LinkBack URL
About LinkBacksRead more.There are now two class-action suits from shareholders and three on behalf of customers.
Read more.There are now two class-action suits from shareholders and three on behalf of customers.
32 to 5,looks like Intel is "slightly" worse off.
Last edited by CAT-THE-FIFTH; 23-02-2018 at 12:27 PM. Reason: Typo!
afiretruck (23-02-2018),Biscuit (23-02-2018)
"near-zero" != "zero"AMD claimed "near-zero risk of exploitation", yet still provided BIOS updates - a 'smoking gun' think lawyers.
If these BIOS updates make it "zero" or closer to that, then I don't see what the problem is here.
We are so worried about spectre yet Microsoft and Google are siphoning all our sensitive data to their servers 'un-hidden' ...contacts...images...GPS information...name it!
The difference is, MS and Google aren't using the data to scam you, empty your bank accounts etcOriginally Posted by lumireleon
Main PC: Asus Rampage IV Extreme / 3960X@4.5GHz / Antec H1200 Pro / 32GB DDR3-1866 Quad Channel / Sapphire Fury X / Areca 1680 / 850W EVGA SuperNOVA Gold 2 / Corsair 600T / 2x Dell 3007 / 4 x 250GB SSD + 2 x 80GB SSD / 4 x 1TB HDD (RAID 10) / Windows 10 Pro, Yosemite & Ubuntu
HTPC: AsRock Z77 Pro 4 / 3770K@4.2GHz / 24GB / GTX 1080 / SST-LC20 / Antec TP-550 / Hisense 65k5510 4K TV / HTC Vive / 2 x 240GB SSD + 12TB HDD Space / Race Seat / Logitech G29 / Win 10 Pro
HTPC2: Asus AM1I-A / 5150 / 4GB / Corsair Force 3 240GB / Silverstone SST-ML05B + ST30SF / Samsung UE60H6200 TV / Windows 10 Pro
Spare/Loaner: Gigabyte EX58-UD5 / i950 / 12GB / HD7870 / Corsair 300R / Silverpower 700W modular
NAS 1: HP N40L / 12GB ECC RAM / 2 x 3TB Arrays || NAS 2: Dell PowerEdge T110 II / 24GB ECC RAM / 2 x 3TB Hybrid arrays || Network:Buffalo WZR-1166DHP w/DD-WRT + HP ProCurve 1800-24G
Laptop: Dell Precision 5510 Printer: HP CP1515n || Phone: Huawei P30 || Other: Samsung Galaxy Tab 4 Pro 10.1 CM14 / Playstation 4 + G29 + 2TB Hybrid drive
I do love the claim from shareholders that AMD unjustly profited from the sale of affected processors after knowing about the vulnerabilities, would they have preferred for them not to release an upcoming product, throw them all into a landfill, and write down all those assets.
Doing that probably would have ended AMD and with it the value of their stocks.
While I'm not saying intel and to a lesser extent amd shouldn't be held responsible for the issues, this 'bug' wasn't found (supposedly) until roughly 10 years after the architectures that all these cpu's are based on was released....
Also everything I've read so far seems to imply that AMD is 'easier' to fix, with less overall impact than intel, and they're actively doing this. So I don't see why them releasing a product that's been in 'development' for several years, so before we knew about spectre etc, is as bad as the shareholders are making out... this seems more like the shareholders are trying to get some quick cash than actually being concerned about users.
Personally I don't mind the NDA part and keeping it quiet to allow time to sort a fix (unlike google who will release info about other companies bugs after 90 days no matter what)to 'protect users' because it's far more appropriate when it can affect a lot of users but the issue I have is that they didn't have the fixes ready to go on the planned date where the nda would be cancelled...especially intel. I could understand them being sued because of the 'delay' in fixing the 'bug'.
5 is still bad enough. Eric Cartman on you both.
arm also.
Google was part of the consortium fixing this, and held off on disclosure for well beyond the 90 day limit in this (spectre/meltdown) instance
Yes, and that's my point... if it affects them (ie their servers etc) they're more than happy to hold off past their self imposed 90 day limit on bugs that they find (they also found this one) but on things which could actually affect people a lot easier, ie a browser bug that isn't relating to chrome, they'll release it without any concern for how it might affect the public, even if a patch is actively being worked on.
I think you're being a narrow minded/tin foil hat in your opinion there. There is a possibility that they took that reasoning or perhaps it's more because the vast majority of the "internet" we use is cloud hosted and these bugs allowed malicious entities to access data held within other customer islands. Azure and Amazon in that moment of discovery became one of the least secure systems, post intrusion mind, on the market. So that's why they held back, because releasing something that affects...pretty much 100% of all systems out there has a CPU in it is a pretty big problem. Could you imagine the types of malware that could have been made and deployed worldwide. It could have disassembled every form of security we know in a matter of days/weeks (extremist doomsayer over). It'll make Wannacry, heartbleed and the lovebug look like a mild ant infestation.
So it was in the worlds best interest that they hold back. Now, your point about small software which in the grand scheme of things is less complex and less likely to affect the world as a greater whole is a different story. 90 days is generally more than enough time to devote resources to identify the issue, analyse the issue, fix the issue and perform limited QC and then release to the public. What Google is doing is a double edge blade, they are saying to software developers: "Pull your socks up else we'll rip your pants down, sort it out". But Software developers are inherently lazy due to management, oversight, lack of information and many other factors.
Google is forcing companies to publicly acknowledge their problems if they don't sort them out first. One of the biggest problems in tech today is when companies want to "dust the problems under the rug" and most of the time, they get away with it.
The reason why it's a double edged blade is if the software developer does not release a fix then they've just announced that vulnerability to the malicious world and it's open season.
To me, that side of Google is a "Chaotic Good" type of person.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote