Skip to main content

In the battle between AMD and Intel, which processors are more secure?

The horse-race between AMD and Intel is fun to follow, but when it comes to security, there’s far more at stake than framerates in games. There looms a ghostly apparition that’s easy to forget. Speculative execution exploits like Spectre and its variants, as well as ZombieLoad and a number of other side-channel attacks, are still as scary as ever. 

Intel has seen the brunt of the blame for the vulnerability, but AMD processors aren’t exactly in the free either. Far from it. 

Recommended Videos

Both companies have been forced to implement mitigating patches and hardware fixes of their own to make sure users stay safe from these potentially nasty exploits. But with all that’s been done, which is the safer, more secure option for 2019: Intel or AMD?

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

Fighting from day one

Image used with permission by copyright holder

The very first exploits revealed during the last painful year and a half of bug revelations, were Spectre and its variant, Meltdown. But where much of AMD’s back catalog was affected by Spectre alone, Intel chips released as far back as 2008 were vulnerable to both. Other exploits that would come to light in the months that followed, including Foreshadow, Lazy FPU, Spoiler, and MDS, were all viable attack vectors on Intel CPUs, but not on AMD’s.

To Intel’s credit, it has been fighting the good fight for its users since these exploits come to light, releasing microcode fixes and mitigation through software partners like Apple and Microsoft, that largely make these exploit paths redundant. 

Understanding Spectre and Meltdown

Intel has also begun to implement much more permanent, hardware fixes to some of these exploits into its latest processors. These fixes work independently of microcode and software updates and make select processors safe and protected from those particular attacks by virtue of their design. These are products which do not feature the same flaws as earlier processors and represent the best effort yet to stop attacks like Spectre in its tracks. 

Intel began implementing hardware fixes in its chips with the release of eighth-generation Whiskey Lake-U CPUs, including the Core i7-8665U, i7-8565U, and i5-8365U, which are protected against Meltdown, Foreshadow, and RIDL thanks to hardware changes.

It’s comforting to know Intel is designing its future products with security in mind.

Its desktop lineup of ninth-generation chips, like the 9900K, 9700K, and 9600KF, all include the same hardware mitigation. The entire 2nd-generation of Intel Xeon processors, based on Intel’s Cascade Lake design, however, enjoy the most comprehensive collection of hardware fixes of all Intel’s CPUs so far, with only Spectre v1 v2, and V4, requiring some software protection.

Further fixes will be coming down the pipe with the gradual proliferation of 10nm Ice Lake mobile CPUs throughout the rest of the year.

Walden Kirsch/Intel Corporation

In a discussion with Digital Trends, Intel made it clear that there is no substantial difference in security between the microcode/software fixes and the hardware mitigations.

But it’s important to note that the end user has to take no action to be protected by hardware fixes. Where operating system or software updates are required, there’s a chance they may not be installed and that could leave users vulnerable. 

The only strategy that Intel has articulated pushes the problem off on to software in a way that the software developers aren’t equipped to handle.

Hardware fixes are a much more permanent solution to the problem and, according to Intel, “Future Intel processors will include hardware mitigations addressing known vulnerabilities.” It’s comforting to know Intel is designing its future products with security in mind, but those hardware fixes will not be exhaustive.

As Paul Kocher, senior technology advisor at Rambus, told Digital Trends earlier this year, “When you’re dealing with the most basic variant one of Spectre, the only strategy that Intel has articulated pushes the problem off on to software in a way that the software developers aren’t equipped to handle […] The proposed solution is everything you have a conditional branch, so an “if” statement in a program, that could lead to trouble if it was mispredicted. You’re supposed to put an instruction called “L Fence! in. Even with the new design, putting in L Fence has to stop speculation from occurring and that has a performance impact.”

Although not as affected as Intel, AMD is also bringing hardware fixes to bear on its new-generation hardware. Its Ryzen 3000 processors all feature hardware fixes for Spectre and Spectre V4, alongside operating system protections.

The price of safety

Hardware fixes aren’t just important because they make sure that anyone with that chip has the same fixes right out of the box, but because hardware fixes don’t have the same performance losses as some of the software patches. In some cases, they have to effectively turn off important features in order to protect against certain attacks.

Although not directly comparable to the mitigation’s effects on Windows PCs, Phoronix has conducted extensive testing on how they’ve affected the Linux platform. It notes a noticeable drop in performance in a variety of tests. In the cases where hyperthreading was turned off entirely, which companies like Apple and Google recommend, there was an average drop off of 25 percent in overall performance.

AMD wasn’t immune to performance loss with software mitigation in place. Phoronix’s testing noted a few percent drop in most cases, though they were typically far less impactful than Intel’s. That was true in the latest round of testing with Ryzen 3000 CPUs too, where Intel chips started out faster in some cases but became noticeably slower after mitigation.

Image used with permission by copyright holder

When we reached out to Intel to discuss the performance hit from its exploit mitigations, it downplayed the impact, suggesting that, “Generally speaking, while performance impacts have been observed on select data center workloads, to the average consumer the impact of these fixes is minimal.”

It also pointed us to a report by security blog, The Daily Swig, which collected a number of statements on the performance hit from Spectre variant mitigations. The results were mostly positive on the Intel front, with a number of Swig’s sources suggesting the impact on end-users was minimal. It did, however, showcase that in certain cases, particularly in datacenters and cloud servers, some tests saw an impact of 10-15 percent from the fixes.

The greater concern is that device manufacturers won’t implement the mitigations for fear of their device appearing less capable than the competition.

