Page 1 of 5 1234 ... LastLast
Results 1 to 16 of 73

Thread: AMD shares mitigation plans for Zen chipset security flaws

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    26,809
    Thanks
    0
    Thanked
    1,651 times in 574 posts

    AMD shares mitigation plans for Zen chipset security flaws

    CTO Mark Papermaster says that bugs will be quashed without any performance penalty.
    Read more.

  2. #2
    Senior Member
    Join Date
    Jun 2013
    Location
    MOMBASA
    Posts
    763
    Thanks
    1
    Thanked
    19 times in 18 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    so CTS was right after all?

  3. #3
    Registered+
    Join Date
    Aug 2015
    Posts
    17
    Thanks
    0
    Thanked
    1 time in 1 post

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.

  4. #4
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,110
    Thanks
    129
    Thanked
    127 times in 87 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • Antec 300
      • Operating System:
      • Win 10
      • Monitor(s):
      • 23" Samsung LED
      • Internet:
      • FTTC ~30Mb

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by sedontane View Post
    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.
    Yes if I understand it - If you have local admin access - you can install dodgy firmware and the like. If you've lost local admin, you're already screwed. Its not like Intel haven't had similar issues itself with the Intel Management Engine). This is nothing like Spectre/Meltdown.
    Trust
    [/url]
    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

  5. #5
    Registered+
    Join Date
    Aug 2017
    Posts
    25
    Thanks
    0
    Thanked
    2 times in 2 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    About as right as stating "If someone has your car keys they can replace the radio and change the station."
    The car keys are the admin access. Changing the station is the hacker's objective. Replace the radio is the exploit they found.

    Now... if someone has your car keys... are you really worried they will replace the radio in order to change the station? They can change the station already, they are inside the car, they can even drive away!!!

    They were never wrong, they are just stupid.

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    2,168
    Thanks
    0
    Thanked
    68 times in 55 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Old puter - still good enuff till I save some pennies!

  7. #7
    Comrade Moose CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Moosetopia
    Posts
    27,314
    Thanks
    3,000
    Thanked
    4,175 times in 3,233 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.

    The fact the company first contacted the media before AMD,and then said the following about the issues is rathering weird:

    "many, many months, or even a year".
    Last edited by CAT-THE-FIFTH; 21-03-2018 at 01:02 PM.


    Those despicable Elk,stealing the pond weed!

  8. #8
    Comrade Moose CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Moosetopia
    Posts
    27,314
    Thanks
    3,000
    Thanked
    4,175 times in 3,233 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    https://www.bloomberg.com/news/artic...gerated-danger

    "Company asking for investigation of unusual stock trading" - I wonder if AMD wants to find who commissioned all of this??


    Those despicable Elk,stealing the pond weed!

  9. #9
    Senior Member
    Join Date
    Jun 2013
    Location
    MOMBASA
    Posts
    763
    Thanks
    1
    Thanked
    19 times in 18 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    If your network ADMIN is reckless do you blame intel/AMD when the server is hit by a malware?

  10. #10
    Senior Member Lanky123's Avatar
    Join Date
    Jul 2007
    Location
    Oxford
    Posts
    856
    Thanks
    83
    Thanked
    120 times in 87 posts
    • Lanky123's system
      • Motherboard:
      • Gigabyte GA-H81M-D2V
      • CPU:
      • Core i5 4570
      • Memory:
      • 2 x 4GB Vengeance LP
      • Storage:
      • 250GB Samsung 840 EVO SSD + 2+4TB HDD + 3TB Synology DS216SE
      • Graphics card(s):
      • MSI Radeon R9 270X HAWK
      • PSU:
      • Silverstone Strider 400W
      • Case:
      • Silverstone Sugo SG02B-F
      • Operating System:
      • Windows 8.1 / Ubuntu 16.04
      • Monitor(s):
      • ElectriQ 32" 4k IPS + Dell 22" U2212HM
      • Internet:
      • Virgin 60Mbit/s

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by 3dcandy View Post
    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Depends on what timescale they were interested in - AMD stock did drop 30 mins or so after the 'news' was released but recovered pretty quickly. If they were halfway intelligent they wouldn't have been banking on such an obvious pile of bluster holding up once experts had taken a look at it. Trading algorithms scraping sentiment analysis from news/social media are probably easier to fool though.

