Page 1 of 5 1234 ... LastLast
Results 1 to 16 of 73

Thread: AMD shares mitigation plans for Zen chipset security flaws

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    28,790
    Thanks
    0
    Thanked
    1,863 times in 636 posts

    AMD shares mitigation plans for Zen chipset security flaws

    CTO Mark Papermaster says that bugs will be quashed without any performance penalty.
    Read more.

  2. #2
    Senior Member
    Join Date
    Jun 2013
    Location
    MOMBASA
    Posts
    875
    Thanks
    1
    Thanked
    23 times in 21 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    so CTS was right after all?

  3. #3
    Registered+
    Join Date
    Aug 2015
    Posts
    19
    Thanks
    0
    Thanked
    1 time in 1 post

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.

  4. #4
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,277
    Thanks
    157
    Thanked
    148 times in 103 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 2x500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • NZXT Source S340 Mid Tower
      • Operating System:
      • Win 10
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~30Mb

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by sedontane View Post
    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.
    Yes if I understand it - If you have local admin access - you can install dodgy firmware and the like. If you've lost local admin, you're already screwed. Its not like Intel haven't had similar issues itself with the Intel Management Engine). This is nothing like Spectre/Meltdown.
    Trust

    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

  5. #5
    Registered+
    Join Date
    Aug 2017
    Posts
    62
    Thanks
    0
    Thanked
    7 times in 6 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    About as right as stating "If someone has your car keys they can replace the radio and change the station."
    The car keys are the admin access. Changing the station is the hacker's objective. Replace the radio is the exploit they found.

    Now... if someone has your car keys... are you really worried they will replace the radio in order to change the station? They can change the station already, they are inside the car, they can even drive away!!!

    They were never wrong, they are just stupid.

  6. #6
    Senior Member
    Join Date
    Aug 2003
    Location
    Wonderful Warwick!
    Posts
    2,657
    Thanks
    0
    Thanked
    101 times in 84 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Old puter - still good enuff till I save some pennies!

  7. #7
    Bows out! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Hopefully somewhere less backstabby
    Posts
    28,789
    Thanks
    3,203
    Thanked
    4,456 times in 3,442 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.

    The fact the company first contacted the media before AMD,and then said the following about the issues is rathering weird:

    "many, many months, or even a year".
    Last edited by CAT-THE-FIFTH; 21-03-2018 at 01:02 PM.


    Those despicable Elk,stealing the pond weed!

  8. #8
    Bows out! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Hopefully somewhere less backstabby
    Posts
    28,789
    Thanks
    3,203
    Thanked
    4,456 times in 3,442 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD shares mitigation plans for Zen chipset security flaws

    https://www.bloomberg.com/news/artic...gerated-danger

    "Company asking for investigation of unusual stock trading" - I wonder if AMD wants to find who commissioned all of this??


    Those despicable Elk,stealing the pond weed!

  9. #9
    Senior Member
    Join Date
    Jun 2013
    Location
    MOMBASA
    Posts
    875
    Thanks
    1
    Thanked
    23 times in 21 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    If your network ADMIN is reckless do you blame intel/AMD when the server is hit by a malware?

  10. #10
    Senior Member Lanky123's Avatar
    Join Date
    Jul 2007
    Location
    Oxford
    Posts
    909
    Thanks
    89
    Thanked
    145 times in 97 posts
    • Lanky123's system
      • Motherboard:
      • Gigabyte GA-H81M-D2V
      • CPU:
      • Core i5 4570
      • Memory:
      • 2 x 4GB Vengeance LP
      • Storage:
      • 250GB Samsung 840 EVO SSD + 2+4TB HDD + 3TB Synology DS216SE
      • Graphics card(s):
      • MSI Radeon R9 270X HAWK
      • PSU:
      • Silverstone Strider 400W
      • Case:
      • Silverstone Sugo SG02B-F
      • Operating System:
      • Windows 8.1 / Ubuntu 16.04
      • Monitor(s):
      • ElectriQ 32" 4k IPS + Dell 22" U2212HM
      • Internet:
      • Virgin 60Mbit/s

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by 3dcandy View Post
    It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked...
    Depends on what timescale they were interested in - AMD stock did drop 30 mins or so after the 'news' was released but recovered pretty quickly. If they were halfway intelligent they wouldn't have been banking on such an obvious pile of bluster holding up once experts had taken a look at it. Trading algorithms scraping sentiment analysis from news/social media are probably easier to fool though.

