• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Do you disable hyperthreading? (poll)

Do you disable hyperthreading?

  • Yes

    Votes: 10 5.6%
  • No

    Votes: 169 94.4%

  • Total voters
    179

P4-630

The Way It's Meant to be Played
Joined
Jan 5, 2006
Messages
9,618 (1.96/day)
Location
Vinewood
System Name Desktop / Laptop
Processor Intel i7 6700K @ 4.3GHz (1.180 V) / Intel i3 7100U
Motherboard Asus Z170 Pro Gaming / HP 83A3 (U3E1)
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut + 5 case fans / Fan
Memory 16GB DDR4 Corsair Vengeance LPX 3000MHz CL15 / 6GB DDR4 Samsung 2400MHz CL15
Video Card(s) MSI GTX1070 Gaming X 8GB / Intel HD620
Storage Samsung 970 Evo 500GB + Samsung 850 Pro 512GB + Samsung 860 Evo 1TB / Samsung 256GB M.2 SSD
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p + 21.5" LG 22MP67VQ IPS 60Hz 1080p / 14" 1080p IPS Glossy
Case Be quiet! Silent Base 600 - Window / HP Pavilion
Audio Device(s) SupremeFX Onboard / Realtek onboard + B&O speaker system
Power Supply Be quiet! Straight Power 10 500 Watt CM / Powerbrick
Mouse Logitech MX Anywhere 2 Laser wireless / Logitech M330 wireless
Keyboard RAPOO E9270P Black 5GHz wireless / HP backlit
Software Windows 10 / Windows 10

I have 2 intel computers and they both have hyperthreading enabled.
 
Last edited:
Low quality post by NdMk2o1o
Joined
Apr 21, 2010
Messages
5,731 (1.71/day)
Location
West Midlands. UK.
System Name Ryzen Reynolds
Processor Ryzen 1600 - 4.0Ghz 1.415v - SMT disabled
Motherboard mATX Asrock AB350m AM4
Cooling Raijintek Leto Pro
Memory Vulcan T-Force 16GB DDR4 3000 16.18.18 @3200Mhz 14.17.17
Video Card(s) Sapphire Nitro+ 4GB RX 580 - 1450/2000 BIOS mod 8-)
Storage Seagate B'cuda 1TB/Sandisk 128GB SSD
Display(s) Acer ED242QR 75hz Freesync
Case Corsair Carbide Series SPEC-01
Audio Device(s) Onboard
Power Supply Corsair VS 550w
Mouse Zalman ZM-M401R
Keyboard Razor Lycosa
Software Windows 10 x64
Benchmark Scores https://www.3dmark.com/spy/6220813
SMT bitches yeaaaaaaa :rockout:

Sorry, I'll see myself out :peace:
 
Joined
Nov 20, 2013
Messages
3,648 (1.79/day)
Location
Kiev, Ukraine
System Name WS#1337
Processor Ryzen 5 1600X
Motherboard Gigabyte x470 AORUS Ultra Gamin
Cooling Xigmatek Scylla 240 AIO
Memory 2x8GB Kinkston HyperX @2666 CL16
Video Card(s) EVGA GTX1060 SC 6G
Storage Adata SX8200 256GB, Sandisk X400 512GB
Display(s) Samsung U24E590D (4K/UHD)
Case Chieftec AL-01B-OP
Audio Device(s) ALC1220
Power Supply SeaSonic 450W 80+ GOLD
Mouse Logitech G503
Keyboard Zalman K500 modded (Gateron brown)
Software Windows 10, Ubuntu 18.04 LTS
No. Why?
Just like with Spectre/Meltdown/Ryzenfall and whatever other weirdly-named vulnerability, it is a bit more complex and a bit blown out of proportions (in a John McAfee kinda way).
One of my machines is Ryzen 1600x, another one is i3-6100 running barebones Ubuntu server behind NAT only with port 80 and 443 and another one for SFTP facing the real world.
So far the only way I can get my mini-server get affected is if I have some sort of vulnerability in the software which gives the perpetrator the ability to install malware/cache sniffer on my PC, or server misconfiguration. If this happens - I'll be more concerned with said software vulnerability or with me being stupid.

Another thing you need to remember is that before switching your brain into a "panic mode" after reading some crap on the internet, you may want to check with the actual source regarding the nature of that attack and the actual attack vector. Even in their summary there is a key point that makes "disabling HT" kinda pointless in the grand scheme of things:
  • Even without Hyperthreading, it is possible to leak data out of other protection domains. During experimentation it turned out, that ZombieLoad leaks endure serializing instructions. Such leaks do however work with lower probability and are harder to obtain.
So, with HT enabled you are kinda f#$%ed, and with HT disabled you are a little less kinda f#$%ed...
 
Joined
May 7, 2018
Messages
1,069 (2.61/day)
Location
United Kingdom, London
System Name I have too many to fit here. (PC / PS4 / PS3 / PS2 / XBOX 360)
Processor 7740x (currently dead) / 6600k 4.8ghz 1.38v/x5650
Motherboard X299 gaming carbon / Z270X gaming 7/Clevo x7200
Cooling alphacool eisbaer 360mm/Silent loop 280mm/Stock
Memory 32gb ddr4 corsair vengance lpx / None yet/24gb ddr3 1333mhz
Video Card(s) Evga gtx 1080 ti ftw3 @ 2000mhz/5508mhz XOC BIOS + alphacool nexxos gpx / asus 560 ti 1gb/ 460M sli
Storage kingston ssdnow uv400 480gb ssd (os) toshiba x300 6tb (everything else)/ 750gb/10tb Elements
Display(s) ElectriQ 4k 28" TN 60hz / Samsung 931cw /1080p 17.3" laptop
Case Corsair Carbide 600c/Be quiet! Dark base 700/Lego pc case/clevo x7200
Audio Device(s) Hyper x cloud revolver s
Power Supply Seasonic snow silent 750w/Be quiet power pro 11 750w
Mouse Mad Catz Rat Pro X (x4, one with broken off scroll wheel) / Lynx bluetooth controllers x3
Keyboard Havit gaming keyboard (amazon keyboard+mouse bundle)
Software Windows 10 pro + Kali linux
Benchmark Scores Too many to fit here.
No.
Reasoning is it's another "vulnerability" hackers won't take advantage of on the mainstream as there are plenty of other ways to money grab then take advantage of a complex vulnerability, and all these "vulnerabilities" took years to discover.
 
Joined
Nov 14, 2018
Messages
33 (0.15/day)
System Name 24/7 setup
Processor Intel I7 4770@4.4GHz
Motherboard Asus Z87 Pro
Cooling Dual custom wc (gpu, cpu seperate loops)
Memory 2x8Gb Corsair 2133 9-9-11-1T DDR3
Video Card(s) Palit Jetstream 1080ti (2012/1476, 350W powerlimit, 1.093Vgpu)
Storage Samsung SSD 840Pro 256GB, Samsung SSD 860Evo 500GB, Seagate Barracuda 2TB
Display(s) Samsung 27" LED C27JG50
Case Lian Li PC343B
Audio Device(s) Onboard
Power Supply Corsair RM1000i
Mouse Logitech G Pro
Keyboard Corsair K70
Software Win10
No. I still haven't allowed win10 to patch the spectre/meltdown security holes. My haswell setup is on its last legs, and I just need it to survive a couple of more months until the new Ryzen becomes available.

My take on this is that you still need malicious code to run on your machine to exploit these vulnerabilities, just like any other virus/malware? Or am I wrong?

