Page 3 of 4

Re: Design flaw in intel processors...

Posted: Tue Jan 16, 2018 8:12 pm
by SergeDavid
Don't worry, just overclock your PC by 25% and your good fam.

Re: Design flaw in intel processors...

Posted: Tue Jan 16, 2018 11:38 pm
by Flatfingers
Update: the Brave browser has been updated to offer the Strict Site Isolation feature that helps to minimize the risk of some evil JavaScript code gaining access to your CPU's most privileged level via the Spectre exploit.

Chrome also offers a similar feature if for some reason you want to continue to empower Google.

I really am impressed with the Brave team.

Re: Design flaw in intel processors...

Posted: Wed Jan 17, 2018 12:16 am
by Silverware
To be entirely fair, if your JS can get out of it's playpen, then you had issues to begin with.
So that's more a strike AGAINST Brave rather than one for it.


Javascript was never designed to do what the Node.js team have abused it into doing.
But V8 (the Chrome JS Engine, that is shared with Node.js) is amazing. Gets performance close to fully compiled Java code, which is bloody impressive really.
While I do hate Java, I can't claim it isn't fairly fast. Not as good as C, but still pretty damn fast.

Re: Design flaw in intel processors...

Posted: Wed Jan 17, 2018 12:50 am
by Victor Tombs
I'll be staying with Chrome. :) I've tried a few other browsers but I'm happy with Chrome. :angel:

Re: Design flaw in intel processors...

Posted: Wed Jan 17, 2018 1:55 pm
by Silverware
Victor Tombs wrote:
Wed Jan 17, 2018 12:50 am
I'll be staying with Chrome. :) I've tried a few other browsers but I'm happy with Chrome. :angel:
Chrome is great, fastest Javascript engine I have found, and the ties into google along with the shared history and bookmarks between mobile and desktop, and even across multiple desktops is worth it.
Unlike some people, I don't mind having google as an overlord, they do at least try to make good software/hardware. (Unlike Apple, hating google is basically loving apple. :V)

Re: Design flaw in intel processors...

Posted: Thu Jan 18, 2018 12:27 am
by Flatfingers
Silverware wrote:
Wed Jan 17, 2018 12:16 am
To be entirely fair, if your JS can get out of it's playpen, then you had issues to begin with.
So that's more a strike AGAINST Brave rather than one for it.
It might be worth mentioning that the guy behind Brave, who co-founded Mozilla, is also the inventor of JavaScript. Yan Zhu, who worked on TOR, works for Brave, too.

From the homework I did on Brave before I started using it -- or talking about it -- I feel like they've probably got a good handle on browser security, including its implementation of JavaScript. But they're always happy to to consider informed suggestions for improvement.

Re: Design flaw in intel processors...

Posted: Mon Jan 22, 2018 7:35 pm
by Cody
The ever-affable Linus Torvalds ain't too happy with intel's approach... article here.

Re: Design flaw in intel processors...

Posted: Mon Jan 22, 2018 8:05 pm
by Silverware
Cody wrote:
Mon Jan 22, 2018 7:35 pm
The ever-affable Linus Torvalds ain't too happy with intel's approach... article here.
I love Linux, to a degree at least, but honestly I find that Torvalds is an arsehole beyond that of even Trump.
He seems to think that because he created "linux" everything that happens that is even slightly related to it should happen exactly how he wants it to. Like a control freak, except slightly respected by some of the community.

Leaving Speculative Prediction as a decision for a system administrator is an incredibly useful idea. I've already seen >20% drops in performance for Databases where I support the OS, so allowing me to tell the CPU that I don't actually want this on is important.
Especially as the access to these systems is highly restricted already, and to be able to abuse the bug you need to have a very high level of specific knowledge on the hardware, and the bug, and know in advance the location of the data you want to access in memory.

If you don't know the location of the data, on these large databases with 100+GB of memory, there is little to no chance of finding it trivially. If you don't have access to the system in the first place you can't exploit it.

And the existing level of security is enough for me to feel safe in leaving specter unpatched. Especially when it can prevent performance loss.



But of course, I am just a Systems Administrator working in the field, and Torvalds is the "GOD AND MASTER" of all things Linux, or Linux adjacent.

... Wanker.

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 12:46 am
by Victor Tombs
Silverware wrote:
Mon Jan 22, 2018 8:05 pm
But of course, I am just a Systems Administrator working in the field, and Torvalds is the "GOD AND MASTER" of all things Linux, or Linux adjacent.

... Wanker.
I'm sure you're a highly skilled Systems Administrator, Silver. I know nothing about this Torvalds chap but he sounds like a bit of a w****r. You may have noticed that I don't have much time for those types that start thinking they are "GOD AND MASTER" because they have a particular skillset or believe themselves to be special in some way.

It's a pity that you have such a liking for Linux but I can see that your occupation requires you to work with it. :(

Ohh well, nothing and nobody is perfect. ;) :angel:

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 1:08 am
by Flatfingers
Silverware wrote:
Mon Jan 22, 2018 8:05 pm
Leaving Speculative Prediction as a decision for a system administrator is an incredibly useful idea. I've already seen >20% drops in performance for Databases where I support the OS, so allowing me to tell the CPU that I don't actually want this on is important.
Especially as the access to these systems is highly restricted already, and to be able to abuse the bug you need to have a very high level of specific knowledge on the hardware, and the bug, and know in advance the location of the data you want to access in memory.
I admit to being confused here. The stuff I've read about speculative prediction says it's supposed to improve performance by guessing which path will be taken through conditionals. As long as its predictive algorithm is good enough -- and it ought to be, else why implement it? -- it should have to backtrack less often than it guesses correctly, meaning somewhat faster traversal of the code than if it never guessed at all.

You're finding that doesn't hold true in practice?

But speaking of Linux... I talk with Red Hat guys pretty frequently (though not always about Linux), and the Dread Name of Torvalds never comes up. Take that, Linus. :D

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 3:33 am
by Silverware
Ah, I think the issue here is that you guys have failed to read the interview fully. Or misunderstood my own rant. :V

Torvalds has said he dislikes the way that Intel have fixed it, and wants to enforce his will upon the world, where in Speculative Prediction would be forever disabled for everyone.

Intel, have allowed it to be set at boot as to whether you allow it or now.



Torvalds comes across as a kid throwing a tantrum, as he usually does.
He also attempts to block all the important changes, such as a full revamp of permissions, either because "legacy support" or "I don't like it, so it wont happen".
The man is a prick who is decades out of date in IT, and I doubt he has worked in a role that has been ANYTHING like modern Systems Administration at all.

Red Hat are pretty good, very onto it.

And Linux is generally fine, but there are a whole bunch of "legacy" decisions, things that were perfectly okay in the 80's and 90's, but have not evolved properly since then.
Permissions is a very good example of this, requiring an incredibly obtuse system that is hefty and takes a ton of time to sort out to be able to do anything fancy at all.
On systems with only a few users that is fine, especially if each user has a VERY clearly defined role. But in modern systems where you can have dozens of different user types, even on the Linux backend servers, then it's a bloody pain.

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 3:44 am
by Victor Tombs
Silverware wrote:
Tue Jan 23, 2018 3:33 am
Ah, I think the issue here is that you guys have failed to read the interview fully. Or misunderstood my own rant. :V
Probably a little of both, Silver. However, I regret nothing I wrote in my previous post. ;) :angel:

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 5:40 am
by Cody
Silverware wrote:
Tue Jan 23, 2018 3:33 am
Or misunderstood my own rant.
You call that a rant? <chortles>

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 5:55 am
by Victor Tombs
Cody wrote:
Tue Jan 23, 2018 5:40 am
Silverware wrote:
Tue Jan 23, 2018 3:33 am
Or misunderstood my own rant.
You call that a rant? <chortles>
You need to get some pointers from TGS, Silver. Now there's a man who knows how to rant. *chuckle*

Re: Design flaw in intel processors...

Posted: Tue Jan 23, 2018 7:48 am
by Cornflakes_91
"Speculative prediction" *cringes*
its
Speculative Execution
and
Branch Prediction

:P