New Intel CPU vulnerability
Time to reset the "It's been __ days since the last Intel CPU vulnerability" counter!
We present CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. We show that despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data.
Moreover, unlike previous MDS issues, we show in our work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available. Finally, we empirically demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves.
Microcode updates are supposedly already available. Best update ASAP, if you're running Intel and haven't yet... you know the drill.
Comments
sigh..
ExtraVM - No BS KVM NVMe VPS
RackColo - Find colocation plans
Meanwhile, @intel, "We are excited to announce that we are now making mediocre gpu."
I don't think they make CPU anymore.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
@clouvider Ryzen please.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
"Ryzen is a desktop processor"
ExtraVM - No BS KVM NVMe VPS
RackColo - Find colocation plans
That's going to sadly be a stance that looses customers in 2020, really tired of all this crap.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
I am just happy to be almost xeon free. At this point, even opetrone feels better.
Nexus Bytes Ryzen Powered NVMe VPS | NYC|Miami|LA|London|Netherlands| Singapore|Tokyo
Storage VPS | LiteSpeed Powered Web Hosting + SSH access | Switcher Special |
I don't know about that lol... Opterons are something...
ExtraVM - No BS KVM NVMe VPS
RackColo - Find colocation plans
Yes, and I don't say the quotes to be a dick, but there's a fair market for them and it will just grow. It's why I got some of the Ryzen stuff immediately when the ASRR boards were more available (and it's the reason why OVH uses the ASRR boards for their new Ryzen line.) I've never had an issue with it, across any CPU I've ran and any common memory kits (including UDIMM.)
I really don't want OVH and Hetzner to be the only ones to do it again. I would colo more if I didn't have to deal with shipping.
ExtraVM - No BS KVM NVMe VPS
RackColo - Find colocation plans
I knew Intel was going rapidly downhill when they decided to come up with Xeon Poo, Silver, Gold, Pee editions.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
Got our first test ryzen node up the other day. Runs like a champ.
I expect to do a full Vegas replacement inside the next 60 days.
@joepie91 anyone have benchmarks to see the performance loss?
Francisco
?
Nexus Bytes Ryzen Powered NVMe VPS | NYC|Miami|LA|London|Netherlands| Singapore|Tokyo
Storage VPS | LiteSpeed Powered Web Hosting + SSH access | Switcher Special |
What about Epyc? Did it go off the ground?
Server market takes a long time to penetrate. From what I am hearing, it's slowly getting there due to Intel's inability to compete.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
Epyc.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
It’s more expensive.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
gotta milk that enterprise money
Ryzen.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
I really fancy trying out an Epyc server but no use for one (currently).
I've got a Ryzen server but only as it's also got ECC RAM.
Ryzen is simply a better choice and ticks every box in this market segment especially and out performs/delivers over any intel server CPU in the same ballpark, I hate to say it especially as everyone knows how hard I ride the @clouvider train but sadly that train only seems to stop at intel stations now and I may need to consider another route.
1 intel bug... ok, 2 hmm, 3, are you shitting me, 4,..... FOUR!!! ... oh fuck off intel.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
@AntGoldFish speaks the truth.
There is absolutely no reason to use Intel CPU at the moment. Mobile segment is slightly different and I favor Intel mobile over Ryzen mobile but that's a different story.
P.S. Still replaced my Intel laptops with Ryzen ones.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
Ryzen shows better performance, but AFAIK it is not generally more secure. This particular vulnerability affects Intel specifically, but speculative execution attack vector is present in AMD as well.
Also, are there platforms with Ryzen and IPMI?
It’s simply not possible to deliver what you are looking for at a reasonable price, at scale, in these DCs at these power and space costs with Ryzen. Math doesn’t add up, nor it would if you calculated colo in the same locations. I’ll start with the lack of blade chassis followed by the power consumption, but really there is so much more limitations. Show me a blade chassis with Ryzen and we will happily look into it.
Epyc is the way to go, wish more people were interested, or that AMD decided to make something between nothing and a very big server CPU, but that’s their choice and that’s why we have ordered another couple hundred of Intel CPUs to beef up the existing locations. Believe me, Il be the first one to jump to AMD after all I’ve been through with Intel as soon an actual alternative becomes available, there is none at the moment.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
There are some. Choice is extremely limited though and from those majority are indeed aimed at workstations - not servers, as per their very own marketing.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
Another day, another Intel CPU hacked. AMD gets more and more premium as days go by.
The only people who would argue that Intel are the best would be those who recently purchased any quantity of Intel CPUs.
Get the best deal on your next VPS or Shared/Reseller hosting from RacknerdTracker.com - The original aff garden.
Maybe at datacenter level the demand for Ryzen is not that much, so many can only rely on hetzner,rs,OVH etc
And some enthusiast providers like extravm who own their hardware as well
Don't know about blade but is that the answer to changing needs?
I bench YABS 24/7/365 unless it's a leap year.
What do you want a provider to do when there are simply no suitable platforms, for the very reason that the CPU is not designed for this use case? This is not something that can be reasonably addressed at this level.
Of course one can provide a custom “server” based on this CPU but it won’t be as functional nor as competitive as Intel platform in the enterprise setting.
Really, google and have a look what metal is available to buy, you won’t be pleased with the result.
You’re addressing your frustration with Intel to a completely wrong person.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
No one says no, EPYC is the answer, if you need the actual density and have a budget for that.
Clouvider Limited - VPS in 11 datacenters - Intel Xeon/AMD Epyc with NVMe and 10G uplink! | Dedicated Servers
I have Cascade Lake with hyper-threading and virtualization turned off. Do I need to worry?
Intel is no longer the best. Xeon has only 48x PCI3.
EPYC has 128x PCI4, although I couldn't find a motherboard with more than four 16x PCI4 slots.
No hostname left!
Intel still good for single tenant virtualization workloads right or ones with just a couple of trusted tenants?
Yes. Not for providing commercial VPS services, or at least I would be concerned as an informed customer on mitigation measures. However, at this point, it might be less troublesome to switch and have peace of mind for a while. There seems to be some poor technical culture on Intel's end that resembles Boeing. Pick one of the few reliable AMD providers @seriesn @Delong @MikeA and move.
Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow