• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

AMD Ryzen 5000 Series CPUs with Zen 3 Cores Could be Vulnerable to Spectre-Like Exploit

AleksandarK

Staff member
Joined
Aug 19, 2017
Messages
1,012 (0.76/day)
AMD Ryzen 5000 series of processors feature the new Zen 3 core design, which uses many techniques to deliver the best possible performance. One of those techniques is called Predictive Store Forwarding (PSF). According to AMD, "PSF is a hardware-based micro-architectural optimization designed to improve the performance of code execution by predicting dependencies between loads and stores." That means that PSF is another "prediction" feature put in a microprocessor that could be exploited. Just like Spectre, the feature could be exploited and it could result in a vulnerability in the new processors. Speculative execution has been a part of much bigger problems in CPU microarchitecture design, showing that each design choice has its flaws.

AMD's CPU architects have discovered that the software that relies upon isolation aka "sandboxing", is highly at risk. PSF predictions can sometimes miss, and it is exactly these applications that are at risk. It is reported that a mispredicted dependency between load and store can lead to a vulnerability similar to Spectre v4. So what a solution to it would be? You could simply turn it off and be safe. Phoronix conducted a suite of tests on Linux and concluded that turning the feature off is taking between half a percent to one percent hit, which is very low. You can see more of that testing here, and read AMD's whitepaper describing PSF.


View at TechPowerUp Main Site
 

las

Joined
Nov 14, 2012
Messages
849 (0.28/day)
Processor i9-9900K @ 5.2 GHz
Motherboard AsRock Z390 Taichi
Cooling Custom Water
Memory 32GB DDR4 4000/CL15
Video Card(s) MSI 3080 Ventus 3X @ 2+ GHz
Storage 970 Evo Plus 1TB + 40TB NAS
Display(s) Asus PG279Q 27" 1440p/165HzIPS/Gsync + LG C9 65" 2160p/120Hz/OLED/HDR/Gsync
Case Fractal Design Meshify C
Audio Device(s) Asus Essence STX w/ Upgraded Op-Amps
Power Supply Corsair RM1000x
Mouse Logitech G Pro Wireless
Software Windows 10 Pro x64
This is the reason why most vulberabilies were found in Intel CPUs; https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html

Intel actually pays people for finding them. "Intel’s bug bounty awards range from $500 up to $100,000."

AMD had plenty of vulnerabilies, even tho they don't pay people for finding them. Meaning, very few people will spend time trying to find them. Logic 101.

It's sad that AMD does not pay people for finding bugs, when tons of big tech companies do; https://www.guru99.com/bug-bounty-programs.html
 
Last edited:
Joined
Apr 18, 2013
Messages
973 (0.33/day)
Nothing to write home about: https://www.phoronix.com/scan.php?page=article&item=amd-zen3-psf&num=1

perf.png
 
Joined
Sep 6, 2013
Messages
1,781 (0.64/day)
Location
Athens, Greece
System Name 3 systems: Gaming / Internet / HTPC
Processor Ryzen 7 2700X / Ryzen 7 2600X / AM3 Athlon 645 unlocked to 6 core
Motherboard MSI X470 Gaming Plus Max / ASRock A320M-HDV R4.0 / Gigabyte GA-990XA-UD3
Cooling Νoctua U12S / AMD Wraith / CoolerMaster TX2
Memory 16GB G.Skill RIPJAWS 3600 / 16GB G.Skill Aegis 3200 / 16GB Kingston 2400MHz (DDR3)
Video Card(s) XFX RX 580 8GB + GT 620 (PhysX)/ GT 710 / GT 620
Storage Intel NVMe 500GB + SATA SSDs + SATA HDDs / Samsung 256GB NVMe + 2.5'' HDDs / Samsung SSD 120GB
Display(s) Samsung LE32D550 32'' TV(2 systems connected) / 19'' monitor + projector
Case Sharkoon Rebel 12 / Sharkoon Rebel 9 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Sharkoon 650W / Seasonic 400W
Mouse CoolerMaster / Rapoo / Logitech
Keyboard CoolerMaster / Microsoft / Logitech
Software Windows
Probably AMD copied some optimizations from Intel's book. Let's be honest. No one should be using Intel CPUs based on their security problems, right? Well everyone is using those and no one cares. From the teenager gamer to the highly experienced IT. Spectre, Meltdown? We forgoten those names long ago. So, why AMD try to keep it's CPUs as safe as possible and not offer what everyone wants? Performance.
 
Low quality post by HenrySomeone
Joined
Apr 16, 2019
Messages
369 (0.50/day)
This is the reason why most vulberabilies were found in Intel CPUs; https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html

Intel actually pays people for finding them. "Intel’s bug bounty awards range from $500 up to $100,000."

AMD had plenty of vulnerabilies, even tho they don't pay people for finding them. Meaning, very few people will spend time trying to find them. Logic 101.

It's sad that AMD does not pay people for finding bugs, when tons of big tech companies do; https://www.guru99.com/bug-bounty-programs.html
AMD just relies on their fanboy base, that will put up with almost anything and usually does the beta testing for them. Makes financial sense if you think about it really - why do something yourself or pay others to do when it'll be done by your deluded fans free of charge... :cool:
 
Joined
May 31, 2016
Messages
2,653 (1.49/day)
Location
Currently Norway
System Name Bro2
Processor Ryzen 2700X
Motherboard MSI X470 Gaming Carbon
Cooling Corsair h115i pro rgb
Memory 32GB G.Skill Flare X 3200 CL14 @ 2933Mhz CL14
Video Card(s) Powercolor 6900 XT Red Devil
Storage M.2 Samsung Evo 970 250MB/ Samsung 860 Evo 1TB
Display(s) LG 27UD69 UHD / LG 27GN950
Case Fractal Design G
Audio Device(s) realtec 5.1
Power Supply Corsair AXi 760W / Seasonic 750W GOLD
Mouse Logitech G402
Keyboard Logitech slim
Software Windows 10 64 bit
AMD just relies on their fanboy base, that will put up with almost anything and usually does the beta testing for them. Makes financial sense if you think about it really - why do something yourself or pay others to do when it'll be done by your deluded fans free of charge... :cool:
Because, if you pay someone to find vulnerabilities you can also tell them not to put it into the public straight away. With tech savvy dudes (not fan boys) who like to do that type of things, they are not being payed anything by the company with the CPU architecture, they just like doing it and I guess they are good at it. The company that pays for the resources to find the exploits or vulnerabilities may also block the publicity of the findings or postpone it in time (exactly what Intel did) to fix it but still there are people, companies that are vulnerable anyway and they don't have any idea about it. Just because a company has a different approach, doesn't mean it's wrong and people who are involved in finding the vulnerabilities in the CPU architecture are not deluded fan boys because they are not being payed by the company that the CPU belongs to that's for sure.
 
Joined
Aug 20, 2007
Messages
14,576 (2.92/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
Joined
Jul 13, 2016
Messages
1,030 (0.59/day)
Processor Ryzen 5800X
Motherboard ASRock X570 Taichi
Cooling Le Grand Macho
Memory 32GB DDR4 3600 CL16
Video Card(s) EVGA 1080 Ti
Storage Too much
Display(s) Acer 144Hz 1440p IPS 27"
Case Thermaltake Core X9
Audio Device(s) JDS labs The Element II, Dan Clark Audio Aeon II
Power Supply EVGA 850w P2
Mouse G305
Keyboard iGK64 w/ 30n optical switches
"could be exploited"

Lot of anti-AMD comments for something that doesn't have an exploit yet. Mind you the performance difference is near nothing anyways so it wouldn't mean much to begin with. I'm guessing as usual, the typical suspects rush to the comments without reading.
 
Joined
Nov 7, 2016
Messages
110 (0.07/day)
Processor 5950X
Motherboard Dark Hero
Cooling Custom Loop
Memory Crucial Ballistix 3600MHz CL16
Video Card(s) Gigabyte RTX 3080 Vision
Storage 980 Pro 500GB, 970 Evo Plus 500GB, Crucial MX500 2TB, Crucial MX500 2TB, Samsung 850 Evo 500GB
Display(s) Gigabyte G34WQC
Case Cooler Master C700M
Audio Device(s) Bose
Power Supply AX850
Mouse Razer DeathAdder Chroma
Keyboard MSI GK80
Software W10 Pro
Benchmark Scores CPU-Z Single-Thread: 688 Multi-Thread: 11940
Question: which are the softwares that implement sandboxing? Also, there is no information about how to disable PSF.
 
