It is more of a design oversight than a fault.
The near-zero chance means it is probably extremely difficult to exploit, but not impossible. Just a matter of time.
Things that are a matter of timeâŚ
- All of us dying
- The world ending
- The sun going out
- The universe entering the final stages of heat death
âŚGod is a stupid designer, leaving these bugs in 
Just trolling, dont really have anything good to add.
I just think its stupid to argue about highly improbable things that require a big âpayoffâ to make them probable in the firstplace.
I am going to be very sceptical of spectre attacks until I see an actual case of it in the wild on amd systems.
I mean ffs, most NORMAL software developers dont even bother targeting amd for optimizations⌠and that it within multimillion $$ industries where its easier to do and there would be bigger payoffs for their efforts.
You think hackers / programmers for their intended exploit are going to go with targeting intel⌠or intel AND amd?
Lets say you do it one way = 85% market share, but this way doesnt work for amd⌠so you need to basically redo most of it to find a way of getting the exploit to work on amd
The effort needs to be worth the reward
âŚand by then most of the spectre holes will have most likely been plugged
3 Likes
I request everyone remain civil and only contribute new posts if those posts contribute new knowledge on the topic.
Please donât spam this thread.
2 Likes
Yeah to Spectre variant one ⌠which on the picture they admit to it and say it will be fixed in software.
However there is only theoretical chance to use Spectre variant two (Edit just to clarify - this is the ânear zeroâ answer and it is this answer because in theory it is possible but no one have done it still ). Also they promise of hardening of security for Variant 2, they are definitely the lucky ones in this situation.
source - http://www.zdnet.com/article/amd-processors-not-as-safe-as-you-might-have-thought/
As last statement to the PR stuff from me: Please remember that in the business of computer security Murphyâs law is a thing.
I apologise, I shall remain an observer from now on
But they did say they were vulnerable. They also said to what degree. They used a probability statement to do this. If I say I have a 5% chance of getting hit by a truck by standing in the road, then there is a definite chance that Yes, I will be hit by the truck. And that probability is estimated to be 5% and wont be known for sure until I get hit.
Perhaps due to how my brain functions differently from pretty much everyone elseâs, I understand statements from a different point of view. I read it as an admission of vulnerability but only slight because there was no yet known exploit against their chips using Variant 2 but there was the slight possibility of one and were watching and will patch it when one arises.
MS seems to currentlly holding back the patches for AMD systems.
I guess they will be working with AMD to release some new patches soon?
Good to see that arent vulnerable for Variant 2 /3
Patch roundup so far:
What objective measure could they be using to estimate the probability that a vulnerability exists? Unless there is a vulnerability which in itself is somehow non-deterministically exploitable, the difference between 0% and 100% is just a matter of the attackerâs capability and knowledge. So it seems like the only correct answers should be âyes,â âno,â or âwe donât know yet.â
They did state that they did not have a known exploit for their chips for Variant 2 at that time which is why they had a near-zero probability.
Pointless till all the updates and bios drop at least for us third rated amd users 
I have been watching the industrial clusterfuck of this⌠muh robots donât work like they should 
This is what amuses me. Intel would say zero on IME until its not. Or Zero on speculative execution until it not. Zero on branch prediction until it is not.
Something brand new is discovered and AMD saying near zero is now not enough, when intel was 100% zero WRONG is just fine and honest cause they had NFI.
If not PR rubbish its speculative guessing humans about their CPU design vs Intels broken one.
I have little skin in this game I got Ryzen 1700 when released and love it and I got AMD RX480 because they open sourced there driver.
Intel and Nvidia can keep secrets and AMD are with PSP too, but as soon as it is decoded the world will hack it.
Yeah, just wanted to contribute 
You guys have done a great job being on top of this.
Also, lolâd at " The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within."
Are you in the robotics/nanotech/automation field?
2 Likes
No⌠I have been running into articles about it. The whole lag in the amd updates can only be a blessing. Please donât take it like that. My apologies.
Ah, sounds exciting! I need to do more reading on this subject, for sure.
And I wasnât put off by anything you said. Just wish I could do more!
Sit and wait for bios updates and whatever else is left from the os side of things. I imagine we are going to have a few months of pain.
Just sitting here wondering about: How many people know how to do firmware and bios updates. So much stuff. Might be time to push " how to " by everyone in the industry.
1 Like
I have AMD stock and I dont think AMD was lying to me.
As i mentioned earlier some motherboards i have owned required windows in order to use the download manager which was only used to extract a bin file into a folder 
So some Linux users might have a bad time updating. Not every Linux user has a copy of Windows let alone a dvd drive.