Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
AMD vs Intel - security primer
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

AMD vs Intel - security primer

Front-up: you want a "security AMD vs intel shootout"? You'll be disappointed because intels and AMDs SEs ("security engines") address completely different use cases. But as there are just discussions (or cajoling) of intels newest security nightmare of the month you might want to read on anyway ...

So, what do the two "security engines" address?

  • intel addresses typical desktop/end user worries. To put it in an easily understandable picture, intels SE addresses problems like securing online banking access or your password manager.
  • AMD (Epyc) addresses servers and in particular VMs.

So evidently one can't really compare those two.

But security is way more complicated than a superficial comparison of SEs. Some relevant points are

  • If some processor manufacturer basically runs a monopoly since decades there are of course major differences in attitude, stringency, quality of engineering.
  • If there is very high demand from the market a manufacturer will likely shift its perspective from tech ("let's build really good products!") to "let's somehow fill the massive needs of the market!", possibly hand in hand with a shift towards marketing and sales defining the company rather than engineering. Intel seems to be a painfully clear example of that.
  • Against what do you want to protect?
  • Against whom do you want to protect? Hackers for example are quite different from state agencies.
  • What is the political and legal context? Example: in a country where (a) some agencies can demand pretty much everything and force you to be silent about it, and (b) a sufficiently high level of mistrust (incl. from foreign markets) exists a chip company will have to take that into account.
  • Do the customers really demand (real) security or is them believing they are secure enough?

...
and finally of particular importance for us: in what environment are the systems used? In our context we can differentiate between 3 main types:

  • private - e.g. consumer desktops, smartphones
  • (quasi) public but controlled - e.g. company servers (inhouse), agency desktops
  • public, not controlled - pretty much all kinds of hosting

Intels SGX addresses mostly the first one and to a small degree the second one. AMD clearly addresses the third one - which is the context we care about here.
Side note: AMDs SE is also much faster - but both SEs bring high performance losses in most workloads.

TL;DR If you are concerned - either as provider or as customer - about server and in particular VM security AMD is it. If you are concerned about the password manager on your personal device intel is it - theoretically, because practically intels security is very fragile. Btw. intels SGX is ring 3 accessible while AMDs SE is ring 0 (read: very considerably more secure and well thought out).

TL;DR 2 Be warned! intel is a giant and controls the market since decades while AMD is almost a "new player again" - hence intels products of course have been scrutinized and attacked by far more than AMDs. Keep in mind that "There are no/very few known attack vectors" != "there are no/very few attack vectors"! It seems though that AMD has understood and taken care of the security problems far better than intel.

Thanks no.

Comments

  • its @Gam3over for Intel

    Thanked by 1seriesn
  • @tgl said:
    its @Gam3over for Intel

    I still have doubts. One should never underestimate the ignorance of people and the opinion-changing power of lots of money. Another reason is the fact that AMD can not possibly replace intel due to quantity.

    But seeing that intel now revives an old 22 nm Pentium because they evidently have serious difficulties with their 14 nm production (not to even mention 10 or 7 nm) clearly suggests that intel at least isn't on a healthy path ...

    Thanked by 1poisson

    Thanks no.

  • @jsg said:

    @tgl said:
    its @Gam3over for Intel

    I still have doubts. One should never underestimate the ignorance of people and the opinion-changing power of lots of money. Another reason is the fact that AMD can not possibly replace intel due to quantity.

    But seeing that intel now revives an old 22 nm Pentium because they evidently have serious difficulties with their 14 nm production (not to even mention 10 or 7 nm) clearly suggests that intel at least isn't on a healthy path ...

    Intel has their own production issues and TSMC changed their minds and are aggressively investing in ramping up 7nm production and 5nm tech.

  • @TimboJones said:
    Intel has their own production issues and TSMC changed their minds and are aggressively investing in ramping up 7nm production and 5nm tech.

    I don't know about "changed their minds". But about TSMC ramping up 7 nm production and getting 5 nm to a commercially viable yield factor I did know. The major competitor btw. is not intel but rather Samsung.

    Also very interesting and maybe even more so is what happens in China. Small gate size RAM production and "relevant" (not high end small but absolutely usable) small gate size processor production. Funny: intel seems to be (temporarily) forced up to 16 and 22 nm while Chinese fabs have come down to 22 nm (good yields) and 16 nm (yield optimization still needed).

    As for the processors to be produced I don't know yet but the Chinese have some potential there, for example their "lower end" Zen processors, their loongson and possibly some not yet known ones.
    I mention that because (higher end) processors were/still are(?) an Achilles heel; if the Chinese manage to develop e.g. their Mips cores into something similar to the Russians 8S (Sparc based) tech that is, to cores that are quite capable but considerably still less powerful than e.g. Zen but are meant to and can easily be linked together, then the Chinese could make their new directive happen that says that all state agencies must strive to use Chinese computers.

    Thanks no.

  • TimboJonesTimboJones Member
    edited December 2019

    @jsg said:

    @TimboJones said:
    Intel has their own production issues and TSMC changed their minds and are aggressively investing in ramping up 7nm production and 5nm tech.

    I don't know about "changed their minds".

    When they publicly say they will be conservative and months later do the opposite and be aggressive, that's changing their minds.

    But about TSMC ramping up 7 nm production and getting 5 nm to a commercially viable yield factor I did know.

    Then why the fuck did you say "Another reason is the fact that AMD can not possibly replace intel due to quantity" knowing full well AMD is increasing production and Intel has missed their technology road maps for like 5 years running and often has production shortages? If you saw the recent Intel 10 year road map with 1.3nm in 10 years, you'd know the badly missed deadlines are going to continue for years and they are just full of optimistic shit. "Oh, we couldn't do 10nm in 4+ years, but fuck it, we're doing better than that every two years from now on."

    The major competitor btw. is not intel but rather Samsung.

    What??? No. Don't even know wtf you're talking about, now (link?). AMD licenses AMD GPU IP to their biggest supposed competitor (partner)? No, Intel is with their big market share and big margins ripe for the picking. Just read AMD filings (and Intel's). Or just provide sources or rational for your opinions and not some side "btw" topic without context. I don't know why providing sources is so hard for you.

  • @TimboJones said:

    But about TSMC ramping up 7 nm production and getting 5 nm to a commercially viable yield factor I did know.

    Then why the fuck did you say "Another reason is the fact that AMD can not possibly replace intel due to quantity" knowing full well AMD is increasing production ...

    Because NO, AMD is NOT increasing production. If someone increases production then it's the fabs producing for AMD. And that fab happens to have other - and bigger - clients too for whom they have to produce.
    intel otoh does have very large fab capacities.

    [Rest of typical TimboJones post ignored]

    Thanks no.

  • TimboJonesTimboJones Member
    edited December 2019

    @jsg said:

    @TimboJones said:

    But about TSMC ramping up 7 nm production and getting 5 nm to a commercially viable yield factor I did know.

    Then why the fuck did you say "Another reason is the fact that AMD can not possibly replace intel due to quantity" knowing full well AMD is increasing production ...

    Because NO, AMD is NOT increasing production. If someone increases production then it's the fabs producing for AMD. And that fab happens to have other - and bigger - clients too for whom they have to produce.

    Logic fail. AMD is top 3 purchaser of fab 5nm capacity and if they can order more than they could/did previously because of additional capacity to take the order (plus 5nm yields and technology progress is better than expected as well), that's increasing production, regardless if it's AMD themselves or their contractor that supplies their production. I thought you already knew this. Which is it?

    AMD says things like this:

    "We will be able to meet the needs of a fantastic level of interest," he said. "[TSMC has] full commitment to ramp the volumes needed on the market."

    intel otoh does have very large fab capacities.

    And? Running far less than full capacity in a factory often leads to huge losses. And what does it matter if Intel have all the capacity but can't compete on price and performance? Their tech advancements have stalled and not keeping pace with TSMC/AMD. You said yourself, "But seeing that intel now revives an old 22 nm Pentium because they evidently have serious difficulties with their 14 nm production (not to even mention 10 or 7 nm) clearly suggests that intel at least isn't on a healthy path ..."

    I've even read that AMD could (it's possible to) use Samsung's technology to produce AMD product.

    “AMD has strong foundry partnerships and our primary manufacturing partners are GLOBALFOUNDRIES and TSMC. We have run some product at Samsung and we have the option of enabling production with Samsung if needed as part of the strategic collaboration agreement they have with GLOBALFOUNDRIES to deliver 14nm FinFET process technology capacity.”

    [Rest of typical TimboJones post ignored]

    Typical in that I ask you to back up the shit you say that doesn't make sense and you can't or won't? Are you ignoring I'm not the only person to constantly point this out?

    You're terrible at making any rational arguments, you just take your ball and go home, which is getting tiring for the 50th time. I still don't know wtf Samsung has to do as AMD top competitor. It would only make more sense to say Samsung is more of a competitor to Intel than AMD given the smartphone and modem business are direct competitors plus Samsung has much more money than AMD. This is why you explain wtf you're getting on with and not just full of shit and fooling simple people into thinking you have some clue when you don't. I have no idea why you think you're right all the time when you rarely, if ever, provide rational or sources to back what you're saying.

    Clearly, you don't have post education, but this should have been covered in several high school courses (you've also seen a Wikipedia article before) and I always thought German education system was one of the best in the world. What went wrong in your case that it was acceptable to think you can make an argument without citing evidence or referencing something along those lines and then fucking off when prompted to explain yourself? That's just basic internet forum etiquette.

  • [trolling ignored]

    Thanks no.

  • @jsg said:
    [trolling ignored]

    Wah, wah. Well, can't fault you for not wanting to be continuously wrong. It only takes one sentence to link to wtf you were going on about Samsung, and now you're making it super clear you were wrong. But I know, you're never wrong, you just used a clumsy word instead of the correct word.

Sign In or Register to comment.