CTS-Labs Details Potential AMD Security Vulnerabilities

Subject: Editorial
Manufacturer: AMD

Much Ado About Nothing?

We live in a world seemingly fueled by explosive headlines. This morning we were welcomed with a proclamation that AMD has 13 newly discovered security flaws in their latest Ryzen/Zen chips that could potentially be showstoppers for the architecture, and AMD’s hopes that it can regain lost marketshare in mobile, desktop, and enterprise markets. CTS-Labs released a report along with a website and videos explaining what these vulnerabilities are and how they can affect AMD and its processors.

View Full Size

This is all of course very scary. It was not all that long ago that we found out about the Spectre/Meltdown threats that seemingly are more dangerous to Intel than to its competitor. Spectre/Meltdown can be exploited by code that will compromise a machine without having elevated privileges. Parts of Spectre/Meltdown were fixed by firmware updates and OS changes which had either no effect on the machine in terms of performance, or incurred upwards of 20% to 30% performance hits in certain workloads requiring heavy I/O usage. Intel is planning a hardware fix for these vulnerabilities later on this year with new products. Current products have firmware updates available to them and Microsoft has already implemented a fix in software. Older CPUs and platforms (back to at least 4th Generation Core) have fixes, but they were rolled out a bit slower. So the fear of a new exploit that is located on the latest AMD processors is something that causes fear in users, CTOs, and investors alike.

CTS-Labs have detailed four major vulnerabilities and have named them as well as have provided fun little symbols for each; Ryzenfall, Fallout, Masterkey, and Chimera. The first three affect the CPU directly. Unlike Spectre/Meltdown, these vulnerabilities require elevated administrative privileges to be run. These are secondary exploits that require either physical access to the machine or logging on with enhanced admin privileges. Chimera affects the chipset designed by ASMedia. It is installed via a signed driver. In a secured system where the attacker has no administrative access, these exploits are no threat. If a system has been previously compromised or physically accessed (eg. force a firmware update via USB and flashback functionality), then these vulnerabilities are there to be taken advantage of.

View Full Size

In every CPU it makes AMD utilizes a “Secure Processor”. This is simply a licensed ARM Cortex A5 that runs the internal secure OS/firmware. The same cores that comprise ARM’s “TrustZone” security product. In theory someone could compromise a server, install these exploits, and then remove the primary exploit so that on the surface it looks like the machine is operating as usual. The attackers will still have low level access to the machine in question, but it will be much harder to root them out.

Continue reading our thoughts on the AMD security concerns.

AMD has addressed the submission from CTS-Labs, but it does not provide any more insight or potential fixes for these vulnerabilities:

We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise. We will update this blog as news develops.

What AMD does say is that they had not heard of this group before and find it odd that they would talk to the press about it before going to the company whose products are affected by this. Google Project Zero was created to find zero-day exploits, but they typically contact manufacturers first and wait 90 to 180 days before detailing their findings to the public. This gives manufacturers the ability to head off attacks before they are widely known about and to integrate solutions into upcoming products.

View Full Size

CTS-Labs was formed in 2017 in Israel. Very little was known about this group before today. When they announced the news they already had a website ( along with several videos and presentations pertaining to these AMD vulnerabilities. Possibly unrelated to the group we saw Viceroy Research, a South African firm that has a history of releasing bad news about companies while shorting their stocks, quickly put up their “AMD Obituary” page that claims they expect AMD’s share price to drop to $0 and they will be forced to go into bankruptcy proceedings. Now, we do not know if these two entities are connected, but Viceroy put up their findings very quickly if not at the same time as CTS-Labs released their findings.

There are rumors that Intel hired the group, but those are incredibly unlikely. So far there is no concrete evidence for this type of relationship and I am pretty doubtful that any will be found. We must also consider that Intel has already been under the microscope by multiple groups around the world when it comes to AMD and I am inclined to think that Intel Legal would not look kindly upon this.

In the end AMD will likely patch up the “vulnerabilities” that they detail here, but it may not be soon. Some of these issues may simply be working as intended rather than a real flaw. Once an attacker gains administrative access, then the machine is at their beck and call. This will be true of any machine whether it is run by Intel or AMD. The scenario that could be the most troublesome is that of retaining control at a low level all the while the machine looks fine to anti-virus software and system administrators.

March 13, 2018 | 09:30 PM - Posted by hj343 (not verified)

You guys at PCper really have a hard-on for AMD. For months, every system tier in your Hardware Leaderboard has been AMD based. And people are supposed to take your recommendations seriously?

March 13, 2018 | 09:35 PM - Posted by Josh Walrath

Wait? I thought we were Intel shills? I'm confused.

March 14, 2018 | 12:25 AM - Posted by PixyMisa

Clearly your constant promotion of AMD is just a ruse to cover up the fact that you are paid members of the Vast Intel Conspiracy.

March 14, 2018 | 01:54 AM - Posted by 24nolf

What do they call it when you are a shill for both sides...?

March 14, 2018 | 02:58 PM - Posted by WithButterOnTopAndJiffyPopFoilHat (not verified)

A Marketing Mole.

March 14, 2018 | 02:59 PM - Posted by WithButterOnTopAndJiffyPopFoilHat (not verified)

P.S. Marketing Moles get paid by both sides!

March 14, 2018 | 08:34 PM - Posted by 24nolf

It all makes sense now! All these years Josh Walrath has been a secret mole...wait...who would think picking Josh was a good idea...

March 14, 2018 | 10:09 PM - Posted by Josh Walrath

Never been a good idea...

March 15, 2018 | 04:06 AM - Posted by Photonboy

They clearly have an EQUAL BIAS for both sides.

Also, Gamersnexus did a great job of reporting this issue which essentially boils down to a huge MISREPRESENTATION AND EXAGGERATION of facts for the purpose of.. drum roll...


March 14, 2018 | 06:56 AM - Posted by JohnGR

AND Nvidia shills. :p
Bring Allyn here and he will verify how many times I was SHOUTING at you in the past. :D

March 13, 2018 | 10:40 PM - Posted by biohazard918

They were all intel based for like the last 5 years. What is your point?

March 13, 2018 | 09:41 PM - Posted by WayStragerThanAnyDrugInducedHallucinationsThisSmacksOf (not verified)

It's the 13th day of 3rd month of the 2018 and some unknown "Security" interest reports on 13 security vulnerabilities found on AMD's Zen based platforms.
And AMD was given only a 24 hour head up on what was about to be reported by this "Security" intrest.

It's a few weeks before the first of April but are not those in the security busines supposed to be concerned with well security first and maybe should have given AMD 30 to 90 days notice before the whole thing would be announced.

They have not even provided one single POC sample to anyone outside of their security interest's sphere and are not being forthcoming at all with that "Whitepaper" that is well on white paper and with loads of rather suspicious names and cutezy graphics included to represent each of the 4 classifications of vulnerabilities: Ryzenfall, Fallout, Masterkey, and Chimera.

I think that there are already more questions about CTS-Labs and their stock backgrounds provided as a backdrop to their Video presentation and other questionable website that have appeared to have not way of being Vetted by anyone or their findings subjected to any sorts of peer review. Their questionable claims are only backed up by some really questionable wording constructed in a manner that appears targeted at avoiding any liability on their part for their very questionable claims with no one able to actually have done any proper vetting of any Proof of Code exploits.

Really this does not smell at all legitimate and appears to have more ties to some financial interest that specilizes in thigs like shorting stocks and other sorts of very questionable business practices.

I hope and think that the web page caching folks have made snapshots of all the online websites that have jumped on this story without any fact checking only to have already resorted to issueing many Updates as things started to become clearer. There are still many websites that are reporting this as if it where a peer reviewed, fully vetted fact that all the information provided is ture and correct and this really needs to be part of some form of onlline peer reviewing of the online press both the technology press and financial press as CTS-Labs methods of reporting these "security" vulnerabilities is the very dictionary of Reproachable.

"Ryzenfall" Oh that one is a keeper and it appears that they spent more time on the presentation that on actually doing any meaningfull security work. And the disclaimers are right out of the fly by night playbook for the grifters and market manipulators. This may just make the it into the media whores hall of fame more than any security industry best practices manuals. That "WhitePaper" that's a real piece of work for its egregious pandering to that fear of the internet boogeyman over thees first 3 months of 2018!

March 13, 2018 | 09:52 PM - Posted by WayStragerThanAnyDrugInducedHallucinationsThisSmacksOf (not verified)

Edit: dictionary of Reproachable.
to: dictionary of Definition of Reproachable.

March 13, 2018 | 09:54 PM - Posted by WayStragerThanAnyDrugInducedHallucinationsThisSmacksOf (not verified)

fix that

to: Dictionary Definition of Reproachable

Bad day all around.

March 14, 2018 | 12:55 AM - Posted by Myopic

From the looks of it you have to have administration permission before you can use the exploits.
Basically your already pwned before these are even used

March 14, 2018 | 11:12 AM - Posted by Schools of thought (not verified)

The persistence is a bit of a downer: It's not just "someone who has root access" but "someone who ever had root access at some point in the history of that computer unless you replace the CPU and/or motherboard". Obviously root access means you're already powned. But with this exploit you can't roll back to yesterday's full disaster recovery image and move on. Hell, even formmattimg the drives and reuse the hardware after a breach is impossible. Nothing can be trusted if a trusted compute processor can run a malicious firmware.

That's the big downside of doing the "ooh, OS is too insecure so we'll just move some things into Safe Trusted Firmware" school of design. Unless that is ironclad you now have something that will survive anything short of a trip to the shredder.

March 14, 2018 | 11:54 AM - Posted by PrimePopcornSeasonAsTheTechnologyWorldTurns (not verified)

SuperFish comes to mind and the product's OEM sure had some very deep administrative access for that to be of any threat.

March 14, 2018 | 12:07 PM - Posted by Particle (not verified)

The CPU doesn't have non-volatile memory onboard. You can't actually "install" malware to it or its PSP. The persistence only comes from overwriting the firmware stored on the motherboard. If you didn't do that, power cycling the system would get rid of it. If you did though, replacing the CPU does nothing and re-flashing the motherboard's firmware with a clean copy would get rid of it.

March 14, 2018 | 12:22 PM - Posted by Hostility towards bad arguments (not verified)

> The CPU doesn't have non-volatile memory onboard. You can't actually "install" malware to it or its PSP.

I was exclusively talking about the PSP, and contrary to what you state the vulnerability Ryzenfall-4 does allow for Code Execution on the PSP. (See the anandtech and arstechnica article)

Don't get me wrong, I love AMD and I want them to succeed, but this PSP thing is just crazy, and Intel and ARM don't care as well :(

March 15, 2018 | 04:15 AM - Posted by Photonboy


"The kernel is able to update the processor's firmware without the need to update it via a BIOS update. A microcode update is kept in volatile memory.."

The reason is that non-volatile memory would be too slow so micro-code corrections (i.e. for security) that needed to go through a flashable memory would completely kill the CPU performance.

March 16, 2018 | 05:30 PM - Posted by Anonymouse (not verified)

Look up "root kit".

March 14, 2018 | 11:10 AM - Posted by Bella Thorne (not verified)

> They have not even provided one single POC sample to anyone outside of their security interest's sphere

Please read the arstechnica or anandtech article where they cite two independent and different security companies who were given POC and independently confirmed the findings

Obviously the 24 hours period was bad, and the intent bad as well, but that doesn't mean we should ignore their (independently confirmed) findings, which can make your everyday malware takeover the AMD PSP and have full blown system access that can't be fixed by formatting your hard drive. Remember, nothing can be trusted if a trusted compute processor can run a malicious firmware.

March 13, 2018 | 10:21 PM - Posted by RadioActiveLobster

Steve's been busy on this as well.

March 13, 2018 | 11:00 PM - Posted by WhatHaveTheyBeenDroppngInLittleBarrelPillForm (not verified)

Yes he has been doing some Damn good reporting! And just go read some of Linus Torvalds comments on the matter. This whole thing reeks some very special kinds of madness and that Viceroy Research PDF titled "AMD – The Obituary." just makes this one of the best Orville Redenbacher Moments in Technoloy News history. I mean can this operation be any more suspect in ones mind after reading that Viceroy Research Tour De Farce Diatribe.

I can see that more than one online reporter and some poorly edited online rags will be cleaning their face of some grade A chicken residue after failing to do even the most basic of fact checking before treating that CTS-Labs/Viceroy Research Piece Of Work as some peer reviewed and properly vetted security research results. This is so very much beyond even the eccentricities of even Bizarro World.

March 14, 2018 | 01:57 AM - Posted by 24nolf

Thanks, that was a great read. He's got a video up on youtube that helped to summarize things as well.

March 14, 2018 | 01:19 AM - Posted by Anony mouse (not verified)

I prefer Sebastian in-dept look

March 14, 2018 | 03:20 AM - Posted by Hishnash (not verified)

From what I understand you either need root access and or full bios flash with a custom bios of the device.

fundamentally if you have this access and you can replace the bios you own the machine... I don't know of any system out there with a flashable bios that would be safe from this attack vector.

March 14, 2018 | 11:04 AM - Posted by Anonymous Using FreeBSD (not verified)

While one vulnerability requires BIOS flash, the rest require only running an .exe, one in fact allows you to get full blown takeover of the AMD PSP (Platform "Security" Processor) by just running an .exe, so you can have some malware and turn it into a persistent state, no matter how much you format your harddrive, your system is just pwned because the terrible thing that is the AMD PSP (which we have been warning AMD since ages) is fundamentally insecure, just like its Intel counterpart: Intel's ME (Management Engine).

If AMD doesn't allow us to at least be able to completely disable the AMD PSP, then I'm sorry, AMD doesn't care about customer's safety and is no different than Intel in this regards. And that's why I'm still stuck with this Intel Pentium 4, at least it doesn't have this "hardware rootkit" Orwellian disaster.

March 14, 2018 | 11:18 AM - Posted by JoniIskandarMuda (not verified)

are you think people are dumb enough to run Malware on their system,, in this case every malware is dangerous, is not even releant how AMD to customer. but how people so dumb enough running malware, even case like WannaCry malware thing, you are using this method for excuse that amd basially same effect as Intel Defect Design that the bug itself is on their Hardware level not just Intel ME effected

this is not even called Bug,,

March 14, 2018 | 06:45 PM - Posted by Kidding ME your Killing ME and so is Intel's ME (not verified)

> are you think people are dumb enough to run Malware on their system

So you think the only way people will be affected by malware is if they personally go and find some malware and run it? You must be kidding! Ever heard of 0day exploits to the kernel?

March 15, 2018 | 06:52 PM - Posted by wetware (not verified)

read the article again...

>So you think the only way people will be affected by malware is if they personally go and find some malware and run it?

the amd "exploits" are not possible to launch unless you've already exploited the system some other way gaining admin priveledges.

what all this boils down to is

- some company in Israel has made a specially modified firmware that targets AMD systems

- there's no exploit related to the AMD architechture itself that allows them to run any code without admin rights or physical presence

- it completely relies on the ability to be able to run code as an admin or root or boot the machine from a thumbdrive and flash the bios etc...

now here's the best part...

if you have that level of access to enable this "exploit" you already own the machine totally and it equally affects all Intel systems, AMD systems, VIA systems, POWER 3/4/5/6, DEC ALPHA, custom transistor based mainframes from the 60's etc...

in other words "no system is safe if you have admin/root/physical access to the boot storage device" this isn't news it's just a crap tactic trying to manipulate stock pricing

March 16, 2018 | 08:59 AM - Posted by Browserling Dot Com (not verified)

> the amd "exploits" are not possible to launch unless you've already exploited the system some other way gaining admin priveledges.

Where did I contradict this in my post? As I said time and time again, the persistence is a bit of a downer: It's not just "someone who has root access" but "someone who ever had root access at some point in the history of that computer unless you replace the CPU and/or motherboard". Obviously root access means you're already powned. But with this exploit you can't roll back to yesterday's full disaster recovery image and move on. Hell, even formmattimg the drives and reuse the hardware after a breach is impossible. Nothing can be trusted if a trusted compute processor can run a malicious firmware.

That's the big downside of doing the "ooh, OS is too insecure so we'll just move some things into Safe Trusted Firmware" school of design. Unless that is ironclad you now have something that will survive anything short of a trip to the shredder.

March 14, 2018 | 02:16 PM - Posted by The Nov Agesa update allowed the PSP to be disabled (not verified)

Ever since Intel's ME engine was found to be vulnerable to attacks... AMD pushed an Agesa update allowing theirs to be turned off. At least do some research before you go crazy.

March 14, 2018 | 06:41 PM - Posted by Anonymouszlzzl (not verified)

> Ever since Intel's ME engine was found to be vulnerable to attacks...

There are dozens of known vulnerabilities to ARM's Trustzone or whatever it's called (which AMD uses for the PSP), just google it ;) so your "Intel was found to be vulnerable we must be too" scenario makes no sense, and is unsubstantiated unless your audience watches Alex Jones at every 3PM.

> AMD pushed an Agesa update allowing theirs to be turned off.

No it does not, this is simply disabling the option ROM and the PCI device. PSP can't be disabled without massive AMD intervention as it is integral to the boot process and it inits the main CPU.

> At least do some research before you go crazy.

Please don't try to fool us with fake news (from Phoronix which took it from a reddit post) and pass it on as "research". Thanks for your comprehension!

March 14, 2018 | 04:26 AM - Posted by H380

I wonder how much Intel Marketing had to pay for this 24 hour hit job by these "Researchers"? Who owns, created and paid for that website? Looks like #FakeNews propaganda hit piece to me. Just like Spectre was used to deflect from the for worse Meltdown only on Intel.

March 14, 2018 | 04:50 AM - Posted by John Blanton (not verified)

Regardless of whether or not these exploits are legit, this is 100% financially motivated.

March 14, 2018 | 11:46 AM - Posted by PrimePopcornSeasonAsTheTechnologyWorldTurns (not verified)

That and it just goes to show you that the entire technology industry is as corrupt as the Old Standard Oil Trust was way back in the late 19th early 20th century before the antitrust law where enacted by congress and the US Justice Department's Antitrust Division is the go to federal agency if there is reason to believe that any of AMD's market competitors have any connection to this.

Also with regards to stock manipulation that's the SEC and there even can be the FTC involved also with the FTC looking at any online press outlets for signs of coordinated astroturfing. They even have AIs that are trained to spot astroturfing but that's currently inadmissible for obvious legal reasons.

Hell old John D Rockefeller and the Standard Oil Company Trust was the very reason that motivated congress to act and create the antitrust laws. The Standard Oil Trust tried to corner the oil market by trying to force all the independent oil companies to become vertically integrated under that trust arrangement where all the independent oil producers had to sell their oil via the Standard Oil Trust at very unfair rates. Any third party independent oil producer that resisted the Standard Oil Trust(Abusive Monopoly) quickly found it hard to get their oil loaded onto railroad tank cars to get to the oil refineries.

Just look and the GPU market with Nvidia trying to force all the independent third party AIBs/PC/Laptop OEMs under a Trust arrangement with that GPP program. Nvidia has that monopoly market control and seeks to leverage that in an unfair/illegal manner in order to hold onto that monopoly market share in the face of competition. Intel was convicted of after being connected to some very similar to this article's sorts of smear tactics along with trying to create a Trust arrangement whereby the "Independent" PC/Laptop OEMs intentionally where to conspire with Intel via an illegal Trust arrangement to keep AMD's better performing(At The Time) CPU SKUs off of those independent third party PC/Laptop OEM's offerings. Does Dell Ring a Bell, as the best friend money can buy!

It appears that this "Security" entity may just be grandstanding on some already revealed PSP/IME dedicated security processors problems that many processor makers have had problems with and that all makers have to deal with. Look at all the classic hyperbolic language used in that "AMD-The Obituary" and the time spent by CTS-Labs working up their own Meltdown-esk sorts of mascot/graphics symbolism and names like Ryzenfall.

Hell these CTS-Labs/Viceroy research folks are so obvious and unconvincing with their rather easy to spot language in thoes PDF "Security/Market Reports" with that egregious display of naivete and hyperbole.

Hey you naive market manipulators/smear tacticians(Not Very Tactful by the way)! Don’t you even Know that if you want to short AMD’s Stocks that it's counterintuitively known to all that all you have to Publish is Good News about AMD to make AMD’s share Prices Fall!

March 14, 2018 | 02:29 PM - Posted by WithButterOnTopAndJiffyPopFoilHat (not verified)

What if these folks intentionally crafted this whole thing up designed to be seen by the press as bogus, and in fact these market minipulation Folks have a Long Position on AMD's stock instead of a short.

The SEC had better be looking very closely at all of the entities that may have any option Positions on AMD's stock, Long or Short, and try and suss out who may be illegally trying to minipulate AMD's stock.

Either way it's still illegial and must be prevented.

So Folks:

Let's all go to the lobby. Let's all go to the lobby. Let's all go to the lobby. And get ourselves a treat. Delicious things to eat. The popcorn can't be beat...

March 14, 2018 | 10:34 AM - Posted by Stefan (not verified)

Dear PcPer. Please dig dipper on this. After 30 minutes research on CTS-Labs seems to be run by scam-ish people. Please do some fact check.

March 14, 2018 | 12:55 PM - Posted by PrimePopcornSeasonAsTheTechnologyWorldTurns (not verified)

The whole Technology Blog-O-Sphere world and their dog is digging into this matter. Here is an interesting post from Anandtech's forum, via information from the wayback machine.

[CTS-Labs is "Catenoid Security" which was formally Flexagrid Systems Inc

A company that produced the Computer Hijacking "CrowdCores"] (1)


"Hans de Vries Member" [AnandTech forum Poster]

March 14, 2018 | 01:47 PM - Posted by PrimePopcornSeasonAsTheTechnologyWorldTurns (not verified)

looks like the German equivalent of the SEC, the BAFIN, is in Viceroy Research's rearview mirror.

"Munich. The attack of the analysis house Viceroy Research against Pro Sieben Sat 1 was illegal in the opinion of the financial market supervisory authority Bafin. A sale recommendation published on March 6 by Viceroy for shares of the television corporation violated the information requirements of the Securities Trading Act, the Bafin announced on Monday.(1) [note: this is google translate]

(1)[Via Google translate]

"Bafin targets pro-seven critics Viceroy

The Bafin considers the sell recommendation of Viceroy as illegal.

The financial supervisory authority is now examining whether this is also market manipulation."

March 14, 2018 | 02:10 PM - Posted by whargarble (not verified)

Weren't these trustzone related vulnerabilities noted back in September 2017?

March 14, 2018 | 02:49 PM - Posted by WithButterOnTopAndJiffyPopFoilHat (not verified)

Yes that's Most likely what the "Proven"(no duh) vulnerabilities are about and used for grandstanding the stocks up or down, depending on Option Position Taken(Long, Short, etc.) by the stock minipulator/s! And this is really some great theater of the stock market minipulation entertainment kind that also can be enriching on many levels in both the quality life related and the monetarily(large quantities of Dosh) related parts.

It's definitely Popcorn worthy to invest in Popcorn Futures with all this drama about the obvious going on with these professional(That's the ticket) "Security" Grifters and their investment tie-ins.

March 14, 2018 | 03:54 PM - Posted by Rocky1234 (not verified)

Yep it is pretty sad state of affairs for sure. What they do not tell you is that if a hacker has admin/root access to your system already it is to late and not only would this affect AMD based systems but pretty much any system out there whether it be Intel or even ARM based system's so that pretty much covers the whole tech industry and all Os's released. The whole white paper is pretty vague but hey they have pretty little pictures yay.

The company was founded in 2017 their web site is provided by Go Daddy and their big huge office you see in the promo videos is actually a picture form the internet that is green screened in so they look like a bigger company than they are. Heck even their logo was stolen from another companies logo and they altered it to suit their own needs. So we are supposed to take the word of a company that stoops to these levels of lying. Lets not forget that whole 24 hour notice thing yep they are legit for sure this was a way to make a name for them self and they took it.

I hope it backfires on them and they face huge lawsuits that drains their bank accounts and maybe even jail time for being *ick heads about it.

March 14, 2018 | 04:14 PM - Posted by Anonymously Anonymous (not verified)

those guys are just dancing around the subject as carefully as possible without directly saying they are tryign to manipulate stock pricing so they can make $$$ off of it.

that asshat leader of theirs was trying to say in some new blurb that he believes security flaws/vulnerabilities should be shouted from the roof on day 1.

