Page 1 of 5 1234 ... LastLast
Results 1 to 16 of 73

Thread: AMD shares mitigation plans for Zen chipset security flaws

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    AMD shares mitigation plans for Zen chipset security flaws

    CTO Mark Papermaster says that bugs will be quashed without any performance penalty.
    Read more.

  2. #2
    Senior Member
    Join Date
    Jun 2013
    Location
    ATLANTIS
    Posts
    1,207
    Thanks
    1
    Thanked
    28 times in 26 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    so CTS was right after all?

  3. #3
    Registered+
    Join Date
    Aug 2015
    Posts
    19
    Thanks
    0
    Thanked
    1 time in 1 post

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.

  4. #4
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,948
    Thanks
    354
    Thanked
    255 times in 173 posts
    • cheesemp's system
      • Motherboard:
      • ASUS TUF x570-plus
      • CPU:
      • Ryzen 3600
      • Memory:
      • 16gb Corsair RGB ram
      • Storage:
      • 256Gb NVMe + 500Gb TcSunbow SDD (cheap for games only)
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Cooler Master MWE 750 bronze
      • Case:
      • Gamemax f15m
      • Operating System:
      • Win 11
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~35Mb

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by sedontane View Post
    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.
    Yes if I understand it - If you have local admin access - you can install dodgy firmware and the like. If you've lost local admin, you're already screwed. Its not like Intel haven't had similar issues itself with the Intel Management Engine). This is nothing like Spectre/Meltdown.
    Trust

    Laptop : Dell Inspiron 1545 with Ryzen 5500u, 16gb and 256 NVMe, Windows 11.

  5. #5
    Member
    Join Date
    Aug 2017
    Posts
    100
    Thanks
    0
    Thanked
    10 times in 8 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    About as right as stating "If someone has your car keys they can replace the radio and change the station."
    The car keys are the admin access. Changing the station is the hacker's objective. Replace the radio is the exploit they found.

    Now... if someone has your car keys... are you really worried they will replace the radio in order to change the station? They can change the station already, they are inside the car, they can even drive away!!!

    They were never wrong, they are just stupid.

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    3,919
    Thanks
    4
    Thanked
    183 times in 153 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Old puter - still good enuff till I save some pennies!

  7. #7
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    32,042
    Thanks
    3,909
    Thanked
    5,213 times in 4,005 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.

    The fact the company first contacted the media before AMD,and then said the following about the issues is rathering weird:

    "many, many months, or even a year".
    Last edited by CAT-THE-FIFTH; 21-03-2018 at 01:02 PM.

  8. #8
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    32,042
    Thanks
    3,909
    Thanked
    5,213 times in 4,005 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    https://www.bloomberg.com/news/artic...gerated-danger

    "Company asking for investigation of unusual stock trading" - I wonder if AMD wants to find who commissioned all of this??

  9. #9
    Senior Member
    Join Date
    Jun 2013
    Location
    ATLANTIS
    Posts
    1,207
    Thanks
    1
    Thanked
    28 times in 26 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    If your network ADMIN is reckless do you blame intel/AMD when the server is hit by a malware?

  10. #10
    Senior Member Lanky123's Avatar
    Join Date
    Jul 2007
    Location
    Oxford
    Posts
    922
    Thanks
    91
    Thanked
    152 times in 101 posts
    • Lanky123's system
      • Motherboard:
      • Gigabyte GA-H81M-D2V
      • CPU:
      • Core i5 4570
      • Memory:
      • 2 x 4GB Vengeance LP
      • Storage:
      • 250GB Samsung 840 EVO SSD + 2+4TB HDD + 3TB Synology DS216SE
      • Graphics card(s):
      • MSI Radeon R9 270X HAWK
      • PSU:
      • Silverstone Strider 400W
      • Case:
      • Silverstone Sugo SG02B-F
      • Operating System:
      • Windows 8.1 / Ubuntu 16.04
      • Monitor(s):
      • ElectriQ 32" 4k IPS + Dell 22" U2212HM
      • Internet:
      • Virgin 60Mbit/s

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by 3dcandy View Post
    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Depends on what timescale they were interested in - AMD stock did drop 30 mins or so after the 'news' was released but recovered pretty quickly. If they were halfway intelligent they wouldn't have been banking on such an obvious pile of bluster holding up once experts had taken a look at it. Trading algorithms scraping sentiment analysis from news/social media are probably easier to fool though.

    No real way of knowing whether it worked without knowing the exact short position they took up.

  11. #11
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,526
    Thanks
    504
    Thanked
    468 times in 326 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    As others have said it wasn't so much that they were wrong, it was that they hyped what are essentially rootkits into an end of days, newly discovered, vulnerability when in fact rootkits have been a known entity for decades. Perhaps the worst thing was that PSP, boot guard, and other protections were meant to prevent the installation of rootkits but don't seem to be working in some situations.

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.
    It does look like that but until the fixes have been released we won't really know, IIRC AMD said the microcode updates for the near zero chance of the specter vulnerabilities were announced back in January and we've yet to see them.

  12. #12
    Senior Member
    Join Date
    Apr 2013
    Location
    MI
    Posts
    231
    Thanks
    0
    Thanked
    8 times in 8 posts
    • globalwarning's system
      • CPU:
      • AMD 1090T
      • Memory:
      • RIP JAW DDR3 1600 4x4GB
      • Graphics card(s):
      • Sapphire 7950 OC (Boost)
      • PSU:
      • Seasonic 750W
      • Case:
      • Old crap
      • Operating System:
      • Window 7 Ultimate 64bit
      • Monitor(s):
      • Hanns-G 281DPB

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Le Sigh.... As the AMD mitigation plan indicates, you must have an "Attacker who has already compromised the security of the system" for every single one. It tells you a lot about the actual seriousness of the "vulnerabilities."

  13. #13
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,478
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    AMD's response basically implies that, if they were given a halfway reasonable notice period, it would most likely have been fixed before it was publicly known. 'In the public interest' my backside - in the interest of people with other motives, perhaps. The whole thing is comically overblown, though it's at least reassuring that most places to post the story smelled a rat in the first instance! Though it would still have been nice for fewer places to post melodramatic clickbait headlines.

  14. #14
    Senior Member
    Join Date
    Jul 2016
    Location
    My happy place
    Posts
    230
    Thanks
    75
    Thanked
    16 times in 14 posts
    • afiretruck's system
      • Motherboard:
      • Gigabyte X399 Designare Ex
      • CPU:
      • AMD Threadripper 1900X
      • Memory:
      • Corsair 32GB 3200MHz
      • Storage:
      • 2x 250GB NVMe + 2x 1TB SATA
      • Graphics card(s):
      • RX Vega 64 + GTX 970
      • PSU:
      • Corsair RMi 850
      • Case:
      • Fractal Design Define R6
      • Operating System:
      • Linux Mint 19
      • Monitor(s):
      • Screeny

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?

  15. #15
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,232
    Thanked
    2,290 times in 1,873 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by afiretruck View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?
    Perhaps they're trying to instigate litigation? Or they think AMD's financial position is so tight that they can't afford to pursue litigation, so they can get away with saying pretty much anything they like? Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...

  16. #16
    Member
    Join Date
    Jan 2012
    Posts
    154
    Thanks
    0
    Thanked
    7 times in 7 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by Glyce View Post
    They were never wrong, they are just stupid.
    I don't think they weren't stupid; I think they were dishonest. They were careful not say anything that wasn't literally true, but they phrased it in a such a way that it sounded much worse than it really is, hoping that most people wouldn't stop to think about what they had heard before panicking.

    It seems that a lot of people caught on to what they were doing immediately, but there may have been just as many people, if not more, who immediately panicked and cancelled their orders of AMD products, which was, most likely, CTS Lab's intention all along.

Page 1 of 5 1234 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •