Intel has fought back over claims that the operating system-level fixes for Meltdown – the Intel-specific security flaw revealed last week – will critically affect PC and server performance. 

It has released internal tests that suggest that older microprocessors handled typical tasks ‘only’ 10 per cent slower than they did before the patch was applied. 

However, Intel’s idea of an older microprocessor is a Skylake microarchitecture-based CPU – a chip that was launched in August 2015 and, hence, most PCs running Skylake will be little more than two years old. 

Nevertheless, the company published a table of data, covering several 6th, 7th and 8th Generation Intel Core Processing platforms running Microsoft’s Windows 7 and 10 operating systems. This indicated that the worst operating hit that PC users can expect would be 10 per cent.

“We previously said that we expected our performance impact should not be significant for average computer users, and the data we are sharing today support that expectation on these platforms,” claimed Navin Shenoy, the head of Intel’s data centre unit.

“We plan to share initial data on some of our server platforms in the next few days,” he added.

Meltdown and Spectre have rocked the computer industry.

Worst affected is Intel, with Meltdown – a hardware vulnerability affecting x86 microprocessors (as well as some ARM-based microprocessors). The Meltdown vulnerability is also known as a ‘rogue data cache load’ flaw that could enable an attacker to compromise data in memory of a target PC or server. 

Spectre is a more wide-ranging flaw and affects almost CPUs designed by Intel, AMD and ARM going back 20 years. It is theoretically exploitable via a malicious Javascript-laden web page, although no such exploit has yet been seen in the wild. 

Spectre takes advantage of flaws in ‘speculative execution’ features built-in to the microarchitecture of almost all modern CPUs. It is an optimisation technique in which the CPU uses spare cycles to perform a task that may not be required. While harder to build an exploit that takes advantage of it, it may likewise be harder to build a robust patch to defend against all potential exploits. 

Intel’s Shenoy concluded his blog by reiterating that Intel did not want to see the performance of its products degraded in any way. However, he added that the security of its products and customers’ data is its “number one priority”. 

Further reading

Source link