Re: blindness and overclocking
Re: blindness and overclocking i think i have found a silution for this that isnt gonna break things. windows 10 debloater. it will remove stuff you dont need or probibly use. and can aparently give up to a 30 percet preformance increase URL: https://forum.audiogames.net/post/573251/#p573251 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Also, there are many many processors used today, from arm processors to all the AMD inthusiast versions, to all the Intel processors both desktop and laptop, that determining the processor someone used, and writing exploits for all of them in existance is a hurculian task very few would do. Additionally, seems these are more serious for servers, due to being able to escape the server vm or sandboxes. URL: https://forum.audiogames.net/post/571477/#p571477 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 44, this is not just my saying that it is difficult to exploit these vulnerabilities. Intel themselves mentioned this, to digital trends that exploiting these outside of a lab environment was very complex, and not likely to be done.Here is the article, and relevent quoteshttps://www.digitaltrends.com/computing … -security/ quote1:When we asked Intel whether this practice would continue moving forward, it suggested that it wouldn’t mandate security patches for its partners, but that, “As always, Intel encourages all computer users to make sure they keep their systems up-to-date, as it’s one of the best ways to stay protected.”Getting anyone to do so, whether it’s a smartphone or a laptop, is something that many companies struggle with, even if it is one of the most important ways to keep your devices safe from hackers and general malware. So the fact that these particular patches can cause performance dips makes it an even harder sell. Especially since there is very little evidence to suggest any speculative execution attacks have actually taken place in the wild.quote2: In our discussion with Intel on the matter, it again downplayed the severity of these exploit paths, stating that “Exploiting speculative execution side channel vulnerabilities outside of a laboratory environment is extremely complex relative to other methods that attackers have at their disposal.”It also pointed to a Virginia Tech study from 2019 that highlighted how an average of just 5.5 percent of discovered vulnerabilities were actively utilized in the wild. So this isn't just me, but Intel as well. And this in't any way similar to cancer iether. There is no attack known actually using any of these, so so the massive performance penalty is no way justified. Taking the performance penalty isn't an option. Those cloud centers might have taken like 10% performance hits, but the hit on older hardware is dramatically higher, as I said, 70% and up performance hits are not minor in any sense of the word, and are bad enough to make systems inoperable. It coule even be higher than 70% on first gen/third gen processors, which I don't have. I had to actually disable the fixes on family computers because the computer was not practical to use, took 10 minutes to boot etc. these are unacceptable hits to take. Its insane too how alot of tech sites just encourage people to purchase a new computer to deal with the slowdowns as well. Computers that would likely work just fine many more years. The worse thing is more and more microcode updates get released, destroying performance even more.As for the patches, I would be interested in uninstalling these, however, alot of the fixes are bundled into cumulative updates, which it isn't possible to uninstall without uninstalling the whole cumulative update. The microcode patches themselves could be uninstalled but that likely wouldn't revert the microcode installed in the bios. URL: https://forum.audiogames.net/post/571476/#p571476 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking correct. i compleatly agree URL: https://forum.audiogames.net/post/571453/#p571453 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @enesWith all due respect, you don't understand how this works at all and should stop arguing about it until you do.Antiviruses can detect software vulnerabilities. They can go "Huh something just called the function that tries to delete Windows, that's bad, block". They can ban specific known bad programs. They can do certain things with the help of the OS like watch what files a program opens, and go "huh that's touching things in system32, also bad". They can go "this was just downloaded, let's warn the user". But, this all has one thing in common. It's all at the software level. It's doing things that other software can detect by monitoring stuff with the help of the OS, or asking "what functions does this call". Cool. great. And once we we have a known bad program, we upload it to the template database and it's banned for everyone else before it fires, great as well.But specter is a hardware vulnerability. It doesn't exist at the level of software. You can exploit it by using the 3 or 4 most commonly used assembly instructions and the ability to read the clock. Every program on your computer is 99% composed of the instructions and patterns that you'd have to look for to detect it, and 99% of the programs on your computer read the clock. Even if we say "we'll block programs that read the clock frequently", half the programs on your computer--every media player ever, having Youtube open, anything that does any sort of animation, the list goes on--will read the clock. But it's even worse than that. Because clocks are so important and frequently used, they no longer go through an OS function. They go through an assembly instruction that an antivirus can't monitor. Whatever antivirus is going to detect this needs realtime information on every single instruction the processor is going to execute before it executes it, and the ability to stop the processor from continuing. Suppose that's possible, that's still like 10 instructions per instruction even in the most wildly optimistic case, for a 10x slowdown of your computer. Mind you, the irony is that that sort of detection also stops it from being exploited since