I'll rather update my anti-virus, firewall, origins ublocker and backup my data more often, than to cripple my computer performance further. For now anyway :)
 
Joined
Apr 7, 2011
Messages
1,203 (0.40/day)
System Name Desktop
Processor Intel i7-3930k
Motherboard ASUS Sabertooth X79
Cooling Intel AIO
Memory 8x4GB DDR3 1866MHz
Video Card(s) EVGA GTX 970 SC
Storage LSI 9266-8i|3xHitachi SAS 15K600 450GB RAID5|6x WD RE Enterprise 4TB in RAID 10|HP Ultrium 1760 Tape
Display(s) HP ZR24w
Case Fractal Define XL Black
Audio Device(s) Schiit Modi Uber>Schiit Asgard 2>Sennheiser HD600
Power Supply Corsair HX850
Mouse Logitech G603
Keyboard Logitech G613
Software Windows 10 Pro x64
No. Why?
Just like with Spectre/Meltdown/Ryzenfall and whatever other weirdly-named vulnerability, it is a bit more complex and a bit blown out of proportions.
This.
All of these so called vulnerabilities are blown way out of proportions - personally i wouldn't even care if there was no "fix" for them. They are a threat in enterprise/server etc. environments, but there are much bigger threats to home PC users then these are.
I also don't keep any critical files/info on my primary PC so I don't care if it gets infected.
 
Joined
May 4, 2012
Messages
946 (0.36/day)
Location
Ireland
System Name SilentIO
Processor AMD Ryzen 5 2600X
Motherboard Asus TUF B450M-Pro Gaming
Cooling Corsair H60
Memory 2x8GB Corsair Vengeance LP @3400 CL16
Video Card(s) MSI GTX 1070 Gaming
Storage 2x Samsung 840 EVO 120GB in Raid0, Samsung 960 PRO 1TB
Display(s) Qnix QX2710 Evolution II Matte 27 @120Hz
Case Cooler Master Silencio 352
Audio Device(s) SoundBlaster e5 + Kingston HyperX Cloud II / Logitech Z333 + Blue Snowball
Power Supply Corsair CX500M
Mouse Corsair Scimitar
Keyboard Corsair K65
Software Windows 10 Pro x64, Xubuntu 19.04
I have disabled SMT on my rig, seems to help a bit when playing Arma 3 :D
 
Joined
Nov 24, 2018
Messages
263 (1.26/day)
Location
south wales uk
System Name 1. xtreemchaos VR rig 2. intel teliscope rig 3.MSI GP72MVR Leopard Pro .
Processor 1.2700x @4.2 2. i7 7700k @5. 3. i7 7700hq
Motherboard 1.aorus b450 elite 2. z270-a asus prime
Cooling 1.240mm AIO 2. 240mm AIO
Memory 1.hyperx preditor @3600 16gb 2.vengence 32gb @3000 3. 16gb hyperx @2400
Video Card(s) 1.MSI AERO 1080 8gb 2. sapphire nitro+ rx580 8gb @1450 3. gtx 1060 4gb
Storage 1.256gb M.2,500gb ssd, 2 3tb HDs 2. 256gb ssd, 2tb 3. 256 m.2. 1tb ssd
Display(s) 1.LG 50inch UHD , oculus rift VR headset with touch. 2 SONY bravia1080p flat pannel 3. 17 inch
Case 1. HAF XB evo, "the only case anyone would ever need" 2. loop
Power Supply 1.750 80+gold mod 2. thermaltake 600w rbg
Mouse some cheapo rbg thingy
Keyboard 1. dont have one use on screen 2. some old HP thingy 3. steelseries RBG
Software 1. win 10 enterpise 2. win10 pro 3, win10 home
Benchmark Scores 1.1950 cb 2. 1106 cb
na, i did a while ago with my 7700k to see how it performed in cb15 and its not good its lessthan a fx8350, so ill leave as is i only use it for image processing i do everything else on my 2700x.
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
20,537 (4.06/day)
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EK Custom
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Nvidia Titan RTX
Storage 2x 2TB Micron SSDs | 1x ADATA 128SSD | 1x Drevo 256SSD | 1x 1TB 850 EVO | 1x 250GB 960 EVO
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Realtek ALC 1220 on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
Nope, the odds of any of these affecting home
Users and users in general are less than winning the lottery. Iv tried to explain it in another thread but mass hysteria is a real thing.
 
