AMD shares mitigation plans for Zen chipset security flaws

[valhar2000]

Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...

AMD may not be able to afford a drawn-out legal battle, but we certainly can afford to laugh at CTS Labs.

[afiretruck]

Perhaps they're trying to instigate litigation? Or they think AMD's financial position is so tight that they can't afford to pursue litigation, so they can get away with saying pretty much anything they like? Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...

Unfortunately, you're probably right. AMD doesn't have the budget to pursue them for this, which really sucks as CTS deserves to be smacked hard for flouting the industry standards of disclosure and completely overplaying the severity of the threats. At least AMD are making noises about the unusual stock trading.

Shame CTS didn't pick the fight with Intel instead. Would have been amusing to watch Intel ground-pound them into dust.

[Tabbykatze]

Unfortunately, you're probably right. AMD doesn't have the budget to pursue them for this, which really sucks as CTS deserves to be smacked hard for flouting the industry standards of disclosure and completely overplaying the severity of the threats. At least AMD are making noises about the unusual stock trading.

Shame CTS didn't pick the fight with Intel instead. Would have been amusing to watch Intel ground-pound them into dust.

There may be a slim chance that AMD may not initiate the investigation but the Financial Authorities would pursue the matter for abusing the market...?

[CAT-THE-FIFTH]

LOL:

https://www.ctsflaws.com/

[afiretruck]

There may be a slim chance that AMD may not initiate the investigation but the Financial Authorities would pursue the matter for abusing the market...?

Would be nice, but I'm not going to get my hopes up.

[ETR316]

so CTS was right after all?

Yep, it looks that way. kudos to amd for not wasting time and correcting right away. and to all the bashing towards "suspect" reporting and insinuating there was collusion between CTS because they are an Israeli company, screw you, you antiSemites

[spacein_vader]

Yep, it looks that way. kudos to amd for not wasting time and correcting right away. and to all the bashing towards "suspect" reporting and insinuating there was collusion between CTS because they are an Israeli company, screw you, you antiSemites

The only criticism I've seen them receive to do with being Israeli is when they told Anandtech in an interview that they couldn't share the full details of the exploits with them as under Israeli law they couldn't pass it to a non-Israeli company. That is untrue.

Most criticism I've seen is either overplaying the severity of the vulnerabilities (if someone has physical access & admin credentials you're screwed regardless of these vulnerabilities,) or for not following standard disclosure procedures (not getting CVE numbers, briefing the press before the affected company and only giving 24hrs notice.)

[Corky34]

You should read some of the vitriol and conspiracy theories on the AMD reddit, it's mind bending stuff.

[Ozaron]

The kind of wasted time and absurd opinions being theory crafted into unrealistic plausibilities you get on Reddit, are pretty mind bending.

[Tabbykatze]

It would be interesting to see an investigation into what happened and the results. I do believe it was a corporate assassination attempt to short sell stock but was it funded by someone else or just soloed. That would be interesting to hear.

[scaryjim]

tthe kind of wasted time and absurd opinions being theory crafted into unrealistic plausibilities you get on reddit , are is pretty mind bending.

ftfy

[peterb]

The kind of wasted time and absurd opinions being theory crafted into unrealistic plausibilities you get on Reddit social media, are pretty mind bending.

ftfy

Might as well go the whole hog!

[scaryjim]

Might as well go the whole hog!

That would be:

Social Media is pretty mind-bending

wouldn't it?

[CAT-THE-FIFTH]

The only criticism I've seen them receive to do with being Israeli is when they told Anandtech in an interview that they couldn't share the full details of the exploits with them as under Israeli law they couldn't pass it to a non-Israeli company. That is untrue.

Most criticism I've seen is either overplaying the severity of the vulnerabilities (if someone has physical access & admin credentials you're screwed regardless of these vulnerabilities,) or for not following standard disclosure procedures (not getting CVE numbers, briefing the press before the affected company and only giving 24hrs notice.)

Just ignore him - this is what he said in the other thread:

you wont see or hear a media frenzy over this. and, the Intel haters will blame them for amd's flaws.

Some of his orther posts:

"or go buy a new processor without the design blunder" such as? AMD only? Crikey
I don't feel like giving more money to the saudis

Oh no, the world will end!!! Much like Y2K was over blown. And no, that's not to suggest this was/is a non issue, just that it got over blow a bit, and allowed all the Intel HATERS another reason to...

Hello Gigabyte just ignore CAT-the-D-bag. hes just a looser troll and a proud to be.

Saracen sounds like he either has another agenda (to bash intel) or you do still drive a 1999 car with 185.000 miles on it and its still going strong. go write a book.

Should have stayed with Nvidia... now, they are making a deal with the devil

I get the feeling he probably has a slight preference for buying Intel!

[CAT-THE-FIFTH]

You should read some of the vitriol and conspiracy theories on the AMD reddit, it's mind bending stuff.

The kind of wasted time and absurd opinions being theory crafted into unrealistic plausibilities you get on Reddit, are pretty mind bending.

Its the interweb,what do you expect?? However,Reddit tends to find out many of these things and they managed to dig into and find much of the dodginess with CTS-Labs and so did AT forums,and from what I gathered it was AT forums which started talking about the Unit 8200 stuff which the CTS-Labs members proudly proclaimed on their own website:

http://cts-labs.com/management-team

Even during the interview with AT,they proclaimed it quite proudly:

https://www.anandtech.com/show/12536...-with-cts-labs

Reddit and AT forums were the first to point out the stuff Viceroy had been upto in Africa. I would argue if they had not done the digging,the tech press would probably have not pushed as much as they did - if you look at some of the stuff David Kanter and Ian Cutress asked them,it was brought up on their own forums and the Reddit megathread on it.

You should how some of the "anti-AMD crowd" on HardOCP and OcUK forums,are just trying to defend CTS-Labs at all levels,even down to the 24 hour disclosure period being forgiveable.

One of them even started arguing with David Kanter,Linus Torvald,etc.

Edit!!

People need to also understand the same company made malware,ie,CrowdCores and that took some digging from AT forums,to show they had literally rebadged the website to hide this. So if they found it fine to make crypto-currency mining malware then honestly one can explain why they didn't care much in following 90 day disclosure periods.

[Corky34]

Oh for sure, don't get me wrong I'm not saying all of reddit is like that, but when some people claim it's a Jewish plot or that because CTS-Labs is an Israeli based company it must be something to do with Intel it comes across as rather anti-Semitic and conspiratorial, occam's razor people.