Posted on 01/29/2018 5:25:36 AM PST by dayglored
Out-of-band patch may assuage user anger over Intel crudware, closed-club disclosure process
Microsoft has implemented Intel's advice to reverse the Spectre variant 2 microcode patches.
Redmond issued a rare weekend out-of-cycle advisory on Saturday here, to make the unwind possible.
Intel's first patch was so bad, it made many computers less stable, sending Linus Torvalds into a justifiable meltdown last week.
Chipzilla later withdrew the patch, but it had made its way into a Microsoft fix, which the company pulled on Saturday.
“Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote, adding “We understand that Intel is continuing to investigate the potential impact of the current microcode version and encourage customers to review their guidance on an ongoing basis to inform their decisions.”
This applies only to the Spectre patch, Microsoft emphasised: “Application of this payload specifically disables only the mitigation against CVE-2017-5715 – 'Branch target injection vulnerability.'”
It noted that as far as anyone knows, nobody's yet weaponised Spectre variant 2.
The handling of Spectre and Meltdown received sharp criticism at last week's LinuxConfAU in Sydney, with Linux Foundation technical advisory board member Jonathan Corbet complaining of the ongoing secrecy about events between the first private reports of the bugs and their eventual disclosure (which The Register broke on January 2).
Instead of the disclosure processes used for most vulnerabilities, Corbet said, “This disclosure process was handled very differently,” and nobody's explained why.
Corbet later added “I'd like the industry to end at least that piece of it, so that we can get the whole story out there, and figure out how to do better the next time around”.
Developer Jess Frazelle said disclosure could be improved by “not having an absolute sh*t-show of an embargo”, while Katie McLaughlin added that only big cloud providers were in the know: “It seems to be like an exclusive club as to whether you know or don't know, and it's not really clear the lines of who should be informed.”
A video of the conference panel is below, for your viewing pleasure. ®
[Ed. and there's a video at the link:
http://www.theregister.co.uk/2018/01/29/microsoft_out_of_band_patch_to_remove_spectre_patches/
Intel is having trouble figuring out which hand to eat with and which hand to wipe with.
Like, with a cloth?
They have enough Muzzis working for them to find out the answer to that question. Although probably not as many as they have Chinese agents.
Ping!..................
Intel knew about the issue for a long time. Retooling, and worse, admitting the problem, would be very expensive.
People at their core, are not going to do the right thing. We are all fallen. The only reason they are trying to address it now is it become public.
How does one undo the Intel Micro code update?
My next PC will have an AMD processor.
Good question. I don't know if it's possible without additional software / firmware / whateverware from the folks who supplied the initial update.
I would just wait until the dust settles and they or Microsoft or the hardware vendor has figured out what the heck they're doing.
We're nowhere near settled at present, IMO.
Thank you for your reply.
I did the microcode update when it came out. Thankfully I have not noticed any system stability problems. I feel very sorry for all those that have, and can’t even revert back to the original microcode.
Pentium derivatives are just 8080s at heart. The world got screwed when IBM adopted the Intel processors instead of the 68000 class machine.
Yep. Unfortunately, the fact that the 8088 (the 8-bit version of the 8086) that IBM used in the original IBM-PC could use all the existing 8080 peripheral chips meant that the entire computer could be prototyped in the IBM engineering lab right away. Those guys were basically doing a "side project" that IBM would never have commissioned officially, and they had to move quickly.
Motorola's peripherals for the 6800 couldn't work seamlessly with the 68000, and Mot didn't have all the necessary 68000 compatible peripheral chips ready when the IBM team had to make the decision.
Sorta reminds me of the Gary Kildall (CP/M-86) vs. Bill Gates (PC-DOS) decision.
If yer gonna make the deal, ya gotta be at the table when the deal goes down.
I designed and built a number of homebrew computers from scratch (all wirewrap) based on 6502, 6800, and 6809 microprocessors. Always been my favorite family. Professionally I designed and delivered 80168 and later Intel based computers, and wrote software for them, but it was always like pulling teeth.
Intel has never, ever understood software. So I'm not surprised their "fixes" are dog crap.
That will help with the "Meltdown" problem; AMD processors aren't built with that vulnerability.
But AMD (and ARM and others) -are- susceptible to the Spectre problem. And it's the tougher one.
Personally I've always liked AMD processors. Maybe it's because I often favor the underdog, admittedly just on general principles. :-)
Those were good times. You could get blown away with the variety and ingenuity of computers by attending an NCC. Now, it is all just different shapes of brown.
These days it appears best to use an ARM when a 32-bit embedded machine is needed. The Coldfire uPs draw a lot of current, making them unsuitable for most designs. I am itching to tinker with a Clodfire just to taste the 68000 core once again. Damn, that was a pretty architecture, just wonderful for assembly language.
In the early 2000's I designed a series of commercial peripheral Firewire 400 and 800 adapters (mainly for external hard and optical drives), using Oxford Semi's bridge controllers (911 and 924 series IIRC), and those were ARM-based. So I got to do a bit with ARM code, although it was only a quick brush, and now it's all shrouded in the mists of time...
I still have my final wirewrap machine, a set of perf boards with hand-soldered power busses and hand-wrapped everything else, Augat gold sockets, and inter-connected with Molex strips. Those were the days when you could actually wirewrap 64Kbit DRAM chips and expect that it would work.
A few years back, I showed it off to my daughter, who just earned her BS in CompSci, and the look on her face was one of fascinated horror. But she "got it" -- why that would be something I'd willing spend scores (hundreds!) of hours building up and programming.
Sounds like you understand too. :-)
I work with a guy on the front lines of that. 80 hour weeks for the last three weeks.
Horrible.
That's enough to make a person want to be a beet farmer.
(I don't like beets.)
Oh, I surely do! Odd that you would bring up those wire wrap boards. I am probably going to spring for several unused ones shown on ebay. I think it is high time people around here see how the big boys make stuff.
Oh, look what I found! My wire-wrap tools!
I have a laptop with windows 10 and a SSD. It is slower for the internet then my Windows 7 desktop pc with a regular hard drive. They are plugged into the same router too. I had done a big update for Windows 10 this weekend and then updated my drivers and graphics software. I hope there is another update to fix the slowness.
Cool! But now see what you made me do?!? I dug out my final homebrew, wiped some of the dust off, and took some pics to document it. Nostalgia!! Self-indulgence!! What a piece of work.
And also my second KIM-1. My first KIM-1 was one of the originals, with the beautiful white ceramic 6502 CPU (*sigh*), and the original style keypad; alas, I wore it out, and meanwhile I'd soldered so much additional 3D circuitry to it that it looked like a plate of spaghetti, and had become impossibly fragile. So I got another, but by then they had the newer plastic chips... Nevertheless, I got a pile of 2102 1Kbit SRAMs and handwired a bunch of memory, sped up the cassette tape interface from 110baud to 600baud (wow!), and so on.... By now it was 1977... Got Tom Pittman's Tiny BASIC running...
Now I'm all excited... another night I'll process and post the pics, add some description, and link 'em to my FR profile.
When you get something together with your wire-wrap tool, ping me -- I want to hear all about it!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.