Update, 6/21/18, 6:40am PT:
Intel released a statement to Tom's Hardware about this issue:
"Protecting our customers and their data continues to be a critical priority for us. We are looking into this feedback and thank the community for their ongoing efforts.”
Original, 6/20/18, 9:20am PT:
OpenBSD, an open source operating system that focuses on security, announced that it will disable Intel’s Hyper-Threading (HT) feature so that attackers can no longer employ Spectre-like cache timing attacks.
Intel Hyper-Threading Vulnerable To Side-Channel Attacks
Simultaneous Multi Threading (SMT) such as Intel’s HT technology typically share translation lookaside buffers (TLBs) and L1 caches between threads, which can make a type of side-channel attack called cache timing attacks much easier.
The OpenBSD team said it suspects that Intel’s HT will make several Spectre-class flaws exploitable. The team added that running multiple security domains on multiple threads of the same core has never been a good idea. However, changing the operating system software to now take this into account will not be a trivial task. Moreover, these days most device makers no longer allow users to disable Intel’s HT in the BIOS, either.
The developers noted that disabling HT on OpenBSD machines doesn’t necessarily mean the performance will suffer, as often HT can slow down certain tasks on devices with more than two cores, at least according to the OpenBSD developers. HT tends to be useful for highly parallel tasks where it can squeeze out all the performance the processor cores can give.
Intel CPU Architecture Change Is Now An Imperative
We haven’t even seen all the Spectre NG flaws be revealed yet, but whole operating systems such as OpenBSD are already making major compromises due to how vulnerable Intel’s CPU architecture seems to be to speculative execution attacks.
Spectre is likely going to end up being an entire class of bugs that will keep on giving operating system developers headaches, as other security researchers and attackers find new ways to exploit Intel’s CPU architecture. That means we won’t see true fixes until Intel eliminates this class of vulnerabilities completely by overhauling its CPU architecture.
This may be at least partially true for chipmakers other than Intel, too, who should also consider doing the same in the next few years. For now, though, Intel seems to be primary target of Spectre attacks, and that likely won’t change anytime soon.
Maybe they can raise the Itanic (Itanium) again. But my guess is they will put heavy effort into ARM; specifically because there's where all the effort is putting forth these days.
Agreed. AMD will need to patch as well, although I think their architecture is more resilient to these types of exploits.
As soon as AMD drops that beautiful 7nm tech they will be ahead of Intel in IPC and probably will be able to match clocks at 5ghz on 4 6 and oh wait 8 core main stream, something Intel has yet to release. Shoot their 6 core still isn't even affordable for the mainstream you know the people who live from paycheck to paycheck, I use to be there.
I can afford this 8086k and a new z370 or 390 when it drops but why when my 4790k can hit 4.8ghz on a corsair h70 a push pull 120mm fan small radiator I know I can get 5ghz if I went with the h100i because I can get 4.9ghz with a house fan blowing on my case. So, Intel has been able to do this for the last 4 generations but didn't want to, so this new isn't even new still 14nm still based on core and HT why they stole AMD engineers in both cpu and gpu arch design HAHAHAHAHAHA. Sure ddr4 on the new boards and m.2 but I built a Ryzen x370 for half the price I could an Intel with very similar performance. Ryzen 3000 could see a bump in cores and threads or just clocks, they really have options and I knew AMD would be dropping a 32 core on threadripper 2 I am shocked they didn't for ripper 1.
Resilient but not impervious. ALl it will take is the right person to find the loophole. However right now Intel has the majority of the consumer and business desktop and the vast majority (near 99%) of server CPU sales. Which means the focus is on Intel to find the flaws that work to be able to breech and steal data. If AMD does get a much alrger presence in the server market then we would see more exploits come to light.
SMT and HT are the same exact thing. The difference is how they implement its design and how they want it to run. For AMD it seems to be load balancing, hence why there are a lot of programs that benefit from turning their SMT off. Its actually more like Intels first version of HT on the Pentium 4 which was better to turn off. Other than that they are exactly the same idea and technology. Bulldozer was different. It used a different variation of SMT.
Process size may or may not benefit performance. In most cases all it does is lowers power and thermals allowing for higher clock speeds.
It remains to be seen if that 7nm will do anything that well or not.