'

Intel's mitigation for Spectre Variant 4 can reduce performance by 2-8%

Spectre still looms over Intel

Intel's mitigation for Spectre Variant 4 can reduce performance by 2-8%

Intel's mitigation for Spectre Variant 4 can reduce performance by 2-8%

Two new variants of Google's Project Zero speculative execution exploits have been discovered, jointly discovered by Google's Project Zero and Microsoft's Security Response Centre. 
 
These new exploit variants are known as variant 3a and variant 4, both of which are known to affect Intel processors. So far these attacks have not been found in the wild, though they nonetheless present a huge security hole to CPU makers, which need to be mitigated to ensure the safety of their users moving forward. 

Intel has developed mitigations for both variants 3a and 4 and has delivered these updates to OEMs and system software vendors for testing, though the performance impact of these updates is what is most noteworthy. Intel's variant 3a mitigations are said to have a negligible performance impact, though their variant 4 fix has been found to have a 2-8% performance impact on SYSmark 2014 SE and SPEC integer rate on both client and server test systems. This performance reduction may not be representative of consumer/desktop workloads.

Intel has decided to set their Spectre 4 mitigations as "off-by-default", giving users a choice whether or not they enable the fix, though put simply this is a trade-off between performance and safety. While some users will appreciate the ability to turn off the mitigation, to maintain their pre-update performance levels, leaving the fixes off by default will leave many systems compromised.  Intel wants to keep their performance lead over their competition but compromising their security in this way an irresponsible move for the company. This update should be enabled by default with the ability to turn it off; systems should be secure by default.  
 

    We’ve already delivered the microcode update for Variant 4 in beta form to OEM system manufacturers and system software vendors, and we expect it will be released into production BIOS and software updates over the coming weeks. This mitigation will be set to off-by-default, providing customers the choice of whether to enable it. We expect most industry software partners will likewise use the default-off option.  In this configuration, we have observed no performance impact. If enabled, we’ve observed a performance impact of approximately 2 to 8 percent based on overall scores for benchmarks like SYSmark® 2014 SE and SPEC integer rate on client and server test systems.

This same update also includes microcode that addresses Variant 3a (Rogue System Register Read), which was previously documented publicly by Arm* in January. We have not observed any meaningful performance impact on client or server benchmarks with the Variant 3a mitigation.3 We’ve bundled these two microcode updates together to streamline the process for our industry partners and customers. This is something you will see us continue, as we recognize that a more predictable and consolidated update process will be helpful to the entire ecosystem.

  

Intel's mitigation for Spectre Variant 4 can reduce performance by 2-8%

 

Spectre-like vulnerabilities remain a concern for every major CPU manufacturer, including both AMD and ARM. It is likely that other similar vulnerabilities will be discovered in the near future, hopefully heralding a new era of safe processor designs which were created with these kinds of exploits in mind from the outset. 

You can join the discussion on Intel's Spectre 4 mitigations having a 2-8% performance impact on the OC3D Forums

«Prev 1 Next»

Most Recent Comments

22-05-2018, 08:06:21

AlienALX
Yeah I read somewhere the other day it was getting worse. Ah well, too much invested to change now.Quote

22-05-2018, 14:53:57

TheF34RChannel
Well both companies their CPUs are under a microscope now so I expected more to be found.

I wonder where we can enable/disable it once installed?Quote

22-05-2018, 16:16:20

Dicehunter
Quote:
Originally Posted by TheF34RChannel View Post
Well both companies their CPUs are under a microscope now so I expected more to be found.

I wonder where we can enable/disable it once installed?

Unless you or I i.e the general non server customer, Are doing these types of workloads, They won't affect us Quote

22-05-2018, 16:27:45

TheF34RChannel
Quote:
Originally Posted by Dicehunter View Post
Unless you or I i.e the general non server customer, Are doing these types of workloads, They won't affect us
So leave it disabled then?Quote

22-05-2018, 16:28:38

Dicehunter
Quote:
Originally Posted by TheF34RChannel View Post
So leave it disabled then?

No I mean even if it's enabled it won't affect your gaming as these patches only seem to affect server type workloads Quote
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.