
Cloud companies consider Intel rivals after security flaws found - jonbaer
https://www.reuters.com/article/us-cyber-microchips-cloud/cloud-companies-consider-intel-rivals-after-security-flaws-found-idUSKBN1EZ1A4
======
shawn
The Intel flaw exposed something interesting:

We could get a >50% performance boost by ignoring security.

Think about that. 1.5x - 2x boost, on a single core. That's like doubling a
CPU's clock speed, except more powerful since it involves caching memory
(which is usually the bottleneck, not raw horsepower).

What would the TempleOS of CPUs look like, I wonder?

We ought to have the option of running workloads on such CPUs. Yes, they're
completely compromised, but if you're running a game server you really don't
have to care very much. Most data is ephemeral, and the data that isn't, isn't
usually an advantage to know.

Being able to run twice the workload as your competitors on a single core is a
big advantage. You saw what happened when performance suddenly dropped thanks
to the patch.

~~~
userbinator
This brings to mind articles and discussions I read in the early 90s about
differences in performance between running in real (or "unreal") mode and
protected mode --- yes, the extra permission checks, paging, segmentation,
etc. definitely add some overhead:

[https://groups.google.com/d/topic/comp.lang.asm.x86/YbQJ_m0d...](https://groups.google.com/d/topic/comp.lang.asm.x86/YbQJ_m0dDUg)

Thus they decided to do permissions checking in parallel with other
operations, leading to Spectre. It's interesting to note that the original
intent of protected mode was not as a real secure "security feature" immune
from all attacks, but more to provide some isolation to guard against
accidents and expand the available address space. The entire Win9x series of
OSs embody this principle.

 _What would the TempleOS of CPUs look like, I wonder?_

x86 running in unreal mode might be close. I wonder if anyone has done any
benchmarking of recent x86 CPUs in that mode...

~~~
wilun
> Thus they decided to do permissions checking in parallel with other
> operations, leading to Spectre

No. Leading to Meltdown. Spectre is fundamental to the way we approached any
speculative execution until now.

~~~
amelius
Any idea what will be the solution? Keep more speculative data in the
pipeline? Performance penalties on security faults? Complex rollback?

~~~
convolvatron
you could certainly extend the unused transactional support to do a chandy-
lamport thing, with the difference that when you run out of space isolated
cache versions, you just can't speculate any more.

it would be a lot of machinery

you could also do latency hiding with smt instead of trying to fight it head-
on with speculation. ultimately probably more productive, but either the
compiler or the programming model or the user has to expose that concurrency.

------
reacharavindh
We just had tech sales folks from major hardware vendor approach us with a
pitch to strongly consider AMD EPYC based servers for our next compute
purchase. They highlighted

* Value for money

* memory performance on inter core access

* more memory channels per core

* still within x86 ISA negating the need for any Se rewrites.

Our workloads are memory access bound. So the above points hit home.

We're going to try AMD servers for the first time at this research group. If
they do hold the promise, intel finally got some active competition in our
realm!

------
discoursism
If you weren't considering Intel alternatives before this, I'd argue that's a
real failure of imagination and risk management. I'm sure some of the really
small cloud providers weren't, but all the big players keep tabs on the path
to and pain of migration, at a minimum. Just because they weren't actually
using PowerPC/ARM/AMD does not mean they did not know how.

~~~
cm2187
Are PowerPC and ARM real alternatives? Most server software is developed for
x86 only, if you only offer ARM and PowerPC machines, who will be your
clients?

~~~
kikoreis
A lot of server software is actually open source and runs on most commonly
available hardware architectures, including ARM and PPC. You are right that
everybody develops assuming x86, though, and there is some friction in that
transition regardless of software portability.

------
MilnerRoute
I've been wondering if this will be the thing that brings a wave of new users
to open source RISC-V chips, starting a virtuous cycle of new chip development
and then more users for those new chips.

[https://hardware.slashdot.org/story/17/10/09/0019212/linux-n...](https://hardware.slashdot.org/story/17/10/09/0019212/linux-
now-has-its-first-open-source-risc-v-processor)

------
PyComfy
Qualcomm Falkor (ARMv8 AArch64) vs Intel Broadwell and Skylake

[https://blog.cloudflare.com/arm-takes-wing/](https://blog.cloudflare.com/arm-
takes-wing/)

Multicore AVX512 lowers the frequency

 _The Qualcomm CPU only has the 128-bit wide NEON SIMD, while Broadwell has
256-bit wide AVX2, and Skylake has 512-bit wide AVX-512. This explains the
huge lead Skylake has over both in single core performance. In the all-cores
benchmark the Skylake lead lessens, because it has to lower the clock speed
when executing AVX-512 workloads. When executing AVX-512 on all cores, the
base frequency goes down to just 1.4GHz---keep that in mind if you are mixing
AVX-512 and other code._

------
qwerty456127
Though not an unquestionable and not ultimately reliable one, using comparably
rare hardware and software usually is a valid security measure. Now as Linux
has gained solid market share the "no viruses for Linux" era comes to its end
and Linux-capable ransomware is emerging I am considering moving to OpenBSD
not only because security is among the top priorities of its design but
because it's a way more exotic too.

------
walkingolof
I hope this will give RISC-V a boost also, more competition from more vendors
is what the CPU market need.

------
earenndil
I don't think throwing intel out entirely is a solution, but rather,
diversification. What if there later comes out another vulnerability granting
arbitrary code exec given a specific bytestring in memory, which only intel
processors are immune to? Better to have as many as possible of as many
_different_ CPUs as possible. Just like, e.g. backblaze has done with HDD
manufacturers.

~~~
martin_bech
That could be a nightmare to maintain, and also garanties the opposite.
Everytime there is a CPU exploit, you will be hit.

------
mc32
Enter Itanium.

I mean, we know they are all saying "arm" and "amd" both as negotiating tactic
as well as strategically diversifying microarchitectures. That said, I'm not
sure it's like amd can deliver more instructions per second per dollar.

I wonder if it would make sense for some loads to prepare for Itanium usage,
or even older Atom architectures? Does any one deploy Itanium in the cloud?

~~~
DSMan195276
It's worth noting that only pre-2013 Itanium CPUs are not vulnerable to
meltdown (The same as with Atom CPUs). Intel has also said that the Itanium
chips released in 2017 would be the last Itanium chips they will develop, so I
don't think there's any reason to bother switching to Itanium. I would wager
it's guaranteed you'll be better-off with the latest AMD instead of a 2013
Itanium, and AMD supports x86-64 so it doesn't require making your full
software stack support Itanium (Which it likely doesn't).

~~~
benjaminl
> and AMD supports x86-64

I am sure you didn’t mean it this way, but it struck me as funny saying AMD
supports x86-64. Of course AMD supports x86-64, they invented it. That is why
Microsoft and Linux refer to that architecture as AMD64.

[https://en.wikipedia.org/wiki/X86-64#History_2](https://en.wikipedia.org/wiki/X86-64#History_2)

------
pkaye
Aren't ARM processors are vulnerable to some of the same security flaws? What
are the alternatives? AMD got lucky in a sense but the reality is you can't be
on any one horse.

~~~
electrograv
AMD is no more lucky than ARM, though Intel was ‘unlucky’: Spectre affects
Intel, AMD, and ARM alike, while Meltdown Intel CPUs disproportionately (AMD
and ARM CPUs have been _mostly_ unaffected by it).

~~~
DSMan195276
That's not entirely accurate. There are a lot of ARM CPUs that are not
vulnerable to Spectre, and that includes a lot of them that are in use in
actual devices. For example, my phone happens to use a Cortex-A53, which is
not vulnerable. It is however easy to miss this detail from their 'security
update' [0] because the table doesn't list CPUs that aren't affected.

Also, I don't believe the single ARM CPU that's vulnerable to meltdown
(Cortex-A75) has actually been included in any devices at this point, so for
now it is safe to assume any ARM-based device you have is not vulnerable to
meltdown.

[0] [https://developer.arm.com/support/security-
update](https://developer.arm.com/support/security-update)

~~~
Narishma
I believe Apple's ARM CPUs are vulnerable to Meltdown.

~~~
colejohnson66
Not the Watch though. Apple, as expected, hasn’t said why.

~~~
protomyth
Probably because its a much simpler core like all the other chips that are
immune. It simply doesn't do the the logic that would get the chip in trouble.

------
therealmarv
Did Intel said WHEN this is fixed in hardware? Or are we supposed to buy this
hardware bug in the next generations???

~~~
burnte
There won't be a hardware fix, you can't patch CPUs (aside from microcode
which is just more software). Since this is a pretty fundamental issue wit how
certain things work, yes, you'll have to wait for a new generation, and I
couldn't expect anything in less than a year at the absolute earliest. It's a
multi-year process from design to tape-out and fabrication. Honestly, I'm not
sure how far back in the design process fixing this will take, it is something
that can be added in as permanent microcode after fabrication/during
packaging? Can current designs be "patched" before moving on to tape out? Do
we need to go back to square one and rethink a couple key premises? I don't
know. But it's not quick.

------
shaklee3
For what it's worth, the power9 servers look great. Not sure if they'll live
up to the hype, though.

~~~
newman314
POWER is vulnerable to Spectre. I’m trying to get definitive confirmation that
it’s affected by Meltdown (firmware notes say yes)

~~~
shaklee3
I was coming at it more from a "having alternatives is good" comment instead
of saying it's not vulnerable to the new problems. The specs look interesting
enough to benchmark on, and perhaps if it actually does perform better, then
even with patches it will stand out.

~~~
newman314
For those who are curious about POWER, here is the firmware link for a 880.

[https://download4.boulder.ibm.com/sar/CMA/SFA/07d79/0/01SC86...](https://download4.boulder.ibm.com/sar/CMA/SFA/07d79/0/01SC860_138_056.html)

 _In response to recently reported security vulnerabilities, this firmware
update is being released to address Common Vulnerabilities and Exposures issue
numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Operating System
updates are required in conjunction with this FW level for CVE-2017-5753 and
CVE-2017-5754_

------
amelius
By the way, how secure is GPU programming, when the GPU is accessed by
multiple users?

~~~
jnwatson
Not at all.

------
NiklasMort
the AMD EPYC single socket processors are definitely worth considering, love
them

~~~
thisisabore
Can you explain why, at least briefly?

~~~
ihsw2
They have vastly more PCIe lanes, which makes them exceptionally suitable for
high-density GPU nodes (or, similarly, high-density NVMe storage nodes).

AMD also offers superior value for the money on a per-CPU basis, even after
discounts (which both Intel and AMD offer generously). This makes them
exceptionally suitable for high-memory nodes.

------
jacksmith21006
Thought Google had already ported their services to Power?

------
known
This is a serious bug;

A website can read data stored in the browser for another website, or the
browser's memory itself.

[https://en.wikipedia.org/wiki/Spectre_(security_vulnerabilit...](https://en.wikipedia.org/wiki/Spectre_\(security_vulnerability\))

------
xemdetia
My funniest thought of this whole affair that whatever performance upsizing
happens in the front is probably going to be with manufacturer discounts from
Intel from Amazon Google complaining and the cloud providers may end up with a
windfall in the gap.

------
acd
Apple could start their own cloud servers their CPUs are fast enough. Apple
are competitive if you weight in power/performance.

Geekbench scores Apple A11 CPU multi score 10176 Intel Intel Xeon E5-2696 v4,
2 cpu score 82225

Geekbench scores of Intel
[https://browser.geekbench.com/v4/cpu/5249111](https://browser.geekbench.com/v4/cpu/5249111)
Geekbench scores of Apple
[https://browser.geekbench.com/ios_devices/51](https://browser.geekbench.com/ios_devices/51)

~~~
ferongr
Geekbench is not a very good benchmark.