    No real way of knowing whether it worked without knowing the exact short position they took up.

  11. #11
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,929
    Thanks
    396
    Thanked
    362 times in 252 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by lumireleon View Post
    so CTS was right after all?
    As others have said it wasn't so much that they were wrong, it was that they hyped what are essentially rootkits into an end of days, newly discovered, vulnerability when in fact rootkits have been a known entity for decades. Perhaps the worst thing was that PSP, boot guard, and other protections were meant to prevent the installation of rootkits but don't seem to be working in some situations.

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Basically if the company had given the standard 90 days which is done in the industry,it would have been sorted out without any fanfare.
    It does look like that but until the fixes have been released we won't really know, IIRC AMD said the microcode updates for the near zero chance of the specter vulnerabilities were announced back in January and we've yet to see them.

  12. #12
    Member
    Join Date
    Apr 2013
    Location
    MI
    Posts
    139
    Thanks
    0
    Thanked
    5 times in 5 posts
    • globalwarning's system
      • CPU:
      • AMD 1090T
      • Memory:
      • RIP JAW DDR3 1600 4x4GB
      • Graphics card(s):
      • Sapphire 7950 OC (Boost)
      • PSU:
      • Seasonic 750W
      • Case:
      • Old crap
      • Operating System:
      • Window 7 Ultimate 64bit
      • Monitor(s):
      • Hanns-G 281DPB

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Le Sigh.... As the AMD mitigation plan indicates, you must have an "Attacker who has already compromised the security of the system" for every single one. It tells you a lot about the actual seriousness of the "vulnerabilities."

  13. #13
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    10,858
    Thanks
    1,501
    Thanked
    935 times in 805 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    AMD's response basically implies that, if they were given a halfway reasonable notice period, it would most likely have been fixed before it was publicly known. 'In the public interest' my backside - in the interest of people with other motives, perhaps. The whole thing is comically overblown, though it's at least reassuring that most places to post the story smelled a rat in the first instance! Though it would still have been nice for fewer places to post melodramatic clickbait headlines.

  14. #14
    Senior Member
    Join Date
    Jul 2016
    Location
    My happy place
    Posts
    205
    Thanks
    63
    Thanked
    16 times in 14 posts
    • afiretruck's system
      • Motherboard:
      • Gigabyte X399 Designare Ex
      • CPU:
      • AMD Threadripper 1900X
      • Memory:
      • Corsair 32GB 3200MHz
      • Storage:
      • 1x Intel 900p 280GB+ 3x 250GB NVMe SSDs
      • Graphics card(s):
      • RX Vega 64 x2
      • PSU:
      • Corsair RMi 850
      • Case:
      • Fractal Design Define R6
      • Operating System:
      • Windows 10 + Linux Mint 19
      • Monitor(s):
      • 4k something-or-other.

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by CAT-THE-FIFTH View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?

  15. #15
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    15,032
    Thanks
    1,193
    Thanked
    2,242 times in 1,844 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 1x 8GB DDR4 2400
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by afiretruck View Post
    Apparently CTS responded that they think AMD is trying to downplay the severity of these flaws? Are they having a laugh?
    Perhaps they're trying to instigate litigation? Or they think AMD's financial position is so tight that they can't afford to pursue litigation, so they can get away with saying pretty much anything they like? Intel could afford to essentially bleed CTS dry in any long, drawn-out legal battle (and I suspect they would if anything similar happened to them)...

  16. #16
    Member
    Join Date
    Jan 2012
    Posts
    154
    Thanks
    0
    Thanked
    7 times in 7 posts

    Re: AMD shares mitigation plans for Zen chipset security flaws

    Quote Originally Posted by Glyce View Post
    They were never wrong, they are just stupid.
    I don't think they weren't stupid; I think they were dishonest. They were careful not say anything that wasn't literally true, but they phrased it in a such a way that it sounded much worse than it really is, hoping that most people wouldn't stop to think about what they had heard before panicking.

    It seems that a lot of people caught on to what they were doing immediately, but there may have been just as many people, if not more, who immediately panicked and cancelled their orders of AMD products, which was, most likely, CTS Lab's intention all along.

Page 1 of 5 1234 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •