Trebles all round! Intel celebrates record sales of insecure processors Still dealing with the consequences of security research that demands changes in its processors, Intel on Thursday reported better-than-expected earnings in 2017's final quarter. Chipzilla shrugged off the recently disclosed Meltdown and Spectre design flaws to report record fourth-quarter revenue of $17.1bn, up four per cent …
If this all came out in the open in early 2018 then how can last quarter 2017 represent a triumph? Surely they've shrugged off something that didn't exist at the point the earnings call was made?
I would have thought with the way the world is now, the next 12 months will be the proof in the pudding for Krzanich.
"Joe public probably won't care, the IT crowd won't be listened to but I would wager the financial/legal bods don't just smell blood in the water - they're mixing it with Vodka, Tabasco and a dash or two of Henderson's (I'm from Sheffield)."
Especially among Intel's largest customers. The big four, Microsoft, Apple, Google, and Amazon, represent the majority of IT equipment purchases in the world. They all have significant in-house counsel, and a minimum they are going to want discounts on the their next round orders to compensate them. At worst, they will demand a complete replacement.
Intel's big issue is if Google or Amazon buy AMD. If an acquirer were to pump $5B a year into AMD's existing R&D budget for the next four years, that would be a considerable threat to Intel. The only reason why this hasn't happened already, is that Microsoft and Amazon won't buy from a Google AMD. And Google and Microsoft won't buy from an Amazon AMD. So an AMD buyout by one of the big four would reduce AMD's addressable market.
The other issue would be a new wildcard CPU. Something x86 compatible, but not Intel or AMD. There are various projects brewing around like this. How many $B would it take to bring one of these design forward enough? The advantage of this option, would that you could make a CPU optimized for the hyperscale use. Intel has already been making build-to-order variants for Amazon and MIcrosoft.
Intel have taken a lesson from Barclays Bank*, and established a "Scandal Deployment Division" whose purpose is to cause the stock price to crash every so often so the directors and other insiders can buy back stock sold just prior to the crash.
It is a perfectly sound strategy when your market is mature and further growth unlikely.
It may be illegal, but getting caught implies that the legal system is competent and efficient, and if you are caught you can rely on the fines being less than the profits because the numbers are very large and few can grasp the scale of them.
*Other companies have been known to use this strategy too.
"Intel have taken a lesson from Barclays Bank*, and established a "Scandal Deployment Division" whose purpose is to cause the stock price to crash every so often so the directors and other insiders can buy back stock sold just prior to the crash."
Or, if you remove the tinfoil hat, Intel have employed heavy marketing and have been fortunate their main competitor (in the x86 marketplace) has struggled over recent years to paper over cracks in their once heralded manufacturing processes.
Historically had a 2-3 year lead over competitors and have now reached the point where they are almost level pegging (depending on when Intel finally starts volume shipments of 10nm parts) with Samsung, TSMC and Global Foundries.
On the CPU design side, Intel has historically been pretty conservative with features, knowing their manufacturing process allowed them to outperform and out produce their competitors (total silicon shipped rather than per unit to account for differences in part size) - depending on how Spectre is managed across the industry (i.e. if AMD beats them to market with hardware fixes that remove/reduce the performance penalty), Intel may find themselves in a pretty uncomfortable situation of declining revenues, increased R&D and actual competition.
"Historically had a 2-3 year lead over competitors and have now reached the point where they are almost level pegging"
Intel launched Broadwell in sept 2014
Foundries deliver first "10nm" product in April 2017
Foundry 10nm is very slightly ahead of Intel 14nm.
Intel's process lead is 2 years 7 months.
I agree, Broadwell was 14nm in September 2014 and had similar specs to other foundries 10nm processes that came after it.
Intels 10nm CPU's may have shipped in volume (tbc) December 2017 - other foundries are sampling 7nm for expected 2018 delivery.
Hence the "level pegging" versus the 2-3 year lead.
I got flame broiled hard the last time I pointed this out. To the Dreamers that think that anyone 'sides (possibly), themselves actually give a toss about AMD. As being the only other guy out there with a ghost of a chance to stand up against Intel.
But, I shall probably keep pointing this fact out.
So does this need really come to anyone as a huge shock, or under the heading of the Bleeding Obvious?
Re Intel vs AMD, the CPU wars are almost irrelevant now - because the PC market is in permanent decline. It is great that AMD have competitive CPUs again, and I hope they will catch up with Nvidia in the GPU race.
But what AMD really needs is to break out of the PC trap as Intel is starting to do. Getting bought by Xilinx would really set the cat among the pigeons.
Re Intel vs AMD, the CPU wars are almost irrelevant now - because the PC market is in permanent decline.
Is it?
Ok, everybody has been out buying tablets for years, because they already had usable PC's and they didn't have tablets. However, how long are those old PC's going to last for? Are people really going to do word processing and other jobs on the PC? Business is in no great rush to ditch PC's for tablets.
Historically you ended up buying a new computer every 2-3 years in the '90's and early '00's. In the last ten years though, performance has largely been through more and more cores, and if your just doing basic jobs like word documents then 2 cores is perfectly adequate so a ten year old PC is pretty much fine.
But how long for? Eventually the box will die and need replacing. And consider: currently 43.8% of computers are on Win7 and 32.9% are on WinX. If Microsoft bowed to popular demand and delivered something that anybody wanted then there are an awful lot of win7 boxes that could do with replacing over the next few years.
