Read more.CTO Mark Papermaster says that bugs will be quashed without any performance penalty.
Read more.CTO Mark Papermaster says that bugs will be quashed without any performance penalty.
so CTS was right after all?
Yes if I understand it - If you have local admin access - you can install dodgy firmware and the like. If you've lost local admin, you're already screwed. Its not like Intel haven't had similar issues itself with the Intel Management Engine). This is nothing like Spectre/Meltdown.
About as right as stating "If someone has your car keys they can replace the radio and change the station."
The car keys are the admin access. Changing the station is the hacker's objective. Replace the radio is the exploit they found.
Now... if someone has your car keys... are you really worried they will replace the radio in order to change the station? They can change the station already, they are inside the car, they can even drive away!!!
They were never wrong, they are just stupid.
It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
Old puter - still good enuff till I save some pennies!
Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.
The fact the company first contacted the media before AMD,and then said the following about the issues is rathering weird:
"many, many months, or even a year".
Last edited by CAT-THE-FIFTH; 21-03-2018 at 01:02 PM.
https://www.bloomberg.com/news/artic...gerated-danger
"Company asking for investigation of unusual stock trading" - I wonder if AMD wants to find who commissioned all of this??
If your network ADMIN is reckless do you blame intel/AMD when the server is hit by a malware?
Depends on what timescale they were interested in - AMD stock did drop 30 mins or so after the 'news' was released but recovered pretty quickly. If they were halfway intelligent they wouldn't have been banking on such an obvious pile of bluster holding up once experts had taken a look at it. Trading algorithms scraping sentiment analysis from news/social media are probably easier to fool though.
No real way of knowing whether it worked without knowing the exact short position they took up.
As others have said it wasn't so much that they were wrong, it was that they hyped what are essentially rootkits into an end of days, newly discovered, vulnerability when in fact rootkits have been a known entity for decades. Perhaps the worst thing was that PSP, boot guard, and other protections were meant to prevent the installation of rootkits but don't seem to be working in some situations.
It does look like that but until the fixes have been released we won't really know, IIRC AMD said the microcode updates for the near zero chance of the specter vulnerabilities were announced back in January and we've yet to see them.
Le Sigh.... As the AMD mitigation plan indicates, you must have an "Attacker who has already compromised the security of the system" for every single one. It tells you a lot about the actual seriousness of the "vulnerabilities."
AMD's response basically implies that, if they were given a halfway reasonable notice period, it would most likely have been fixed before it was publicly known. 'In the public interest' my backside - in the interest of people with other motives, perhaps. The whole thing is comically overblown, though it's at least reassuring that most places to post the story smelled a rat in the first instance! Though it would still have been nice for fewer places to post melodramatic clickbait headlines.
Perhaps they're trying to instigate litigation? Or they think AMD's financial position is so tight that they can't afford to pursue litigation, so they can get away with saying pretty much anything they like? Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...
I don't think they weren't stupid; I think they were dishonest. They were careful not say anything that wasn't literally true, but they phrased it in a such a way that it sounded much worse than it really is, hoping that most people wouldn't stop to think about what they had heard before panicking.
It seems that a lot of people caught on to what they were doing immediately, but there may have been just as many people, if not more, who immediately panicked and cancelled their orders of AMD products, which was, most likely, CTS Lab's intention all along.
There are currently 1 users browsing this thread. (0 members and 1 guests)