Great. Get ready to see your Intel based PC slow down

[mystifeid]

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Sell those Intel shares now.

[cekivi]

Jokes on them! My gaming PC is 11 years old and already slow!  

[JAFO]

Word is that this bug mostly affects disk-activity-intensive software.. many/most games should not be too adversely affected. (Hopefully)

Anything that makes heavy use of databases (which includes most web-servers these days) is gonna see a good 20-30% hit to performance though.

[mystifeid]

57 minutes ago, JAFO said:

Word is that this bug mostly affects disk-activity-intensive software

Every system call and every hardware interrupt will exact a penalty in cpu latency.

59 minutes ago, JAFO said:

many/most games should not be too adversely affected

Maybe so. Time will tell. But it will be interesting to see the effect on peoples cpu bound games.

[JAFO]

5 minutes ago, mystifeid said:

Every system call and every hardware interrupt will exact a penalty in cpu latency.

Yes.. but it seems that not all of them have the maximum impact.

6 minutes ago, mystifeid said:

Maybe so. Time will tell. But it will be interesting to see the effect on peoples cpu bound games.

True.. how bad it will be is very much a 'wait and see' thing..  if it weren't such a serious threat to password security, I'd skip the damn update altogether. But that's just too big a risk.

[mystifeid]

6 minutes ago, JAFO said:

Yes.. but it seems that not all of them have the maximum impact

Source?

[JAFO]

42 minutes ago, mystifeid said:

Source?

Certain of the more intelligent comments about it in Scott Manley's youtube video on the subject. Citing actual tests and benchmarks..

Mind you, there were a lot less comments on it when I watched it 9 hours ago.. so YMMV finding them.

[mystifeid]

From Guru3d:

Quote

Given what I am currently seeing, desktop users and PC gamers should not be worried about significant performance drops. Most test results do show a negative effect on performance, but we're really talking in a realm of 2% differentials here. The file IO tests didn't worry me either, and we used the fastest consumer NVME SSD on the globe to be able to see a bigger effect when measured. We did see a bit of a drop off in 4K performance, mostly reads up-to 3%. That's the worst I have been able to find out of all tests. Other than that you are looking at 1% maybe 2% differentials that could even be tagged as your typical statistical anomalies.

Now my remark here needs to include this, there probably will be some firmware updates and perhaps new patches for all protections to kick in, accumulated and activated these all can have an effect on performance. If that turns out to be the case, we'll have to re-do and revisit all tests. Currently, however, if you have a reasonably modern PC and IF this patch is all there is to it, you'll be hard-pressed to notice any difference, if at all. Again I would like to re-iterate that the effect on older dual and quad-core processors with a lower frequency could be far worse, the truth here is that I do not know the effect on that just yet. But on your average modern PC, this doesn't seem to be that worrying at all. That said - I'll need to test older processors, if there's a need performance differences wise, we'll certainly report back on that.

 

[mystifeid]

Also, from all accounts an Intel cpu feature known as Process Context Identifiers (PCID) mitigates performance loss if supported by the cpu.

How to tell if your cpu supports PCID? Download and run SysInternals CoreInfo.

Seems like you have to have quite an old cpu for it not to support this feature.

[JAFO]

Thanks @mystifeid.. that seems to confirm the 2-3% typical figures that I'd seen quoted..

[Blinkin]

The article about AMD receiving the patch which results in an performance impact makes no sense at all.
Reason why is the performance impact for Intel is due to restricting a feature which can make certain calculations faster due to already knowing the outcome. Since AMD doesn't has this exact feature there's no performance decrease.

Also note that the performance decreases for Intel cpu's in tests is way higher than most people will notice in reality. This is due to differences in test case and practical usage in reality.

[mystifeid]

So I was a little surprised not to be offered any security updates for Windows 7 this month. Today I found out why.

Because of a problem some AV programs have with the patch designed to deal with the issues mentioned above - a problem that would completely ruin your day - your AV program must have added a key to your registry before you will be offered security updates.

Failing that - like if, for example, you do not use AV - you can manually add the registry key.

I added the key, got the updates and my computer still boots. Hooray!

https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software

[JAFO]

45 minutes ago, mystifeid said:

Because of a problem some AV programs have with the patch designed to deal with the issues mentioned above - a problem that would completely ruin your day - your AV program must have added a key to your registry before you will be offered security updates.