    No real way of knowing whether it worked without knowing the exact short position they took up.
    If you have been affected by this program on nuclear weapons and would like to learn more, please press your red button now.

  11. #11
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,010
    Thanks
    200
    Thanked
    209 times in 150 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    As others have said it wasn't so much that they were wrong, it was that they hyped what are essentially rootkits into an end of days, newly discovered, vulnerability when in fact rootkits have been a known entity for decades. Perhaps the worst thing was that PSP, boot guard, and other protections were meant to prevent the installation of rootkits but don't seem to be working in some situations.

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.
    It does look like that but until the fixes have been released we won't really know, IIRC AMD said the microcode updates for the near zero chance of the specter vulnerabilities were announced back in January and we've yet to see them.

  12. #12
    Registered+
    Join Date
    Apr 2013
    Location
    MI
    Posts
    70
    Thanks
    0
    Thanked
    3 times in 3 posts
    • globalwarning's system
      • CPU:
      • AMD 1090T
      • Memory:
      • RIP JAW DDR3 1600 4x4GB
      • Graphics card(s):
      • Sapphire 7950 OC (Boost)
      • PSU:
      • Seasonic 750W
      • Case:
      • Old crap
      • Operating System:
      • Window 7 Ultimate 64bit
      • Monitor(s):
      • Hanns-G 281DPB

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Le Sigh.... As the AMD mitigation plan indicates, you must have an "Attacker who has already compromised the security of the system" for every single one. It tells you a lot about the actual seriousness of the "vulnerabilities."

  13. #13
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    10,403
    Thanks
    1,458
    Thanked
    866 times in 750 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    AMD's response basically implies that, if they were given a halfway reasonable notice period, it would most likely have been fixed before it was publicly known. 'In the public interest' my backside - in the interest of people with other motives, perhaps. The whole thing is comically overblown, though it's at least reassuring that most places to post the story smelled a rat in the first instance! Though it would still have been nice for fewer places to post melodramatic clickbait headlines.

  14. #14
    Registered+
    Join Date
    Jul 2016
    Posts
    65
    Thanks
    17
    Thanked
    2 times in 2 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?

  15. #15
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    14,649
    Thanks
    1,144
    Thanked
    2,139 times in 1,773 posts
    • scaryjim's system
      • Motherboard:
      • HP Pavilion
      • CPU:
      • A10 4600M
      • Memory:
      • 2x 4GB DDR3-1600 SODIMM
      • Storage:
      • 1TB HDD
      • Graphics card(s):
      • Radeon HD7660G (IGP)
      • PSU:
      • Battery/HP 19v brick
      • Case:
      • HP Pavilion G6
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1366x768 laptop panel

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by afiretruck View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?
    Perhaps they're trying to instigate litigation? Or they think AMD's financial position is so tight that they can't afford to pursue litigation, so they can get away with saying pretty much anything they like? Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...

  16. #16
    Member
    Join Date
    Jan 2012
    Posts
    148
    Thanks
    0
    Thanked
    7 times in 7 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by Glyce View Post
    They were never wrong, they are just stupid.
    I don't think they weren't stupid; I think they were dishonest. They were careful not say anything that wasn't literally true, but they phrased it in a such a way that it sounded much worse than it really is, hoping that most people wouldn't stop to think about what they had heard before panicking.

    It seems that a lot of people caught on to what they were doing immediately, but there may have been just as many people, if not more, who immediately panicked and cancelled their orders of AMD products, which was, most likely, CTS Lab's intention all along.

Page 1 of 5 1234 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •