CTS Labs' AnandTech Interview Raises More Questions About Its AMD Vulnerability Disclosure

[Guest]

The saga of CTS Labs' revelation of 13 (potential) vulnerabilities in AMD's Ryzen and EPYC processors continues.

CTS Labs' AnandTech Interview Raises More Questions About Its AMD Vulnerability Disclosure : Read more

 

[Ninjawithagun]

No matter what, CTS Labs is in big legal trouble. They had better be prepared for a huge legal suit soon...

 

[legokangpalla]

There goes 20% of AMD's CPU performance.

I find it highly suspicious that you made an account to just say that huh? I mean there is no way someone would hire you to smear AMD right?
"Oh look, it turns out AMD was just as vulnerable as Intel." When it's nowhere near the level of spectre/meltdown.

 

[sfcampbell]

In countless ways the research behind this study could have fostered comprehensive research and remediation of potentially grave security concerns... if CTS and Viceroy hadn't completely botched it in favor of scaremongering, maliciousness, and greed.

It's their own fault that this accusation is so thoroughly unbelievable! Between ASMedia and [platform agnostic] CPU microarchitecture there may actually be legitimate risks; but now because of these money-grubbing morons, it's a punchline.

Linus said it best: "They look like clowns."

 

[cryoburner]

I find it highly suspicious that you made an account to just say that huh? I mean there is no way someone would hire you to smear AMD right?
"Oh look, it turns out AMD was just as vulnerable as Intel." When it's nowhere near the level of spectre/meltdown.

But do you also find it highly suspicious that just 6 minutes after a certain other poster in this thread downvoted your post, another account also downvoted it, who appears to have never posted on this site before, let alone anywhere else on the Internet? <_<

 

[trigger11121987]

CTS labs are just attention seeking trolls.....
most of their stated exploits requires the hacker to be PHYSICALLY beside their target....

they might as well take the PC and leave...

 

[legokangpalla]

I find it highly suspicious that you made an account to just say that huh? I mean there is no way someone would hire you to smear AMD right?
"Oh look, it turns out AMD was just as vulnerable as Intel." When it's nowhere near the level of spectre/meltdown.

But do you also find it highly suspicious that just 6 minutes after a certain other poster in this thread downvoted your post, another account also downvoted it, who appears to have never posted on this site before, let alone anywhere else on the Internet? <_<

Wait, you can check who is down voting your post?

 

[gparmar76]

This was a stock manipulation hit job...funny that Intel is heavily invested in Israel as well...this was also strategically done right before the launch of Zen+ which is going to take the performance crown and price crown away from Intel.

 

[incognibro]

I skimmed through Viceroy's "report". It includes a disclaimer where it says that the authors have invested in relevant stocks and will have monetary gains from a drop of the AMD stock price. I guess it works in that you can't uncover them as biased if they uncover themselves first...

 

[cryoburner]

Wait, you can check who is down voting your post?

Yep, but if you are reading the comments under a news article, you have to click the "Comment from the forums" link at the top of the discussion to display the comments from within the forum. From there, you'll see the most recent status update listed at the bottom of each post that has one, containing things like when edits were made, or when users upvoted or downvoted a post, and by clicking the message, it should pop up the full list. There are no links to account profiles though, so if a sockpuppet account were used to manipulate votes, there is no easy way for a regular member to check when that account was made, or if it ever made any posts. Being a relatively high-traffic site, Tom's Hardware tends to get indexed by search engines rather quickly though, so a web search will likely direct you to a post made by the account, should any exist.

I imagine that members of the moderation team likely have additional tools for detecting and comparing accounts used for potential abuse though. I just noticed that the posts and votes in question have all since disappeared from this thread, so a moderator may have been on to it, and now our conversation just looks off-topic. : P

 

[billhperry67]

Still looks like BS to me. For someone to get to my computer to flash the bios or inject malicious code, they would need to get past the pugs, the wife, and me. The pugs? I know not a big threat, but they do bark and may lick you to death.

 

[bgunner]

I personally find this all suspect until a credible research team, like AMD or Google, confirms CTS's findings. On the subject of perception of AMD's CPU's this has made an impact for me personally. I have been heavily considering updating my aging gaming system, an AMD FX 8350 system, to a Ryzen based system but due to this accusation, and that is exactly what this is at this point without being corroborated by other research teams, has me taking pause on actually building one. So from a customer point of view this has made an impact on the company, whether it be true or not, because consumers need to protect themselves and act on the information available to them. When accusations like these arise it hurts the company's whether it is intended or not.

This is just my opinion and how I feel about this debacle on how the release of this information was handled. There are still so many questions and very little answers at this point.

I would think that if the flaw/s were found I would want to have it corroborated before revealing it to the company and the public to save face and be sure there were indeed issues before throwing caution to the wind and alerting the public.