Security vulnerabilities in CPUs are a major concern in many industries. When we talk about a security problem we can talk about two different problems. The first of these is that applications perform operations outside of memory spaces where they are not allowed to operate. The second that is more complicated has to do with remote access to the PC by a third party. The latter is something that at the user level is not as important as in the business market where servers, data centers and PCs of different workers move highly sensitive information.
Are Intel CPUs more insecure than AMD’s?
If we look at the lists of documented vulnerabilities, we can see how up to 486 security vulnerabilities have been found in Intel CPUs as of this writing. The figure that AMD has? Apenás 21. Situation that creates a debate with the following question: are Intel CPUs unsafe?
If we assume that both companies make processors with x86 register sets and instructions, the Intel CPUs and the AMD CPUs should not be very different. The reality is that what the ISA defines is the decoding code in the control unit during the instruction cycle, as well as the common registers involved. It indicates what each instruction does, but not how, and in this respect both Intel and AMD differ.
One of the keys when it comes to gaining performance in the processors is speculative execution, another is transactional memory. Both are based on executing part of the code outside the space allocated for the applications. Since in all modern CPUs and due to operating system requirements, the RAM memory space is divided into several different spaces. In them the applications cannot intervene the operating system space.
In the case of speculative execution and transactional memory, parallel execution spaces are opened, which opens a door for vulnerabilities in Intel CPUs to be higher than those of AMD. Because of the way they have been implemented. In other words, Intel has sacrificed the security of its processors for speed in the design. Causing Intel CPUs to have more vulnerabilities than AMD’s.
A downside for Intel versus AMD
Due to the sacrifice of security for performance and the continual emergence of new vulnerabilities. Intel has been forced to update the microcontroller that acts as a control unit in its CPUs, eliminating features. Which leads to a slowdown in your systems and therefore in your overall performance.
Since the design and production stages of a processor take several years to complete, currently in the industry the average is 5, the changes in Intel CPUs affected in 2018 by Meltdown and Specter should begin to be seen from 2022 or 2023 Speculative execution is difficult to patch, since it is associated with out-of-order execution. All this does not mean that AMD does not have security problems, it has them and just as serious, and what is clear is that as its AMD EPYC are used more and more in the business market where the interest in exploding its security will go in increase. Intel’s greater market share makes it much more vulnerable to finding security flaws in its processors. More than anything because there is more juicy information to get or preserve.