Statement Regarding Intel Bug
-
2 mins read
I am at a loss for words. As the reality of the Intel bug settles in, the tech community has been shaken. For years we have falsely assumed the security of virtualization technologies. The convenience and ease of ‘spinning up’ and ‘blowing away’ vms (virtual machines) in server farms has become standard practice across the globe. Even McAfee Media Solutions utilizes virtualization to manage our web and vpn servers; helping us reduce costs and insure greater up times.
However, with the introduction of today’s security patches, we have learned a terrible lesson. Not only are virtual servers on Intel systems insecure, the only fix may cause literal crippling reductions in speed. Some independent testing is reporting as high as a 20-30% reduction in speeds. And this doesn’t just affect servers. Users of any Intel chipsets produced in the last decade will be effected. This includes any Apple laptop, desktop, or server produced since 2005, all Intel based Windows systems, and all Intel based Linux systems. Currently, AMD processors are not affected.
Today marks a historic benchmark in our society.
Today may be the day society learns just how much we depend on these fragile devices, and how important they are to us.
With the reduction in speeds that may be present across the cloud, we may see these speed reductions come to cripple the services we utilize day in and day out. This would mean any service ran on Amazon’s Web Services (e.g. Netflix), the entirety of Google’s infrastructure (e.g. Gmail, Drive, Docs) and Microsoft’s One Drive and Office 360 lines.
As we move forward, I will do my best to inform, educate, and help mitigate this issue to have the lowest impact possible on our clients and their services. We will begin looking into replacing or mirroring our Intel servers with the comparable AMD Ryzen chipset and will consult with others as necessary to insure the safety and security of our systems.
Additional information regarding the identification of this bug and its consequences are available in the Sysadmin subreddit and at The Register.