Joined
Dec 10, 2017
Messages
187 (0.34/day)
Processor Intel core i5 4590s
Motherboard Asus Z97 Pro Gamer
Cooling Evercool EC115A 915SP Cpu cooler,Coolermaster [200mm (front and top)+140mm rear]
Memory Corsair 16GB(4x4) ddr3 CMZ16GX3M4X1600C9(Ver8.16)(XMP)
Video Card(s) MSI GTX 970 GAMING 4G
Storage Western Digital WDC WD2001FAS 2TB Black, Toshiba DT01ACA100 1TB
Display(s) LG Flatron L177WSB
Case Coolermaster CM Storm Enforcer
Audio Device(s) Creative A550 Speakers 5.1 channel
Power Supply SuperFlower Leadex 2 Gold 650W SF-650F14EG
Mouse PLNK M-740 Optical Mouse
Keyboard ibuypower GKB100 Gaming Keyboard
Software Windows 7 Sp1 64 bit
No, machine is for gaming mostly really and I'm not degrading cpu performance for maybe attacks. games from gog are backed up so worst scenario are reinstalls and steam re download. For guys working in cloud computing related tech tho...sirens are always going off I guess
 
Joined
Mar 10, 2015
Messages
1,744 (1.12/day)
System Name Wut?
Processor 4770K @ 4.4
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage 1TB SSD, forgot which one. Evo maybe?
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
Nope. These are just a threat for enterprise and datacenters unless you are a highly interesting person. Which I highly doubt. I know I'm not. I think it sucks all my data (medical records and all) are all housed on systems running these CPUs but my identity was stolen by a rogue person inside Bank of America anyway.

While these threats are real and serious, they just aren't serious to home users in 99.999999999999999999999999% of cases.
 
Joined
Sep 16, 2018
Messages
116 (0.42/day)
Processor i7 3770K @ 4600MHz 1.3v
Motherboard Asus P8Z77-V
Cooling Thermalright True Spirit 140 Power/TY-143 2x38x120 Panaflo, 1x120x38 DC Centaur, TY-147A,FD140,FD120
Memory 4x2GB G.Skill TridentX+Perfect Storm @ 1100MHz 9-11-9-29 1T 1.65v
Video Card(s) GTX 980 Classified 3988-KR
Storage Crucial M4 256GB/WD Black 1TB, 3x Misc Spinners
Display(s) 22" Samsung, 50" Hisense
Case Fractal Design Meshify C TG White, No Foam, No Filter
Audio Device(s) NAD T748, Mission M Series, Monitor Audio FB-210, MIT Cables, Monster HDP-1800
Power Supply Cooler Master Silent Pro M850
Mouse Zowie EC2 eVo
Keyboard Logitech G15
Software Win 10 Pro x64
I did, but not because of all of this. I watch tv through my computer, and with ht enabled the picture stuttered all the time. Didn't matter what browser I used. Using HDMI from my 980 to my amp. Now that Bell has dropped support for IE and Edge, I use firefox to view. Chrome stutters like the others did, Firefox is running good. Also picked up a few more gflops in linpack extreme with ht off, went from about 112 gflps to 122. And in a lot but not all of tests in aida64, I get my ass handed to me. The things we do for tv :D

Its like running a 3570k with 8mb cache :rolleyes:

Edit:

Okay, so I just enabled it again, and everything is smooth again, not sure what to say! Maybe IE and Edge aren't the best to use these days heh.. So anyways, HT back on and all is well.
 
