- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Microsoft Surface Pro-Processor Security Flaw-Should I Return It?
Posted on 1/5/18 at 7:52 am
Posted on 1/5/18 at 7:52 am
I bought the new Microsoft Surface Pro about 15 days ago and love it. However, with this news of nearly all laptops prone to a security breach due to a flaw in the intel chips (I think), should I return it and wait till the next wave of Microsoft Surface's that fix this issue?
I keep seeing concerns about the updates companies are going to roll out could affect the speed of computers/tablets/etc up to 30% and slow them down.....
I can easily wait another 6 months or so for a new laptop, considering how much it cost me..... I have 90 days from the date of purchase to return it.
Again, I love the Microsoft Surface Pro, but I do have the luxury of returning it and letting all of the computer companies figure out how bad this security mix up really is and fixing it internally in the next generation of products.
Also, I probably butchered the exact language and problem of what's truly happening with the security issue, but nonetheless, I know it's something affecting nearly all current computers.
Microsoft Issues Security Updates For Surface
Article Outling Problem
TLDR; Should I return my Microsoft Surface Pro until this security/intel chip threat is resolved? Thanks for everyone's help.
ETA: It's a Microsoft Surface Pro not just the Surface laptop but I doubt that matters
I keep seeing concerns about the updates companies are going to roll out could affect the speed of computers/tablets/etc up to 30% and slow them down.....
I can easily wait another 6 months or so for a new laptop, considering how much it cost me..... I have 90 days from the date of purchase to return it.
Again, I love the Microsoft Surface Pro, but I do have the luxury of returning it and letting all of the computer companies figure out how bad this security mix up really is and fixing it internally in the next generation of products.
Also, I probably butchered the exact language and problem of what's truly happening with the security issue, but nonetheless, I know it's something affecting nearly all current computers.
Microsoft Issues Security Updates For Surface
Article Outling Problem
TLDR; Should I return my Microsoft Surface Pro until this security/intel chip threat is resolved? Thanks for everyone's help.
ETA: It's a Microsoft Surface Pro not just the Surface laptop but I doubt that matters
This post was edited on 1/5/18 at 9:30 am
Posted on 1/5/18 at 8:03 am to The Connoisseur
the "new" code will be essentially the same as the patched code. i wouldnt return it over this
Posted on 1/5/18 at 8:42 am to The Connoisseur
I wouldn't worry about it. Windows 10 is getting a patch with its next update, which you will automatically get.
Posted on 1/5/18 at 9:22 am to The Connoisseur
Some of the exploits can also occur through your browsers which are being temporarily patched as well. Chrome can partially be fixed in temporary way by enabling the 'strict site isolation' flag
chrome://flags
#enable-site-per-process Enable
(the above should only be done temporarily) because they are working on major patch by the middle of the month it may cause a drop as much as 20-30% performance.
Also, if you can help it turn off javascript on sites that you don't need it.
Certain browser extensions can do this in a granular way so you would not need to turn JS on and off constantly.
chrome://flags
#enable-site-per-process Enable
(the above should only be done temporarily) because they are working on major patch by the middle of the month it may cause a drop as much as 20-30% performance.
Also, if you can help it turn off javascript on sites that you don't need it.
Certain browser extensions can do this in a granular way so you would not need to turn JS on and off constantly.
Posted on 1/5/18 at 9:32 am to civilag08
quote:
(the above should only be done temporarily) because they are working on major patch by the middle of the month it may cause a drop as much as 20-30% performance.
But like you said, this will only be temporary? Just wanting to make absolute certain I'm understanding you correctly.
Thanks everyone for the responses so far. It sounds like it wouldn't really benefit me to return the device as updates are being rolled out and won't cause a slow down in the long run.
Posted on 1/5/18 at 9:50 am to The Connoisseur
and return it for what?
a shitty laptop with an AMD cpu? an apple with a 15 yr old kernel exploit?
a shitty laptop with an AMD cpu? an apple with a 15 yr old kernel exploit?
Posted on 1/5/18 at 10:08 am to jcole4lsu
I'm admitting to not knowing all the X and O's here but return it in case it was something internal that a push update wouldn't resolve, which it sounds like a new Windows update will fix this.
I've still got time left on the 90 day trial period, so I don't see why I wouldn't if this was something that would be fixed internally in a newer model that couldn't be fixed with a push update.
I've still got time left on the 90 day trial period, so I don't see why I wouldn't if this was something that would be fixed internally in a newer model that couldn't be fixed with a push update.
Posted on 1/5/18 at 10:23 am to The Connoisseur
quote:
I don't see why I wouldn't if this was something that would be fixed internally in a newer model that couldn't be fixed with a push update.
It will NOT be able to be fixed internally in the short term. The problem is not in software. The problem is literally set in stone in how the processor is physically built. Nothing can be done to fix it. It will take Intel some time to correct the flaw, redesign the chip, and modify their production facilities to build new chips that don't have the vulnerability.
Whether that's weeks or months is still left to be seen.
This post was edited on 1/5/18 at 10:24 am
Posted on 1/5/18 at 10:29 am to TigerstuckinMS
What's your opinion? Do you think I should return it?
I already have a halfway decent functioning laptop I had before the Surface Pro purchase and don't really need one desperately right now. I could easily wait +-9 months. 95% of my work is done at my desktop at work.
I already have a halfway decent functioning laptop I had before the Surface Pro purchase and don't really need one desperately right now. I could easily wait +-9 months. 95% of my work is done at my desktop at work.
Posted on 1/5/18 at 10:36 am to TigerstuckinMS
Intel says a push update will fix the issue
Good news
I'm assuming I'd fall in that 90% but still slightly concerning
This is the part that cocnerns me..... I don't want any hit to the speed on a brand new laptop. But if it's truly minor, I doubt I'd notice.
quote:
Intel was rocked this week after Google engineers discovered two major security flaws in the way the company's chips operate. One of the flaws were said to be unfixable by a simple software update. However, Intel's stock is up 0.63% to $44.71 on Friday after the company said it has found a fix to the previously unfixable problem.
Good news
quote:
But Intel said that it had found a fix for 90% of its processors made in the last five years and that the fix will be ready by the end of next week. If Intel is right, it will have closed a major security flaw in its processors.
I'm assuming I'd fall in that 90% but still slightly concerning
quote:
Intel also said it doesn't expect a major performance hit to its processors when it launches the fix, which was a concern of Google's. Pundits have said that computer performance could take as much as a 30% hit because of the way the security patch would have to change how processors function.
This is the part that cocnerns me..... I don't want any hit to the speed on a brand new laptop. But if it's truly minor, I doubt I'd notice.
Posted on 1/5/18 at 10:56 am to The Connoisseur
Okay, there are TWO separate flaws. One, Meltdown, is the flaw that made the big news in the last week. This is the one that is fixed through patching the OS and this fix is the one responsible for the speed hits.
The second (and really more serious flaw even though it didn't get all the press), Spectre, is the one that Intel apparently claims they'll be able to fix through microcode updates. I don't know anything about these claims, as I haven't read them.
You're still going to see performance hits from the first. You're also absolutely right that the performance hits you would see may be so minor that you won't notice them. On the other hand, they may effectively eliminate a third of your processor's computing power. It's all dependent on whether or not your software requests a lot of system calls, like hard drive or network access.
The second (and really more serious flaw even though it didn't get all the press), Spectre, is the one that Intel apparently claims they'll be able to fix through microcode updates. I don't know anything about these claims, as I haven't read them.
You're still going to see performance hits from the first. You're also absolutely right that the performance hits you would see may be so minor that you won't notice them. On the other hand, they may effectively eliminate a third of your processor's computing power. It's all dependent on whether or not your software requests a lot of system calls, like hard drive or network access.
Posted on 1/5/18 at 11:05 am to TigerstuckinMS
Thanks for the help. Dang, I kinda don't want to roll the dice and may just return it and see what the news outlets etc. end up saying and go from there.
Posted on 1/5/18 at 12:31 pm to The Connoisseur
I work in cybersecurity and if that were my surface pro I would keep it.
Make sure you keep your browsers up to date, OS patched, install any firmware updates Microsoft releases and stay off of shady websites and you will be fine.
Make sure you keep your browsers up to date, OS patched, install any firmware updates Microsoft releases and stay off of shady websites and you will be fine.
Posted on 1/5/18 at 12:48 pm to humblepie
Thanks, Humblepie. I'm back to keeping it
Posted on 1/5/18 at 1:14 pm to The Connoisseur
quote:
Intel says a push update will fix the issue
Yeah, provided your motherboard or device manufacturer deigns to issue an update. I'm skeptical ASUS, MSI, Gigabyte, etc are going to issue updates for 5 year mobos.
Posted on 1/5/18 at 4:19 pm to Spock's Eyebrow
This isn't just an intel issue. This is a CPU design flaw and vulnerability that affects intel, AMD, and ARM chips. It's not going to be fixed with software. They will be mitigated somewhat, with performance drawbacks because it involves disabling the speculative cache, which basically speeds up memory retrieval by 200 times.
Posted on 1/6/18 at 9:16 am to The Connoisseur
A lot of patching can/will be done via software/firmware, but as already mentioned, to truly rectify the problem it will take hardware with an updated design. While they've known about it for a few months and likely have been scrambling, I wouldn't expect 'fixed' processors to come out for months at minimum, and even then, unless you're looking to outright purchase one of the new processors (not possible with a laptop/surface), you'd have to wait until the laptop manufacturer comes out with a hardware refresh to include the new line of chips. Also possible that the new chips may be rushed and have some other bug/flaw, but that's purely speculation. While all this may be accelerated to be done faster than normal, I wouldn't expect to see new 'fixed' machines rolling out until the end of the year at the earliest, and quite possibly much later than that. Hopefully there will be enough software mitigations to make all of this a near-non issue very soon, but there are still a lot of things being investigated with all of this.
In short, keep your Surface if you like it.
In short, keep your Surface if you like it.
Posted on 1/6/18 at 4:20 pm to LSshoe
To follow up, I've installed the Meltdown patch for Windows 10 and benchmarks are running about 3% slower. So for my machine, the hit is negligible. App. 3 year old Core I7-4720HQ, 16GB RAM, 1TB SSD, NVidia GTX-960M. So, it's nowhere near a bleeding edge machine.
This is just a benchmark and I don't typically run anything that would be expected to suffer greatly from the increased overhead resulting from the patch, so YMMV.
EDIT: To be clear, this was ONLY with the OS patch installed. The Spectre mitigation at the hardware level has not been installed. Spock's response below is absolutely correct in that the OS patch is almost certainly not enough to protect against both related vulnerabilities, though it does protect against the broader and most likely attack vector.
This is just a benchmark and I don't typically run anything that would be expected to suffer greatly from the increased overhead resulting from the patch, so YMMV.
EDIT: To be clear, this was ONLY with the OS patch installed. The Spectre mitigation at the hardware level has not been installed. Spock's response below is absolutely correct in that the OS patch is almost certainly not enough to protect against both related vulnerabilities, though it does protect against the broader and most likely attack vector.
This post was edited on 1/7/18 at 12:49 pm
Posted on 1/6/18 at 4:56 pm to TigerstuckinMS
To all, the patch may not be fully enabled. Your mobo provider will have to issue a BIOS update for the Spectre mitigation, and they are loath to do that for older mobos. After installing the Windows update, you should run the Powershell script Get-SpeculationControlSettings, as described here:
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Posted on 1/7/18 at 11:20 pm to Spock's Eyebrow
quote:
To all, the patch may not be fully enabled. Your mobo provider will have to issue a BIOS update for the Spectre mitigation, and they are loath to do that for older mobos.
Unsurprisingly, Asus is going back just 3 years:
ASUS Motherboards Microcode Update for Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Popular
Back to top
Follow TigerDroppings for LSU Football News