DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
June 24, 2019 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 197 people online.

 

Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
 

Follow us
RSS
 

AnandTech had a call with AMD CPU bug hunter CTS-Labs

Posted on Friday, March 16 2018 @ 11:28:37 CET by


AMD logo
One of the reports that caused a lot of controversy this week was the news from CTS-Labs, about the discovery of 13 security vulnerabilities in AMD's Ryzen and EPYC processors, as well as in ASMedia chipsets. The first impression of a lot of enthusiast was that this is a smear campaign, not just because nobody had ever heard of this firm, but also due to the unusual and highly mediatized disclosure, the surrounding doom and gloom, and a 25-page short seller report from Viceroy Research that appeared a mere three hours after the initial announcement.

AnandTech's Ian Cutress and RealWorldTech's David Kanter had a conference call with CTS-Labs, you can read their conclusions over here. The site concludes there a definitely a lot of weird and inconsistent elements. It is likely that the vulnerabilities are real, but further confirmation is still required:
One, if the vulnerabilities exist: It is very likely that these vulnerabilities are real. A secondary attack vector that could install monitoring software might be part of a multi-layer attack, but offering a place for indiscriminant monitoring of compromised systems can be seen as an important hole to fix. At this point, the nearest trusted source we have that these vulnerabilities are real is from Alex Ionescu, a Windows Internals Expert who works for CrowdStrike, one of the companies that CTS-Labs says has the full disclosure documents. That is still a stage a bit far from us to warrant a full confirmation. Given that Trail of Bits required 4-5 days to examine CTS-Labs work, I suspect it will take AMD a similar amount of time to do so. If that is the case, AMD might have additional statements either on Friday or Monday, either confirming or rebutting the issues, and discussing future action.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba