I'm not sure how new this news is but the repurcussions could be wide reaching if I understand it correctly, in particular people with Crypto wallets on their computers. Possibly even exchanges? Apparently every intel processor since 1995 has a design flaw exposing it to hacking. Artiicle from zero hedge - https://www.zerohedge.com/news/2018...esearcher-discovered-worst-flaw-intel-history
I think everyone has already released patches. I installed the windows patch for this yesterday and I haven't noticed any performance slow down yet. Also note you can't really fix the issue, but software patches can just make it harder to exploit. Spectre doesn't seem to be an issue for the average desktop user, but Meltdown could be an issue if you store usernames and passwords in the web browses or something like that. I don't think it's an issue for a crypto wallet where you manually enter the password every time. But someone please correct me if I'm wrong.
Just that I've been in the market for a new laptop and desktop. This may have convinced me to go for the AMD models. Edit that to add that it would appear AMD also suffer from the same flaw.
So from my understanding AMD is still affected by Spectre (this is where the CPU tries to predict and execute code that might be needed ahead of time in order to speed up things) This won't really be an issue for the average user. Regarding Meltdown (this is where an application gets access to memory space it should not have access too) it's said AMD is not effected. But this should be fixable in software, so i would think this will no longer be an issue once all software is patched. So for you i wouldn't really worry either way what CPU you go with. Also as always never use password managers.
I've done some further tests and have noticed a small 5%~ drop in my SSD read/write IOPS since applying the patch. It's not something i will notice in my everyday use, but it does show in a benchmark. Sequential Read/write speeds are unaffected. note, my SSD is a Samsung 850 Pro running on Windows 7. Can anyone else confirm IOPS drop after the patch?
Is this separate than the intel management engine vulnerabilties or connected to it? Are there any in the wild hacks for it yet?
So much bad news for them if that is the case! I believe that most of these vulnerabilities are put in place on purpose so that if there is a target there is a way in to their system. Doesn't even have to be a company plan either, just one tech guy working for some agency who puts in a bug no one notices and there you go.
I still believe in the mantra "Never attribute to malice that which can be adequately explained by stupidity".