News Xeon and Other Intel CPUs Hit by NetCAT Security Vulnerability

Toggle sidebar Toggle sidebar
Metal Messiah. said:
Thank heavens, AMD CPUs are safe for now.
Click to expand...
You say that, they also have security flaws.

However I always take this with a bit of a pinch of salt, as ultimately, these flaws are being discovered by people being paid to find these flaws, and Intel still currently hold the mass market share, especially in commercial / business industry. So ultimately, its where you'd direct all of the funding and research of cyber security.

You'd also be directing a lot of that work into the working industry, which are still predominantly Intel.

I believe AMD will also have it's series of flaws, just there is less focus to find them. Not to say there is no focus, but less.
 
  • Like
Reactions: Deleted member 2731765
Yeah, obviously I know AMD CPUs also have security flaws. I was just referring specifically to this NetCAT vulnerability.
 
  • Like
Reactions: PC Tailor
PC Tailor said:
You say that, they also have security flaws.

However I always take this with a bit of a pinch of salt, as ultimately, these flaws are being discovered by people being paid to find these flaws, and Intel still currently hold the mass market share, especially in commercial / business industry. So ultimately, its where you'd direct all of the funding and research of cyber security.

You'd also be directing a lot of that work into the working industry, which are still predominantly Intel.

I believe AMD will also have it's series of flaws, just there is less focus to find them. Not to say there is no focus, but less.
Click to expand...

Agreed. Flaws are more often found in major market holders as they will target them first. It is like when they said "CMacs don't get viruses" yet there have been a few, especially in recent times. It just takes time for these to be found.

That said my favorite part is this:

limit direct access from untrusted networks
Click to expand...

ANY IT admin would have a network designed to already do this. This is an issue that will only be seen by people who do not secure their networks properly.
 
  • Like
Reactions: PC Tailor
jimmysmitty said:
"CMacs don't get viruses" yet there have been a few, especially in recent times. It just takes time for these to be found.
Click to expand...
What do you mean?! Macs DON'T get Viruses ! 😉

No, because If I was a hacker trying to steal information, I'd definitely NOT go for the OS that holds around 80% of the market share 😆

Most of those security problems won't be aimed at the general home user anyway, if an advanced enough programmer wanted to do the research and exploit these, they wouldn't be desperate to get into Steve's from Liverpool home computer so they can look at his Ibiza photos.
 
Do you really think that there is the same difference in interest in finding bugs in Intel to AMD CPUs as the difference in bugs found? I'm sure Intel wouldn't mind paying for flaws found in AMD and maybe even more than in Intel (no matter officially or not).

Also, why just talk about AMD? Is there less interest in finding bugs in ARM? Do they have less market share or their market segments are less interesting? No they aren't.

The truth is Intel on deserved 1'st place of all major CPU vendors.
 
setx said:
Do you really think that there is the same difference in interest in finding bugs in Intel to AMD CPUs as the difference in bugs found? I'm sure Intel wouldn't mind paying for flaws found in AMD and maybe even more than in Intel (no matter officially or not).

Also, why just talk about AMD? Is there less interest in finding bugs in ARM? Do they have less market share or their market segments are less interesting? No they aren't.
Click to expand...
Look at where ARM CPUs are used compared to x86 CPUs are used. What do you think is a more appealing target, cell phones or data centers? And Intel still has the vast majority of data centre market share.

Edit: Well this is embarrassing, as pointed out below I forgot about the huge embedded market for ARM.
 
Last edited:
  • Like
Reactions: PC Tailor
TJ Hooker said:
Look at where ARM CPUs are used compared to x86 CPUs are used. What do you think is a more appealing target, cell phones or data centers? And Intel still has the vast majority of data centre market share.
Click to expand...
I think that all those embedded devices are way, way more appealing target than data centers. Because data centers will just roll out update next week and security hole is mitigated while majority of embedded devices won't have any updates until they are decommissioned several years later.
 
  • Like
Reactions: bit_user and TJ Hooker
setx said:
I think that all those embedded devices are way, way more appealing target than data centers. Because data centers will just roll out update next week and security hole is mitigated while majority of embedded devices won't have any updates until they are decommissioned several years later.
Click to expand...
All or most of these side channel attacks seem to require you to already have malicious software running on the machine. For an embedded device that seems like it would be difficult (and if they succeed it's probably already game over at that point), but for cloud computing data centres a would-be hacker can simply rent a VM.

