The cat is out of the bag, Google found this flaw and advised Intel 6 months before they made this flaw public. And yes it is a flaw that can be exploited and it will be exploited now that it is a known flaw. Anytime someone can exploit a flaw in some way for profit, it'll be done eventually.
Being the owner of a couple skylake cpu's, I'm not happy about that.
My next builds are going to be Ryzen's
The Intel IME exploit was just patched last December, but the flaw is still out their for those that are not patched yet. Has anybody used this flaw in IME? no not YET but it could be used in the near future (a whole nuther issue with Intel)
I do not want Intel's crap nor am I going to recommend anybody else trust Intel at this point in time
It was just last summer that a different exploit was released into the wild but M$ did patch it just before it came out.
And Net neutrality ain't dead yet either. Several states are attempting to sue the FCC for states rights to enforce net neutrality within their own states.
My apologies for turning this thread into something that draws away from the OP question
Here's the
flaw in your logic, see what I did there?
Both the USB/IME and speculative hardware flaws were around way before they were found, and before Project Zero made them public. Nobody utilized them because they weren't understood nor knew about. It took somebody the better part of
two decades to even find the speculative flaws. Some seriously talented people found them, it takes even more talented people without pay to exploit them. That's the key point and the flaw in all the paranoia. Even
more talented people
without pay to exploit. First they need to fully understand the issue, work around the exploits that were already easily patched (IE the java scripting exploit in the browsers), then exploit in a profitable manner. Now, let's backtrack to what I said earlier to put a spotlight on where I'm going here.
The attack specs from white hatters here at my lowly government facility have managed a 503Kb (yes kilobit) per second rate run in parallel. That's NOT a lot of data, so you need to have access to a massive pool which effectively leaves out the little guy for poised attack. We're talking terabytes of RAM with 100s of VMs utilizing shared memory pools.
Essentially this boils down to they need to first, hack into the machinery they want to attack, then release their exploit. When the average machine has 16GB of RAM (based on statistics from machines being sold from 2015 onward to the public prebuilt/laptop/etc) it takes 25 days for a Meltdown attack to run through speculative space (AKA reading shared memory between programs breaching speculative space). Now, what black hatter is going to spend 25 days to go through one machine? Now, when we're talking a multi-million dollar virtual cluster aka, Microsoft, Amazon, or Google with terabytes worth of pooled memory, and 100s of VMs per cluster. They can run the theoretical hack in parallel to quickly scan each cluster. They have a more probable chance of finding something good on services that host data for other big companies. This all of course assuming these unpaid people are clever enough to write such a hack, then proceed with said hack which requires other talents. This isn't like grandma downloading a sketch .exe off a chain email then all her tax documents are stuck in ransomware. They need hacking knowledge (since Meltdown and Spectre variant 1 are remote) and sufficient knowledge on the flaws that industry giants still don't fully understand.
Now, let's move on.
Being the owner of a couple skylake cpu's, I'm not happy about that.
My next builds are going to be Ryzen's
And by the time somebody actually can figure out the above A) they won't bother with a singular rando, and B) Skylake processors will be so outdated you'll probably be on your 3rd or 4th upgrade from there. Now here's the real kicker, you're so against having an Intel now but you still have yet to comment on the fact that AMD is also susceptible to Spectre. Unless you're going to sidegrade to a Ryzen Pro chip or EPYC server chip you won't have that precious SME everybody is talking about. AKA, you're still just as vulnerable as when you had an Intel chip in your machine. Considering the fact that variant 2/3 requires physical access for both architectures, it makes it sound pretty dumb to be so paranoid about it huh. Which is exactly why I posted the above posts, because this whole situation was blown out of proportion by tech media and social media posters that have literally 0 clue what they're talking about.
It was just last summer that a different exploit was released into the wild but M$ did patch it just before it came out.
Right, and Meltdown is also patched making the Intel/AMD chips on level ground with variant 2 and 3. Either way, the USB/IME flaw wasn't exploited, neither will this be. That's the point. If tech bloggers weren't so gung ho at taking pop shots at Intel while posting from their Surface Pros that have i5s in them nobody would be the wiser, and this would go unknown like USB/IME did.
And Net neutrality ain't dead yet either. Several states are attempting to sue the FCC for states rights to enforce net neutrality within their own states.
We had net neutrality for a whopping 2 years if that and nothing came of it. Title 2 allowed only a handful of companies to roll in certain remote areas around the US and caused ATT/TWC to get scared slightly, but other than that literally nothing has changed. We still had caps, slow over priced packages, and data throttling before and during the short lived TItle 2 classification. Here again, another thing blown way out of proportion. Is Title 2 being revoked bad? Sure, I hate it, but it's not the end of the world. We will all continue to browse the internet the same way we did pre-2015.
The OPs question is pretty much answered. Without further info nothing can really be said about OPs build.
