# Intel nightmare



## WindcryMusic

I am completely freaked out by this:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

I mean, a ~30% performance penalty across the board, coming to every Intel-based system? If Apple deploys the same kind of fix that Microsoft and Linux are already working on, it would probably render my iMac incapable of supporting the music production I am currently doing on it. I can only hope Apple (and Microsoft, too, although the latter seems unlikely) will make it an optional patch - I'd much rather run a slightly elevated risk of having my systems compromised than to basically render them useless for the sake of being slightly more secure.


----------



## Pier

I doubt the patch will be optional as this is a very serious security threat.

I also doubt that regular users will notice a performance difference as most CPUs sit idling. Cloud servers providers will be the biggest companies hit by this.

As for audio I really have no idea how it will impact real time performance. Maybe it will be time to move to a PC with AMD (I’m a mac user too).


----------



## wayne_rowley

"The downside to this separation is that it is relatively expensive, time wise, to keep switching between two separate address spaces for every system call *and for every interrupt from the hardware*."

This is potentially very serious for DAW users. This could *kill any hope* of decent low-latency audio performance in any but the most modern/fastest processors (and maybe even those). We'll have to see when the patch is released and forced upon us in the usual Windows Update fashion...


Suddenly Ryzen/AMD begins to look more appealing... assuming Microsoft don't apply the patch across all processor types!


----------



## mc_deli

"Cloud migration, consumer device saturation and the defeat of Moore's law prompt big tech to slow down all systems by 25% to shorten the hardware replacement cycle" it says here


----------



## Celestial Aeon

Has anyone tried if https://www.windowscentral.com/how-stop-updates-installing-automatically-windows-10 these kinds of hacks might allow you to turn Windows 10 autoupdates off from studio machines?

Edit: 

 

I followed these guidelines and disabled the auto updates for the time being. I'm going to leave my Windows 10 Cubase 9 environment as it is and just connect it to internet behind firewall only for possible Native Instruments updates or such if needed and then upgrade the Windows 10 only after I purchase a new CPU.


----------



## LFO

This is a significant event. Reports are showing at least a 5% performance hit and up to 30% with the current patches. This very well may not change as the problem is specific and unavoidable, outside of purchasing a new chip once chips with a fix are manufactured. The administrative headaches and costs incurred for this vulnerability will cause for companies is going to be enormous. If you think about it, virtualized systems are going to get hit hard. I/O intensive workloads like databases, machine learning, etc. may be the worst hit. For us DAW using consumers we will also be hit performance wise, at least from the I/O interrupt side. Of course, we won't know until some testing is done, but I cannot imagine that having every single interrupt call being delayed will not have an impact on performance. 

At this point we have three main choices:
1. Do nothing.
2. Take your DAW offline and use another box to handle all on line activity.
3. Use the patch and take the performance hit.

Financially and administratively we will take a hit because the real solution to the problem will be to upgrade to a newer chip that doesn't have the vulnerability. (And possibly a new motherboard if their current MB doesn't support the new chip.) That's not cheap. Mac Users won't have the option of just swapping out chips, they will have to upgrade their entire system. We will then have to deal with everything that goes with hardware changes. Windows and any software that uses hardware authentication will have to be reinstalled or re-authorized. Ugh.

While nothing is set in stone yet, the current fix is bad. It's kind of like if you break your leg in the woods and have to walk out on a splint. You might be able to do it, but it's going to be slow. I consider this patch to be a quick fix; really, it had to be. Hackers will descend on this vulnerability like vultures on a fresh corpse. Companies (and consumers) need to board up the hole in the wall first and foremost and then look at a more elegant solution. So we will have to wait and see. In a true sense of irony, AMD was happy to announce the vulnerability did not apply to AMD chips. However, the Linux fix currently does not differentiate between AMD and Intel and thus AMD users who install the patch will also get the performance hit. Microsoft hasn't released a patch yet and apparently won't until the next Patch Tuesday (an eternity if you ask me) and so we won't know if they differentiate between brands or not. Fortunately, the details of the vulnerability are not being published, so any hackers working on this are working somewhat in the dark. 

How this turns out will be very interesting. I can't think of a vulnerability that comes close to the potential cost this one could cause. If you think about it, all Intel 64 chips are affected! That is *huge* and different from a software vulnerability. The hardware fix has to be done via a software patch. This means highly inefficient and thus performance hits. For businesses, SLAs will be impacted and some quite significantly. This will mean hardware will have to be upgraded and that will drive administrative work and probably drive higher software costs. It's a domino effect. At least with software patches you patch the software and move on as performance hits of any significance are rare. As consumers, we are now vulnerable. We just don't know to *what* and if it will amount to anything. We can be certain hackers are looking at any way possible to exploit not only immediately, but in ways to set up future exploitation when we think the issue is resolved. So, we will have to watch how this develops closely and see what happens. For me, I'll keep my work computer on line, but my DAW is going off line, at least until this whole thing shakes out.


----------



## WindcryMusic

LFO said:


> This is a significant event ... For me, I'll keep my work computer on line, but my DAW is going off line, at least until this whole thing shakes out.



That's where my head is as well. Even though I am right in the middle of a project right now, I am risking installing the currently available updates to Logic and my sample libraries today, so that I am as up to date on that stuff as possible in case I decide that I need to suddenly pull the Ethernet plug on the DAW for the foreseeable future, which is looking more and more likely. (The biggest question for me at the moment is what Apple plans to do about this, and when, and whether it will be an optional or mandatory patch.)


----------



## wayne_rowley

Apple doesn’t force updates in the same way Microsoft does with Windows updates.

It’s made the BBC news page now!


----------



## Pier

Apple released the "fix" with 10.13.2 about a month ago:


----------



## MarcusD

Wow. 30%!? Thats quite a lot. Hopefully it wont turn out to be as bad as it sounds. Kindo of gald i went AMD after reading this!


----------



## Rasmus Hartvig

This sounds pretty bad. If the impact really turns out to be that massive, I would expect some kind of damage control from Intel - or a class action suit.


----------



## ironbut

I'm hoping this is being blown out of proportion but I plan on backing up my system drive more often.


----------



## EvilDragon

MarcusD said:


> Wow. 30%!? Thats quite a lot.



UP TO. Not in all usecases. General usage is more like 5%.


----------



## MarcusD

EvilDragon said:


> UP TO. Not in all usecases. General usage is more like 5%.


Well, I guess those with older CPUs might feel the sting more.. hopefully not!


----------



## EvilDragon

They probably will. Highest performance hit will have virtual machine users.


----------



## WindcryMusic

Pier Bover said:


> Apple released the "fix" with 10.13.2 about a month ago:




High Sierra only, then? I'm still running Sierra. If so, looks like yet another reason not to upgrade, potentially, although I'd have expected to have heard more of an outcry from High Sierra users afterwards. Maybe Mac OS X isn't hit as hard as Windows by this? (That would make me a little bit happier, although I also have a Windows gaming system upon which I am dreading the effects of this "fix".)


----------



## EvilDragon

Yes it is hit as hard as Windows by this. It's a CPU issue, not an OS issue. Depends what you ask the CPU to do, the impact by the fix is different. Both operating systems can ask the CPU to do the same things, since they're using the same CPUs with the same instruction set, soooo...


----------



## LFO

The real question for us DAW users is what will the hardware interrupt performance hit be. I/O execution for things like reading and writing to disk, audio interface communication, communication to slave systems if you have them, etc.


----------



## WindcryMusic

EvilDragon said:


> Yes it is hit as hard as Windows by this. It's a CPU issue, not an OS issue. Depends what you ask the CPU to do, the impact by the fix is different. Both operating systems can ask the CPU to do the same things, since they're using the same CPUs with the same instruction set, soooo...



Elsewhere I read that OS X doesn't make as many kernel calls as Windows does, and hence it may be less affected by the hardware issue. If that's the case, then I can imagine that one OS might be more adversely affected than the other.


----------



## EvilDragon

It all depends on _which_ operations it _does _do kernel calls. If it's I/O and hardware interrupts (and it most likely is), you're definitely fckd.


----------



## wayne_rowley

WindcryMusic said:


> Elsewhere I read that OS X doesn't make as many kernel calls as Windows does, and hence it may be less affected by the hardware issue. If that's the case, then I can imagine that one OS might be more adversely affected than the other.



I'd like something definitive from Apple on this. Mac OS is Unix - as is Linux - and the fix for that seems to impact performance by 17% to 30%!

Wayne


----------



## Pier

> Mac OS is Unix - as is Linux



Blasphemy.

Linux actually means "Linux Is Not UniX".


----------



## WindcryMusic

Pier Bover said:


> Blasphemy.
> 
> Linux actually means "Linux Is Not UniX".



Looks like a duck, smells like a duck, waddles like a duck ...


----------



## wayne_rowley

Pier Bover said:


> Blasphemy.
> 
> Linux actually means "Linux Is Not UniX".





