Dubious Research Discovers Ryzen vulnerabilites

humbug · 13 Mar 2018 at 22:54

Whats that ^^^^ ?

CAT-THE-FIFTH · 13 Mar 2018 at 22:56

humbug said:
Whats that ^^^^ ?

CTS-Labs list a New York based marketing firm for media inquiries which seems rather weird for such a small outfit.

This is what TrixP10 pointed out:

We are known for our extensive media relationships and network. Let us connect you with the right reporters, bloggers, analysts and influencers who will understand your business and share your perspective with the markets.

humbug · 13 Mar 2018 at 22:57

CAT-THE-FIFTH said:
CTS-Labs list a New York based marketing firm for media inquiries which seems rather weird for such a small outfit.

This is what TrixP10 pointed out:

Ah, thx

jwilliamson47 · 13 Mar 2018 at 23:00

If anything, this makes me more open to purchasing a Ryzen CPU.

TrixP10 · 13 Mar 2018 at 23:19

Trail of Bits

New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS, which paid $16,000 for a review of the AMD vulnerabilities.

https://www.cnbc.com/2018/03/13/reu...israeli-firm-says-it-finds-amd-chip-flaw.html

On Friday and Monday, short selling of AMD's stock increased by about 15 million shares, according to S3 Partners, a financial analytics firm. That brought overall short interest in the chipmaker to about 180 million shares, the most since at least 2010.

"Over the last several days there was a spike in short selling that was completely out of the norm," said Ihor Dusaniwsky, S3 Partners head of research.

humbug · 13 Mar 2018 at 23:28

Wow, thats very very illegal, if Trail of Bits are behind this trying to force AMD share price down to profit off it they will end up in very hot water.

CAT-THE-FIFTH · 13 Mar 2018 at 23:31

humbug said:
Wow, thats very very illegal, if Trail of Bits are behind this trying to force AMD share price down to profit off it they will end up in very hot water.

The full article:

March 13 (Reuters) - An Israeli cyber security research firm with six employees on Tuesday said it had found flaws in Advanced Micro Devices microprocessors that made them vulnerable to hacks.

AMD said it was investigating the claims, which were followed by heavy trade in AMD shares. The stock closed up 1 percent to $11.64 after a day of volatile trade. AMD traded between $11.10 and $12.04 following release of the report from Tel Aviv-based CTS Labs.

CTS executives told Reuters that they had shared their findings with some clients who pay the firm for proprietary research on vulnerabilities in computer hardware. They declined to identify their clients or say when they had provided them with data on the vulnerability.

"I cant really talk about my clients," said Yaron Luk-Zilberman, chief financial officer at the firm that was founded in January 2017.

Short-seller Viceroy Research published a 25-page report on the vulnerabilities on Tuesday, betting its shares will fall.

AMD said that the report took it by surprise.

"This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings," AMD said in a note to customers on its website.

Viceroy founder Fraser Perring told Reuters that somebody anonymously emailed him a draft of the report at about 4 p.m. on Monday. The firm spent much of the evening analyzing the situation and ended up taking a "sizeable" short position in AMD, he said.

There has been increased investor interest in AMD since the beginning of the month, with options drawing large trades that appeared to be betting on increased near-term gyrations in the shares.

Puts, options contracts that protect against a drop in the share price, were particularly active. Last week, the cumulative number of open put contracts outnumbered open calls 1.5-to-1, the most defensive this measure has been in more than two years, according to options analytics firm Trade Alert data. That measure declined slightly by Tuesday.

On Friday and Monday, short selling of AMD's stock increased by about 15 million shares, according to S3 Partners, a financial analytics firm. That brought overall short interest in the chipmaker to about 180 million shares, the most since at least 2010.

"Over the last several days there was a spike in short selling that was completely out of the norm," said Ihor Dusaniwsky, S3 Partners head of research.

New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS, which paid $16,000 for a review of the AMD vulnerabilities.

A Trail of Bits analyst spent a week reviewing detailed technical reports from CTS, along with "proof of concept" code that could be used to launch attacks on computers running vulnerable AMD chips, Trail of Bits Chief Executive Dan Guido told Reuters.

"These are real security issues in AMD code and processors" that hackers could exploit to manipulate or steal secure data, he said.

For the attacks to work, an attacker must first obtain administrator access to a targeted network, Guido said. ( Reporting by Jim Finkle in Toronto, Arjun Panchadar; Additional reporting by Noel Randewich in New York, Saqib Ahmed in New York and Shariq Khan in Bengalure; Editing by Susan Thomas and Grant McCool)

TrixP10 · 13 Mar 2018 at 23:57

I have an interest in AMD stock and it is quite well known that since mid last year that any 'good news' ie Quarter earnings, market share gains or good reviews is immediately met with massive short selling.

Their are powerful forces with the need to suppress AMD stock. The up and coming Ryzen updates must be good

Interesting times

Mercutio · 14 Mar 2018 at 01:17

Has https://www.reddit.com/r/pcmasterrace/comments/846tvl/why_amdflawscom_is_most_likely_something_you/ been posted yet?