As much as it’s disappointing to lose performance on a processor, the greater concern is that device manufacturers won’t implement the mitigations for fear of their device appearing less capable than the competition. Intel has made patches an optional implementation for device manufacturers and end-users. That’s something that Linux creator, Linus Torvalds, was heavily critical of in early 2018

When we asked Intel whether this practice would continue moving forward, it suggested that it wouldn’t mandate security patches for its partners, but that, “As always, Intel encourages all computer users to make sure they keep their systems up-to-date, as it’s one of the best ways to stay protected.”

Getting anyone to do so, whether it’s a smartphone or a laptop, is something that many companies struggle with, even if it is one of the most important ways to keep your devices safe from hackers and general malware. So the fact that these particular patches can cause performance dips makes it an even harder sell. Especially since there is very little evidence to suggest any speculative execution attacks have actually taken place in the wild.

In our discussion with Intel on the matter, it again downplayed the severity of these exploit paths, stating that “Exploiting speculative execution side channel vulnerabilities outside of a laboratory environment is extremely complex relative to other methods that attackers have at their disposal.”

It also pointed to a Virginia Tech study from 2019 that highlighted how an average of just 5.5 percent of discovered vulnerabilities were actively utilized in the wild. 

Don’t be scared. Be considerate

As much Spectre and its ilk are scary, Intel’s claims should temper that fear. Spectre is unlikely to have been leveraged in the wild, so far. It is also likely that anyone looking to hack your particular system will utilize other methods before they even consider an attack path like Spectre and its variants. There are just much easier ways of doing it. Not least just giving you a call and trying to social engineer you into giving up your private information.

But that doesn’t mean we shouldn’t factor in our concerns for Spectre when it comes to buying new hardware. The fact remains that Intel hardware is more susceptible than AMD’s, simply because there are a greater number of potential exploit paths on Intel CPUs and more of a reliance on software patches that may or may not have been implemented.

AMD CEO Lisa Ku
AMD

Newer hardware from both companies is safer and less impacted by mitigations than older chips. You’ll find more hardware fixes in both the latest Ryzen 3000-series processors and Intel’s 9th-generation chips. Ice Lake promises ever greater numbers of fixes and Intel’s rumored Comet Lake S chips in 2020 will no doubt include further fixes still.

If you are concerned about Spectre, upgrading your processor to either of the latest-generations of chips from Intel and AMD is definitely worth considering. If you’re particularly concerned or don’t want to worry about software patches, then AMD CPUs are less affected by these attacks. 

For now, there is unlikely to be much of a real world impact for the average person when it comes to these sorts of bugs.

It’s also worth pointing out that most experts we’ve spoken to think that we haven’t seen the last of these sorts of exploits, with more potentially coming down the pipe. That is, until Intel and its contemporaries develop a new, preventative strategy — perhaps like a secure core right on the die. Those potential new, undiscovered exploits could lead to further performance degradation on existing hardware too.

This is all just speculation; perhaps an apt way to look at the future of a speculative execution bug. For now, there is unlikely to be much of a real world impact for the average person when it comes to these sorts of bugs. But, if you have to choose a winner in terms of security and performance, there’s no denying that AMD hardware currently has the lead. Intel hardware is still great in so many ways, but this is one where its strengths are turned against it.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
AMD’s Ryzen 7 9800X3D may not give Intel any breathing room
The Ryzen 7 7800X3D installed in a motherboard.

The competition between Intel Arrow Lake and AMD Zen 5 hasn't been as fierce as usual, with both lineups delivering small gen-to-gen improvements. However, it seems that AMD may soon add a staple to its list of the best processors, and the CPU might be announced at the worst possible time for Intel. I'm talking about the Ryzen 7 9800X3D, which now has a rumored release date alongside some performance benchmarks.

The release date speculation was initially shared on Bilibili, but the user has since deleted their post. However, the discussion continued on Chiphell forums, spilling the beans on both the official announcement date and the possible release date.

Read more
Nvidia’s CEO — yes, one person — is now worth more than all of Intel
Jensen Huang at GTX 2020.

Nvidia is one of the richest companies in the world, so it's no surprise that the company's CEO, Jensen Huang, is quite wealthy. The most recent net worth numbers from Forbes puts into context just how wealthy the executive really is, though. Huang has an estimated net worth of $109.2 billion, which is around $13 billion more than the market cap of Intel across the entire company.

Although Nvidia makes some of the best graphics cards, the obscene amount of money the company has racked up over the past two years stems from its AI accelerators. In 2020, Forbes estimated that Huang was worth $4.7 billion, and even in 2023, after ChatGPT had already exploded onto the scene, the executive was worth $21.1 billion. Now, Huang is the 11th richest person in the world, outpacing Bill Gates, Michael Dell, and Michael Bloomberg.

Read more
More than seven months later, Intel CPU instability issue might be over
Intel's 14900K CPU socketed in a motherboard.

We first reported on the Intel CPU instability issue in February 2024, and since then, Intel has offered various fixes that helped, but still failed to fix the problem once and for all. Now, it finally seems like the owners of Intel's best CPUs might soon be able to rest easy. Intel has shared a new update that pinpoints the four causes of Raptor Lake problems and provides a fix.

Intel's July update on the matter disclosed that the company was aware of issues within the microcode and that the problem was related to incorrect voltages. Today's update breaks this down into four operating scenarios that can cause problems. Intel now refers to these long-lasting issues as the "Vmin Shift Instability."

Read more