Of course Mac OS was originally derived from BSD... but conceptually they are both Unix systems with, I am sure, many architectural similarities, although the micro kernel basis of Mac OS might help with this issue compared with Linux.


----------



## Quasar

LFO said:


> At this point we have three main choices:
> 1. Do nothing.
> *2. Take your DAW offline and use another box to handle all on line activity.*
> 3. Use the patch and take the performance hit.



Bingo. #2 is what I've ALWAYS done. A personal computer adequate for watching YouTube, liking cute cats on Facebook, sending/receiving email and reading forum posts can be had for almost no money these days... I'm typing this on a 9 year old little AMD desktop that I bought refurb for a couple of hundred dollars in 2010. It won't load 196 tracks of VIs and audio effects, but it still works great for the web, running Windows 10 Home. In fact, for basic internet-related tasks it's positively zippy.

#2 is a perfect system, or at least it would be if certain software companies were even half as interested in respecting the Information Age privacy & safety concerns of people as they are in serving capital.


----------



## wayne_rowley

Keeping your DAW PC offline/not updating it is a short term option only I think - unless you never intend to update anything on your DAW again. 

Unless your DAW PC is very old then at some point you will want to install some new software, update your DAW or some plug-ins - authenticate something. And at some point that software will require an updated version of your OS - which will contain the 'workaround' for the CPU issue.

The problem is in the CPUs - they cannot be fixed.


----------



## JohnG

Quasar said:


> A personal computer adequate for watching YouTube, liking cute cats on Facebook, sending/receiving email and reading forum posts



I want 12 cores for liking cats. At least. And overclocking.


----------



## FinGael

JohnG said:


> I want 12 cores for liking cats. At least. And overclocking.



Just a tip for saving hard earned bucks. I do the cat liking -thing offline. Only one in the house, so probably no upgrades needed in the near future. "Come here. Good boy"


----------



## WindcryMusic

FinGael said:


> Just a tip for saving hard earned bucks. I do the cat liking -thing offline. Only one in the house, so probably no upgrades needed in the near future. "Come here. Good boy"



Except that I'm not allergic to Internet cats. The offline kind, on the other hand ...


----------



## Quasar

wayne_rowley said:


> Keeping your DAW PC offline/not updating it is a short term option only I think - unless you never intend to update anything on your DAW again.
> 
> Unless your DAW PC is very old then at some point you will want to install some new software, update your DAW or some plug-ins - authenticate something. And at some point that software will require an updated version of your OS - which will contain the 'workaround' for the CPU issue.
> 
> The problem is in the CPUs - they cannot be fixed.



In a way you sort of have a point. Keeping a computer completely frozen in time isn't the preferred option for most of us, at least over a long period of time. But the broader and much more salient point is that there is no good reason in the world why a computer workstation _must _be a globally-connected communications device. None whatsoever.

The _ability _of a personal computer to navigate the high seas of the web is wonderful. The _mandate_ that we do so in order to enjoy the benefits of digital-age creative technology is cultural, economic, arbitrary, and ultimately the oppressive result of living in a decrepit corporate capitalist power structure.

"...install some new software, update your DAW or some plug-ins - authenticate something" are all things I was able to do 100% offline via a secondary machine until Native Access officiously destroyed my ability to do so...

I'm not trying to trivialize the CPU kernel issue, which seems, potentially, to be a very bad deal. Just pointing out that the CPUs themselves are not broken, and that any CPU that doesn't have to expose itself to the web has no need of being fixed. This current fiasco should serve as a textbook case for why offline activation and digital-age privacy rights are important.


----------



## Kony

Celestial Aeon said:


> Has anyone tried if https://www.windowscentral.com/how-stop-updates-installing-automatically-windows-10 these kinds of hacks might allow you to turn Windows 10 autoupdates off from studio machines?
> 
> Edit:
> 
> 
> 
> I followed these guidelines and disabled the auto updates for the time being. I'm going to leave my Windows 10 Cubase 9 environment as it is and just connect it to internet behind firewall only for possible Native Instruments updates or such if needed and then upgrade the Windows 10 only after I purchase a new CPU.



Thanks for sharing - I'll probably keep my DAW PC offline now and only reconnect when adding new libraries or Cubase updates. I think if I'm only online temporarily for an update, I can keep the windows updates switched off and should be okay....


----------



## MarcusD

Theres a couple things I keep pondering relating to the issue. From what Ive read having such a flaw allows the CPU to perform faster. It kind of made me wonder if Intel have intentially done this to cut corners for performance gains. But if this affects CPUs as far back as 1995 it wouldnt make sense and would rather seem more like a genuin issue thats been overlooked. Or (without derailing the thread) is it something more sinister in relation to data gathering. Maybe its a back door for NSA firms to gather personal information when we run any java based scripts that communicate online? Its going to be an interesting week watching this.


----------



## Raphioli

LFO said:


> The real question for us DAW users is what will the hardware interrupt performance hit be. I/O execution for things like reading and writing to disk, audio interface communication, communication to slave systems if you have them, etc.



I'm really worried about how much it'll affect orchestral sample playbacks...
Every source I read says, I/O is going to take a massive hit.
And I don't have the option of taking my PC offline.


----------



## EvilDragon

Here's some benchmarks with the W10 fix that's in insiders fast ring.

https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/#update2

Games almost not affected. SSD/NVMe I/O affected by 50-75ish MB/s decrease in read/write speeds.

Probably not *hugely* impacting our DFD needs.


----------



## Gerhard Westphalen

EvilDragon said:


> SSD/NVMe I/O affected by 50-75ish MB/s decrease in read/write speeds.



I only see that in their test on an NVMe drive where that amount wouldn't really be significant. I really hope it has a significantly lower decrease on sata SSDs.


----------



## Piano Pete

Happy New Year, haha. Guess we'll just have to wait and see what the damage is :(


----------



## Raphioli

EvilDragon said:


> Here's some benchmarks with the W10 fix that's in insiders fast ring.
> 
> https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/#update2
> 
> Games almost not affected. SSD/NVMe I/O affected by 50-75ish MB/s decrease in read/write speeds.
> 
> Probably not *hugely* impacting our DFD needs.



Thanks for the update.
I'll keep an eye one the two thread on this forum and other news sources.

I have all my orchestral samples on one SSD, I guess this is a good(?) time to buy a second one and divide the heavily used orchestral samples between two SSDs to mitigate this performance decrease. But I'm not tech wiz so not sure if this will help with the performance hit the patch is going to apply.

BTW, the following source states that for Windows 10, an update was deployed.
https://www.theverge.com/2018/1/3/16846784/microsoft-processor-bug-windows-10-fix


----------



## EvilDragon

Gerhard Westphalen said:


> I only see that in their test on an NVMe drive where that amount wouldn't really be significant. I really hope it has a significantly lower decrease on sata SSDs.



It's about the number of I/O system calls, so I would say regardless of the speed of the drive, the performance hit scales about the same. So 5-7% down even on your regular 850 EVO.



Raphioli said:


> I guess this is a good(?) time to buy a second one and divide the heavily used orchestral samples between two SSDs to mitigate this performance decrease.



You won't mitigate anything doing that. An I/O call is an I/O call, doesn't matter to which drive it goes. The call itself has the performance hit after the fix is applied! Doesn't matter how many SSDs you spread your data over, they will all be hit equally.


----------



## Raphioli

EvilDragon said:


> You won't mitigate anything doing that. An I/O call is an I/O call, doesn't matter to which drive it goes. The call itself has the performance hit after the fix is applied! Doesn't matter how many SSDs you spread your data over, they will all be hit equally.



Damn.... =(
Thx for the info.


----------



## Polkasound

FinGael said:


> I do the cat liking -thing offline.



I have offline cats, but there's one thing I prefer about online cats: After you come home at 3AM from a gig and crash in bed, an online cat won't surprise you with a pile of puke hidden in your comforter.



Quasar said:


> there is no good reason in the world why a computer workstation _must _be a globally-connected communications device. None whatsoever.



Amen, my friend. I can see the benefits of being connected, but I would prefer that none of my software require it to function. (The concept of Native Access doesn't bother me too much, though, because unless I'm wrong, I think an online connection is only required for library management purposes.)

My plan in the interim is to not to install any upcoming Windows updates on my DAW PC, and wait to see how this whole mess pans out. Since I work in traditional music recording and don't need to keep up with music trends, my current setup with Windows 7, Cubase 9, and all my VIs and plugins could easily carry me for the next ten years on an offline PC.


----------



## Vastman

So I am planning a significant DAW upgrade this year as the dust settles on the best choices between new AMD/Intel high end processors... Assume Intel and maybe AMD will jack prices on these "clean" cpu's as this issue will induce a huge shortage due to the rush to upgrade.... Thoughts???

Similarly, will we be able to AVOID the Windows work arounds performance hits MS is deploying/deploys once we bite the bullet and upgrade??? Is/will Microsoft distinguish between vulnerable cpus or just say, "Fuck You" and we all still pay the price??? Same for Apple??? (would rather not contemplate having to go there as I'm PC based but....)


----------



## Wake

I don't get it. I'm on Windows 7. Updates turned off. And still on i5.

How do I get punished? Malware? Scripts embedded in websites? I don't visit "dirty" or suspicious places,
unless you consider VI control one of them.

Should I be worried?


----------



## Quasar

Polkasound said:


> My plan in the interim is to not to install any upcoming Windows updates on my DAW PC, and wait to see how this whole mess pans out. Since I work in traditional music recording and don't need to keep up with music trends, my current setup with Windows 7, Cubase 9, and all my VIs and plugins could easily carry me for the next ten years on an offline PC.



I'm thinking along the same lines about not doing any updates. Since I'm on W7 also, they're completely easy to avoid, and am thinking that if I do have to go online for Native Access (yes, library activation and management only. But you need to launch it to even MOVE an NI product location, which is infuriating!) it will literally be for only a couple of minutes, then I'm off again. So I'm not going to update, not going to worry about security. And I can live with what I have, the way I have it for the foreseeable future.

By the time I vaguely plan to make a new build (late 2019 maybe), the dust should have settled on all of this.


Vastman said:


> So I am planning a significant DAW upgrade this year as the dust settles on the best choices between new AMD/Intel high end processors... Assume Intel and maybe AMD will jack prices on these "clean" cpu's as this will induce a huge shortage due to the rush to upgrade.... Thoughts???



Waaay too early to even speculate. No one on the planet has any idea. But I would definitely wait until post-patch benchmarks start rolling in to make any specific plans or purchases.


----------



## thereus

Quasar said:


> In a way you sort of have a point. Keeping a computer completely frozen in time isn't the preferred option for most of us, at least over a long period of time. But the broader and much more salient point is that there is no good reason in the world why a computer workstation _must _be a globally-connected communications device. None whatsoever.
> 
> The _ability _of a personal computer to navigate the high seas of the web is wonderful. The _mandate_ that we do so in order to enjoy the benefits of digital-age creative technology is cultural, economic, arbitrary, and ultimately the oppressive result of living in a decrepit corporate capitalist power structure.
> 
> "...install some new software, update your DAW or some plug-ins - authenticate something" are all things I was able to do 100% offline via a secondary machine until Native Access officiously destroyed my ability to do so...
> 
> I'm not trying to trivialize the CPU kernel issue, which seems, potentially, to be a very bad deal. Just pointing out that the CPUs themselves are not broken, and that any CPU that doesn't have to expose itself to the web has no need of being fixed. This current fiasco should serve as a textbook case for why offline activation and digital-age privacy rights are important.



The next generation of connected tech will suit everyone except us. In fact, it is pretty much already here. We are such freak PC users. They are just not designed for what we do and the number of use cases that still require massive processing power at the desktop now that the internet pipes are fast enough is very small. Even then PCs are fundamentally the wrong architecture to meet our requirements which is why we need PCs that are ridiculously fast and tuned to the max. Ultimately, we might need to find another way to do this.


----------



## wayne_rowley

Vastman said:


> Similarly, will we be able to AVOID the Windows work arounds performance hits MS is deploying/deploys once we bite the bullet and upgrade??? Is/will Microsoft distinguish between vulnerable cpus or just say, "Fuck You" and we all still pay the price??? Same for Apple??? (would rather not contemplate having to go there as I'm PC based but....)



The current fix for Windows has been available in preview since November. It should be released next week on 'patch' Tuesday. From what I have read the fix does not distinguish between AMD and Intel processors - so even Ryzen users may see a slowdown once installed. 

Mac OS was patched in 10.13.2 and so far there haven't been many reports of significant slowdowns. It seems that the Mac implementation may be more efficient (or OS X is a better designed OS), or it could be that only Mac users with more modern CPUs have gone to High Sierra, and those on older CPUs more susceptible to a performance hit haven't updated yet (like me). 

Reports of the performance hit suggest that things like general use, gaming and video processing are not affected, but heavy disk usage and IO is hit the hardest... like in sample streaming or multi-track audio recording and playback...

For Windows - the proof of the pudding will be in seeing what happens next Tuesday. 

Wayne


----------



## EvilDragon

wayne_rowley said:


> Mac OS was patched in 10.13.2



From what I read, only partially. More work on the fix is slated for 10.13.3.


Also, seems like MS put out an update out-of-order, before next Tuesday.

https://support.microsoft.com/en-us...or-it-pros-to-protect-against-speculative-exe


----------



## wayne_rowley

Early Windows benchmarks. Might not be too bad...

https://www.computerbase.de/2018-01/intel-cpu-pti-sicherheitsluecke/#update2


----------



## EvilDragon

I linked to that in the other thread. SSD performance IS affected (5-7%), which is kind of important for us


----------



## EvilDragon

Some more benches:



4K reads are affected the most. Confirms findings from the German website... so DFD streaming WILL be affected to an extent.


----------



## rrichard63

thereus said:


> The next generation of connected tech will suit everyone except us. In fact, it is pretty much already here. We are such freak PC users. They are just not designed for what we do and the number of use cases that still require massive processing power at the desktop now that the internet pipes are fast enough is very small. Even then PCs are fundamentally the wrong architecture to meet our requirements which is why we need PCs that are ridiculously fast and tuned to the max. Ultimately, we might need to find another way to do this.





august80 said:


> Not really - audio work is fairly low on the totem pole for high-end computer intensive jobs. Extremely high level audio / music work can be done on a 5+ year old laptop with 16GB of RAM and a consumer level CPU and 1 modest connecting hub. We also have quite a few options for taking the load off of any taxed components (buffer, freezing, disk streaming, multi-core options on CPU intensive plugins). Many of these options are not available to people working in physics modelling / virtualization / statistics / high-rez editing & fx work.


I think that thereus and august80 are both partly right. Audio/music is somewhere in between everyday office or home use and a movie studio or science lab. But, in my opinion, intensive enough to be worried about next week. I don't know enough about interrupt handling, etc., for audio I/O to know whether latency is going to be affected. I think it might be, and that could be deadly for people who record live performers in a studio and/or perform live with computers.


----------



## EvilDragon

Latency shouldn't be affected greatly. I asked the same and somebody over at GS replied:

https://www.gearslutz.com/board/showpost.php?p=13049282&postcount=53


----------



## rrichard63

EvilDragon said:


> Latency shouldn't be affected greatly. I asked the same and somebody over at GS replied:
> 
> https://www.gearslutz.com/board/showpost.php?p=13049282&postcount=53


If true, that's good news. Thanks for the link; I'll read the whole thread sometime today.


----------



## Tacet

EvilDragon said:


> From what I read, only partially. More work on the fix is slated for 10.13.3.
> 
> 
> Also, seems like MS put out an update out-of-order, before next Tuesday.
> 
> https://support.microsoft.com/en-us...or-it-pros-to-protect-against-speculative-exe


Thanks for that.

Has anybody downloaded this first MS patch yet?


----------



## EvilDragon

I didn't, I'll wait some firm benches that are DAW-related.


----------



## jononotbono

This whole thing reminds me of the Millenium Bug. You know, when most of the population thought it was the demise of modern society. I'm sure things will be fine. Wrap up warm people haha!


----------



## EvilDragon

Well, it _will_ be fine, but performance _will _be penalized to lesser or greater extent.


----------



## thereus

august80 said:


> Not really - audio work is fairly low on the totem pole for high-end computer intensive jobs. Extremely high level audio / music work can be done on a 5+ year old laptop with 16GB of RAM and a consumer level CPU and 1 modest connecting hub. We also have quite a few options for taking the load off of any taxed components (buffer, freezing, disk streaming, multi-core options on CPU intensive plugins). Many of these options are not available to people working in physics modelling / virtualization / statistics / high-rez editing & fx work.
> 
> I'm still amazed I can have 22 devices running through the computer (touchscreens, 4 monitors, midi / usb / thunderbolt devices - synths, remote fader boxes, midi fader box, drum machines, chained audio interfaces, plus 5 internal drives, 2 dsp cards, a powerful GPU, a dedicated HD video card, elaborate server setup plus an additional slave machine. And the computer takes it all like it's no problem. And it was just as fine on my 2013 machine as it is on the super workstation I built last year.
> 
> We have it pretty good!



I don’t want to wander further off topic but there is a bit more to the story than this. Another thread for another day, methinks.


----------



## Quasar

EvilDragon said:


> Well, it _will_ be fine, but performance _will _be penalized to lesser or greater extent.



Mine won't. I put the i7 DAW online a couple of days ago, (before hearing about all of this) performed WU (nothing but virus defs) and used Native Access to install Kontakt 5.7.3 and change a couple of directory locations.

So I am now safely offline, sheltered from the cloak-&-dagger, crime-ridden streets of the internet. The Windows Update and security services are completely disabled, and I will be experiencing zero performance hits from either MS patches or Intel firmware. I'll be watching this with interest from the peanut gallery.