Last edited:
Joined
Feb 20, 2019
Messages
2,386 (3.03/day)
System Name Flavour of the month. I roll through hardware like it's not even mine (it often isn't).
Processor 3900X, 5800X, 2700U
Motherboard Aorus X570 Elite, B550 DS3H
Cooling Alphacool CPU+GPU soft-tubing loop (Laing D5 360mm+140mm), AMD Wraith Prism
Memory 32GB Patriot 3600CL17, 32GB Corsair LPX 3200CL16, 16GB HyperX 2400CL14
Video Card(s) 2070S, 5700XT, Vega10
Storage 1TB WD S100G, 2TB Adata SX8200 Pro, 1TB MX500, 500GB Hynix 2242 bastard thing, 16TB of rust + backup
Display(s) Dell SG3220 165Hz VA, Samsung 65" Q9FN 120Hz VA
Case NZXT H440NE, Silverstone GD04 (almost nothing original left inside, thanks 3D printer!)
Audio Device(s) CA DacMagic+ with Presonus Eris E5, Yamaha RX-V683 with Q Acoustics 3000-series, Sony MDR-1A
Power Supply BeQuiet StraightPower E9 680W, Corsair RM550, and a 45W Lenovo DC power brick, I guess.
Mouse G303, MX Anywhere 2, Another MX Anywhere 2.
Keyboard CM QuickFire Stealth (Cherry MX Brown), Logitech MX Keys (not Cherry MX at all)
Software W10
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
Probably AMD copied some optimizations from Intel's book. Let's be honest. No one should be using Intel CPUs based on their security problems, right? Well everyone is using those and no one cares. From the teenager gamer to the highly experienced IT. Spectre, Meltdown? We forgoten those names long ago. So, why AMD try to keep it's CPUs as safe as possible and not offer what everyone wants? Performance.
Spectre did actually hurt us in the datacenter; We tend to plan servers on 3 or 5 year lifespans for budget and ROI reasons. We had a lot of Xeon and very little Epyc and after the first round of updates we jumped from about half capacity to about 70% capacity with a trickle less capacity every time more patches were added. Since those hosts were running VMs with access to financial data and confidential data under NDA it would have been irresponsible to leave hyperthreading on too - so within 6 months of the first patches our half-capacity became almost maxed out and some of these servers had several years left on the clock before being budgeted for replacment.

The only reason things aren't as dire as they could have been is that COVID-19 has reduced the server loads these last 13 months. Under normal circumstances, the loss of performance from applying mitigation steps and patches would have f***ed us over, hard, and expensively.
 
Joined
Jul 13, 2016
Messages
1,030 (0.59/day)
Processor Ryzen 5800X
Motherboard ASRock X570 Taichi
Cooling Le Grand Macho
Memory 32GB DDR4 3600 CL16
Video Card(s) EVGA 1080 Ti
Storage Too much
Display(s) Acer 144Hz 1440p IPS 27"
Case Thermaltake Core X9
Audio Device(s) JDS labs The Element II, Dan Clark Audio Aeon II
Power Supply EVGA 850w P2
Mouse G305
Keyboard iGK64 w/ 30n optical switches
This is the reason why most vulberabilies were found in Intel CPUs; https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html

Intel actually pays people for finding them. "Intel’s bug bounty awards range from $500 up to $100,000."

AMD had plenty of vulnerabilies, even tho they don't pay people for finding them. Meaning, very few people will spend time trying to find them. Logic 101.

It's sad that AMD does not pay people for finding bugs, when tons of big tech companies do; https://www.guru99.com/bug-bounty-programs.html

Officially Intel has far more vulnerabilities than AMD. Any statement that AMD has more vulnerabilities because many of them have not yet been found is pure speculation. You say "Logic 101" but you are really making an assumption based on assumption. That's not logic.
 
