cancel
Showing results for 
Search instead for 
Did you mean: 

The Ryzen/TR have MAJOR flaws.

andy_lamp
Level 7
If you thought SPECTRE/Meltdown was bad... then take a look at what was released today: https://amdflaws.com/

I am pretty sad actually...
7,624 Views
18 REPLIES 18

JoeCos
Level 7
I've been following this and it seems like its....

1) fake news

2) not as serious as how CTS describes it.

3) It is not factual and only CTS 's 'opinions'

4) Seems like they (CTS) was paid to do this stunt. ???

JoeCos wrote:
I've been following this and it seems like its....

1) fake news

2) not as serious as how CTS describes it.

3) It is not factual and only CTS 's 'opinions'

4) Seems like they (CTS) was paid to do this stunt. ???


well intel has nice big branch in Israel

CTS Labs, a Tel Aviv-based cybersecurity startup so also in Israel. .



hmmm...

http://www.zdnet.com/article/linus-torvalds-slams-cts-labs-over-amd-vulnerability-report/
Linux's creator said he thinks CTS Labs' AMD chip security report "looks more like stock manipulation than a security advisory" and questions an industry.

https://www.securityweek.com/cts-labs-provides-clarifications-amd-chip-flaws
CTS Labs was only launched recently and its founders’ work experience has raised some questions. This, combined with the lack of technical details in the report has made many people doubt that the vulnerabilities exist or that they are as critical as the company claims.

hmmmm

xeromist
Moderator
The big thing to note is that malware would need admin rights to exploit these vulnerabilities. So they only work if the machine is already pwned. Don't panic just yet.
A bus station is where a bus stops. A train station is where a train stops. On my desk, I have a work station…

BigJob
Level 10
great.... just great....

Silent_Scone
Super Moderator
https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs
13900KS / 8000 CAS36 / ROG APEX Z790 / ROG TUF RTX 4090

Silent Scone wrote:
https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs


HAHAH
---

IC: Can you describe how you came up with the names for these exploits?

YLZ: It was our creativity and fervent imagination.

IC: Did you pre-brief the press before you spoke to AMD?

ILO: What do you mean by pre-brief the press?

IC: We noticed that when the information went live, some press were ready to go with relevant stories and must have had the information in advance.

ILO: Before our announcement you mean?


IC: Correct.

ILO: I would have to check the timing on that and get back to you, I do not know off the top of my head.


DK: I think the biggest question that I still have is that ultimately who originated this request for analysis – who was the customer that kicked this all off?

ILO: I definitely am not going to comment on our customers.

DK: What about the flavor of customer: is it a semiconductor company, is it someone in the industry, or is it someone outside the industry? I don’t expect you to disclose the name but the genre seems quite reasonable.

ILO: Guys I’m sorry we’re really going to need to jump off this call but feel free to follow up with any more questions.

AlexB121
Level 7
Sorry this just looks fake

AlexB121 wrote:
Sorry this just looks fake


Initial reports have indicated that the vulnerabilities were verified by a 3rd party researcher as real, but the way this was all dumped on the public was likely theater designed to embarrass AMD and/or manipulate stock prices. The risk is definitely being exaggerated.
A bus station is where a bus stops. A train station is where a train stops. On my desk, I have a work station…