----------



## EvilDragon

Eventually you'll have to install a newer OS on newer hardware and then you'll get it :D


----------



## thereus

Quasar said:


> Mine won't. I put the i7 DAW online a couple of days ago, (before hearing about all of this) performed WU (nothing but virus defs) and used Native Access to install Kontakt 5.7.3 and change a couple of directory locations.
> 
> So I am now safely offline, sheltered from the cloak-&-dagger, crime-ridden streets of the internet. The Windows Update and security services are completely disabled, and I will be experiencing zero performance hits from either MS patches or Intel firmware. I'll be watching this with interest from the peanut gallery.



How do you buy libraries, Quasar?


----------



## dman007

5% is still quite a lot and I have been reading it depends on what is being doing by the computer. 30% is huge. I have read about certain types of usage where it's more likely to have more impact. But I am wondering how this will affect real-time activities and, therefore, music production PCs: asio, audio drivers, real-time processing, DAWs etc.


----------



## EvilDragon

You don't need to post that concern in two threads, though 


ASIO/audio drivers shouldn't be affected much, based on this post. Disk streaming (I/O operations) WILL be affected to some extent. How much, depends on your CPU. CPUs from Haswell generation onwards have PCID instruction in them that will help reduce the performance hit.


----------



## dman007

I'm currently using an Intel i6800k.


----------



## chimuelo

Guess staying “uncurrent” has its advantages.
Think I’ll try NIs Access stuff later this year.
I’ve had everything I need for a long time.
Int€£ can bite me...


----------



## Quasar

thereus said:


> How do you buy libraries, Quasar?


Like everyone else. I click on the "buy" button if I both want the library and can afford to acquire it.

I just do it from my internet pc. I download the content onto that pc, copy the relevant material to an external HD or flash drive, then port it over to the DAW machine and install. For Continuata, I have it set to "download only". With Spitfire, they seem to insist on installing it, but no matter. I just copy the entire unzipped package, then paste into the DAW rig. (For Kontakt stuff, doing a batch resave after getting a new library is always IMO a very good idea.)

Traditionally, if companies demanded that I activate online I simply didn't buy products from those companies. But it's too late in the day to ignore Native Instruments. So for now I'm:

1) Not buying NI libraries such as Thrill, but only 3rd-party libraries that can still be at least downloaded without Native Access.
2) Buying full-Kontakt versions that do not require NA whenever possible.
3) When (as has been true on a handful of occasions, such as the Albion ONE special) I absolutely MUST go online to launch Native Access, I do so. But only after doing everything possible that can be done offline first. I then reset all of the Windows Services, (firewall, WLAN etc.) in preparation for the online excursion, insert a USB WiFi stick, connect to the internet, launch NA, activate my already installed library, then get the hell offline ASAP and disable all of the connectivity-required stuff again.

I may have had my DAW online for a grand total of 35 minutes over the past 6 months or so. Something like that. Thankfully, most utility updates and the like can still be performed locally & manually after downloading the material from a secondary machine.


----------



## Quasar

EvilDragon said:


> Eventually you'll have to install a newer OS on newer hardware and then you'll get it :D



The assumptive hope is that by that time the problem will have been substantially mitigated or eliminated entirely by next generation processing or processor architecture. No guarantees that this will be the case, obviously, since no one yet knows how this is all going to shake out over the longer term.


----------



## EvilDragon

Yeh, one would hope... but if the processor architecture changes, it might influence the software as well (meaning all your old software would be worthless), depending on how huge of a CPU design change it turns out to be... That alone does not sound very hopeful to me, but let's see what happens.

The issue cannot be eliminated entirely because it attacks the basis of speculative execution, which all modern CPUs are based on (talking about Spectre here - for Meltdown the software patch is only necessary because Intel doesn't have the safety feature built into the hardware that AMD has which makes them invulnerable to that type of attack).


----------



## Quasar

EvilDragon said:


> The issue cannot be eliminated entirely because *it attacks the basis of speculative execution*, which all modern CPUs are based on (talking about Spectre here...



Yeah, I caught this as well, and it does seem especially worrisome. Because of your scripting work and expertise, you would know better than I how much of the real-time sample recognition and rendering for glitch-free audio performance is based on this anticipative or predictive ability, but I imagine it's considerable...

...By reporting what I'm doing, I do wish to stress I'm not trying smugly suggest that those of us who are offline are permanently immune to the problem. I'd just prefer to not be a "first responder" and find out how bad it is on my own machine after the fact. You can't unroll CPU firmware with an Acronis image. Even if I were normally an "online DAW" style user, I'd be scared to death to subject my machine to these updates without having a lot more information than we have now. So as it is, it only makes sense IMHO to hunker down offline and wait out the first tidal wave of the storm.


----------



## mc_deli

OT: "Speculative execution"... now there's an apt descriptor for the resources wasted by large chunks of society on marketing, finance and a fair few others...


----------



## LFO

Here's an interesting article on the topic. It looks like AMD and ARM are also vulnerable, though to a lessor extent than Intel. I have a friend who is an IBM Fellow and recently retired to go work in a studio in New York City. I've asked him what he thinks the impact will be for DAW users and it will be interesting to see what his reply is. When it's all said and done only time will tell, but speculation can be sooo much fun!
https://www.axios.com/what-you-need-to-know-about-the-massive-chip-vulnerability-2522229386.html


----------



## EvilDragon

Quasar said:


> you would know better than I how much of the real-time sample recognition and rendering for glitch-free audio performance is based on this anticipative or predictive ability, but I imagine it's considerable...



It's probably not that considerable. CPU cannot predict which audio data you're going to feed it. Speculative execution means something else here.


----------



## WindcryMusic

As far as today's Windows update for this issue is concerned, it appears possible that Microsoft chose to make the most performance-impactful elements of the patch disabled by default, and only enabled by specific registry changes. Seems like a good compromise to me, if true.

https://support.microsoft.com/en-us...-to-protect-against-the-speculative-execution


----------



## Brian2112

Option 2:
Spend the money we would have spent on new computers on a reasonably good piano and some music paper. 

Na...I'm just kidding. This sucks.


----------



## rrichard63

WindcryMusic said:


> As far as today's Windows update for this issue is concerned, it appears possible that Microsoft chose to make the most performance-impactful elements of the patch disabled by default, and only enabled by specific registry changes. Seems like a good compromise to me, if true.
> 
> https://support.microsoft.com/en-us...-to-protect-against-the-speculative-execution


This article is about Windows Server, which is a different operating system. But, yes, it's possible that the patches for desktop Windows will also be accompanied by instructions for turning them on and off.


----------



## WindcryMusic

rrichard63 said:


> This article is about Windows Server, which is a different operating system. But, yes, it's possible that the patches for desktop Windows will also be accompanied by instructions for turning them on and off.



True, and I didn't notice that distinction until you pointed it out. A friend of mine who has forgotten more about OS-level stuff than I'll ever know had forwarded it to me, so I jumped to the conclusion that it was something that applied to my computer.

I'd hope that the desktop patch would provide the same options, since servers (especially those running VMs) are the environment most vulnerable to the security concern. If they made the performance-impacting protections switchable even in that environment, I can't imagine why they wouldn't do the same for the other Windows platforms ... UNLESS they think it would be too confusing for the average user, or they think that the average user just browses the Internet and won't notice a significant performance reduction.

Anyway, shouldn't we know by now? My understanding is that Microsoft pushed out the patch to all Windows platform yesterday, so some people should already have it. I haven't dared turn on my PC since Wednesday because of it. (I need to disconnect it from the network first so that I can turn it on and apply the registry hack to disable automatic patch downloads before I put it back online, and I haven't yet gotten around to doing so.)


----------



## EvilDragon

So after some encouraging results from people at VI-C and GS, I pulled the patch. I did a DAWbench VI in Reaper before the patch and after, and I'm getting much the same numbers: 820 voices at 128 samples buffer with my RME UFX+, and with the factory library on Samsung 850 EVO. i7-6700K at 4.5 GHz here.

So, it seems that ASIO performance wasn't affected one bit (at least as far as Reaper is concerned). Looks like DAW users fall into "average workload" crowd.


----------



## Pablocrespo

Mario, windows updated something and I haven´t noticed performance decrease, but, how do I know if it is the right patch?


----------



## EvilDragon




----------



## J-M

EvilDragon said:


> So after some encouraging results from people at VI-C and GS, I pulled the patch. I did a DAWbench VI in Reaper before the patch and after, and I'm getting much the same numbers: 820 voices at 128 samples buffer with my RME UFX+, and with the factory library on Samsung 850 EVO. i7-6700K at 4.5 GHz here.
> 
> So, it seems that ASIO performance wasn't affected one bit (at least as far as Reaper is concerned). Looks like DAW users fall into "average workload" crowd.



Whew, hope that goes for other DAWs as well...


----------



## Pablocrespo

Thanks Mario!


----------



## rrichard63

The patch for Windows 7 machines is also out. This article is well worth reading on both Windows 7 and Windows 10:

https://www.computerworld.com/artic...-signals-early-abbreviated-patch-tuesday.html


----------



## dzilizzi

rrichard63 said:


> The patch for Windows 7 machines is also out. This article is well worth reading on both Windows 7 and Windows 10:
> 
> https://www.computerworld.com/artic...-signals-early-abbreviated-patch-tuesday.html


Interesting. Seems it isn't a really big deal unless you are a bank or exchange with useful data going through the kernel. And the OS fix is kind of useless without the bios fix, which may not happen on older computers that are no longer supported by the manufacturer. Or my self built computer. Oh wait, I'm the manufacturer so that one will get updated as soon as I find the fix on Intel's site LOL! And if your virus protection doesn't allow the update, I guess you have to wait also. I use windows defender because it rarely interferes with operations and it seems to be updated. I'm guessing the big ones will be. 

Thanks for the info.


----------



## dman007

I've disabled windows update for now. I've heard mixed replies from people who've had the patch. A common one seems to be SSD read performance being hit to a noticeable degree for some. That is a concern for using sample libraries. The other thing was a slight increase in asio load, and CPU usage (+1-2%). I'm riding it out to hopefully get a clearer picture over time.


----------



## storyteller

Just wanted to add this from an outside observation of this entire situation...


From an IT perspective, there is zero chance this was missed for "the last ten years." Absolutely zero.
On the off chance that Intel's higher ups were "unaware" of it, the NSA was absolutely aware and used it to bolster their hacking tactics. That is what they get paid to do. Loser: The privacy of every user of computers made in the last ten years.
So this brings about only 2 potential reasons (and a third lesser reason) why this exploit was officially brought up now and what the solutions presented really mean for the end user....

*Outcome 1)* Intel and OS software designers are genuinely trying to patch a vulnerability that has knowingly existed for the last 10 years in order to protect the privacy of customers
*Outcome 2)* Feed the conspiracy theory ideas (but they are usually founded on bits of truth), but a forced update on every single computer that cripples it to a certain degree will force users to upgrade to a "new chip." But here is a fun fact: Any chip that is not vulnerable to this issue was designed years ago, long before it goes to fab. So again, the question comes back to "when and WHY did this vulnerability exist for so long without anyone being made aware?" Continuing on with this line of thought... you then have to wonder if forcing all future processors to conform to this "new chip design" is in the best interest of the customer, or just another attempt to have a chip with a built in backdoor for the spy agencies in the world. Don't think this isn't a possibility. The very fact this exploit existed for 10 years and suddenly has a fix and a potential upgrade path isn't a series of happy accidents that favor the mass population of technology. Rationally, either the hardware and software makers have decided to protect the customers - albeit a day late and a dollar short, or they have sold out their customers privacy in all future chips and/or potentially embedded in the "patch."
*Outcome 3 - the lesser reason)* Clock speeds peaked over a decade ago due to thermal issues. The only room for expansion was in adding cores and reducing clock speeds. Unfortunately, most users do not need multi cores so it leaves the "old" computer upgrade model in shambles. It is why I used my last MacBook Pro for a solid 7 years before it bit the dust. It was more than powerful enough for general documents/spreadsheets/web/etc. My DAW is a separate animal and gets upgraded as needed. So outcome 3 is purely a financial incentive to drive users to upgrade. But this fails for 1 major reason: the potential for a class action lawsuit and bankrupting Intel is way too extreme for someone to have made this decision for financial reasons...Also, see the footnote below.
Footnote: Intel's CEO offloaded $24 million in stock a few days before the public announcement.

Just my $0.02


----------



## EvilDragon

dman007 said:


> A common one seems to be SSD read performance being hit to a noticeable degree for some.



Not noticeable over here...


----------



## thereus

storyteller said:


> Just wanted to add this from an outside observation of this entire situation...
> 
> 
> From an IT perspective, there is zero chance this was missed for "the last ten years." Absolutely zero.
> On the off chance that Intel's higher ups were "unaware" of it, the NSA was absolutely aware and used it to bolster their hacking tactics. That is what they get paid to do. Loser: The privacy of every user of computers made in the last ten years.
> So this brings about only 2 potential reasons (and a third lesser reason) why this exploit was officially brought up now and what the solutions presented really mean for the end user....
> 
> *Outcome 1)* Intel and OS software designers are genuinely trying to patch a vulnerability that has knowingly existed for the last 10 years in order to protect the privacy of customers
> *Outcome 2)* Feed the conspiracy theory ideas (but they are usually founded on bits of truth), but a forced update on every single computer that cripples it to a certain degree will force users to upgrade to a "new chip." But here is a fun fact: Any chip that is not vulnerable to this issue was designed years ago, long before it goes to fab. So again, the question comes back to "when and WHY did this vulnerability exist for so long without anyone being made aware?" Continuing on with this line of thought... you then have to wonder if forcing all future processors to conform to this "new chip design" is in the best interest of the customer, or just another attempt to have a chip with a built in backdoor for the spy agencies in the world. Don't think this isn't a possibility. The very fact this exploit existed for 10 years and suddenly has a fix and a potential upgrade path isn't a series of happy accidents that favor the mass population of technology. Rationally, either the hardware and software makers have decided to protect the customers - albeit a day late and a dollar short, or they have sold out their customers privacy in all future chips and/or potentially embedded in the "patch."
> *Outcome 3 - the lesser reason)* Clock speeds peaked over a decade ago due to thermal issues. The only room for expansion was in adding cores and reducing clock speeds. Unfortunately, most users do not need multi cores so it leaves the "old" computer upgrade model in shambles. It is why I used my last MacBook Pro for a solid 7 years before it bit the dust. It was more than powerful enough for general documents/spreadsheets/web/etc. My DAW is a separate animal and gets upgraded as needed. So outcome 3 is purely a financial incentive to drive users to upgrade. But this fails for 1 major reason: the potential for a class action lawsuit and bankrupting Intel is way too extreme for someone to have made this decision for financial reasons...Also, see the footnote below.
> Footnote: Intel's CEO offloaded $24 million in stock a few days before the public announcement.
> 
> Just my $0.02


Well that’s five minutes of my life I will never get back.


----------



## Jake

thereus said:


> Well that’s five minutes of my life I will never get back.



I thought it was a very well thought out look into what is going on. And I agree that it is highly unlikely that this problem "just came to light". 

There are almost always two major motives (forces) behind man's actions, money and power (control). Follow those respective paths and you will usually find the truth.


----------



## kunst91

for what it's worth I just updated my windows 10 i9 machine with the security patch and saw no noticeable performance difference


----------



## rrichard63

Is there any chance, no matter how small, that updating Windows 7 and Windows 10 doesn't (by itself) turn on the patch? For example, that the patch only becomes operational when the BIOS is updated. Or, for another example, that the patch requires a manual registry edit to make it operational, as might also be the case with Windows Server.

I'm asking because of the reports here that there is no noticeable performance hit. I'm willing to believe that the performance hit for DAW users is small and tolerable. I'm not quite willing to believe that it doesn't exist at all.

I'm also asking because of the uncertainty in many of the forum threads and blog posts about this situation.


----------



## dman007

EvilDragon said:


> Not noticeable over here...


I expect variation, as systems vary. I'm awaiting more benchmark data and various people's experiences before I deploy the MS update.


----------



## dman007

From what I read today, BIOS updates will follow at some point before solutions manifest in actual hardware in the future.


----------



## C.R. Rivera

EvilDragon said:


>


ED, what is the difference between 1709 patch KB4056892 on yours and 1703 patch KB4056891 on mine, updated today. I have an i-7 3820 @ 3.60ghz and wondered if that was the difference.
Cheers and thanks

Carlos


----------



## EvilDragon

None, they are just for different W10 bi-yearly releases. Mine is for Fall Creators Update, yours is for Creators Update.


----------



## J-M

kunst91 said:


> for what it's worth I just updated my windows 10 i9 machine with the security patch and saw no noticeable performance difference



What DAW are you using?


----------



## EvilDragon

I mentioned that before in my report, Reaper.


----------



## J-M

EvilDragon said:


> I mentioned that before in my report, Reaper.



But...I was asking @kunst91? :D


----------



## EvilDragon

Ah, apologies. Maybe I should step away from the computer for the day


----------



## Ian Dorsch

Jake said:


> There are almost always two major motives (forces) behind man's actions, money and power (control). Follow those respective paths and you will usually find the truth.



You forgot "stupidity," a force arguably more powerful and destructive than any other.


----------



## kb123

i did a before and after benchmark and applying the update reduced i/o performance here by about 10%


----------



## heisenberg

kb123 said:


> i did a before and after benchmark and applying the update reduced i/o performance here by about 10%



Curious. Could you mention what version of Windows or MacOS you are using, your CPU model and are your drives SSDs, HDs or a mix of both. Also your I/O tests what apps where you running in your tests? Thanks!


----------



## kunst91

MrLinssi said:


> What DAW are you using?


Cubase 9.5


----------



## kunst91

Also to be clear, I didn't run any benchmark tests. I've never really cared about those. I just loaded up this thick action cue that I've been working on for the past week and saw no noticeable differences in either load time or performance.


----------



## Raphioli

rrichard63 said:


> Is there any chance, no matter how small, that updating Windows 7 and Windows 10 doesn't (by itself) turn on the patch? For example, that the patch only becomes operational when the BIOS is updated. Or, for another example, that the patch requires a manual registry edit to make it operational, as might also be the case with Windows Server.
> 
> I'm asking because of the reports here that there is no noticeable performance hit. I'm willing to believe that the performance hit for DAW users is small and tolerable. I'm not quite willing to believe that it doesn't exist at all.
> 
> I'm also asking because of the uncertainty in many of the forum threads and blog posts about this situation.



I was also wondering if theres a chance that the real/another performance hit will kick in after the BIOS/firmware updates are applied.


----------



## rrichard63

Raphioli said:


> I was also wondering if theres a chance that the real/another performance hit will kick in after the BIOS/firmware updates are applied.


Good point. At least Intel and AMD don't have an auto-update "feature".


----------



## EvilDragon

rrichard63 said:


> At least Intel and AMD don't have an auto-update "feature".



They do. CPU microcode can be automatically updated when booting your OS up, and those microcode updates can also be served as part of Windows Update (or macOS, whatever).


----------



## rrichard63

EvilDragon said:


> They do. CPU microcode can be automatically updated when booting your OS up, and those microcode updates can also be served as part of Windows Update (or macOS, whatever).


Thank you for the correction. If (big if) future BIOS updates affect performance in a major way, then DAW users (and others users in media and scientific fields) will have a problem. The whole question of whether (and when) to connect to the internet gets more complicated by the hour.


----------



## LFO

rrichard63 said:


> Thank you for the correction. If (big if) future BIOS updates affect performance in a major way, then DAW users (and others users in media and scientific fields) will have a problem. The whole question of whether (and when) to connect to the internet gets more complicated by the hour.


I'd look at it more this way. There have been updates that have happened without you knowing it for quite some time. (Though usually you are given some kind of a heads up.) Most updates are to your benefit and have zero impact on performance. In fact, some benefit performance. We now have a case where it is going to hurt performance, thus all the broo-ha-ha around it. Keep in mind, this is not a microcode fix, nor a BIOS fix. Operating system vendors are being forced to produce a fix for a problem they did not create - a physical CPU issue. Really, Microsoft, Linux, IBM, etc developers are being screwed because a) they are putting resources into a vulnerability not introduced by them and b) they are thus getting the blame by many consumers who do not understand the real issue. I find this to be a very interesting situation. The complexity of a modern day CPU (say from the past 10 years or so) has grown enormously because simple frequency increases are not going to provide the performance boosts needed to get a market salivating over the next generation CPU. Predictive execution, advanced branching, increased instruction sets, etc have benefited us all. However, now we have to wonder how many security flaws these advancements may have introduced that could not have possibly been considered when they were developed. I'm not saying this will be a huge problem, but in theory it could be. To me, it is an interesting concept to consider because, well, I'm a geek.

Quantum computing is right on our door step. I've seen quantum based CPUs running and the benchmarks are staggering. I mean it. We are talking performance that will blow the shit right out of your head. I tried to grasp one minor concept of quantum processing. Just one. I'm not dumb and have been in this industry since 1977. It took me over an hour to understand it at a fundamental level and even then some of it was a leap of faith. It is terrific stuff and will allow us to compute at levels that today seem impossible. Based on Meltdown and Spectre I wonder if there are flaws that might be introduced that we have no idea about. I really have no clue, mainly because I understand about 1/1000000000000 of what quantum computing is, but the question remains. It will be interesting to see. Really, really, interesting. I can't wait!


----------



## Knomes

LFO said:


> Quantum computing is right on our door step.



That is not correct.
https://www.quora.com/What-are-the-biggest-challenges-in-quantum-computing.
That post is of 3 years ago but most of the problems are still there. Think that among physicians there are many that believe real quantum computing will never be available.


----------



## Anthony

Knomes said:


> That is not correct.
> https://www.quora.com/What-are-the-biggest-challenges-in-quantum-computing.
> That post is of 3 years ago but most of the problems are still there. Think that among physicians there are many that believe real quantum computing will never be available.


On the contrary, physicists _do_ believe in quantum computing because it already has been realized in several different physical systems. Granted these are just 'toy' systems capable of only performing simple calculations, but it's no longer just a theoretical concept (quantum computing capability constitutes a continuum just like digital computers). You can read more about it here:

https://www.technologyreview.com/s/603495/10-breakthrough-technologies-2017-practical-quantum-computers/ .


----------



## Knomes

Not all the physicists. Of course those who believe that full quantum computers will never work could be wrong. I did not say that all the physicists do not believe in quantum computing. I do not know what is the percentage of believers, non-believers and "agnostics" XD. My professor of Quantum Thermodynamics (QT) at university is a non-believer for example and he said me that many in the field of QT are non believers.
They are non-believers of the full quantum computer, of course. I think everybody agree that the 50 qubits quantum computer will be built, not everybody agrees on the when.

OT1: why it is not "right on our door step" ?
For full quantum computation we mean a computer with:
-good number of qubits (we are at 10 now?)
-Full set of Pauli operators available for all the qubits
-Resistance to decoherence
-resistance to decoherence at ambient temperature (if you want to use it at home)
-Resistance to errors in the unitary transformations applied to qubits
and other things.

Google said that next year we will reach 50? How many times i heard declarations on the next step that did not become true later?
Even if it is true that they reach 50 programmable qubits, with all the operations per qubit available? With what errors on the procedures? How much does a qubit lives before decoherence?
Even if they do a full Quantum Computer of 50 qubits with access to all the possible operations, as stated in various articles you could not take advantages of the power of the quantum to use programs that were written for classical computers. I remember to have read that not every problem can be improved by quantum computations. 
Sure, you can factorize prime numbers very speedy with quantum computations, that is the typical example. But if you want to do A=2 + 2, that should be equal on both systems.
So one should however wait for the programs which exploit the quantum computation.

That is why saying that Quantum Computation is "right on our door step" is wrong.

For those who want a deeper introduction on quantum computing i suggest the book "Kaye: An Introduction to Quantum Computing". It only speaks about the theoretical side and not the implementation, but it makes clear what wonderful power one could achieve with quantum computation.

OT2:


Anthony said:


> You can read more about it here:



From the article you posted:
"entanglement (a phenomenon where pairs of qubits are linked so that what happens to one can instantly affect the other, even when they’re physically separated)." That is not true. You can always implement local operations through unitary operators on one of the two physically separated subsystems and the other one is not affected by it. What entanglement means is that if you perform a measure on one of the subsystems in the correct basis you will know for sure what the result of the measure on the other system will be. It absolutely does not mean that whatever happens to one system is reflected on the other. 
There is an entire theoretical framework of quantum physics which is based on what you can and what you cannot do with entanglement. It is called LOCC (Local Operations and Classical Communications). I do not have a book to suggest because I never studied entanglement with such detail.
However, what i wanted to point out with this Off Topic is that the article in question is educational and I do not thrust journals of generic kind when they speak about physics. They tend to be just sensationalism.


----------



## EvilDragon

Quantum computers right now need ridiculously low temperatures to operate (close to absolute zero). They will not be "right at our doorstep" for decades to come. They are also ridiculously expensive and take up a whole basement, and are absolutely unfeasible for regular users like us, not least because all software that currently exists is 100% incompatible with the way quantum computers operate.



I predict we won't be using them at our home for "surfin' the Net and shit" during our lifetimes. Or our children's. Or our children's children. I'm pretty convinced they'll only be used for scientific and military purposes.


----------



## Anthony

Given (some of) the motivation for building quantum computers, I would point out that the progress you read about in the public domain is generally behind that which is not published (because it is proprietary and/or classified). Cheers...


----------



## ironbut

Personally, I was already planning to either buy the next MacPro that is expected sometime in the not too distant future or build a Hackintosh (and after seeing the price of the iMac Pro,..!).
I've always known that using my studio machine to surf and read emails and such was taking a chance so maybe this will force me to use my Macbook Pro for that stuff. 
Upgrading to High Sierra on that machine would be okay I guess. 
And yes, I would have to go online to "easily" do updates and use Native Access, but if a hacker is that determined to infect my machine, hey, I'll cross that bridge when I get to it.
So, IMHO a workable compromise will be doing what I probably shoulda been doing in the first place.


----------



## EvilDragon

Mac is impacted as well, since they're using Intel CPUs too...


----------



## ironbut

Oh yeah. I realize that.
I wouldn't buy or build a machine that uses the effected CPU's.
I have a feeling that other Mac users might have been waiting for the next Mac Pro and now, thank heavens I did (mines a mid 2012).


----------



## clisma

Anyone with a Cheesegrater gone for the security updates that fix this? If so, I’d be thankful for any reports...


----------



## WindcryMusic

Back on topic, the Microsoft Windows chief posted some vague details on the performance hit in a new blog post:

https://cloudblogs.microsoft.com/mi...-and-meltdown-mitigations-on-windows-systems/


----------



## wickedw

WindcryMusic said:


> Back on topic, the Microsoft Windows chief posted some vague details on the performance but in a new blog post



It's fairly vague in terms of what you can expect from an around 2015 era CPU. 

People who just bought a new Intel chip atleast won't see a massive performance loss on Windows 10. Probably. 

I'm wondering if the windows updates also affects AMD chipsets since the Linux ones does.


----------



## funnybear

Dell released the BIOS update today for my laptop (M4800 with i7-4910MQ CPU which is a Haswell generation CPU - ca. 2015) incorporating the various Meltdown / Spectre etc. microcode fixes. Microsoft patches were applied as well.

I had benchmarked my SSDs before the updates and now after the update.

The results are shocking: random read/write IPOS is down by about 50%!!

Here is the graph:





Remember that the performance impact will show up on your system only after BOTH Microsoft's patch AND Intel microcode patch (Bios) have been applied.


----------



## wickedw

funnybear said:


> Dell released the BIOS update today for my laptop (M4800 with i7-4910MQ CPU which is a Haswell generation CPU - ca. 2015) incorporating the various Meltdown / Spectre etc. microcode fixes. Microsoft patches were applied as well.
> 
> I had benchmarked my SSDs before the updates and now after the update.
> 
> The results are shocking: random read/write IPOS is down by about 50%!!
> 
> Here is the graph:
> 
> 
> 
> 
> 
> Remember that the performance impact will show up on your system only after BOTH Microsoft's patch AND Intel microcode patch (Bios) have been applied.



Are you on windows 10 or lower? These results are horrifying.


----------



## funnybear

wickedw said:


> Are you on windows 10 or lower? These results are horrifying.



Windows 10 64bit


----------



## EvilDragon

Poor Haswells.


----------



## DavidY

funnybear said:


> Remember that the performance impact will show up on your system only after BOTH Microsoft's patch AND Intel microcode patch (Bios) have been applied.


I know that after Microsoft updates, there are usually quite a lot of maintenance tasks which Windows seems to run. I only have slow computers and spinning disks :( so it's sometimes quite noticeable on my older kit, and it sometimes takes a day or two to finish.

Could that have made a difference to your testing?


----------



## Raphioli

funnybear said:


> Dell released the BIOS update today for my laptop (M4800 with i7-4910MQ CPU which is a Haswell generation CPU - ca. 2015) incorporating the various Meltdown / Spectre etc. microcode fixes. Microsoft patches were applied as well.
> 
> I had benchmarked my SSDs before the updates and now after the update.
> 
> The results are shocking: random read/write IPOS is down by about 50%!!
> 
> Here is the graph:
> 
> 
> 
> 
> 
> Remember that the performance impact will show up on your system only after BOTH Microsoft's patch AND Intel microcode patch (Bios) have been applied.



This is what I was fearing after reading that the huge performance hit will occur after both OS and firmware update were applied...
Thanks for reporting your benchmarks.


----------



## EvilDragon

It has been mentioned that the older CPUs might experience more of a hit than newer ones... Although, Haswell should be able to cope with the Meltdown fix because it does have the PCID instruction.

I would also consider the fact that since the above reported is a laptop, Dell probably wanted to err on the side of safety, rather than trying to squeeze the most performance possible (as Intel vaguely mentioned, "performance hit would be mitigated through time"). I assume you could flash the BIOS back to previous version to restore your performance to what it was, if you find the hit too much.


----------



## funnybear

DavidY said:


> Could that have made a difference to your testing?



I run the test a few hours after the update and after a few reboots.


----------



## funnybear

EvilDragon said:


> It has been mentioned that the older CPUs might experience more of a hit than newer ones... Although, Haswell should be able to cope with the Meltdown fix because it does have the PCID instruction.
> 
> I would also consider the fact that since the above reported is a laptop, Dell probably wanted to err on the side of safety, rather than trying to squeeze the most performance possible (as Intel vaguely mentioned, "performance hit would be mitigated through time"). I assume you could flash the BIOS back to previous version to restore your performance to what it was, if you find the hit too much.



Agree that Intel might improve performance over time with revised patches and that for now they released code that fixes the vulnerability’s first and deal with performance later.

Google has opensourced the code they used to mitigate these vulnerabilities on their data centres saying that they basically were able to reduce performance impact to almost zero. Question is if this will benefit older CPU generations like Haswell or if it only applies to cloud environments (and assuming the code can be ported etc.).


----------



## Raphioli

EvilDragon said:


> Haswell should be able to cope with the Meltdown fix because it does have the PCID instruction.



I thought that too, but according to Microsoft, seems like its Skylake or later which is the least affected.

https://cloudblogs.microsoft.com/mi...-and-meltdown-mitigations-on-windows-systems/


> With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
> With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.



Looks like it has to do with the silicon rather than being compatible with PCID or not.(which is what I thought after reading the above article)


----------



## EvilDragon

Right, point there.


----------



## AllanH

I got Dell BIOS update and associated Microsoft fixes for an i7-6700 based system. No noticeable differences. I noticed that Microsoft ran some sort of extensive (integrity) check after the install and it took several hours to calm down. After than, Cubase projects have been playing and working as before.


----------



## Hywel

Anyone have any insight into when these issues will no longer be applicable to new processors, in other words, how long will it take for redesigned processors to hit the market in new computers?


----------



## AllanH

Factoring out marketing-speak, I'd say it's at least two years out before a silicon-level redesign will hit the market. A redesign that provide secure prediction and secure caches could easily be more than that. I have no data to back these guesses, other than personal experience.


----------



## jamwerks

So shouldn't we see all the latest line of Intel processors come down in price, until newer unaffected processors are available? And as long as 2 years?


----------



## Kony

Hywel said:


> Anyone have any insight into when these issues will no longer be applicable to new processors, in other words, how long will it take for redesigned processors to hit the market in new computers?


Assuming that the redesigned processors don't have their own unique security flaws which nobody will know about for 10+ years....


----------



## ironbut

Doesn't it seem a little unethical to sell computers, ipads, and phones with vulnerable cpu's.


----------



## Simon Ravn

What I don't undestand about this is, why isn't it possible to choose NOT to apply these security fixes? As I understand it the software that can exploit these flaws are akin to viruses, so they could be caught by virus software, or you could make sure not to visit websites and download files you don't trust. Is this any different? Why is this xx% slowdown of our computers forced on us by Apple/Microsoft?


----------



## A3D2

I will be taking my recording computer offline instead of updating and compromising . Easy fix and no internet distractions.


----------



## Simon Ravn

A3D2 said:


> I will be taking my recording computer offline instead of updating and compromising . Easy fix and no internet distractions.



That will only help if you refuse updating Windows/OS X - the fixes/slowdowns will be in updates of the OS. It will buy you some time though until other software stop requires you to update.


----------



## A3D2

Simon Ravn said:


> That will only help if you refuse updating Windows/OS X - the fixes/slowdowns will be in updates of the OS. It will buy you some time though until other software stop requires you to update.


Yes, I know: I'll be refusing those updates.


----------



## vicontrolu

Sorry guys, just found this here and i am abit overwhelmed with all the info. Not sure if my my computer is suffering form this an if i can do anything about it. Any info on where to look for this setup?

Win 10 (forced updates) - i7-5930k 
GIGABYTE GA-X99-GAMING 5 LGA 2011-v3


----------



## EvilDragon

All Intel CPUs since Pentium I have the Meltdown exploit, and all CPUs are also susceptible to Spectre exploit. Pretty much everyone is affected in some way.

If you have all the latest W10 updates, you have the patch already.


----------



## ironbut

I read an article on Anandtech and from I understood, a "hack" (at this point) would be a "read only" intrusion. Which certainly doesn't make it any better since lots of us have banking/financial info on our machines but it does seem to give me some direction on pro active safeguards I can do (increasing security to sensitive sites).
But I'm certainly no expert and many of you guys seem to understand this stuff on a much deeper level than me.
Check it out and see what you think. 
https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre


----------



## rrichard63

EvilDragon said:


> If you have all the latest W10 updates, you have the patch already.


I'm not sure. What about BIOS patches, which are where the performance hit seems to be occurring? There appears to be some confusion about whether Windows update includes them.


----------



## EvilDragon

Not sure about that, those might depend from manufacturer to manufacturer.


----------



## RCsound

I hear that BIOS patches for old Motherboards will not get any update, don't know how true this will be, i have an old I7 3930k with an x79 that works perfect for slave, so as i understand, old CPU - Motherboard combos users.... we are screwed?.


----------



## JohnG

If your computer isn't internet-connected or if it has nothing on it but sample libraries, I don't think these exploits seem like any issue. 

Most of mine fit both criteria -- they have no financial or other sensitive information on them so there's really no reason to update Windows and thereby suffer the performance hit.

However, this episode seems like another good reason not to let one's computer remember any passwords to banking or credit card info.


----------



## RCsound

Exactly, I do not think there is any reason to patch a system that only runs Cubase or professional audio that always is offline, also I think this "nightmare" was known for a year, if someone had extracted critical information on any of my systems, I would have known.

We will see how this situation evolves in the whole context in the following months.


----------



## rrichard63

This is the clearest explanation I have seen to date:

https://cloudblogs.microsoft.com/mi...-and-meltdown-mitigations-on-windows-systems/

Among other things, it makes clear that the performance hit is almost entirely related to the BIOS patch. And that detailed, laboratory-generated benchmarks (much less benchmarks specific to DAW use) are not available yet.


----------



## chimuelo

Here’s more great news if the last “help/update” didn’t get your panties in a knot.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

I see absolutely no reason to keep letting Intel scare anyone into “upgrading” even more.
I’ve use Haswell 4790s and Broadwell 5775/1275 v6 CPUs for years, just last year bought 4 new 4790s I liked them so much.

Now Intel claims if you just let them into your PC (again) your life will be better.
Screw them, I never once during a performance had a crash in 12 years I’ve been using PCs.
One time, my fault, bad air flow design, 110 degree/100% humidity outdoor festival.

Don’t let these clowns trick you into their planned obsolescence.
Their CPUs are great.
Seems Micro$oft wants everyone in their Cloud.

Get off my Lawn....


----------



## EvilDragon

This is not planned obsolence, Jim. This is an exploit of how CPUs prefetch data and their speculative execution, basically how they were created to work as fast as they do. Spectre exploit doesn't impact just Intels, this is not Intel's "masterplan scheme" or anything.

The initial fix Intel did causes random reboots on Broadwell and Haswell platforms. They have now identified the cause and will produce further fixes, which is an entirely sane thing to do, nothing wrong with that. And again, absolutely nothing to do with planned obsolence. More like increasing security. But if your computer is not online, of course you don't need to care as much.


----------



## Kony

EvilDragon said:


> But if your computer is not online, of course you don't need to care as much


That's how I'm playing it - but if I go online briefly to register a new lib with NA, do I need to worry about hacks etc if I'm not up to date?


----------



## EvilDragon

Only if you are clinically paranoid. These exploits do exist, but they are quite hard to actually execute them remotely. Easiest way would be through web browsers using JavaScript, but browsers have been patched for that already (make sure you use the latest version of your browser).


----------



## chimuelo

Well I’ve seen these boys in action for over 20 years now.
They can write all of the white papers and hold seminars all they want.
Micro$oft & Inr€£ set the pace for Memory manufacturers, Motherboards, etc. etc.

I’m keeping my “defective” CPUs and they can sucker 16 Core X series or whatever next months chipset is for others to buy.

I did enjoy upgrading to Scope 7 and Native Access though.
As for the rest of these schmucks Ill check em out in 4 more years after an EMP strike maybe...


----------



## Kony

EvilDragon said:


> Only if you are clinically paranoid


... but how did you know...? 

Thanks @EvilDragon


----------



## EvilDragon

chimuelo said:


> Well I’ve seen these boys in action for over 20 years now.
> They can write all of the white papers and hold seminars all they want.



Missing the point, again.


----------



## chimuelo

Of course I am. The point is you and I understand the underlying issues aren’t problematic to us, we read and understand what’s being discussed.
People who don’t look into the matter but keep seeing how they’re System is prone to security issues will stop after the second sentence and start looking at a new system.
We’ve had far worse scenarios than these last 2 recent ones but suddenly these are hyped up and I don’t know a single person who has any problems with their PC.
Micro$oft is still looking at a large % of users not using 8.1 or 10.
Their goal is to get everyone in a Cloud.
They collaborate with Intel and others on many levels.
Intel trying to keep market share has struck deals with AMD to use Vega GFX, AMDs top iGPU guy has been hired by Intel and their first CPU looks great.

I’m simply saying the rest of the world doesn’t analyze issues as you and I would.
A few headlines and their ready for a new OS or a new smart phone laptop or PC.


----------



## EvilDragon

chimuelo said:


> Micro$oft is still looking at a large % of users not using 8.1 or 10.



W10 is actually on the rise and W7 is on the decline...

http://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide

8.1 is of course not going to rise, why would anyone want to use it :D


----------



## wayne_rowley

Quick update from the Mac side of things. The updates today for Sierra included the fixes for Spectre & Meltdown. From some immediate testing with Logic Pro before and after I'm not seeing any significant (or indeed any) performance impacts. So far so good...


----------



## clisma

wayne_rowley said:


> Quick update from the Mac side of things. The updates today for Sierra included the fixes for Spectre & Meltdown. From some immediate testing with Logic Pro before and after I'm not seeing any significant (or indeed any) performance impacts. So far so good...


Good news, thanks for posting. What kind of mac are you using?


----------



## wayne_rowley

MacBook Pro late 2011.


----------



## chimuelo

EvilDragon said:


> W10 is actually on the rise and W7 is on the decline...
> 
> http://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide
> 
> 8.1 is of course not going to rise, why would anyone want to use it :D




Because it works, doesn’t have nagware, has best parts of 7, lots of reasons.
I’m still reluctant to change over my 1U 8.1.

I see no reason to fix something that works great...

Maybe after I watch 10, and Intel some more.

It’s basically if you wish to stay current, work online, etc.
I like being behind the times.
Spend more time making music as opposed to “Fixing” things...


----------



## Quasar

ironbut said:


> Doesn't it seem a little unethical to sell computers, ipads, and phones with vulnerable cpu's.



It's impossible to imagine that a profit-motivated capitalist marketplace would ever engage in unethical conduct just to make money. How could you even think such a thing?


----------



## CT

On a mid-2011 iMac, El Capitan, and I'm pretty sure I got the update today. Not noticing anything, so far.


----------



## mburellmusic

Thanks!


----------



## chimuelo

I did the “Fix” and noticed nothing.
But thought all of my new upgrades in software and hardware were responsible 4 lower CPU usage.
Maybe so but I’ve been read how single core performance in Cinebench jumped 6% on many review forums.
Lost points on multi thread.
So if others who need single core for core locked synths and even other apps we must have lucky.


----------



## Kony

Sorry to revive an old thread but I'm curious about the Intel CPU hit - reason being I'm considering putting my DAW online again for BF (it's been offline since before the Meltdown/Spectre patches were released).

Apparently Intel CPUs had a 15-20% hit in performance according to this article. Can anyone confirm?









Intel Performance Hit 5x Harder Than AMD After Spectre, Meltdown Patches - ExtremeTech


There's a clear winner when AMD and Intel go head to head in performance comparisons in Linux with all Spectre, Meltdown, Foreshadow, and other fixes applied. Intel loses a lot of performance in these comparisons.




www.extremetech.com


----------



## chimuelo

Not on audio apps brotha’ Man Kony.
I’ve got several machines all on Windows 10 now and not once have I seen any issues.
I use Avast Premier when I go online.
I just re install, clean everything up, download new Samples then take it off again.
It’s nagware is bothersome and I’ve got several of their apps running at once during house cleaning and upgrades.


----------



## Kony

chimuelo said:


> Not on audio apps brotha’ Man Kony.
> I’ve got several machines all on Windows 10 now and not once have I seen any issues.
> I use Avast Premier when I go online.
> I just re install, clean everything up, download new Samples then take it off again.
> It’s nagware is bothersome and I’ve got several of their apps running at once during house cleaning and upgrades.


Thanks for the feedback - are you running everything on one PC though? I am and just a bit worried it'll be an obvious 20% performance hit from using just the one PC as opposed to multiple PCs running in sync.


----------



## chimuelo

Kony said:


> Thanks for the feedback - are you running everything on one PC though? I am and just a bit worried it'll be an obvious 20% performance hit from using just the one PC as opposed to multiple PCs running in sync.



I run everything on a single PC but I have cloned spares, Rehearsal PCs and experimental Benching PCs, although I haven’t tested much since the i7 4790k CPUs.

I uninstall everything other than audio when I go offline.
Windows 10 still has an attitude with offline machines. 
First I have to connect the LAN twice to wake it up for service, then you can see where it throws in some files to the start menu most likely for usage data, then I check for updates, reset the time for updates to occur and everything seems fine after that little tantrum.

I still think this whole SPECTRE thing is a crock of shit.
I find it hard to believe this was recently discovered and never seen before or noticed by giants like Int€£ and Micro$oft.

Try it and see what happens. I’ve just never noticed any difference though and my machines have had the same workloads for the last 5/6 years.
Even when switching from 7 to 8.1 and then 10 after the dust settled I never noticed anything.


----------



## Kony

Okay, thanks for the update - that's good to know.


----------