Joined
Apr 19, 2018
Messages
348 (0.32/day)
Processor AMD Ryzen 9 3900X
Motherboard Asus ROG Crosshair VIII Hero WiFi
Cooling Corsair Hydro H115i
Memory 16Gb CL14 Ripjaws V @3666MHz
Video Card(s) MSI GeForce RTX2070
Storage Samsung 970 EVO Plus SSD
Display(s) Korean Unbadged
Case Cooler Master Cosmos
Audio Device(s) O2 USB Headphone AMP
Power Supply Corsair HX850i
Mouse Logitech G703
Keyboard Crap!
And those that say AMD has no security vulnerabilities because they don't pay bug bounties are crazy... Why crazy? Lets see...

1.) ALL CPUs have bugs, and some can be exploited... Shock, horror...
2.) Intel have their own engineers looking at AMD CPUS all day long, looking for some dirt that they can use to create a fake security research company, setup a flashy website with fancy graphics, complete with fancy names for the exploits, and drum up a lynch mob to tank AMD shares. Think it don't happen? yeah right...
3.) Ever heard of ransomware? Maybe there is no money in finding an exploit... yeah...
4.) ALL future CPUs will have bugs, and will be exploited...
 
Joined
Sep 6, 2013
Messages
1,781 (0.64/day)
Location
Athens, Greece
System Name 3 systems: Gaming / Internet / HTPC
Processor Ryzen 7 2700X / Ryzen 7 2600X / AM3 Athlon 645 unlocked to 6 core
Motherboard MSI X470 Gaming Plus Max / ASRock A320M-HDV R4.0 / Gigabyte GA-990XA-UD3
Cooling Νoctua U12S / AMD Wraith / CoolerMaster TX2
Memory 16GB G.Skill RIPJAWS 3600 / 16GB G.Skill Aegis 3200 / 16GB Kingston 2400MHz (DDR3)
Video Card(s) XFX RX 580 8GB + GT 620 (PhysX)/ GT 710 / GT 620
Storage Intel NVMe 500GB + SATA SSDs + SATA HDDs / Samsung 256GB NVMe + 2.5'' HDDs / Samsung SSD 120GB
Display(s) Samsung LE32D550 32'' TV(2 systems connected) / 19'' monitor + projector
Case Sharkoon Rebel 12 / Sharkoon Rebel 9 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Sharkoon 650W / Seasonic 400W
Mouse CoolerMaster / Rapoo / Logitech
Keyboard CoolerMaster / Microsoft / Logitech
Software Windows
This is the reason why most vulberabilies were found in Intel CPUs; https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html

Intel actually pays people for finding them. "Intel’s bug bounty awards range from $500 up to $100,000."

AMD had plenty of vulnerabilies, even tho they don't pay people for finding them. Meaning, very few people will spend time trying to find them. Logic 101.

It's sad that AMD does not pay people for finding bugs, when tons of big tech companies do; https://www.guru99.com/bug-bounty-programs.html
Oh....WOW!!!!!

There are so many wrongs in your logic and others already mentioned a few. Intel could be paying not only so it can improve it's CPUs, but also to try to silence people as long as necessary to create hardware fixes for future revisions. Also no one should assume that Intel is not paying for vulnerabilities on Ryzen CPUs. Intel was really hit hard, for a period of time, with all those security holes on it's CPUs monopolizing the news. And while we can't say that they have payed people to create fictional problems on AMD CPUs (do you remember that Israeli firm? ), they probably have payed to find vulnerabilities in a competing product that is eating from their market share. Not to mention that huge companies, like Google, or Amazon, or Microsoft who use AMD's Epyc processors, probably keep looking for vulnerabilities themselves, or pay others to do so. They have plenty of money to spent.

Your logic reminds me of "Linux is as bad in security as Windows, we only don't see security problems on Linux because of it's small market share".
 
Joined
Feb 20, 2019
Messages
2,386 (3.03/day)
System Name Flavour of the month. I roll through hardware like it's not even mine (it often isn't).
Processor 3900X, 5800X, 2700U
Motherboard Aorus X570 Elite, B550 DS3H
Cooling Alphacool CPU+GPU soft-tubing loop (Laing D5 360mm+140mm), AMD Wraith Prism
Memory 32GB Patriot 3600CL17, 32GB Corsair LPX 3200CL16, 16GB HyperX 2400CL14
Video Card(s) 2070S, 5700XT, Vega10
Storage 1TB WD S100G, 2TB Adata SX8200 Pro, 1TB MX500, 500GB Hynix 2242 bastard thing, 16TB of rust + backup
Display(s) Dell SG3220 165Hz VA, Samsung 65" Q9FN 120Hz VA
Case NZXT H440NE, Silverstone GD04 (almost nothing original left inside, thanks 3D printer!)
Audio Device(s) CA DacMagic+ with Presonus Eris E5, Yamaha RX-V683 with Q Acoustics 3000-series, Sony MDR-1A
Power Supply BeQuiet StraightPower E9 680W, Corsair RM550, and a 45W Lenovo DC power brick, I guess.
Mouse G303, MX Anywhere 2, Another MX Anywhere 2.
Keyboard CM QuickFire Stealth (Cherry MX Brown), Logitech MX Keys (not Cherry MX at all)
Software W10
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
Makes me wonder why it's enabled at all...
Because it's one of 50+ different features that provide fractions of a percent. Together they constitute a meaningful double-digit IPC uplift. Individually, none of them are that significant.
 
Joined
Jan 8, 2017
Messages
6,601 (4.23/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Deepcool Gammaxx L240 V2
Memory 16GB - Corsair Vengeance LPX - 3333 Mhz CL16
Video Card(s) OEM Dell GTX 1080 with Kraken G12 + Water 3.0 Performer C
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Deepcool Matrexx 70
Power Supply GPS-750C
Probably AMD copied some optimizations from Intel's book. Let's be honest. No one should be using Intel CPUs based on their security problems, right? Well everyone is using those and no one cares. From the teenager gamer to the highly experienced IT. Spectre, Meltdown? We forgoten those names long ago. So, why AMD try to keep it's CPUs as safe as possible and not offer what everyone wants? Performance.

Parallel out-of-order and speculative execution as well as the caching mechanisms will always leave a window open for security issues. They are impossible to get rid of.
 
Joined
Jun 10, 2014
Messages
2,407 (0.96/day)
This is the reason why most vulberabilies were found in Intel CPUs; https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html

Intel actually pays people for finding them. "Intel’s bug bounty awards range from $500 up to $100,000."
There is also Intel's extensive collaboration with research institutions and companies.

Probably AMD copied some optimizations from Intel's book.
Most modern CPU microarchitectures relies on the same research which leads to similar mistakes and assumptions. Blaming Intel for AMD's mistakes, that's a stretch!

Let's be honest. No one should be using Intel CPUs based on their security problems, right? Well everyone is using those and no one cares. From the teenager gamer to the highly experienced IT. Spectre, Meltdown?
All current microarchitectures with speculative execution, regardless if they are based on x86, ARM, Power or MIPS, share the "Spectre class" of vulnerabilities. Some of them may have mitigations in hardware, firmware or the OS level, but to my knowledge none of them has been redesigned to resolve the underlying problem (but they will). But as with any design flaw, you will not get rid of it until you have resolved the underlying issue. So we should expect Intel, AMD, etc. to have a continuous stream of such bugs, until major post-Spectre architectures are complete. Even the upcoming Sapphire Rapids was in development prior to Spectre, so it's going to take a while.

Any company making tech products should take any vulnerability seriously, but it's the risk and consequences which should dictate which customers should take action. The Spectre class bugs (and really Meltdown too) should be considered nearly "theoretical" problems. While you can certainly reproduce them in controlled environments, any successful exploit would still require access to running custom software locally, and usually a lot of time to extract useful information. Many of these known exploits are able to extract privileged data at bytes per second or kB per second, while it's burning your CPU with load for weeks or months to find something valuable. For desktop users, these exploits are pretty much irrelevant; if I'm able to run my program on your machine, then I already have access to everything in your user space, so I probably already own all your files anyway.

The Spectre class of bugs is only really scary for cloud providers, where there is a theoretical possibility that one VM can steal data from another, bypassing all layers of security. But I want to stress, this is practically theoretical, executing a such attack and gaining substantial useful and intact information is going to be hard, especially since data will be moved around by the time someone can dump enough of it. But those who are putting sensitive information or critical systems in the public cloud are pretty "stupid" anyways.

The real impact of Spectre is the cost of mitigations, while it's negligible for most users, it can be significant for very specific server loads or some edge cases.

Meanwhile, as normal desktop users, there are many more serious security issues to worry about, including your crappy router/access point, all the IoT devices you carelessly connect, and keeping your systems up to date and passwords managed.
 
Joined
Jun 24, 2015
Messages
2,675 (1.26/day)
Location
Western Canada
System Name Austere Box R1.4
Processor 5900X
Motherboard B550M TUF Wifi (2006)
Cooling NH-C14S iPPC
Memory 32GB 3600 16-19-19
Video Card(s) RTX 2060 Super FE (0.981V)
Storage 3TB SX8200/SN750/Blue3D
Display(s) S2721DGF/GW2765HT
Case Sliger Cerberus
Audio Device(s) Scarlett Solo Gen3
Power Supply Seasonic SGX-650
This is the consumer space. Same as any Intel vulnerability - show me a real exploit that leverages this vulnerability in a way that poses an appreciable risk to the normal user, and I'll disable PSF. Otherwise, piss off with the fearmongering.

All this isn't even because of a CVE-assigned vulnerability. All this because of a goddamn whitepaper published by AMD, *speculating* on potential risks. Yeah no shit, it's speculative execution. And now all the trolls come out of the woodwork either defending their double standards for almighty AMD or thinking the tables have turned for their darling Intel.

Holy hell, some of the justifications on here are hokey as shit. Intel pays people to find bugs, but it's unreasonable to impose an NDA that gives them reasonable time to evaluate and solve it, and that constitutes a cover-up? What, did Intel pay dirty money to commission AMD to make this AMD whitepaper too? Jumping jack christ, some of the hypocrisy could be painted bright yellow and illuminated with floodlights and some of you would miss it.

AMD's current recommendation at the bottom of the whitepaper that is the friggin subject of this article: leave it on. So 5000 owners leave it on and go about your day. If this ever changes, and AMD makes a recommendation like Intel did to turn it off, then it would be wise to reconsider.
 
Last edited:
Joined
Aug 20, 2007
Messages
14,576 (2.92/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
Because it's one of 50+ different features that provide fractions of a percent. Together they constitute a meaningful double-digit IPC uplift. Individually, none of them are that significant.
But they know this one individual feature constitutes a security risk. So I repeat the question.

If I had a dollar for every anti Intel post in the News Forum alone on this site I'd have a new RTX 3080 with money to spare. I've dealt with the AMD fanbois across the internet for well over a decade now and imo they are the scourge of the internet. Any article about Intel or an Intel product posted on the main page of a popular review and/or tech site is usually loaded with AMD fanbois posting underneath said article in the comment section with some of the most ignorant post imaginable.
You do realize you are doing the exact same shit here, right?
 
Joined
Sep 28, 2012
Messages
657 (0.21/day)
System Name Potato PC
Processor AMD Ryzen 5 3600
Motherboard ASRock B550M Steel Legend
Cooling ID Cooling SE 224XT Basic
Memory 32GB Team Dark Alpha DDR4 3600Mhz
Video Card(s) MSI RX 5700XT Mech OC
Storage Kingston A2000 1TB + 8 TB Toshiba X300
Display(s) Mi Gaming Curved 3440x1440 144Hz
Case Cougar MG120-G
Audio Device(s) Plantronic RIG 400
Power Supply Seasonic X650 Gold
Mouse Logitech G903
Keyboard Logitech G613
Benchmark Scores Who need bench when everything already fast?
Most vulnerabilities have NEVER been seen exploited in the wild. Why? Because they are so difficult to pull off as to render them near impossible. The same goes for Intel's vulnerability lists. CVE lists are not as black and white as you would suggest with your assumptions. Just because a vulnerability exists does NOT make it easily or even generally exploitable. You need to do more research and learn that difference instead of making a blanket statement that has little bearing on reality.

I'll just leave it here, cause I know nothing about Predictive Store Forwarding (PSF) and MS didn't say anything about it so how is that gonna affect my casual activities as commoners :rolleyes:
 
Joined
Dec 16, 2012
Messages
5,512 (1.81/day)
Location
Jyväskylä, Finland
Processor AMD Ryzen 5 3600 @ PBO
Motherboard Gigabyte B550M Aorus Elite
Cooling Deepcool Gammaxx 200T
Memory 16GB DDR4-2666
Video Card(s) Gigabyte GTX 1080 Ti Gaming OC Black
Storage 3x 480GB SSD, 2TB HDD, USB BD-ROM
Display(s) 2x 1080p
Case Fractal Design Define Mini C
Audio Device(s) Onboard audio, Superlux HD668B
Power Supply Seasonic Focus+ Gold 750W
Mouse Logitech G400s
Keyboard Dell Multimedia Pro
Software Windows 10 Pro English
What I'm wondering is that does this affect an average user at all, probably not?
 
Joined
Aug 20, 2007
Messages
14,576 (2.92/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL Ripjaws V Series 64GB (4 x 16GB) DDR4-3200
Video Card(s) EVGA GeForce RTX 2080 SUPER XC ULTRA
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs in bootable RAID0 by HIGHPOINT - SSD7202
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->Panasonic SC-HTB20/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K7712 Headphones
Power Supply Seasonic Prime Titanium 750W
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (Product of work, yes it's legit)
Benchmark Scores www.3dmark.com/fs/23478641 www.3dmark.com/spy/13863605 www.3dmark.com/pr/306218
What I'm wondering is that does this affect an average user at all, probably not?
As long as generalized workarounds are distributed to most end users assuring the hackers don't try to use these methods by and large, you'll likely never need to really worry.

They are still issues.
 
Joined
Feb 20, 2019
Messages
2,386 (3.03/day)
System Name Flavour of the month. I roll through hardware like it's not even mine (it often isn't).
Processor 3900X, 5800X, 2700U
Motherboard Aorus X570 Elite, B550 DS3H
Cooling Alphacool CPU+GPU soft-tubing loop (Laing D5 360mm+140mm), AMD Wraith Prism
Memory 32GB Patriot 3600CL17, 32GB Corsair LPX 3200CL16, 16GB HyperX 2400CL14
Video Card(s) 2070S, 5700XT, Vega10
Storage 1TB WD S100G, 2TB Adata SX8200 Pro, 1TB MX500, 500GB Hynix 2242 bastard thing, 16TB of rust + backup
Display(s) Dell SG3220 165Hz VA, Samsung 65" Q9FN 120Hz VA
Case NZXT H440NE, Silverstone GD04 (almost nothing original left inside, thanks 3D printer!)
Audio Device(s) CA DacMagic+ with Presonus Eris E5, Yamaha RX-V683 with Q Acoustics 3000-series, Sony MDR-1A
Power Supply BeQuiet StraightPower E9 680W, Corsair RM550, and a 45W Lenovo DC power brick, I guess.
Mouse G303, MX Anywhere 2, Another MX Anywhere 2.
Keyboard CM QuickFire Stealth (Cherry MX Brown), Logitech MX Keys (not Cherry MX at all)
Software W10
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
But they know this one individual feature constitutes a security risk. So I repeat the question.
Makes me wonder why it's enabled at all...

Well, presumably when it was originally enabled, it wasn't a known security risk.

Surely that's obvious? Is that really what you're asking?
 
Joined
Jun 10, 2014
Messages
2,407 (0.96/day)
What I'm wondering is that does this affect an average user at all, probably not?
The exploit: no, not really
The mitigation: perhaps

As long as generalized workarounds are distributed to most end users assuring the hackers don't try to use these methods by and large
The Spectre class of bugs don't really allow people to hack your computer. They need to execute the attack locally on your computer, so essentially hack it first.
 
Last edited:
Top