Definitely. I’m not quite there yet. I’ve got a 1700, so I’ve been doing a little bit of digging, but I can’t risk anything intrusive as this is my work machine.
Had a thought: What model is the laptop, if there is firmware out there for it, I might be able to glean some info from it.
It is the Lenovo 720s-13ARR, running the Ryzen5 2500u.
If you mean BIOS download, there is the one that is already installed. And it looks like Lenovo is one of those bunch of cunts that gives out UEFI updates only in windows .exe files.
How though? They don’t have a really good CPU out right now. Delidding is necessary for their 8000-series if you want to overclock at all and on the server parts, TR4 is simply the stronger platform (cheaper, more energy efficient, scalable, very many pcie lanes, etc.).
Intel could offer to buy AMD but AMD is flying high right now. With their Zen+ refresh coming out in a month, they will most likely gain some marketshare (or at least make lots of turnover) and if they actually put out a 7nm Zen2 in 2019, Intel will have a really hard time in the CPU market. I doubt they can have a competitive product out by 2019 as they need a new uarch to do so and that takes an incredible amount of time.
Thats hilarious how they demand immediate fixes… lets go way back to Intel’s “immediate” Meltdown code fixes. Thats right… it was a giant fuck up on top of the Mwltdown fuckup, ad thats with months of allowed working time. If a behemoth like Intel cant do immediate fixes properly how can AMD?
So, this is entirely my opinion and I haven’t read up on it or anything. But I think Intel’s monopoly came from the “CPU in consumer electronics” viewpoint, which they don’t hold anymore, because of ARM. The last time when this was an issue, smartphones and tablets weren’t that big.
True. But Intel might be unsure if they’d be considered a monopoly, which would probably lead to a lawsuit. Letting AMD persist might just be cheaper
Blog post from the guys who has said they’ve seen proof of concept code:
Our review of the vulnerabilities was based on documentation and proof-of-concept code provided by CTS. We confirmed that the proof-of-concept code worked as described on the hardware we tested, but we will defer to AMD for a final determination of their full impact, patches, and remediation recommendations.
Most of the discussion after the public announcement of the vulnerabilities has been focused on the way they were disclosed rather than their technical impact. In this post, we have tried to extract the relevant technical details from the CTS whitepaper so they can be of use to the security community without the distraction of the surrounding disclosure issues.
This is what I’ve been waiting for, yay
Edit: Soo confirmation that all vulnerabilities require root access, and that MASTERKY in addition requires a BIOS update and reboot.
While those flaws are concerning I agree with their conclusion at the end (emphasis mine):
There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers.
Also that these are run-of-the-mill vulnerabilities. Not like Meltdown and Spectre that was something completely unexpected and new.