ZombieLoad exploit lets hackers steal data from Intel CPUs

DrJohnZoidberg said:
The 40% number is from Apple and that is the performance hit when disabling hyperthreading, as this is likely the safest option if you're trying to run a very secure ship.
Click to expand...
Yep, I read the Venturebeat article, but I see it is updated with the Apple update and now also with the Intel update. According to Intel the hit is up to 3% without hyper-threading disabled and 8-9% with hyper-threading disabled. Adding that tinier margins are shown with higher end processors. Intel also doesn't recommend to disable Intel HT as it alone doesn't provide protection against MDS. PR day.
 
I see Intel is only illustrating the high-end,

https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html

Limited Performance Impact for the Majority of PC Clients

mds-client-hton-16x9.png


Performance Impacts for PC Clients with Intel® Hyper-Threading Disabled

mds-client-htoff-16x9.png


Performance Impacts on Select Data Center Workloads

mds-server-hton-16x9.png


Performance Impacts on Select Data Center Workloads with Intel® HT Disabled

mds-server-htoff-16x9.png


I need to add, that this isn't the configuration used by the majority of PC clients:

https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html#faq-answers-1-0
Client Configuration - Intel® Core™ i9-9900K
  • Processor: Intel® Core™ i9-9900K
  • Memory: 2x16GB
  • Storage: Intel® 760p 512GB SSD NVMe*
  • Display Resolution: 1920x1080
  • OS: Windows* 10 Build RS5
  • Graphics: Intel® HD Graphics 630
  • Date Tested: May 7, 2019
  • Tested By: Intel Corporation. Note: All the Client measurements used the same SKUs. For MDS impact, changed only microcode and OS for various configurations
  • SPEC benchmark results based on Intel internal measurements; ratios provided as research usage
Click to expand...

Going by the benchmark I posted earlier, i3 and i5 processors, especially Haswell and lower, are taking the hit more than others.
 
Swa said:
Yeah that's exactly it. You need to find another exploit first to get access to the machine. But then in that case you could do a lot more and I wouldn't even bother with this. The only place it's of any real value is to load a program onto a VPS in order to access the other instances running on the same machine.
Click to expand...

Thanks.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X