Názor k článku Které procesory Intel mají bezpečnostní opravy? Část 9. generace pořád trpí na Meltdown od hnizdo - mas mylne informace (nebo to umyslne zkreslujes). meltdown...

  • 9. 5. 2019 10:47

    hnizdo (neregistrovaný)

    mas mylne informace (nebo to umyslne zkreslujes). meltdown i spectre byly demonstrovany v prohlizecich / javascriptech. rozhodne se netykaly jen serveru, kdyz kvuli nim MS predelaval kernel a intel firmwary desktop cpu. vsechna wokna od XP pro 7, mozna i 8 se starsimi browsery jsou napadnutelna. a nikdo toho nevyuziva.

    https://react-etc.net/entry/javascript-spectre-meltdown-vulnerability-check-for-browsers


    k tomu spoileru
    https://www.reddit.com/r/intel/comments/b1knwa/should_i_buy_intel_cpus_after_spoiler/


    Things to note about the spoiler research paper:

    Spoiler is an exploit that allows potential leakage of memory layout and information, which can then be used to execute Rowhammer attacks. However, even without spoiler, no PC currently can be fully mitigated from Rowhammer, so if this is something you're trying to avoid, you're basically stuck using DDR or DDR2 memory. And no, ECC won't protect you from this.

    The researchers published their methodology, but the not the source code, so there's not really a way to verify it. Further, they tested it on one slow last gen AMD chip and one weird ARM chip and didn't publish the results for either. Read the paper, their comment on AMD chips is literally one sentence. So it's entirely possible that Ryzen is vulnerable, but we won't know it until someone tries to do a more thorough test on a modern AMD system.

    If I really wanted to get into a PC, there's about 10 other avenues I would take first before trying to use a really specific hardware flaw.

    Put simply, any CPU that uses some form of speculation is potentially vulnerable. Not even Spectre (which AMD chips are also vulnerable to) can be fully mitigated. But for your purposes, I wouldn't let it be a factor. Choose the CPU that works for you.