Computers & Electronics

Intel processors will take 5-30% performance hit (Windows/Linux) to fix kernel security bug

  • Last Updated:
  • May 18th, 2018 8:00 pm
Deal Addict
User avatar
Feb 3, 2011
1730 posts
293 upvotes
SickBeast wrote:
Mar 13th, 2018 8:53 pm
The information on the AMD CPU flaws seems quite sketchy at the moment but this could really be catastrophic for AMD if it's indeed true.
From what's been pointed already, it's extremely likely this is fake news.

And the only person that has "verified" the flaws that CTSLabs reported was paid by CTSLabs to do it. What a joke.
Baaaaaaaaa!
Deal Addict
User avatar
Feb 3, 2011
1730 posts
293 upvotes
dealseaker101 wrote:
Mar 13th, 2018 9:37 pm
AMD stock actually went up today. Face With Tears Of Joy I mean, it did drop a few cents initially, but not more than on a normal day.

Edit: Perhaps this is why, takeover rumors: https://seekingalpha.com/news/3337176-t ... amd-flying
That was last week. Stock price took a bump due to the rumours, but has gone back to pre-rumours level.

Not the first time rumours like this have circulated, and won't be the last. AMD stock price is heavily manipulated, in my opinion.
Baaaaaaaaa!
Deal Addict
User avatar
Dec 1, 2010
1100 posts
392 upvotes
GTA
Ugh, I don't want to hear any more fake news unless it has been verified.
Deal Addict
Jan 16, 2009
3804 posts
1439 upvotes
Toronto
mr_raider wrote:
Mar 14th, 2018 10:52 am
A more sophisticated analysis:

https://www.pcper.com/reviews/Editorial ... rabilities


It seems all these exploits require Administrative access to the PC.
So many Intel Fans jump on this fake report.

If you require administrative access to the PC, then it's not a security hole. This is coming from this viceroy fund hiring CTS lab for 16k to put up fake news.

https://mybroadband.co.za/news/business ... ceroy.html

“We believe AMD is worth $0.00 and will have no choice but to file for bankruptcy.”

The short attack didn't' work yesterday, and these guys deserve to lose money.
Deal Addict
User avatar
Feb 3, 2011
1730 posts
293 upvotes
Ceryx wrote:
Mar 14th, 2018 11:10 am
So many Intel Fans jump on this fake report.

If you require administrative access to the PC, then it's not a security hole. This is coming from this viceroy fund hiring CTS lab for 16k to put up fake news.

https://mybroadband.co.za/news/business ... ceroy.html

“We believe AMD is worth $0.00 and will have no choice but to file for bankruptcy.”

The short attack didn't' work yesterday, and these guys deserve to lose money.
I don't think CTSLabs disclosed who funded them research yet, which is sketchy as heck. I believe it was the company Trail of Bits that was paid 16k to audit CTSLabs' work.
Baaaaaaaaa!
Deal Guru
User avatar
Mar 14, 2009
12264 posts
4651 upvotes
Ceryx wrote:
Mar 14th, 2018 11:10 am
So many Intel Fans jump on this fake report.

If you require administrative access to the PC, then it's not a security hole. This is coming from this viceroy fund hiring CTS lab for 16k to put up fake news.

https://mybroadband.co.za/news/business ... ceroy.html

“We believe AMD is worth $0.00 and will have no choice but to file for bankruptcy.”

The short attack didn't' work yesterday, and these guys deserve to lose money.
You were also one of the people saying that AMD was not affected by Spectre, so I think waiting for more independent confirmation would be prudent. We have heard this before from you.

By the way, this report says it's confirmed:

https://arstechnica.com/information-tec ... uch-worse/
In a series of tweets, Gadi Evron, a veteran security researcher and the CEO and founder of security firm Cymmetria, also confirmed the accuracy of the findings even as he declined to defend the way they were disclosed.
I am a Public Mobile, Zoomer, and Koodo customer.
Deal Addict
User avatar
Feb 3, 2011
1730 posts
293 upvotes
SickBeast wrote:
Mar 14th, 2018 11:47 am
By the way, this report says it's confirmed:

https://arstechnica.com/information-tec ... uch-worse/
I think most security analysts are saying that these AMD flaws require root access to exploit these issues. If a hacker has this information, the computer is compromised already and is opened to other attacks. It doesn't seem as serious as Spectre/Meltdown.

What I don't like is how the media have reported this. Security is such a buzz word nowadays and news outlets pounced on this "report" and used click baity headlines, without doing any research into it.
Baaaaaaaaa!
Penalty Box
User avatar
Feb 10, 2007
10217 posts
1316 upvotes
But are intel CPUs also affected by this new AMD flaw?
sharpshooter88 wrote:
Mar 14th, 2018 12:04 pm
I think most security analysts are saying that these AMD flaws require root access to exploit these issues. If a hacker has this information, the computer is compromised already and is opened to other attacks.
[self promotion rule violation, removed twice already][self promotion rule violation, removed twice already][self promotion rule violation, removed twice already][self promotion rule violation, removed twice already][self promotion rule violation, removed twice already]
Deal Expert
Feb 29, 2008
18560 posts
2044 upvotes
Montreal
sexyj wrote:
Mar 14th, 2018 12:26 pm
But are intel CPUs also affected by this new AMD flaw?
No. These seem specific to AMDs embedded controller which uses an arm circuit.
Deal Fanatic
Nov 17, 2004
5915 posts
620 upvotes
Toronto
The AMD exploits require admin access and or physical access to the hardware. That does in no way mean it is not an issue. If you can load malicious code into the BIOS or into the CPU microcode then there is still a huge attack surface, the entire supply chain from the chip fab to the end retailer is open to attack. How about ebaying used parts, that could be a fluster cuck of malware baked right into the CPU or the MOBO that you bought.
I workout to get big so I can pickup bricks and ****.
Deal Expert
Feb 29, 2008
18560 posts
2044 upvotes
Montreal
toalan wrote:
Mar 14th, 2018 2:47 pm
The AMD exploits require admin access and or physical access to the hardware. That does in no way mean it is not an issue. If you can load malicious code into the BIOS or into the CPU microcode then there is still a huge attack surface, the entire supply chain from the chip fab to the end retailer is open to attack. How about ebaying used parts, that could be a fluster cuck of malware baked right into the CPU or the MOBO that you bought.
It's certainly an issue for enterprise and government. I highly doubt it's an issue for individual home users. If you have physical access to my PC, chances are you broke into my house. At that stage one sure you are far more likely to steal my TV or my watch collection, than try to embed malware into my computer.

Rest I assured I won't be throwing any of my PCs, Intel or AMD into the garbage any time soon.
Deal Addict
Jan 16, 2009
3804 posts
1439 upvotes
Toronto
toalan wrote:
Mar 14th, 2018 2:47 pm
The AMD exploits require admin access and or physical access to the hardware. That does in no way mean it is not an issue. If you can load malicious code into the BIOS or into the CPU microcode then there is still a huge attack surface, the entire supply chain from the chip fab to the end retailer is open to attack. How about ebaying used parts, that could be a fluster cuck of malware baked right into the CPU or the MOBO that you bought.
That's not a security bug. Lenovo did that years ago on intel based system and get sued.

If you need admin access to break the bios, it's not a bug. It's BS>



Here is how hardware unboxed calls it.
Deal Fanatic
Nov 17, 2004
5915 posts
620 upvotes
Toronto
It really depends on how AMD implements their ARM trust zone thing. That report is light on details, so I have no idea.

Both Intel and AMD are caught with their pants down, it is only by pure chance that Intel has more issues than AMD right now but that could change overnight as new exploits are found.

The only CPU company that comes out smelling like roses is ARM and that is because although ARM is not open source, you can ultimately look at the source files if you license an ARM design. You have more eyeballs outside of ARM that look at the source and that is security through unobscurity, which is opposite of the security through obscurity that Intel and AMD rely on.
I workout to get big so I can pickup bricks and ****.

Top