Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  What will Intel’s processor bug mean for your computer?

What will Intel’s processor bug mean for your computer?

Usually when you hear about large scale security problems, it’s because there’s been an obscure exploit of some incredibly complicated code that somebody’s worked out a way around, leading to the need for software patches, or an entirely human error where access was pilfered via purely social means. Hardware flaws that affect computer security aren’t unheard of, but they’re (thankfully) pretty rare.

Or, at least, they were. It’s been revealed that there’s a major bug affecting processors supplied by Intel, and also possibly AMD and even the ARM processor architecture that runs most smartphones and tablets. While the full extent of the issue isn’t entirely public, because companies are rushing to release updates to mitigate its severity, the worst affected has to be Intel, simply because of the chip giant’s massive presence in this space. Chances are pretty darned good that if you’re reading this on a computer, it’s got an Intel processor inside. Even Apple got on the Intel train many years ago, and to give some perspective, the issue relates to processors up to 20 years old. If you’re running a computer more than 20 years old, you’re probably safe, but you’re also probably painfully slow compared to what a modern computer can do.

Dubbed collectively Spectre and Meltdown, the issue relates to the way that modern CPU architecture does what is called “speculative execution”. That’s pretty much what it sounds like; the CPU performs a task that it estimates may be needed before it’s actually asked for, because that way if you do require that task, it’s already done and performance can be boosted remarkably for just a little potential overhead. Speculative execution has been part of computing for a long time now, and the Meltdown issue essentially attacks the areas of the CPU that store that speculative information, potentially allowing malicious parties access to it.

To put that in more concrete terms, imagine you’re using a password manager (which, if you’ve been reading this column long enough, you should know I encourage you in no uncertain terms to do) on your computer, and your actions lead the CPU to think that you might need a password soon for some task. It speculatively fetches that information, stores it for a very brief time and then moves on, whether or not you needed the password. While it’s storing it, the Meltdown bug could (in theory) make it accessible via the exploit.

You’ll notice I’m couching my terms here, and the good news is that while the existence of the exploit is public, the specifics are not, and as such there’s no clear evidence that any systems, personal or major have been attacked in this way just yet.

The Spectre bug (which may also affect AMD’s processors and the ARM architecture that runs most phones and tablets) works in a broadly similar way, although both Apple and Google say that most updated phones and tablets should at least be partially hardened against attacks. Apple says that while there’s potential for exploits, doing so would be “very difficult” for hackers. That’s not quite the same thing as impossible, but if you’re updated, you should be fine.

The same advice is true on the PC/Mac end of the scale, although at the time of writing major software updates were still pending for Windows 10 and macOS to cover consumer and business systems. As always, patch early and patch often to keep yourself safe, but also be ready for something of a performance hit.

That’s to do with our old friend speculative execution again. In order to fix the issue, its ability to preconfigure scenarios before execution has to be dialled back, and that means a potential system performance hit.

Now, quite how significant this will be is a little tricky to gauge right now. Some early reports suggested the hit could be as bad as 30%, while Intel’s own releases suggest a more moderate hit for most systems, possibly as low as 5% or less. Bear in mind that it’s not just your own PC that may see a slowdown, with many of the world’s largest servers that provide web services also potentially liable for slowdown issues. Having said that, some, like Amazon, have indicated that pre-existing patching and security is already present on most of its services, so the impact there may be lessened somewhat.

So what should you do? In short, make sure everything’s updated, from any hardware updates that your computer manufacturer supplies, through to software updates and even browser updates, because when (not if) attacks do come, they’re likely to be delivered over the web. Make sure you’re running anti-virus software with up-to-date security as well, because while again that’s a cat and mouse game, keeping your system safe in 2018 is going to be, well, rather important.

Share

Recent News

It’s tax time for many Australians, with some of us dreading debts while others plan for what they’ll do with a refund. Before you reach that stage, however, you’ve got to file your actual tax return, and this is where many of us can come unstuck. I’m not speaking here of the complexity of tax… More 

The ACCC is engaging in court action against South Korean technology giant Samsung. The ACCC alleges that Samsung has made false representation around its popular Galaxy smartphones. Specifically a feature of the higher end models, typically the Galaxy S and Galaxy Note phones that offer water resistance. The ACCC’s claims that Samsung’s advertising shows Galaxy… More 

The modern Internet runs on advertising, whether it’s those annoying pop-up or obscuring ads that get in the way of the content you really want to read, or pre-roll ads on video streaming sites. What’s less well understood by many everyday consumers is how all of these ads essentially play “together” to build a profile… More 

We’re nearing the end of the build phase of the National Broadband Network, which is due to be “completed” by 2020. I don’t want to touch on the politics of it to speak of. Many Australians are already on the NBN by now. If you’re not, you’re probably within the typical 18-month window for switchover… More