it's a timing attack and you screwed with the timing, but it's still a 10x slowdown of the whole machine for even a slight chance of knowing.So let's say that I sit down and I iterate through every possible version of the Specter vulnerability and enumerate every instruction sequence that could exploit and and build a database. You will find half the instruction sequences in that database verbatim in just Firefox alone. So that approach is out.Fine, let's sandbox. Well, sure, shame that it's a hardware vulnerability that software can't do anything about, which is consequently immune to sandboxing. All the sandboxing features are other processor features that aren't aware of Specter, or software-level manipulations, or both. So you can just waltz on out, no problem. Which is why Google Cloud and other big cloud providers took a 10% performance hit or something like that to fix this, and are still taking that hit, and will probably continue doing so for another few years until they phase out pre-Specter datacenters.Ok, you say, but surely you have to know which CPU it is. Yeah, you do. But it's only 20 or 30 instructions and there's only 20 or 30 CPUs in common use. That's not even half a page of hexadecimal, and the technique for doing this is published in the wild. Plus, you get to pick between something like 5 or 6 variants of the attack, so just choose the easiest. Additionally, being able to have CPU-specific code in programs is well-established, a feature built into both GCC and Clang, and something I will likely be doing in Synthizer within the year myself.And worse, the core part of the attack is cross platform. You'll need to know what addresses you're interested in getting, which isn't, but actually getting them, it totally is. So on top of everything else, the only reason we aren't now seeing cross-platform viruses is that there's not enough people left without these patches for hackers to bother.So: how would we know it's in the wild? If you can answer that you would literally be rich overnight. How can we defend against it? Taking that performance hit isn't just the best option, it's literally the only one. If you want to keep arguing this is a nonissue, rather than saying "we don't have evidence of it in the wild" and stuff like that, actually tell us how you think it's detectable, and why you think you know better than every hardware manufacturer, compiler, operating system developer, and cloud provider on the planet, all of whom lost huge amounts of money and/or time to dealing with this. And by huge I mean well into the hundreds of millions, possibly into the low to mid billions.The only other option to defend against this sort of thing is to
Re: blindness and overclocking
Re: blindness and overclocking i agree with both of you. it hasnt been exploited in the wiled as far as we know yet, but, why dont we patch it incase someone makes a mass one for a specific cpu and sends it out. then what if we dont. all those people will have their stuff stolen. URL: https://forum.audiogames.net/post/571398/#p571398 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @41, but again, just because it hasn't been exploited in the wild (that we know of yet) doesn't mean it won't be. So why should we not patch those problems now before they're actually used against us? URL: https://forum.audiogames.net/post/571371/#p571371 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 40, exactly my point. Executing an attack based on the speculative execution vulnerabilities requires detailed knowledge of the target CPUs, in addition to programing. Moreover, if I understand correctly, you need to know exactly what CPU the target uses and would need to write different exploits for each one. It doesn't seem like something like eternal blue that could easily be exploited in mass. Most attackers likely don't have such detailed knowledge, and will go for easier attack surfaces, like vulnerabilities in pluggins or browsers that can be exploited regardless of underlying hardware or social engineering, which apparently works well. URL: https://forum.audiogames.net/post/571369/#p571369 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @37, no, we wouldn't know about it. Spectre/Meltdown rely on intimate knowledge of the processor, and therefore its probably not something that's easily detectable by AV software. What would they even look for, given they use pattern matching? URL: https://forum.audiogames.net/post/571293/#p571293 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Lol, meltdown and spectre still worth discussing?I like to compare them to nuclear bombs. The material to build those was there for thousands of years, but we just recently discovered how to build those. As soon as the first one, no matter how complicated it was, found out how to build them, everyone could do it, because knowledge gets shared all around the world on a daily basis. And just like nuclear bombs, spectre and meltdown cannot just be used against single targets, but you can write trojans, worms etc which infiltrate thousands of systems if needed and try to gather information there, using those affore-mentioned security problems. Thus, they still are relevant.Of course, if you aren't planning to operate your system online and you are applying strict security measures, you can disable patching those security issues to get a few more percents of power out of your cpu, but as long as you stay online, patching those is recommended for a reason.Best Regards.Hijacker URL: https://forum.audiogames.net/post/571282/#p571282 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @37 um no? they did not know about that for some time, and they had to get the patches into the systems once it was found in a lab. URL: https://forum.audiogames.net/post/571279/#p571279 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @36 um no? they did not know about that for some time, and they had to get the patches into the systems once it was found in a lab. URL: https://forum.audiogames.net/post/571279/#p571279 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 35, here is the issue. No security vulnerability discovered until now had patches posted that destroyed older processors. The fact that machines people bought and paid for became useless pieces of plastic is grounds to disable the fixes. If these fixes didn't trash machines, I would be ok with it, but as it stands now, older processors are hit extremely hard by thiss, and never should have had patches hsoved at them. True absence of evidence doesn't equal evidence of absence, but all known exploit kits and malware get disassembled by antivirus etc, and the odds are extremely likely that if these were used we would know about it. Moreover, these vulnerabilities require more knowledge of processors to exploit than other only software based vulnerabilities. Again, we aren't talking about a 1-2% slowdown, this is more like a 70% and up slowdown on older processors as more and more fixes get released. Imagine tons of people paying thousands of dollars to buy a car, and then the car vendor saying they will post a patch to make their car secure, but it will only go 20 miles an hour instead of 100 miles an hour. How many people do you think would stand for that? My guess is, very few to none. I also can't help but think that this came out in an awfully convenient time, when pc and phone sales were suffering. Its possible that these were known for some time, but they were chose to be disclosed at an opportune moment to make more people purchase hardware. URL: https://forum.audiogames.net/post/571163/#p571163 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @34, yes, the heard immunity argument does apply. Criminals love to exploit people who refuse to patch. It happens all the time. And typically, people are stupid, and they set something up insecurely just so they can use it as fast as possible and without any inconvenient security obstacles, and next thing you know you've got a massive data breach in some big-ass corporation. By disabling patches in the OS, your disabling spectre/meltdown protection in the kernel. Which means your exposing the most sensitive areas of memory to an attacker. And you cannot assume that no one has intimate knowledge of processor designs; stuff like that is taught in your average computer science degree, and even if its not, you mustn't assume your attacker doesn't possess that knowledge anyway. When it comes to computer security, we always assume that the attacker has infinite computing power and resources, because if we don't, bad things happen. Clearly, if everything was as relaxed as you think, the tech industry wouldn't have freaked out about it like it has.Edit: and as Camlorn has stated, using Spectre isn't even detectable. If someone used it against you, you wouldn't even know, making reporting instances of its use in the wild incredibly challenging. I'd advise you to go actually read about the vulnerability, in depth, before you start arguing the facts and where they are applicable. URL: https://forum.audiogames.net/post/571095/#p571095 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @34, yes, the heard immunity argument does apply. Criminals love to exploit people who refuse to patch. It happens all the time. And typically, people are stupid, and they set something up insecurely just so they can use it as fast as possible and without any inconvenient security obstacles, and next thing you know you've got a massive data breach in some big-ass corporation. By disabling patches in the OS, your disabling spectre/meltdown protection in the kernel. Which means your exposing the most sensitive areas of memory to an attacker. And you cannot assume that no one has intimate knowledge of processor designs; stuff like that is taught in your average computer science degree, and even if its not, you mustn't assume your attacker doesn't possess that knowledge anyway. When it comes to computer security, we always assume that the attacker has infinite computing power and resources, because if we don't, bad things happen. Clearly, if everything was as relaxed as you think, the tech industry wouldn't have freaked out about it like it has. URL: https://forum.audiogames.net/post/571095/#p571095 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @34Assume everyone goes and disables them. If you have 50 million people who do that, you have 50 million targets. Hackers don't write viruses unless there's profit in it. The security vulnerability was published, which means that even if we didn't have an example before, we now have instructions out there for clever people to follow and work from.There's herd immunity as long as enough people don't turn off all these updates. You added 1 person to the number of potential targets by doing it. Every time you convince someone else that it was only demonstrated in a lab and we never had evidence of real world usage so go ahead and disable all of this, that's another, and then they go tell their friends the same thing, etc.I don't get it. In the past, you have seemed intelligent and well-informed, but you seem entirely uninformed on how hacking works. Also, evidence of absence isn't absence of evidence. Anyone who might have been exploiting this earlier than it was published is going to keep their mouths shut and be secretly upset that it stopped working but glad they didn't get caught out, and it's impossible to detect anyway unless someone says "and by the way this block of code is exploiting specter".I feel like you're trying to invalidate it because that validates you choosing to uninstall the patches. yeah it sucks that older processors got hit hard by this. I'm not saying it doesn't. But don't go running around advising everyone to do the same. The world in which we regularly turn security patches for published vulnerabilities off because they slowed down the machine is a really, really bad world to be in. URL: https://forum.audiogames.net/post/571094/#p571094 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Ok, so I am aware of the potential of spectre and how it can escape VMs. But my point still stands, this is a vulnerability that requires an intimate knowledge of processors to exploit. And, noone knew about it for 30 years, and there were, and still are not any known exploits that exploit this vulnerability that are actively being used. Such protection at the massive price it exacts imho is not justifiable in any way to an average consumer. I think you assume that just because you may be running a 10th gen processor, you belive the penalty is the same on all the processor generations. Are you aware that these lab vulnerability patches totally trash anything skylake and below? And that those processors working fine before are totally pieces of junk after applying the updates? And as I said, even if you disable the patches, windows won't let you disable them all, and the microcode updates exact a performance penalty even when the patches aren't active. So yeah, it might make processors more secure and all, but I don't think this is worth it for many people, especially with older processors. There is a reason microsoft offers options to disable these. The herd emunity argument shouldn't apply to these patches iether with consumers, people who don't patche their systems can't spread any virus to anyone who does have the patches, mainly because no known ones exist, and also because theoretically the other person disabling the patches should have no impact on their protection. URL: https://forum.audiogames.net/post/571088/#p571088 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Ok, so I am aware of the potential of spectre and how it can escape VMs. But my point still stands, this is a vulnerability that requires an intimate knowledge of processors to exploit. And, noone knew about it for 30 years, and there were, and still are not any known exploits that exploit this vulnerability that are actively being used. Such protection at the massive price it exacts imho is not justifiable in any way to an average consumer. I think you assume that just because you may be running a 10th gen processor, you belive the penalty is the same on all the processor generations. Are you aware that these lab vulnerability patches totally trash anything skylake and below? And that those processors working fine before are totally pieces of junk after applying the updates? And as I said, even if you disable the patches, windows won't you disable them all, and the microcode updates exact a performance penalty even when the patches aren't active. So yeah, it might make processors more secure and all, but I don't think this is worth it for many people, especially with older processors. There is a reason microsoft offers options to disable these. URL: https://forum.audiogames.net/post/571088/#p571088 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking i have herd that afterburner has fetures to check how much you hsould overclock. but yea it could still be damaging. URL: https://forum.audiogames.net/post/571032/#p571032 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking OK, I didn't bother reading the last 25 posts, since the first 5 weren't right in the first case.I overclocked my PC here, at least the CPU, I don't see any reason to overclock my GPU right now.I built my PC from scratch with both Mac (Hackintosh) support and overclocking in mind. Thats why my PC can handle overclocking pretty well (overclockable CPU and overclocking-supportive board).I got an Intel I7-8700K, which normally runs on 3,7 GHZ and can go up to 4,5 GHZ in boost mode. Overclocking took it up to 4,1 GHZ with up to 5 GHZ in boost mode, and that boost is deffinitely noticeable, although not in daily use, but only if doing something performance-critical, like video conversion/encoding, data analysis etc.It is however totally right that you can seriously damage your PC components if you don't know what you're doing. Thats why just accessing Afterburner and setting some values won't take you very far. It's recommended to overclock only supported CPUs, which are designed to be alot more tolerant to such processes in the first place, and take overclocking-supportive boards into consideration. Those do have support within the UEFI and also have guides to walk you through the software-side process of configuring the overclocking parameters for CPU and RAM, maybe even GPU if supported.In the end, it turns out to be quite expensive and maybe its not worth it, depending on what you want to do. I probably don't need those 0,5 GHZ, I could have payed a few hundred bucks less for a PC with close-enough specs but no overclocking if I didn't decide to try my skills on overclocking in the first place.Oh, and its deffinitely not doable without sighted help, that has to be taken into consideration as well.Best Regards.Hijacker URL: https://forum.audiogames.net/post/570978/#p570978 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @30It's not because we fixed it in a couple months and everyone installed the patches that everyone is complaining about. If people hadn't done that, it would be very bad.My point isn't "be afraid, this is still a problem". It's not as long as everyone keeps installing those patches. If we all stop installing those patches, it becomes that bad, though. URL: https://forum.audiogames.net/post/570974/#p570974 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @29 dang, I did not think that it was going to get that bad URL: https://forum.audiogames.net/post/570968/#p570968 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @27You don't seem to understand Specter's potential. At all. It's a *huge* deal if you can read memory outside your process. As in, you went to a harmful web site and, without even installing anything, just by having your browser open, they're able to go reach out and talk to your password manager. You can't protect yourself through the usual mitigations: "I just won't install software" doesn't even apply. Antiviruses can't detect it because it's basically normal code and there's no way to go "oo cache sidechannel attack" because it's not calling API functions, or anything--you can report harmful programs, sure, and Microsoft or whoever will block them. But you can't find them because Specter looks like a normal loop that calls out to the clock for some reason, which is also every game in the history of gaming.You laugh this off as "it was only demonstrated in the lab", but you seem to be entirely missing the point. It was only demonstrated in the lab because we went from "cache timing sidechannels exist, shit" to fixes at every level of the stack in something like 2 months, from the compilers to the web browsers to the CPU vendors, and deployment of those fixes to cloud providers on the same time frame as well.Let me put it this way. Cache sidechannel attacks are so bad that it can even escape VMs. Can you think of any other security exploit that can do that? I can't offhand, there's probably some, but it literally made the "and now you're in a VM, so it's safe" thing not true anymore. You can literally just start uploading a machine's ram start to finish. Slowly, but if you have enough time, slowly is fine. You can access kernel-protected memory, the sorts of places where ASLR happens that you're not supposed to be able to see.Consider that for a minute. I go on AWS without these patches, I get a VM from them, and I can start escaping it and reading all the other VMs on my host. Wonder who's next door? Look, it's Stripe's credit card processor! Yay!.and, we don't know for sure that it wasn't in the reael world either. People like the NSA don't tell us what they knew about basically ever, and this one isn't hard enough to find that there were probably people using it for one thing or another. You don't usually find these sorts of exploits in the wild because, again, it's basically undetectable, especially if you don't know that it's a possibility. SO we may very well have had viruses and things using it that just stopped working. We'll never know one way or the other.By all means undo the patches. We can't stop you. It's kind of like herd immunity. As long as the rest of us have them and there isn't enough value in doing something with this, you'll probably be all right. But stop underselling it. The entire tech industry doesn't freak out without reason. We don't go "huh, someone demonstrated this weird possibility in a paper, time to pull the fire alarm and pour millions of dollars into fixing this". As far as I know you don't even have programmer experience. I'm not sure why you think you should be second guessing the experts here just because it sounds really complicated and like something that'd only be doable in a lab. URL: https://forum.audiogames.net/post/570963/#p570963 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking security and convenience have always been diametrically opposed. The more stringent you are on security, the less convenient is is for you and those who work with / for you. As a personal preference, I tend to lean towards convenience and performance, because no matter how secure something is, someone will break it if they really want to. URL: https://forum.audiogames.net/post/570945/#p570945 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 25, again, all of the spectre attacks basicly require some sort of user interaction, and the massive performance penalty, that makes older processors totally unusable and terrible does not justify applying the patches. URL: https://forum.audiogames.net/post/570876/#p570876 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Specter and Meltdown were able to be targeted through a browser running _javascript_ and the only reason there weren't attacks in the wild is that they were dealt with promptly.Your screen reader itself won't use multiple cores, but every program on your PC can run on any core you have. Think of it like Mcdonalds or something where the cores are the cashiers: no customer is going to use multiple lines, but because there's more lines there's less waiting, and if someone asks for hot fries there's less chance they're going to block everyone behind them. This analogy isn't entirely accurate but it's pretty good, and in this analogy the screen reader lags by getting stuck behind that annoying customer who will only accept a burger with 5 sesame seeds and 2 pieces of lettuce or whatever. URL: https://forum.audiogames.net/post/570695/#p570695 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @23, I disagree. Yes, these vulnerabilities have only been demonstrated in labs. Yes, there are no attacks in the wild... yet. But just because there are no attacks in the wild doesn't mean that there won't ever be any, and its better to patch a system against vulnerabilities that have only been demonstrated in lab experiments than to wait for a zero-day. And no, that sight is not good; its one of those "Do this and get a 27x speedup" accept for the fact that it leaves out a ton of info about what those boot arguments do and where they apply. URL: https://forum.audiogames.net/post/570691/#p570691 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking that website seems really nice. I wonder if there is a similar one for windows, that goes beyond what inspectre does. I would want to completely revert the spectre patches in the bios and disable all the fixes. URL: https://forum.audiogames.net/post/570317/#p570317 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking I would disagree on that though. These vulnerabilities have never been used in the wild. There are lab vulnerabilities crafted by researchers to further their careers, not realistic attacks that could easily be exploited. Exploiting these would require knowledge in microprocessors on level with an electronic engineer trained in that subject. It is highly unlikely that a consumer would be targeted by someone possessing such knowledge, never mind the odds of anyone knowing enough to use one of these. URL: https://forum.audiogames.net/post/570315/#p570315 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @21, trust me, disabling those patches... there's a reason MS doesn't let you do it all the way. There's a reason why security experts decry sights like make-linux-fast-again.com. The cost in security risks is just far, far too high, and until Intel and AMD release a processor that fixes all of the vulnerabilities hardware-side, the patches will have to do. URL: https://forum.audiogames.net/post/570302/#p570302 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 20, I agree with you regarding performance penalties. What many don't realize is that the older the processor, the larger the performance penalty. That article compared coffee lake processors, but say, an arandale sandy bridge/ivy bridge haswell processor, the difference is so dramatic as to make the system unusable. However, while disabling hyperthreading on Intel would fix some of the vulnerabilities, the reason OEMs and Intel haven't done it is that it exacts even more performance losses. Because all of this impact I think these microcode updates and patches should never have been made manditory in the first place. As I had stated earlier in this thread, you can set a registry key to disable all of the patches except a few Microsoft decided you can't disable. This brings some performance back, but not all by a longshot. This is why I chose my next machine as an AMD. The performance penality is alot less, probably even more if you disable the fixes, and newer vulnerabilities aren't being found as often on AMD. URL: https://forum.audiogames.net/post/570287/#p570287 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @18, yes. There are patches but even the Linux kernel developers admit that patches are useless because they exact a performance cost that is starting to seriously hurt the user experience. If you want to avoid meltdown/spectre -- or, more accurately, spectre, disable SMP/HT.@19, I agree with you, fully; AMD is much better when it comes to security (given that they have encrypted memory and secure virtual machine support) and Intel is worse off, but I was pointing out that avoiding Intel won't actually solve spectre/meltdown problems. URL: https://forum.audiogames.net/post/570284/#p570284 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 15, you are not correct on dual core systems. Untıl 2017, the standard number of cores for laptops, minus the i7 H series or M series was dual core. Now it is possible to get 8 core processors. As for screen readers, I thought they could not take advantage of multicore.17, AMD was affected by spectre/meltdown, but not nearly as bad as intel. New vulnerabilities are constantly being discovered since 2018 for Intel systems, which causes more patches to be released, and each patch exacts a severe performance penalty. At this point even with the patches disabled in registry, older processors have become completely unusable, even older quad cores.this article gives a good overview.https://www.tomshardware.com/features/i … processorsa quote from the article:1) Intel currently has 242 publicly disclosed vulnerabilities, while AMD has only 16. That’s a 15:1 difference in AMD’s favor. The gap is just too large to ignore.2) Less than half of the speculative execution side-channel attacks disclosed for Intel since early 2018 seem to affect AMD’s Ryzen and Epyc CPUs. It’s true that in some of the cases where the flaws were declared to affect Intel’s CPUs, the researchers may not have looked primarily at AMD’s CPUs. However, even then AMD confirmed that those bugs didn’t affect its processors after carefully verifying how the vulnerabilities affected its own processors. It truly seems as if AMD designed the new Ryzen microarchitecture with better security in mind than Intel’s essentially Nehalem-based microarchitectures have been. Why Nehalem-based? Because most of the speculative execution attacks affect Intel’s CPUs since at least 2008 when the Nehalem microarchitecture came out.3) With the release of the new Zen architecture, AMD also seems to have been one step ahead of Intel in terms of supporting new hardware encryption features. It remains to be seen if AMD will maintain this pace in regards to security, as Intel tries to fix all of the Spectre issues and improve its image with consumers, but at least for now, AMD seems to have the lead.Even ignoring all the various performance slowdowns the Spectre-related patches have caused for both old and new systems alike, AMD’s processors seem like the safer and more secure platform to choose in the near and medium-term.Also note this article was written in nov 2019, many more Intel vulnerabilities were reported since.As for overclocking, I am aware only high end processors, unlocked ones safely overclock. But with those the difference would be even more since they are powerful. Also, it is incorrect to assume I can't replace a dual core system Though this pc wasn't the best certainly when it was bought, it wasn't one of the lower end ones iether. It was a midrange system until those forced microcode patches for spectre destroyed it. There was very little to no inovation in high end laptop processors in the last few years until AMD started competing, causing core counts to go up significantly. URL: https://forum.audiogames.net/post/570280/#p570280 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking 15, you are not correct on dual core systems. Untıl 2017, the standard number of cores for laptops, minus the i7 H series or M series was dual core. Now it is possible to get 8 core processors. As for screen readers, I thought they could not take advantage of multicore.17, AMD was affected by spectre/meltdown, but not nearly as bad as intel. New vulnerabilities are constantly being discovered since 2018 for Intel systems, which causes more patches to be released, and each patch exacts a severe performance penalty. At this point even with the patches disabled in registry, older processors have become completely unusable, even older quad cores.this article gives a good overview.https://www.tomshardware.com/features/i … processorsa quote from the article:1) Intel currently has 242 publicly disclosed vulnerabilities, while AMD has only 16. That’s a 15:1 difference in AMD’s favor. The gap is just too large to ignore.2) Less than half of the speculative execution side-channel attacks disclosed for Intel since early 2018 seem to affect AMD’s Ryzen and Epyc CPUs. It’s true that in some of the cases where the flaws were declared to affect Intel’s CPUs, the researchers may not have looked primarily at AMD’s CPUs. However, even then AMD confirmed that those bugs didn’t affect its processors after carefully verifying how the vulnerabilities affected its own processors. It truly seems as if AMD designed the new Ryzen microarchitecture with better security in mind than Intel’s essentially Nehalem-based microarchitectures have been. Why Nehalem-based? Because most of the speculative execution attacks affect Intel’s CPUs since at least 2008 when the Nehalem microarchitecture came out.3) With the release of the new Zen architecture, AMD also seems to have been one step ahead of Intel in terms of supporting new hardware encryption features. It remains to be seen if AMD will maintain this pace in regards to security, as Intel tries to fix all of the Spectre issues and improve its image with consumers, but at least for now, AMD seems to have the lead.Even ignoring all the various performance slowdowns the Spectre-related patches have caused for both old and new systems alike, AMD’s processors seem like the safer and more secure platform to choose in the near and medium-term. URL: https://forum.audiogames.net/post/570280/#p570280 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @17Are you sure? I thought there were in fact patches that didn't disable hyperthreading these days. URL: https://forum.audiogames.net/post/570273/#p570273 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @14, You do know that AMD suffered spectre/meltdown as well? And so did ARM? You gonna boycott AMD and ARM just to avoid spectre/meltdown too?The only way to fix spectre/meltdown is not through software but through hardware. Spectre/meltdown are hardware based, and the only way to fix them is to disable SMP/hyperthreading. URL: https://forum.audiogames.net/post/570258/#p570258 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking @14And if you did, you would discover that it doesn't help you at all, I'm pretty sure. You only get 10-20% at most, *especially* if it's a dual core machine that's bad enough to lag out the screen reader. Those impressive overclocking results that have you and everyone else on this thread going "wow! Must do that!", they come from buying the high-end gaming processors from intel that Intel designed to be overclocked, motherboards designed to be overclocked, cooling systems specifically marketed at the "gamer" with tons of things about how they're massively overpowered because the companies behind them know who they're selling to. In fact modern processors specifically come in unlocked variants that you have to get if you really want to do this. By the time you have that I promise your screen reader isn't laggy anymore.You don't buy a cheap computer and overclock it and now you have a good computer. You buy a cheap computer and overclock it and barely get anything plus it was a cheap computer that couldn't handle being overclocked and a year from now you replace it and end up spending more than if you had just got a better computer in the first place.There isn't some conspiracy by Intel or something where they give you processors that are intentionally running below where they can safely run but you can overclock them because Intel is out to make you give them money. That's not how this works. When you start overclocking you're making trade-offs. Yes, there are safeties and things these days, and if you stay within them you might be okay. But those impressive overclocking results? They usually turned off said safeties, as well.but how screen readers actually lag is IPC gone wrong. The only thing that can really help with that is more cores and memory, not faster ones. You can't overclock the hard disk, and what usually ends up happening on low-end machines is that background apps end up swapped out and having to swap back in all the time every time they wake up to do work, plus foreground apps being partially swapped out to disk as well. That's all blocking operations that overclocking can't do anything about either. Basically screen readers are as slow or slower than whatever apps they monitor.At the end of the day, yes, hypothetical-you probably can't afford a great computer. But trying to get the cheap one and overclock it to make up for that, that's just not how this goes. Overclocking is a hobby for people with more money than sense, not for people who are trying to stretch a $500 laptop to be a $1000 laptop. URL: https://forum.audiogames.net/post/570252/#p570252 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking I had a dual core laptop back in 2006. In 2009 I got a quad core machine. I don't think anyone is using Dual core machines at this point, and if they are, they shouldn't be. URL: https://forum.audiogames.net/post/570245/#p570245 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Camlorn we don't know what someone might want to do though. Screen readers do indeed lag on dual core systems, especially after all the spectre/meltdown patches. That pretty much insures I won't be buying any processor from intel again in the near future. For me this is the case with my forth gen M series i5 haswell. In programs that use alot of processing power, simulation and scientific applications, file compression the difference could be quite noticeable when compressing large files. If I were sighted, I would've done it just for the simple fact I can, and to get more power out of my system. URL: https://forum.audiogames.net/post/570241/#p570241 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking I mean yes, it's safer than it used to be. If you go out and specifically buy hardware that's designed to let you overclock safely, you'll probably be all right. If you don't, all bets are off. It's in the category of safe but only if you planned for it from before you bought the computer and also you have money to spare. Plus that cooling solution is really important.But so what, you won't notice. Audiogames certainly don't need it, screen readers haven't been a problem in 15 years, and if you're sighted enough that you want 120 FPS at 4K resolution you wouldn't be asking this forum. URL: https://forum.audiogames.net/post/570213/#p570213 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Are you really pressing the limits though? I mean I have an R5 and it doesn't scream unless it's really thrashed by something like a big mainstream game. URL: https://forum.audiogames.net/post/570209/#p570209 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking i mean i know it can be dangerous if you go all out. but if you just do logical stuff then its fine as fare as i under stand URL: https://forum.audiogames.net/post/570202/#p570202 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking The idea it isn't a good idea to overclock does not apply to hardware designed to be overclocked, some makes of ram, and intel processors with the K letter at the end, and most AMD r7/R9 processors can be overclocked. So you are not running it out of its specs. This is just another reason being blind sucks. Also, performance gains could be significant, depending on how good a cooling solution you have. URL: https://forum.audiogames.net/post/570201/#p570201 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking The idea it isn't a good idea to overclock does not apply to hardware designed to be overclocked, some makes of ram, and intel processors with the K letter at the end, and most AMD r7/R9 processors can be overclocked. So you are not running it out of its specs. This is just another reason being blind sucks. URL: https://forum.audiogames.net/post/570201/#p570201 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking I could use the software that my motherboard uses but, even they have a sidclamer that it is not a good idea to over clock any part URL: https://forum.audiogames.net/post/570198/#p570198 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Did you skip over this part?Article wrote:Super-serious disclaimer time: Overclocking is far less dangerous to the health of your components than it used to be – with fail-safes built into modern silicon – but you will still be running your hardware outside its officially rated parameters. That means you’ll likely invalidate any warranty your hardware might still have and there is a slight risk that any extra stress might just push it over the edge and brick it. That’s why, historically, overclocking is done on ageing components. You have been warned… URL: https://forum.audiogames.net/post/570196/#p570196 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Wow, a lot of misinformed people here about overclocking. Sadly I don't know of a way to do it without sighted assistance, but I have a few comments about the safety of it. For modern chips, even if you mess up with the numbers in the BIOS settings, your computer simply won't boot. Then, if your CPU is getting too hot (> 95-100 degrees) it will just throttle itself and cool down to avoid damage. Last I checked, if you're looking to use your CPU long-term, 70-75 degrees under heavy load is a good temperature. Anything over 80 degrees will probably reduce the lifespan of the CPU. As for performance gains, there can definitely be some decent gains in improved FPS. For us blind people though, I'm not sure if that difference will actually matter. You are probably not playing any fast-paced competitive games where every frame counts. However, if you are just willing to test your hardware and see how far you can push it, it can be quite entertaining. URL: https://forum.audiogames.net/post/570195/#p570195 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking well dam. i read a thing saying its easy and safe. i iwll send it for anyone who would like proof that i read it or somethinghttps://www.pcgamesn.com/overclocking-g … ck-cpu-gpu URL: https://forum.audiogames.net/post/570192/#p570192 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Ok, even if you're sighted, overclocking doesn't get you that much more performance. As in you won't be able to notice save by running benchmarks. And it gets you a *lot* more risk of something or other literally melting. I'm not being hypothetical. Unless you built it from the ground up to be overclocked, bought the right CPUs, added all the extra cooling, made sure it's in a well-ventilated room, probably did several other things, you'll either get so little extra performance that it wasn't worth bothering or you will melt it and have to replace it in a year or so.But even if you did do all that, bios are inaccessible and you can't do it without sighted help. No workaround save for very specific motherboard brands intended for enterprise use where they need to be able to apply the same settings to multiple computers, and those aren't the sort of motherboards that are optimized for overclocking. So: go back in time and rebuild it and ask this question beforehand and you might get the beginnings of an answer. But even then, probably not a good one, and probably not with hardware that's like "overclocking, w!" URL: https://forum.audiogames.net/post/570189/#p570189 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking its custom built with good specs. but i want more preformance URL: https://forum.audiogames.net/post/570184/#p570184 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Why do you want to do this. It just degrades the lifespan of your chipset. With the people in this community that don't even wanna drop $10 on a game, try $1K on a new PC. URL: https://forum.audiogames.net/post/570176/#p570176 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: blindness and overclocking
Re: blindness and overclocking Sorry, but just don't overclock at all. The cpu specifications are not there for fun, and also it didn't help this much either when my sighted friends did it. URL: https://forum.audiogames.net/post/570174/#p570174 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
blindness and overclocking
blindness and overclocking so i, and maybe others, want to overclock are computers gpu and cpu. but msi afterburner is compleatly in accessible. so how do we do it safely URL: https://forum.audiogames.net/post/570172/#p570172 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
blindness and overclocking
blindness and overclocking so me, and other people want to over clock are cpus/gpus. msi afterburner has a realy good feture that can figure out what the best we can get out of are gpus is. but its compleatly in accesible. so what apps should we use. or just how do we do it. URL: https://forum.audiogames.net/post/570172/#p570172 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
