
|
|
OhFunny posted:So that seems bad. I think the point is that if Intel shows wanton disregard for the security of their platforms for their major clients, imagine how little of a crap they give about your security.
|
|
#
?
Mar 7, 2019 08:52
|
|
|
dont be mean to me posted:I think the point is that if Intel shows wanton disregard for the security of their platforms for their major clients, imagine how little of a crap they give about your security. This article says that it's something that affects all Core processors starting from the first generation. If it took them this long to figure this attack out, then what are the odds that anyone's actually able to use it in the real world?
|
|
#
?
Mar 7, 2019 09:35
|
|
|
Shipon posted:This article says that it's something that affects all Core processors starting from the first generation. If it took them this long to figure this attack out, then what are the odds that anyone's actually able to use it in the real world? That's like saying "I've had this password for years. Now that it's out in the open, what are the odds anyone's actually able to use it in the real world?"
|
|
#
?
Mar 7, 2019 09:57
|
|
|
Also it's assuming that it's an isolated incident, rather than the latest discovered point in a pattern of behavior, and one which illustrates how far back the pattern stretches. And that no one actually figured it out other than whoever published it.
|
|
#
?
Mar 7, 2019 11:11
|
|
|
it's another new paper showing that optimisation everyone was doing for decades had subtle issues that different vendors managed the risk of differently you shouldn't be jumping for every minor variant or saying x vendor is fine. these are major research projects that are going to continue finding flaws over time, and acting shocked every release is fruitless
|
|
#
?
Mar 7, 2019 11:31
|
|
|
OhFunny posted:So that seems bad. Do you have any reason to think anyone would bother to target you, specifically, for an attack? If you are Joe Public, the answer is "no," and the chance that anyone will actually try to deploy such an attack against you is quite a bit lower than you being subject to any of a variety of more common attacks. This is mostly a vulnerability that platforms and other high-value targets are going to be concerned about, particularly those who have hard-coded keys that would be a huge deal to replace should they ever get leaked/discovered.
|
|
#
?
Mar 7, 2019 14:19
|
|
|
OhFunny posted:So that seems bad.
|
|
#
?
Mar 7, 2019 15:18
|
|
|
We taught sand how to think, and not being satisfied, we taught it how to cheat. In a few years, we'll have learned that the cheating sand was also loan sharking on the side.
|
|
#
?
Mar 7, 2019 17:15
|
|
|
cool for this to drop the week after buying an 9900K lol youll never get me out of my whack rear end plastic processor prison
|
|
#
?
Mar 7, 2019 18:00
|
|
|
Khorne posted:The timescale of the attack seems impractical for most valuable consumer data. As the vulnerability becomes more widespread it could easily be worth a hackers time to go after consumers. Anything that can be automated will be and spending a few processor seconds on it isn’t a big deal
|
|
#
?
Mar 7, 2019 18:44
|
|
|
These security vulnerabilities that people flip out about never seem to have any actual impact on home users. The spectre/meltdown fix hurting NVME throughput was like the most real impact I can ever remember. Maybe this one is different, i dont know and im also too dumb to care so.
|
|
#
?
Mar 7, 2019 19:11
|
|
|
It never has any impact, until maybe one day it does and then we're all hosed. See also: climate change. An arbitrary code execution/protected memory leaking/similarly catastrophic exploit being hard to execute seems less like true protection and more like a reprieve until someone has the time to come up with a good implementation. Eletriarnation fucked around with this message at 19:19 on Mar 7, 2019 |
|
#
?
Mar 7, 2019 19:16
|
|
|
Eletriarnation posted:It never has any impact, until maybe one day it does and then we're all hosed. See also: climate change. when my personal video gaming CPUs weird errata kills millions, I will feel very ashamed and owned
|
|
#
?
Mar 7, 2019 19:18
|
|
|
Not saying that the impact is comparable, just that people's lack of reaction to something potentially awful might be. Struck me as an amusing parallel. It could be a gaming computer or a smart lightbulb, what they care about is whether it can be part of a DDoS botnet too.
|
|
#
?
Mar 7, 2019 19:20
|
|
|
You see, children, the downfall of civilization began way back in 2019 when Gary decided to install a Nest...
|
|
#
?
Mar 7, 2019 20:07
|
|
|
You're not seeing impact as the software end-users primarily use that would be targeted (web browsers) are the forefront of r&ding protections
|
|
#
?
Mar 7, 2019 21:03
|
|
|
Wiggly Wayne DDS posted:You're not seeing impact as the software end-users primarily use that would be targeted (web browsers) are the forefront of r&ding protections See: Chrome's recent memory management error that was actively being exploited in the wild that allowed arbitrary code execution and sandbox escape. I wouldn't rely on web browser security to save us.
|
|
#
?
Mar 7, 2019 21:29
|
|
|
They're not perfect, but honestly browsers get security patches to fix critical flaws like that faster than almost anything else in computer land, so you really can't ding 'em too badly, either. That 0day exploit, for example, was patched inside of a week. Honestly, the biggest part about SPOILER is that it can (theoretically) take Rowhammer--a fairly contrived "yeah it could work if you had nation-state resources to apply to a target" style of attack and turn it into something that can be slipped into JavaScript browser drive-by attacks. That's...real bad. But the upside is that you'll likely see a browser patch to plug that vector and thereby protect 99% of users looooong before you see a technical response from Intel that tries to address that other 1% who might suffer through more esoteric delivery methods.
|
|
#
?
Mar 8, 2019 01:56
|
|
|
js rowhammer already existed and had practical pocs. rowhammer was never contrived. they were embargoed alongside fixes to minimise impact on users after publication. if you want to see maybe check the yospos sec threads since 2016 and every major security conference since then having a new practical variant these are bleeding-edge attacks, new chips will not solve the problem only mitigate the major ones. give it 5 years before any major breakthrough hits consumer gear
|
|
#
?
Mar 8, 2019 11:41
|
|
|
Intel won the contract for the first US exascale computer not just for the CPUs but also GPUs and memory. https://twitter.com/Rajaontheedge/status/1107714318546530304?s=19
|
|
#
?
Mar 19, 2019 00:41
|
|
|
Can't wait for those more effective atom bombs!
|
|
#
?
Mar 19, 2019 00:46
|
|
|
Intel makes GPUs. lol
|
|
#
?
Mar 19, 2019 00:48
|
|
|
This also explains what Xe is supposed to mean, pretty impressive for them to beat out well established player Nvidia considering they've never actually released a GPU product before. https://twitter.com/Rajaontheedge/status/1107721706682998784?s=19
|
|
#
?
Mar 19, 2019 01:01
|
|
|
MaxxBot posted:This also explains what Xe is supposed to mean
|
|
#
?
Mar 19, 2019 01:22
|
|
|
Spiderdrake posted:For a split-second I thought you meant them becoming a shady government contractor Blackwater/Xe is now Academi! Helps to change names frequently if you're a PMC with a shady past.
|
|
#
?
Mar 19, 2019 01:29
|
|
|
Lambert posted:Can't wait for those more effective atom bombs! It's about drat time.
|
|
#
?
Mar 19, 2019 09:50
|
|
|
I know they've hired like half of the hardware journalists out there already but I wasn't expecting this one. https://twitter.com/KyleBennett/status/1108020954096193536?s=19
|
|
#
?
Mar 19, 2019 23:27
|
|
|
MaxxBot posted:I know they've hired like half of the hardware journalists out there already but I wasn't expecting this one. Kyle Bennett's statement on [H]ardOCP. Adios HardOCP and HardForums.
|
|
#
?
Mar 19, 2019 23:29
|
|
|
April 1st.
|
|
#
?
Mar 20, 2019 00:26
|
|
|
Exactly two weeks' notice(?)
|
|
#
?
Mar 20, 2019 05:02
|
|
|
Weird way to go about for an April fools joke. If true, I guess astroturfing is the new PR. "Director of Enthusiast Engagement", lolwat.
|
|
#
?
Mar 20, 2019 05:11
|
|
|
Canada created a whole new territory out of an existing one on April 1 one year. April 1 is a Monday this year so it's the start of a new month and the start of a new week. Totally legitimate day to start a new job.
|
|
#
?
Mar 20, 2019 06:08
|
|
|
I don't think it's a prank, his employees are writing long-winded goodbyes on his forums.
|
|
#
?
Mar 20, 2019 06:29
|
|
|
Guy at work bought a Dell Precision 3000 series with 32GB of RAM and Xeon 2186G. We don't support those and asked why since we support Dell http://www.cpu-world.com/Compare/418/Intel_Core_i7_i7-8700K_vs_Intel_Xeon_E_E-2186G.html Is the $1000+ CAD for the Xeon in this case worth it (that was the quote from Dell)? Vintersorg fucked around with this message at 20:28 on Mar 21, 2019 |
|
#
?
Mar 21, 2019 17:22
|
|
|
Vintersorg posted:Guy at work bought a Dell Precision 3000 series with 32GB of RAM and Xeon 2186G. We don't support those and asked why since we support Dell Latitudes. He said the Lat's can't do what this does but from the things I am reading the i7 8700 is just as good. It's the same chip, but it supports ECC ram, more or less. Fantastic Foreskin fucked around with this message at 18:01 on Mar 21, 2019 |
|
#
?
Mar 21, 2019 17:33
|
|
|
|
| # ? May 24, 2024 22:55 |
|
|
I don't think you get quad channel RAM until you go to LGA2066.
|
|
#
?
Mar 21, 2019 17:58
|
|