Wrong. It is not faulty. And that is the FUD you have to stop believing in. This is a very novel approach to trying to break something that should not be breakable in the first place - because this so-called faulty CPU you keep harping on is what makes things work so much faster.
I've repeatedly posted links, but you're not taking the time to read them and understand them, and I have better things to o today than to continue to argue with you. Suffice it to say, you're opinions are off base because it sounds like you're following the media too much and the actual researchers too little.
I'm sorry if I am coming across as rude, but I refuse to entertain any more arguments from you on this matter. The information is out there and easily accessible, if you would just do so.
I was similarly blown away when I found out about this whole process myself.
But the microcode is only half the problem - remember, it is not just the CPUs, but how their capabilities are actually used by OSs, that grants the full spectrum of the vulnerabilities.
The Ars Technica article I posted a little bit ago, from 11 Jan, explains it very clearly but with a lot of detail (without all of the technical overhead that I found in the actual research papers that I read and posted here earlier) on how the technology of the CPUs works, and why they were made that way, and also, if patched, how much of a performance loss you'll expect under various scenarios.
That's why when the article first broke, one of the first things mentioned was that the Linux kernel had already been patched earlier for the fix. And that's why there is almost 0 panic in the Linux community. It's not about the microcode, because if it was
only that all they would have said is "Download the microcode and place it in /etc/firmware and you'll be fine."
In fact, here is a complete breakdown on how the process works in *nix with firmware:
Kernel/Firmware - Ubuntu Wiki
But the article(s) from when the vulnerability was first reported to the public
specifically stated that the Linux kernel had been
patched.
And that Microsoft, Apple, and other OS developers were working on their own patches.
My reasoning then (and it stands now) was that this was not a hardware
only problem - and that is what got me digging deeper into the vulnerabilities, to the point where I actually read the research papers themselves that were published on both vulnerabilities. I even summed them up here earlier - and interpreted a lot of the introductions of both papers here as well. And this reasoning is why I've also been replying to Josey's posts about it being Intel or Intel and AMDs fault.
Lol - if you can show me where Windows has loaded the fixed microcode for your CPU
and show me that the OS (kernel) has also been fully patched for the vulnerabilities, then yes I can see why you'd think something is wrong....
No- it was not tested for this sort of a security risk because no one knew this sort of a risk existed in the first place.
Again, let me reiterate: These vulnerabilities were just a gleam in the eyes of the researchers who found them in early 2016. And the speculation began that they might exist after attending a security conference that had a presentation on another vulnerability, one that was found in 2014.
All of this is directly from the researcher's paper on the vulnerability, i quoted it earlier and pointed it out very determinedly.
It's kinda pointless for you to say that that the capabilities of the CPUs, which go back well over 10 years, could have been tested for a security vulnerability whose concept that didn't even exist 2 years ago.
I used the analogy of the automobile as a prime example - you can't hold the developers of the original internal combustion engine at fault for smog and carcinogens being emitted from ICEs because back then they didn't know that smog could be caused from ICEs, and that said combustion was releasing carcinogens into the air for people to breathe.
but, by trying to
blame Intel and AMD (and every other CPU maker) for this vulnerability is 100% equivalent to doing the above.