"I work at a Very Large Tech Company (not IBM/HP/Apple but similar size) and found out today that 80% of my colleges think Meltdown and Spectre are "viruses or summthin' like that""
You must mean Oracle. There is no way that a reasonable person would consider Oracle's $37B 2017 yearly revenue "similar" to Apple's $229B 2017 revenue. Or to HPE's $28B 2017.
And it is no surprise that Oralce is clueless about tech. They might sell hardware now, but they are still basically a database company.
Spectre and Meltdown are generally exploitation of poorly coded operating system kernels.
Speculative execution is a critical CPU design feature. Compare a Raspberry Pi vs a similar board running an ARM core with the feature. The performance difference is phenomenal. It also is bloody insecure if the operating system doesn't flush the pipeline on system calls.
System calls have always been and always will be expensive on general purpose operating systems. Consider that it requires a great deal of setup, serialization, etc of each call. It also requires processing of a software interrupt or an exception to break into the kernel. Transferring data of any consequence back is ridiculously expensive as it requires traversing the differences between the LDT and the GDT or maintaining multiple LDTs for the same data.
We as operating system designers made a conscientious choice to ignore the state of the speculative execution pipeline a long time ago. This was done because the cost of flushing it was too high and we simply did not see it as being a real security risk. Most JavaScript engines exploit the hell out of the state of the pipeline to avoid cache coherence issues between threads on different cores to avoid negotiating locks on memory which are way more expensive to process than normal system calls.
The solution to the problem is 100% operating system. VMware and other virtualization vendors need to perform access control during task swaps to identify whether to flush the pipeline between threads. This makes a lot of sense because in circumstances where virtual machines are reserving entire cores, there isn't much benefit to a flush of the pipeline on system calls, Of course VMware writes some of the most horrifying code with regards to security, so I figure they should probably just flush the pipeline and take the performance hit. There's no chance they can possibly get access control right.
Web browser vendors need to update their JavaScript JITs to explicitly avoid production of code that can exploit this. This is very doable, but every browser vendor will take a pretty serious hit performance wise. Stack on that issues regarding WebGL and WebCL, it could be a difficult challenge. Either way, there's no possible reason we should have a problem ensuring that attacks can't be launched from websites.
Server managers need to turn on Windows Smart Screen or similar to ensure that they don't run stuff that has the exploit present. As will other naughty software, a well placed time-bomb should trick security labs everywhere. Sandboxes which move the time forward to try and trigger time bombs for ages because the naughty software only needs to explode during a window of time to get around that.
Anti-virus needs to be up to date.
I in no way blame Intel, TI, ARM or any other hardware vendor for this cock-up. This is 1000% Microsoft, Linus, etc... and even then I don't blame them. I had to update 4 operating system I've written to flush the pipelines between threads following this exploit. It was my choice in the first place to skip cleaning up my shit between syscalls.
Now, AMD style memory encryption IS NOT!!!! read... IS NOT!!! a solution to this. I have over 100,000 lines of code in my project I'm working on right now. It's 100% multi-tennant and it's all in a single process and has no separation or possibility of separation on AMD processors via memory encryption. In fact, if I tried using that feature, it would be an absolute cluster-fuck.
I have gone back to update my code to handle role based permissions a lot better.
So... in the end... these are not processor based security vulnerabilities. We simply have had a bonus performance boost by coding operating systems badly for a long time. We now lost part of that boost for now... but there's absolutely no reason that operating system developers can't design solutions to identify when to selectively flush the pipelines. Then we'll get the performance back.
P.S. - I don't think QNX is having any problems because of this.
We simply have had a bonus performance boost by coding operating systems badly for a long time.
It's like reading a steampunk technology newsletter. None of this makes much sense and there also seems to be confusion between Meltdown and Spectre. What the hell??
Huh. I seem to have missed the part where reporting the news should at least try to be relatively truthful. Funny how Meltdown can also affect PowerPC and ARM processors, but it's all Intel's fault, eh? Likewise Specter is a speculative / branch prediction attack, which, again, is not an Intel-specific concept, just easy to target Intel because they have the incredible vast majority of the market share. (Much like virus authors targeting Microsoft instead of Linux or Mac.)
Yes, it would be nice if Intel were to have better predicted (pun intended) these vulnerabilities and mitigated them in their chip design. But then it would have also been nice if OS authors had done the same. (Especially those who were flatly warned far ahead of time.)
But Intel is a nice juicy big target, so I guess that matters more than those little details like truth.
The problem is, the more advanced a system becomes, the more vulnerabilities it will inherently have. If you want a CPU that can do more, then you have to expect that more can be done with it and to it. Sure, we could always go back to the days before CPUs had branch prediction. And we will lose a lot of performance for it.
Nah.
Intel has a massive amount of slush fund cash hidden around.
When a lot of bad news hit - ARM doing well, CEO selling stock before huge fuckup, fuckup in silicon etc etc, they dip into this money and report it as profit.
Standard bit of Jack Welch GE playbook, which GE shareholders are just finding out about ~20 odd years down the line.
Intel, in its current form, is in trouble.
"..and to incorporate fixes in hardware, which will appear in new processors shipping later this year, allegedly"
But during the Q&A session they said
"The only other think I'd add for Brian's comment earlier, we kind of go into the year realizing that it's an increasingly competitive environment and our focus is on right now continuing to bring the best highest performance products to market, but also to lots of time and energy spend on focusing on fixing those issue, primarily through software patches as opposed to short-term hardware things."
So the Meltdown/Spectre issues will be addressed in and will not be addressed in hardware this year :p
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