Last edited:
Joined
Mar 10, 2010
Messages
6,395 (1.89/day)
Location
Manchester uk
System Name RyzenGtEvo
Processor Amd R5 2600X@4.1
Motherboard Crosshair hero7 @bios 2304
Cooling 360EK extreme rad+ 360$EK slim all push, cpu Monoblock Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3466cas16 16Gb in two sticks.
Video Card(s) Sapphire refference Rx vega 64 EK waterblocked
Storage Samsung Nvme Pg981, silicon power 1Tb samsung 840 basic as a primocache drive for, WD2Tbgrn +3Tbgrn,
Display(s) Samsung UAE28"850R 4k freesync, LG 49" 4K 60hz ,Oculus
Case Lianli p0-11 dynamic
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi
Mouse Roccat Kova
Keyboard Roccat Iksu force fx
Software Win 10 Pro
Benchmark Scores 8056 vega 3dmark timespy
Nope, the odds of any of these affecting home
Users and users in general are less than winning the lottery. Iv tried to explain it in another thread but mass hysteria is a real thing.
Do you feel that hyperthreading needs disabling in the work place? I mean in areas like mine where validation and IP security is important but i suppose other areas might need it doing.??

Because I think corporate IP theft is likely to be the main use case for anyone actually trying to use such things that and financial theft and possibly cyberterror?.
 
Joined
Jul 25, 2006
Messages
5,379 (1.14/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
No.
Reasoning is it's another "vulnerability" hackers won't take advantage of
That's assuming they even could - which is unlikely since it assumes the bad guys can just slip on past all the other computer and network defenses, plant and execute the code to exploit the vulnerability - while remaining undetected.

Plus, the initial knee-jerk advice for all users to disable hyper-threading has been rescinded or debunked by most experts.
but my identity was stolen by a rogue person instead Bank of America anyway.
As was mine with Equifax. But it is important to understand and remember in almost every corporate hacking event, the bad guys were successful because of negligence, laziness, and/or incompetence by those in charge of and responsible for the security of those systems. In the Equifax hack for example, the software developers had identified the vulnerability, developed, released and provided to Equifax the patch to fix that vulnerability months before the hack occurred. But Equifax never applied it. Why? Negligence, laziness and incompetence by the system administrators and lackadaisical attitudes by the executives. Heck! Much of our personal information wasn't even encrypted. :mad:

Do you feel that hyperthreading needs disabling in the work place?
If your work place is a free hotspot at McDonalds and you leave your notebook on your table unattended for 10 minutes, then maybe, yes.

And FTR, when AMD or any other chipmaker can offer a 100%, full money back guarantee their processors are 100% flaw-free, then and only then might I decide Intel's are no longer worth considering for my next personal build.
 
Joined
Dec 31, 2009
Messages
14,469 (4.18/day)
Yes.

But ONLY because I was put in a situation where I can. I got lucky and have a 7960x. My workload doesnt benefit from more than 6-8c/12-16t so I can.

That said, this security thing or not, with lesser core counts, like 4/6/8, I dont see a reason to do so as it can cause performance loss.
 
Joined
Jun 28, 2015
Messages
505 (0.35/day)
Of course don't care for personal rigs & non-critical workstations. HT on.

Do very much care for network servers I'm responsible for, especially with the amount of hacking tries the logs are showing lately. HT off, only a matter of time for somebody to program bots which can use these new hacks and it's going to be painful (if not done already).

Now dealing with non-scheduled server upgrades... :mad:
 
Joined
Mar 10, 2010
Messages
6,395 (1.89/day)
Location
Manchester uk
System Name RyzenGtEvo
Processor Amd R5 2600X@4.1
Motherboard Crosshair hero7 @bios 2304
Cooling 360EK extreme rad+ 360$EK slim all push, cpu Monoblock Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3466cas16 16Gb in two sticks.
Video Card(s) Sapphire refference Rx vega 64 EK waterblocked
Storage Samsung Nvme Pg981, silicon power 1Tb samsung 840 basic as a primocache drive for, WD2Tbgrn +3Tbgrn,
Display(s) Samsung UAE28"850R 4k freesync, LG 49" 4K 60hz ,Oculus
Case Lianli p0-11 dynamic
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi
Mouse Roccat Kova
Keyboard Roccat Iksu force fx
Software Win 10 Pro
Benchmark Scores 8056 vega 3dmark timespy
That's assuming they even could - which is unlikely since it assumes the bad guys can just slip on past all the other computer and network defenses, plant and execute the code to exploit the vulnerability - while remaining undetected.

Plus, the initial knee-jerk advice for all users to disable hyper-threading has been rescinded or debunked by most experts.
As was mine with Equifax. But it is important to understand and remember in almost every corporate hacking event, the bad guys were successful because of negligence, laziness, and/or incompetence by those in charge of and responsible for the security of those systems. In the Equifax hack for example, the software developers had identified the vulnerability, developed, released and provided to Equifax the patch to fix that vulnerability months before the hack occurred. But Equifax never applied it. Why? Negligence, laziness and incompetence by the system administrators and lackadaisical attitudes by the executives. Heck! Much of our personal information wasn't even encrypted. :mad:

If your work place is a free hotspot at McDonalds and you leave your notebook on your table unattended for 10 minutes, then maybe, yes.

And FTR, when AMD or any other chipmaker can offer a 100%, full money back guarantee their processors are 100% flaw-free, then and only then might I decide Intel's are no longer worth considering for my next personal build.
eh Im not calling our IT department, ;) im just interested generally , And play fair their are only two desktop CPU maker's, only a fool would'nt consider both options ,you can pick what you want but at least look around and i agree no cpu can ever be made to be secure 100% in the future, it does'nt work like that afaik.
 
Joined
May 7, 2018
Messages
1,069 (2.61/day)
Location
United Kingdom, London
System Name I have too many to fit here. (PC / PS4 / PS3 / PS2 / XBOX 360)
Processor 7740x (currently dead) / 6600k 4.8ghz 1.38v/x5650
Motherboard X299 gaming carbon / Z270X gaming 7/Clevo x7200
Cooling alphacool eisbaer 360mm/Silent loop 280mm/Stock
Memory 32gb ddr4 corsair vengance lpx / None yet/24gb ddr3 1333mhz
Video Card(s) Evga gtx 1080 ti ftw3 @ 2000mhz/5508mhz XOC BIOS + alphacool nexxos gpx / asus 560 ti 1gb/ 460M sli
Storage kingston ssdnow uv400 480gb ssd (os) toshiba x300 6tb (everything else)/ 750gb/10tb Elements
Display(s) ElectriQ 4k 28" TN 60hz / Samsung 931cw /1080p 17.3" laptop
Case Corsair Carbide 600c/Be quiet! Dark base 700/Lego pc case/clevo x7200
Audio Device(s) Hyper x cloud revolver s
Power Supply Seasonic snow silent 750w/Be quiet power pro 11 750w
Mouse Mad Catz Rat Pro X (x4, one with broken off scroll wheel) / Lynx bluetooth controllers x3
Keyboard Havit gaming keyboard (amazon keyboard+mouse bundle)
Software Windows 10 pro + Kali linux
Benchmark Scores Too many to fit here.
That's assuming they even could - which is unlikely since it assumes the bad guys can just slip on past all the other computer and network defenses, plant and execute the code to exploit the vulnerability - while remaining undetected.
Well according to all these AMD fanboys, every hacker is a professional and not a script kiddie, apparently. :roll:
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
11,225 (4.16/day)
Location
Concord, NH
System Name Kratos
Processor Intel Core i7 3930k @ 4.5Ghz
Motherboard ASUS P9X79 Deluxe
Cooling Corsair H100i V2
Memory G.Skill DDR3-2133, 16gb (4x4gb) @ 9-11-10-28-108-1T 1.65v
Video Card(s) Sapphire AMD Radeon RX Vega 64
Storage 2x120Gb SATA3 SSD Raid-0, 4x1Tb RAID-5, 1x500GB, 1x512GB Samsung 960 Pro NVMe
Display(s) 1x LG 27UD69P (4k), 2x Dell S2340M (1080p)
Case Antec 1200
Audio Device(s) Onboard Realtek® ALC898 8-Channel High Definition Audio
Power Supply Seasonic 1000-watt 80 PLUS Platinum
Mouse Logitech G602
Keyboard Rosewill RK-9100
Software Ubuntu 18.04 (5.1.3 Mainline Kernel)
Benchmark Scores Benchmarks aren't everything.
Honestly, it's just another exploit that requires the stars to align to be useful for any real kind of malicious use. The PoC shows it can be done, it doesn't show how it can be useful. It's just another mitigation that I'm going to disable.
 
Joined
Jan 8, 2017
Messages
4,116 (4.61/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
I am going to venture and say that even corporations that make use of severs on a large scale are not going to concern themselves much with this.
 
Joined
Aug 6, 2017
Messages
4,045 (5.91/day)
Location
Poland
System Name skurwiel szatan
Processor i7 5775c @4.3GHz/1.385v/EDRAM @2GHz
Motherboard Z97X Gaming 5
Cooling Noctua D15S
Memory Crucial Ballistix Tactical LP 1600 CL8 @2133 CL8
Video Card(s) MSI GTX 1080 Ti Gaming X Trio 2GHz
Storage SU900 128 (OS)/850 PRO 256+256+ 512,860 EVO 500,XPG SX950U 480 (games)/4TB of external HDDs (3+1)
Display(s) Acer XB241YU+Dell S2716DG dual monitor setup
Case Full tower
Audio Device(s) Mad Catz FREQ wireless
Power Supply Superflower Leadex Gold 850W
Mouse G403 wireless + Steelseries DeX + Roccat rest
Keyboard Razer Deathstalker
Software Windows 10
Benchmark Scores A LOT
is there a windows update coming to mitigate this and how do I disable it?
 
Last edited:
Joined
Mar 10, 2015
Messages
1,744 (1.12/day)
System Name Wut?
Processor 4770K @ 4.4
Motherboard MSI Z97 Gaming 7
Cooling Water
Memory 16GB DDR3 2400
Video Card(s) Vega 56
Storage 1TB SSD, forgot which one. Evo maybe?
Display(s) 3440 x 1440
Case Thermaltake T81
Power Supply Seasonic 750 Watt Gold
As was mine with Equifax. But it is important to understand and remember in almost every corporate hacking event, the bad guys were successful because of negligence, laziness, and/or incompetence by those in charge of and responsible for the security of those systems. In the Equifax hack for example, the software developers had identified the vulnerability, developed, released and provided to Equifax the patch to fix that vulnerability months before the hack occurred. But Equifax never applied it. Why? Negligence, laziness and incompetence by the system administrators and lackadaisical attitudes by the executives. Heck! Much of our personal information wasn't even encrypted. :mad:
Yeah, I mean like you said, there are likely always going to be far easier ways to get in but this just means that the attic vent is always open and waiting so you don't need to check all the windows and doors.
 
Joined
Mar 18, 2008
Messages
4,284 (1.04/day)
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) EVGA 2080Ti
Storage Samsung 960 Pro 1TB + 860 EVO 2TB + WD Black 5TB
Display(s) Acer K272HUL, HTC Vive
Case Fractal Design R5
Audio Device(s) BOSE 2.0
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
Software Windows 10 Professional/Linux Mint
Welp I may have to go Threadripper with Zen2 cores next year. Disabling HT will be a huge no for me. :(
 
Joined
Jul 25, 2006
Messages
5,379 (1.14/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 16GB (2 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Microsoft Wireless 5000
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
but this just means that the attic vent is always open
I see it totally opposite of that. The attic vent is located on the extreme outer perimeter of my home. And while my attic vent may be open, the extreme outer perimeter of my computer network is my router and it definitely is NOT open for anyone to crawl through.

A more applicable "house" analogy for me with this flaw would be if I left a stack of $20s in a lock box hidden in one of the 6 closets in my home. But the "flaw" is that the lock is broken on the box and a badguy can easily open it with a screwdriver - no key required. But to get those $20 he would have to breach my outer perimeter, crawl very quietly through the attic access panel to drop down (again very quietly) into the living area, get past my puppy dawgs without waking them, find the correct closet, find the lock box hidden in that closet, take the money then escape out of the house - all without running into me and my Glock 17 hollow-points waiting to remove the entire back of his skull. If he can do that, he can have the money.
 
Top