Failing that - like if, for example, you do not use AV - you can manually add the registry key.

I saw the writeup about that.. but since the key basically guarantees that your AV will work correctly with the new kernel code, I concluded that adding the key myself before the AV programmers (in my case, Panda AV) had actually made their software compatible was not really a good move. There was always the possibility that although the computer would run fine, actually doing a virus scan with incompatible AV software could lead to all sorts of issues.

So yeah, I waited until Panda finished updating their AV to work with the new kernel code. Which happened yesterday, as they'd promised.

 

Some (very) cursory testing has so far revealed no significant performance issues, so far as day-to-day usage goes.

[mystifeid]

1 hour ago, JAFO said:

Some (very) cursory testing has so far revealed no significant performance issues, so far as day-to-day usage goes.

Same.

And as intimated, this information was offered more for those who do not use AV (like me).

[JAFO]

13 minutes ago, mystifeid said:

And as intimated, this information was offered more for those who do not use AV (like me).

I'd guessed as much.. which is why I suggested that for those who do use AV, they're probably better off waiting for their AV to update first.

(I do hope though, if you're on Windows, you're at least making use of Windows Defender, which is a pretty decent AV itself these days.. until recently that was all I used.)

[mystifeid]

29 minutes ago, JAFO said:

I do hope though, if you're on Windows, you're at least making use of Windows Defender, which is a pretty decent AV itself these days.. until recently that was all I used.

Defender in W7 is not the same as Defender in W10.

Fun fact: every computer from which I've had the misfortune to remove a virus was running AV.

Unlike every single one of those computer owners I'm quite prepared to reinstall my OS at the first whiff of trouble. All important information is backed up redundantly  in 3 locations at different times and 2 of these locations do not remain connected or switched on. These backups do not include the OS and installed programs. This is important to me because this box has 8 HDD and 2 SSD in 5 RAID 0 arrays and drive failure is always possible - and has happened to a raid member 4 times in 15 years although once was my own stupid fault.

I do take other precautions and what I do and what I recommend to the average user with glazed eyes ("I don't want to know how it works, I just want it to work.") are two completely different things.

I did get a virus once about 16-17 years ago from a disk someone gave me but of course I was still using AV then. I stopped using AV soon after and have not had any obvious signs of infection since.

[JAFO]

Yeah, I hear you.. and like you, what I do is very different from what I advise non-techies to do..

1 hour ago, mystifeid said:

Fun fact: every computer from which I've had the misfortune to remove a virus was running AV.

Fun fact: every computer that I've been paid to clean viruses from was running AV which was NOT kept up-to-date. An incredible amount of them were ones on which the initial "6 month free trial" had expired, sometimes years ago.   YMMV.

[mystifeid]

That may be but there is considerable anecdotal evidence to suggest that any benefits gained from "real-time protection" are outweighed by the increase in the attack surface added by the AV program itself. Updated or not. (Apart from, apparently, MS programs)

I'm not averse to performing offline scans when I'm feeling paranoid but installing AV? Fuhgeddaboutit.

[JAFO]

16 minutes ago, mystifeid said:

I'm not averse to performing offline scans when I'm feeling paranoid but installing AV? Fuhgeddaboutit.

Good point.. I'm presently debating returning to a similar approach myself..

[GreenBeing]

30 minutes ago, Hawk said:

Like you folks, I've run AV free for the past 4 or 5 years and didn't have any problems.

When I got a new computer (to me anyway - not new by any means) a couple of months ago, I installed Win 7 (my first use of it-previously only running XP) on it and added MSE, just for kicks, although I'm not decided on whether it will stay or not yet. I still have my XP rig and it's still AV free.

My past experience with several AV apps is that they seem to cause more problems than the help they give.

I do perform occasional virus scans but they never found anything.

The key to staying virus/malware free is smart surfing. Especially avoiding porn and gambling sites. Of course with advertising burgeoning their efforts to slap you upside the head with their garbage, and the subsequent intrusion of malware into the scripts used for advertising, it does seem to be getting harder to avoid malware, but a couple of good browser add-ons do help in that department.

Running XP is extremely dangerous. There are numerous unpatched exploits present. You could be in danger just by clicking one wrong link or seeing one wrong advertisement. Those big hundreds-of-thousands-strong bot nets? Most are running XP. In this day and age, smart surfing is like using the calendar method for birth control.