Edit: But yeah, I did somehow manage to forget about embedded systems when I thought about where ARM is used, derp...
 
Last edited:
  • Like
Reactions: Keviny Oliveira
PC Tailor said:
You say that, they also have security flaws.

However I always take this with a bit of a pinch of salt, as ultimately, these flaws are being discovered by people being paid to find these flaws, and Intel still currently hold the mass market share, especially in commercial / business industry. So ultimately, its where you'd direct all of the funding and research of cyber security.

You'd also be directing a lot of that work into the working industry, which are still predominantly Intel.

I believe AMD will also have it's series of flaws, just there is less focus to find them. Not to say there is no focus, but less.
Click to expand...



But at the same time, its not like nobody has been trying to target AMD specifically to find flaws in their architecture -- do you not recall the shortsellers, "Viceroy" and their AMD scandal with that Israeli "IT" company? Millions and millions of dollars were on the line there, and I'm pretty sure with that potential purse, they didn't do a half-assed job in trying to find vulnerabilities. (the issue for them was that the risk of the vulnerability was relatively low and proper mitigations were very easily and quickly applied - well that and everyone started to see the scam for what it was).

You are right in sentiment, but I don't think the disparity is too terribly major. I am fairly confident that the people finding these flaws are testing for them on both AMD and Intel -- Intel certainly would have interest/benefit and resources to make it so.

That said, I also believe that AMD is pretty quiet on Intel vulnerabilities, because if they start marketing for that, it could easily turn around and bite them at some point in the future.
 
Last edited:
  • Like
Reactions: bit_user
PC Tailor said:
No, because If I was a hacker trying to steal information, I'd definitely NOT go for the OS that holds around 80% of the market share 😆
Click to expand...
In fact, no, Windows has more vulnerabilities because it is important to the anti-virus market, one example is Android, you will only get a virus (although Google services works like Spyware) if you download something outside your store (I mean virus appears in the Play Store, as it already had in the Ubuntu Snap Store there will always be vulnerability and someone wanting to exploit it after all is part of life with the technology level today).
 
Keviny Oliveira said:
In fact, no, Windows has more vulnerabilities because it is important to the anti-virus market, one example is Android, you will only get a virus (although Google services works like Spyware) if you download something outside your store (I mean virus appears in the Play Store, as it already had in the Ubuntu Snap Store there will always be vulnerability and someone wanting to exploit it after all is part of life with the technology level today).
Click to expand...
I wasn't referring to vulnerabilities, it's logical that if you are attempting to infiltrate a market, you will naturally aim for the one that holds a huge market share, where the most common people are using it, easy information, plenty of stupid people using the software without adequate protection, easy picking :)
 
PC Tailor said:
Most of those security problems won't be aimed at the general home user anyway, if an advanced enough programmer wanted to do the research and exploit these, they wouldn't be desperate to get into Steve's from Liverpool home computer so they can look at his Ibiza photos.
Click to expand...
What about installing a keylogger, so you can steal his online banking password and empty out his bank account? Or get enough info to steal his identity and take out a big loan in his name? Or encrypt his hard drive and charge him $1k to unlock it? After succeeding at one of those, a few times, poorly-secured home users start to become much more attractive targets.

While you're not as big a target as a multinational corporation, the average home user also isn't nearly as well secured. Don't be complacent.
 
joeblowsmynose said:
I am fairly confident that the people finding these flaws are testing for them on both AMD and Intel -- Intel certainly would have interest/benefit and resources to make it so.

That said, I also believe that AMD is pretty quiet on Intel vulnerabilities, because if they start marketing for that, it could easily turn around and bite them at some point in the future.
Click to expand...

When you are one step ahead of the crowd, they see you as a genius. Two steps ahead and you are deemed a crackpot.
Click to expand...
You, sir, are a crackpot.
 
PC Tailor said:
it's logical that if you are attempting to infiltrate a market, you will naturally aim for the one that holds a huge market share,
Click to expand...
Yes, but for this chance to exist, it is necessary that the product or software has these "doors" open, after all hacking is not easy but if the product or software facilitates why not exploit 😉😉😉
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom