Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MP 1,1-5,1 Mac Pro 5,1 MDS vulnerability information thread

Status
The first post of this thread is a WikiPost and can be edited by anyone with the appropiate permissions. Your edits will be public.
MarkC426

MarkC426

macrumors 68040
May 14, 2008
3,697
2,096
UK
Because of the 'Thread Title'.
A vulnerability was discovered a while back, which was evident when HT enabled.
 
basslik

basslik

macrumors 6502
Feb 22, 2008
462
102
tsialex said:
While it’s just a theoretical attack without any worm using it, I’m going to keep disabled with my Mac that I use most of the time to use the internet, but I’m keeping HT enabled with my Mac that I use to compile/encode.

I think that are a lot of easier ways to hack people than MDS data exfiltration. For enterprise and governments, it’s best practice to just disable HT and we will see that this may be the rule from now on.

For common, non targeted people, best internet behaviour and best security practices will always be more effective than keeping HT disabled.
Click to expand...
Alex I only use my Mac Pro strictly for my recording studio and never on the web, unless I need to update pro Tools. I heard that you take a CPU hit but only marginal, like around 7%. I wonder if I should disable HT, or just leave alone. If I disable is Xcode still free to use ?
 
Last edited:
flygbuss

flygbuss

macrumors 6502a
Jul 22, 2018
735
1,267
Stockholm, Sweden
basslik said:
Alex I only use my Mac Pro strictly for my recording studio and never on the web, unless I need to update pro Tools. I heard that you take a CPU hit but only marginal, like around 7%. I wonder if I should disable HT, or just leave alone. If I disable is Xcode still free to use ?
Click to expand...
Same use case here. Since I’m hardly online with that machine I didn’t disable HT.
I bought a hardware ethernet switch, this way I can switch between LAN and internet easily.
If you don’t need the additional horse power, disable HT, if you do, leave it alone.
 
  • Like
Reactions: basslik
T

takovej

macrumors member
Mar 6, 2015
35
21
Robert71B said:
Thank you for the explanation that cwae=2 means to add an additional cpu instruction. And especially for isolating this as the slowdown factor in this fix!
Could somebody explain in more detail what that means?
I.e. does it add some undisclosed additional instruction set with a secret code number “2”
Or maybe it just makes the cpu generally handle one more instruction set (like one step further from RISC?)

Many thanks for your thoughtful answers!

Robert
Click to expand...

Cwae means conditional write-avoidance of data during load operations for certain microarchitectural buffer structures which helps to prevent MDS vulnerabilities. The value "2" is used to enable this mitigation
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom