You'd probably find the same kind of "vulnerabilities" in most CPUs once you are talking elevated to super user privileges. It wouldn't surprise me at all to find its an elaborate attempt to manipulate the stock market. There are a couple of interesting aspects for a networked environment though and potentially some avenues with the ARM Cortex in the mix (don't forget it is vulnerable to Spectre) although in theory it should be largely isolated from the main CPU and isn't directly exposed to a network stack (supposedly).
-
Competitor rules
Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.
Dubious Research Discovers Ryzen vulnerabilites
- Thread starter jwilliamson47
- Start date
You'd probably find the same kind of "vulnerabilities" in most CPUs once you are talking elevated to super user privileges. It wouldn't surprise me at all to find its an elaborate attempt to manipulate the stock market. There are a couple of interesting aspects for a networked environment though and potentially some avenues with the ARM Cortex in the mix (don't forget it is vulnerable to Spectre) although in theory it should be largely isolated from the main CPU and isn't directly exposed to a network stack (supposedly).
Anyone not thinking seriously about stock abuse has to be off their face.
You only give 24h notice to be sure that the company has no time to respond while you make your claims site live.
Admin access and flashing the BIOS as prerequisites is cause for short notice crying of wolf?
You only give 24h notice to be sure that the company has no time to respond while you make your claims site live.
Admin access and flashing the BIOS as prerequisites is cause for short notice crying of wolf?
Soldato
Caporegime
- Joined
- 18 Oct 2002
- Posts
- 33,188
No, it's more sinister than that, the domain was registered June 2017, this is when Meltdown/Spectre was unveiled in the industry. In fact a random security group unless they were the ones who found those specific vulnerabilities wouldn't have been looped in that early. This domain was made based on someone who was informed of Meltdown/spectre right around the time it was disclosed to Intel.
If someone saw meltdown/spectre have an affect this domain would have been registered in January at the earliest. The location and style in which this was done, the disclaimers about having a financial interest and that these may not be facts. It could be a stock market push, but it still comes from much further back in origin.
Either way as I and others pointed out, if someone is on site with access to your computer, admin access and ability to flash the bios you are already completely compromised.... spectre/meltdown are so dangerous because neither of these things is the case, someone can get to anyone remotely and steal information they shouldn't have access to. There will never be a way to make a computer safe if someone can change the bios and has admin access already. Any 'security' group knows that without question.
What's the site, seekingalpha (?) that constantly has hit piece articles like this but less official attempting which are clearly written by people who have shares in AMD, Nvidia, Intel and talk about how something from the rival company in question is terrible and going to end the company. This is that, but dressed up to look much more important. No real security analyst would deem this a particular dangerous set of vulnerabilities because of the above, if they have that access already, you're already done. 99% of local security can be dealt with by securing physical access, remote security is the real risk in terms of hardware/software.
Associate
- Joined
- 31 Aug 2017
- Posts
- 2,209
The amount of dodgyness around this is amazing.
Just look at how its presented, the domain name (lol) who makes up a domain name like that/ Then hides the owners away so no one can see who registered it.
The slickness giving amd only 24 hours notice..
Wow this is some idiots idea of a smear campaign. I just hope Intel aint got its fingers in this, can see the fall out being massive with this one.
Just look at how its presented, the domain name (lol) who makes up a domain name like that/ Then hides the owners away so no one can see who registered it.
The slickness giving amd only 24 hours notice..
Wow this is some idiots idea of a smear campaign. I just hope Intel aint got its fingers in this, can see the fall out being massive with this one.
That aspect is not really unusual - most of my domains used to be like that though these days I don't really care.
Caporegime
Well at least they are being honest about their intent
and the apparent "security flaws" are nothing to do with the CPU, if you infect and computer with malware you have a security problem on ANY PC Intel, ARM, AMD, IBM.... its the OS that's let it down, as with any malware. the whole thing is a con.
Due to it being almost exclusively an attack on AMD with fake information, there is a very large chance Intel has their finger in the pie. From an Israeli company as well, and we know who has a large presence in Israel.
It isn't fake information as far as I can see - just the implications being inflated by intimation.
Associate
- Joined
- 31 Aug 2017
- Posts
- 2,209
From a so called security company????? That doesnt seem to exist lol.
If this really is a targeted attack then i hope AMD crushes whoever is responsible.
Such a fake information on this scale is illegal, must be the time for a new class action lawsuit against the Israeli attackers.
Caporegime
Whats the difference?
Yup - take say malwaretech.com for instance - wrapped up in WhoisGuard. That is perfectly normal.
There is nothing that is outright lies as far as I can see - they might be leading people's perception of the issue by making connections to Meltdown, etc. but even there it is done by inferred connections rather than direct claims.
OR somebody (insert name here) thinks that Ryzen+ is looking very good.
Bodes well for the coming weeks
Caporegime
That there is a chance that actually it might be true.
Well, it probably is true, in fact i have no doubt their findings are true, the problem is what truths they are pushing, if i infect a computer with malware, give that malware administrator rights and disable Windows Defender then i could also claim Intel has 13 more security flaws, and IBM... anyone in-fact.
Associate
- Joined
- 31 Aug 2017
- Posts
- 2,209
From https://viceroyresearch.org/2018/03/13/amd-the-obituary/
WTF, who writes stuff like this and expects it to be taken seriously.
WTF, who writes stuff like this and expects it to be taken seriously.
Permabanned
As soon as I registered one without privacy, I regretted it... I still get calls today, more than a year down the line.
These are just trolls, and the worst of them. Do not pay attention.
Mines on my landline which I pretty much ignore these days.