Makes one think, what if their site, financial accounts, banks, devices all had vulnerabilities that if exposed, would allow anyone access to any data, if those vulnerabilities were exposed day 1?
I think, if a flaw/vulnerability was discovered on that guy's personal bank's tech security, and it was shouted to the masses whihc resulted in a massive robbery, would he agree to day 1 exploit pubications then?

March 14, 2018 | 04:19 PM - Posted by Mr.Gold (not verified)

once you have root/full administrator access you can comprise anything and everything.

The key here, none of the CTS finding can be exploited.

CTS expect that AMD will file for bankrupcy and they took financial position to benefit from AMD stock crashing.

CTS seem to have orchestrated a hit piece, making sure AMD cannot respond to the claims.

Looking at the details, the activity of CTS seem very illegal.
I think they might be in hot water and I wouldnt be surprised if we see some heavy fine + potential jail time (if extradition is granted)

CTS is gambling big expecting to make millions on the stock downfall. Greedy, because I sure if all this was real, they could have sold the expertise/knowledge to AMD for millions.

AMD said they never heard of CTS until friday, so at least AMD was not faced with blackmail/extortion.

March 14, 2018 | 05:15 PM - Posted by James

Even if these are real vulnerabilities, this is exactly the reason why sourcing from multiple vendors is important. When the next vulnerability is found in Intel ME, all of your systems won’t be vulnerable at the same time. This is pretty important when availability is a serious concern.

Even if these are real vulnerabilities, this looks more like an attempt to slow down AMD grabbing market share rather than just short sellers. Such a thing doesn’t need to be perpetrated by Intel itself. There are a huge number of people who hold a lot of Intel stock (including employees, current and past). Intel could get hit very hard by suddenly having massive competition where there was none for years. Even if a lot of customers still go Intel, their ASPs could take a massive hit. AMD is selling a 24 core processor for $1150. How much is an equivalent Intel processor? How long can intel maintain those prices with that kind of competition?

This is going to go the way the Opteron processor release did. AMD has a much better product with a very dislfferent design. Intel talked about how integrated memory controllers and point-to-point interprocessor links were unnecessary, and then not to long after that, they released a processor with almost the same high level system design as AMD’s Opteron just with QPI links instead of hypertransport. Very similar though. Intel will be forced to follow suit with the current design shift also, they won’t like it though, since it gives customers a lot more cores for a cheaper price. The difference here (hopefully) is that managers of cloud services see the dangers of using a single vendor.

This release of possible AMD vulnerabilities looks specifically designed so try to fight the diversification of suppliers. The release without warning also sets a bad precedent. If the “researchers” don’t give companies time to respond, then they could be causing massive damage by placing exploits in the hands of hackers before companies have time to fix things. The entire tech industry should be against such things. What would have happened if researchers had released the Intel only Meltdown exploit without any warning? It would have been a complete disaster for cloud providers. Even with a lot of warning it was and continues to be a mess. It came out a little early because they essentially tried to apply the fix to all systems, not just Intel, which would have caused a massive performance hit on AMD systems unnecessarily. I don’t blame AMD for correcting that “oversight”.

These vulnerabilities do not actually look that serious. Possibly not anywhere near as bad as Meltdown. They might not allow breaking out of VMs since the vm user does not have root acces to the host. They also are probably fixable without any performance issues. Anyway, If a bad actor has physical access to your machine, then all bets are off. They could swap out chips and all kinds of stuff. Having root access can compromise all manner of things by itself. These attacks would require a lot of work in most cases. Most hackers aren’t going to make a custom bios and flash it. I had a machine compromised recently, and they just installed a coin miner on it.

Hopefully cloud service providers are smart enough to realize that having a single source of components is a bad idea. It is like having a population of clones that can be wiped out by vulnerability to a single disease. Having a single dominant company like Intel in CPUs and Nvidia in GPUs is bad for all consumers. We could have had 8 core processor in the high end desktop market for a reasonable price at 22 nm, the die size was small enough without IGP, but intel wanted to keep the high prices in the workstation market while continuing to sell tiny 4 core processors for inflated prices. That is why I am stuck with an expensive 4 core cpu at work and at home. Intel and Nvidia have been holding the market back for years now. I will not be buying anything from either of them.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.