AMD Security Issues

Trooper_ish · March 14, 2018, 2:06am

same with Pauls Hardwar:

Trooper_ish · March 14, 2018, 2:08am

I’m still glad I went back to the harsh embrace of the red team

turin231 · March 14, 2018, 11:11am

This is quite well analyzed…

noenken · March 14, 2018, 11:47am

Totally missed all of this until now… all of this nothingness.

flazza · March 14, 2018, 12:32pm

Need to list all the sources that jumped on this and ran with it without actually doing any investigation…

catsay · March 14, 2018, 12:34pm

Something that should raise a lot of eyebrows:

[Album] Imgur

CTS-Labs = Catenoid = Flexgrid Systems Inc.

Among the things they’ve made include the CrowdCores AdWare.

This gives us some hints about a lot of the scummy behavior.

flazza · March 14, 2018, 1:03pm

Still seeing a tonne of stories coming through in my feeds over these ‘serious vulnerabilities’.

bedHedd · March 14, 2018, 1:26pm

watching rn @RevampedTech

flazza · March 14, 2018, 2:43pm

Getting sick and tired of ‘journalists’ copying and pasting press releases without any amount of digging

anon42063818 · March 14, 2018, 2:52pm

Israeli security firm uses non https for it’s own site, claiming legitimacy (Community Friendly Post Edition)

FaunCB · March 14, 2018, 3:31pm

I’m skeptical about Spectre and Meltdown in the first place. Theres no actual proof that its real, its just that an operation works correctly and can be copied. Oh no! My processor is working like its supposed to!

How terrifying T-T

MazeFrame · March 14, 2018, 4:07pm

Anything that works could break! Be Careful! /s

FaunCB · March 14, 2018, 4:13pm

And thats why people believe propaganda.

Your processors are fine, shut the fuck up already.

kewldude007 · March 14, 2018, 4:13pm

Lay off the /pol/ please.

Ruffalo · March 14, 2018, 4:16pm

There are absolutely POCs for Meltdown and Spectre available. A simple google for “meltdown poc” will bring them up. They aren’t fake.

SudoSaibot · March 14, 2018, 4:17pm

Security Now took a little heat for reporting early. Wonder what their followup will be.

Why you gotta be like that?

thro · March 14, 2018, 5:23pm

No previous history. No exploit code. No proof of concept. Admitted financial ties. Backed up by a hysterical paper by a bunch of unknowns. Requirement for signed driver abuse, administrator/root access and BIOS flashes.

File under

“bullshit”.

flazza · March 14, 2018, 5:27pm

Unfortunately ‘headlines’ (which is what a lot of people read, not the full story) keep on giving them legitimacy

http://www.tomshardware.com/news/cts-labs-amd-ryzenfall-ryzen-epyc,36660.html

Pholostan · March 14, 2018, 5:39pm

Second indication that there actually are some kind of real vulnerability. Maybe we’ll see POC soon?

See also https://arstechnica.com/information-technology/2018/03/a-raft-of-flaws-in-amd-chips-make-bad-hacks-much-much-worse/

Ruffalo · March 14, 2018, 5:41pm

The vulnerabilities may well be real, but if their descriptions are accurate nobody should care, because they’re all very low criticality.