CAT-THE-FIFTH · 14 Mar 2018 at 02:02

Gamersnexus did a good summary of how ludricous the whole affair is:

https://www.gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs

Basically whether the flaws are there are or not is one thing,but its been done in such a way AMD can't respond to any claims,let alone examine them. Intel knew for at least six months before it told anyone.

Rroff · 14 Mar 2018 at 04:52

Mercutio said:
Has https://www.reddit.com/r/pcmasterrace/comments/846tvl/why_amdflawscom_is_most_likely_something_you/ been posted yet?

If these check out there are two possible considerations for corporate/networked environments - one potential angle is that someone with high enough, but still low level, privileges could use these to plant a dropper or rootkit type infection that was undetected by normal security audits and could survive normal machine wipes allowing them to harvest information and credentials they shouldn't have access to. The other which seems a bit of a wildcard is that there could be a way to expose the ARM Cortex embedded system so that it could be attacked with something like Spectre remotely and then used to compromise the system - this seems to rely on possible, that might or might not exist, undocumented (for security reasons) functionality related to SPS or one of the 3rd party microcontrollers.

It will be interesting to see what a proper AMD response says.

hyperseven · 14 Mar 2018 at 05:53

"legitimate conerns" :eek:

Silent_Scone · 14 Mar 2018 at 07:09

CAT-THE-FIFTH said:
Gamersnexus did a good summary of how ludricous the whole affair is:

https://www.gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs

Basically whether the flaws are there are or not is one thing,but its been done in such a way AMD can't respond to any claims,let alone examine them. Intel knew for at least six months before it told anyone.

Well, yes. A few people close to the industry already think Intel is behind this. But AMD were most likely behind the spectre embargo breach. Nothing changes, it's called tit for tat. Certain flaws on the face of it seem more credible than others which are reaching.

pete910 · 14 Mar 2018 at 08:49

Silent_Scone said:
But AMD were most likely behind the spectre embargo breach

Took their time with it if so. 5 months is a long while to wait to supposedly on purpose breach an embargo to harm your competitor!

Yaayuh! · 14 Mar 2018 at 08:58

Looks like a cheap smear campaign worth ignoring.

Geck0 · 14 Mar 2018 at 09:22

AMD has LONG been the shorters darling stock. Now that they are turning around shorts are getting harder and less lucrative for these parasites.

I would be gobsmacked if Intel or nVidia were involved, neither are stupid enough to be in something like this.

It's a very obvious stock manipulation attempt and although forward planned and executed on a global scale it was pretty crude and blatant. If these turkeys are lucky their disclosures will have covered their backsides enough that prosecution is not that attractive due to the effort involved - It looks like their plan backfired and they probably lost a crapload of money if they were shorting it hard anyway, which I find particularly amusing.

I'm long on AMD and they made me some money today. Thanks **** heads.

Silent_Scone · 14 Mar 2018 at 09:48

pete910 said:
Took their time with it if so. 5 months is a long while to wait to supposedly on purpose breach an embargo to harm your competitor!

Probably because they wanted to be confident they weren't effected if we're speculating.

Geck0 said:
I would be gobsmacked if Intel or nVidia were involved

I wouldn't.

David Bisset · 14 Mar 2018 at 10:00

The open source software patches were the first 'leak' for meltdown & spectre, hard to avoid!

CAT-THE-FIFTH · 14 Mar 2018 at 10:01

Hans de Vries has been doing some digging(has been around for 20 years and does CPU analysis):

https://forums.anandtech.com/threads/amdflaws-com-what-is-this.2540299/page-6#post-39344315

https://www.google.nl/maps/@32.0763...4!1sKwqghLxbTtWvbLFlfySSTA!2e0!7i13312!8i6656

Their webside from the 17-01-2018 in the way back machine, see the contact link.
https://web.archive.org/web/20180117182145/http://cts-labs.com/

They even changed their company logo a few weeks ago to make a look more like a security company.

Apparently Yaron Luk Zilberman had a Form D filing just last week for his (one-man?)
Hedge Fund just last week:

http://www.formds.com/issuers/ninewells-capital-partners-lp
https://www.sec.gov/Archives/edgar/data/1517621/000151762118000001/xslFormDX01/primary_doc.xml

The CTO just started a hedge fund last week.

https://forums.anandtech.com/threads/amdflaws-com-what-is-this.2540299/page-6

CTS-Labs is "Catenoid Security" which was formally Flexagrid Systems Inc

A company that produced the Computer Hijacking "CrowdCores"

See for instance: "How to remove CrowdCores from your computer"

From their old website dated 17-01-2018:

This hijacker was used to run BitCoin mining software on the hijacked computers to make money at the expense of unsuspecting PC owners.

https://web.archive.org/web/20170130122013/http://www.crowdcores.com/FAQ.html

From the wayback machine because access to http://www.crowdcores.com/ is now blocked.

Yep,they used to make malware,ie,Bitcoin malware.

Silent_Scone · 14 Mar 2018 at 10:08

Well that in itself isn't surprising, a lot of security experts come from a less than an unimpeachable background. In all honesty that's the least dubious thing about the entire affair. It's the exploits themselves which people should be focusing on.