Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Intel's 8th-Gen Xeon and Core Processors Feature Redesigned Hardware to Address Spectre and Meltdown Vulnerabilities
Intel CEO Brian Krzanich today announced that its next-generation Xeon Scalable (Cascade Lake) processors and its 8th-generation Intel Core processors will feature redesigned components to protect against the Spectre and Meltdown vulnerabilities that affect all modern processors.
Spectre variant 1 of the vulnerabilities will continue to be addressed in software, while Intel is implementing hardware-based design changes to offer future protection against Spectre variant 2 and Meltdown variant 3.
Ahead of the hardware changes, Intel says that software-based microcode updates have now been issued for 100 percent of Intel products launched in the past five years, and all customers should make sure to continue to keep their systems up-to-date with software updates.
Krzanich also reaffirmed Intel's commitment to customer-first urgency, transparent and timely communications, and ongoing security reassurance.
Apple began addressing the Meltdown and Spectre vulnerabilities back in early January with the release of iOS 11.2, macOS 10.13.2, and tvOS 11.2, which introduced mitigations for Meltdown. Subsequent iOS 11.2.2 and macOS High Sierra 10.13.2 Supplemental updates introduced mitigations for Spectre, as did patches for both macOS Sierra and OS X El Capitan in older machines.
Apple's software mitigations for the vulnerabilities have not resulted in any significant measurable decline in performance.
Spectre variant 1 of the vulnerabilities will continue to be addressed in software, while Intel is implementing hardware-based design changes to offer future protection against Spectre variant 2 and Meltdown variant 3.
We have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional "protective walls" between applications and user privilege levels to create an obstacle for bad actors.Intel's new Xeon Scalable processors and its 8th-generation Intel Core processors are expected to start shipping out to manufacturers in the second half of 2018.
Ahead of the hardware changes, Intel says that software-based microcode updates have now been issued for 100 percent of Intel products launched in the past five years, and all customers should make sure to continue to keep their systems up-to-date with software updates.
Krzanich also reaffirmed Intel's commitment to customer-first urgency, transparent and timely communications, and ongoing security reassurance.
Apple began addressing the Meltdown and Spectre vulnerabilities back in early January with the release of iOS 11.2, macOS 10.13.2, and tvOS 11.2, which introduced mitigations for Meltdown. Subsequent iOS 11.2.2 and macOS High Sierra 10.13.2 Supplemental updates introduced mitigations for Spectre, as did patches for both macOS Sierra and OS X El Capitan in older machines.
Apple's software mitigations for the vulnerabilities have not resulted in any significant measurable decline in performance.
Tags: Intel, Meltdown-Spectre
[ 55 comments ]
Top Rated Comments
(View all)
19 months ago
I was going to buy a new MacBook in January until all this came to light.
Can’t wait for new MacBooks now!
Wait, Idk there were different Meltdown and Spectre variants.
I guess I'll wait until 2019 to get a new Mac.
Yes because you both have super secretive data that everyone wants! :rolleyes:
It's a non issue for 99% of the world. Nobody is going to target the average person. There's nothing to gain. If I were going to exploit this flaw (which is pretty hard by the way), it would be on a Fortune 500 company, bank, intelligence agency or government agency that would net me something for my time and energy.
Not to see your pr0n or access the $500 dollars you have in your bank account.
19 months ago
Not to see your pr0n or access the $500 dollars you have in your bank account.
So I see you already have access to my data huh?... :)
19 months ago
8th-gen Core? Aren't kaby lake refresh, kaby lake G and coffee lake vulnerable to Meltdown and Spectre? Is Intel going to call Cannon lake 8th-gen Core? Intel really should clear their naming scheme.
19 months ago
Intel's 8th Generation is Coffee Lake, which is already released. So does this article mean 9th Generation?
EDIT: This article is poorly worded and needs to be revised, as it is incredibly confusing and misleading.
Brian Krzanich stated, "These changes will begin with our next-generation Intel® Xeon® Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel® Core™ processors expected to ship in the second half of 2018." (emphasis mine)
EDIT: This article is poorly worded and needs to be revised, as it is incredibly confusing and misleading.
Brian Krzanich stated, "These changes will begin with our next-generation Intel® Xeon® Scalable processors (code-named Cascade Lake) as well as 8th Generation Intel® Core™ processors expected to ship in the second half of 2018." (emphasis mine)
19 months ago
I was going to buy a new MacBook in January until all this came to light.
Can’t wait for new MacBooks now!
Can’t wait for new MacBooks now!
19 months ago
Wait, Idk there were different Meltdown and Spectre variants.
I guess I'll wait until 2019 to get a new Mac.
I guess I'll wait until 2019 to get a new Mac.
19 months ago
Linus Torvalds seems to have got early design specs, and he was let's say deeply unimpressed.
It seems that Intel's new chips can be switched to a fast + unsafe mode, or to a slow + safe mode. And by default they are running in fast + unsafe mode.
Important to notice that MacOS (and Windows, and single user Linux) are not affected because these attacks allow _attacking other users_ on the same machine if you have malware on your computer. For a single user computer, this doesn't add any new problems. Malware can attack the single user on a Mac anyway; being able to attack a second user is of very little importance.
The only problem is browsers which try to run lots of untrusted code in a sandbox, and that's where Apple probably had to take some action that might have caused a performance decline. Since these attacks rely on highly accurate timers, I think Apple just makes its timers very inaccurate when it runs JavaScript code.
It seems that Intel's new chips can be switched to a fast + unsafe mode, or to a slow + safe mode. And by default they are running in fast + unsafe mode.
Important to notice that MacOS (and Windows, and single user Linux) are not affected because these attacks allow _attacking other users_ on the same machine if you have malware on your computer. For a single user computer, this doesn't add any new problems. Malware can attack the single user on a Mac anyway; being able to attack a second user is of very little importance.
The only problem is browsers which try to run lots of untrusted code in a sandbox, and that's where Apple probably had to take some action that might have caused a performance decline. Since these attacks rely on highly accurate timers, I think Apple just makes its timers very inaccurate when it runs JavaScript code.
19 months ago
"Apple's software mitigations for the vulnerabilities have not resulted in any significant measurable decline in performance."
Is there a citation for this?
Is there a citation for this?
19 months ago
Apple's software mitigations for the vulnerabilities have not resulted in any significant measurable decline in performance.
That's not right.
I got a logic board replacement on MBP 15" (Late 2016) last week. After the repair my MBP came with 10.12.3 installed and I upgrade to 10.13.3. As per Geekbench CPU benchmark, there is 10% performance loss as below:
https://browser.geekbench.com/v4/cpu/compare/7364843?baseline=7353633
So far the performance has gone down progressively with Mac OS updates over time so I haven't realised but it was quite evident when I ran Geekbench before and after the upgrade with no other changes to the default installation.
19 months ago
Linus Torvalds seems to have got early design specs, and he was let's say deeply unimpressed.
It seems that Intel's new chips can be switched to a fast + unsafe mode, or to a slow + safe mode. And by default they are running in fast + unsafe mode.
Important to notice that MacOS (and Windows, and single user Linux) are not affected because these attacks allow _attacking other users_ on the same machine if you have malware on your computer. For a single user computer, this doesn't add any new problems. Malware can attack the single user on a Mac anyway; being able to attack a second user is of very little importance.
The only problem is browsers which try to run lots of untrusted code in a sandbox, and that's where Apple probably had to take some action that might have caused a performance decline. Since these attacks rely on highly accurate timers, I think Apple just makes its timers very inaccurate when it runs JavaScript code.
The crux of the problem is that speculative execution wasn't checking for memory protection bits. The only way to fix this is to check the memory protection bits, which introduces latency in that particular critical path. For most users this is completely unnecessary, which is why they have the unsafe mode.
The software 'patch' for this is basically to use a separate stack for any system calls, which is slow because it requires flushing the tlb.
[ Read All Comments ]
For this week's giveaway, we've teamed up with Vessel to offer MacRumors readers a chance to win a Signature 2.0 Backpack.
Vessel makes all kinds of backpacks, briefcases, and bags, but...
Discounts on the latest iMacs remain ongoing this month, with Amazon and B&H Photo now offering a new all-time-low price on the 27-inch Retina iMac with 8GB RAM and a 1TB Fusion Drive. This model...
Google and Apple calendars are not playing friendly right now.
As alerted to us by multiple MacRumors readers, there appears to be a syncing issue with Google Calendar and Apple's...
Apple Music today launched a new curated playlist called "New Music Daily," which as the name suggests, is updated every day with fresh songs.
Made up of "new music you simply...
Taylor Swift revealed today on Instagram that she will be the next partner in Apple's "Music Lab" sessions, which are available in Apple retail stores.
The Music Lab session will...
Satechi today announced the Type-C Dual Multimedia Adapter, which plugs into two of the MacBook Pro's USB-C ports to offer a handful of add-on ports.
In total, this includes: one 4K HDMI...
Spotify today announced that it is extending its free-trial period for Spotify Premium to three months, up from the previous one month that users would have to try out the paid service. With this...
OtterBox today announced a new expandable wireless charging system that it calls "OtterSpot," which includes one charging base that can power up multiple batteries and a smartphone...
