Announcement

Collapse
No announcement yet.

AMD CPUs Are Potentially Vulnerable To Spectre / Variant 2

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    "Last week in light of the Spectre disclosure. AMD believed they were at 'near zero risk' to Variant Two / Branch Target Injection. But now the company confirmed last night that's not the case: they are at least potentially vulnerable."

    I mean no offense to the author, but that is sort of a dense interpretation. The whole point of AMD's updated statement was to counter the public perception of increased vulnerability versus their original statement which appears to be what the author is claiming. The rest of the tech media that I've observed so far seems to indicate that understanding, contrary to what was reported here.

    AMD originally said that they were theoretically vulnerable even though the exploit had not been demonstrated to work so far. That's what "near zero risk" means as opposed to "zero risk". That remains the case today as well. They've released a microcode update because "near zero" is not "zero". Of course they were going to work on mitigating the possibility before someone could figure out how to exploit it. It's not contrary to their initial statement and does not indicate an upwardly revised risk assessment.

    Comment


    • #12
      I'm checking all TCP packets for the 'evil bit'. Should be enough, no?

      Comment


      • #13
        Originally posted by starshipeleven View Post
        AND IF YOU WANT MONEY ADD givememoney TO BOOT PARAMETERS«
        AND IF YOU WANT A GIRLFRIEND ADD foreveralone TO BOOT PARAMETERS

        Comment


        • #14
          Correct me if i'm wrong:
          If i understand correctly, AMD CPUs are only vulnerable when the attacker has physical access to the machine... In which case, one can argue that every CPU ever made or that ever will be made is going to be vulnerable to some kind of exploit...

          Comment


          • #15
            Originally posted by starshipeleven View Post
            AND IF YOU WANT MONEY ADD givememoney TO BOOT PARAMETERS
            Will this still work with kernel 4.10.0? I don't want to upgrade because I heard it causes network driver issues.

            Comment


            • #16
              I'm curious if they this time really will release microcode for Ryzen. The last microcode update (the one that fist did and then did not disable branch prediction) turned out to be Epyc only...

              Comment


              • #17
                Originally posted by nomadewolf View Post

                AND IF YOU WANT A GIRLFRIEND ADD foreveralone TO BOOT PARAMETERS
                You need to falsify it:
                Code:
                foreveralone=0
                You should probably also append:
                Code:
                allbymyselfdontwannabe=0
                source: Celine

                Comment


                • #18
                  AMD, please fix this: https://bugzilla.kernel.org/show_bug.cgi?id=196683

                  Comment


                  • #19
                    Add another vulnerability for INTEL this time: https://arstechnica.com/information-...ment-firmware/

                    In words of w40k orks: 'ere we go 'ere we go!

                    I wonder what the total tally of side-channel and "management engine" hacks are going to be in the end!

                    Comment


                    • #20
                      So...with all this talk about microcode fixes for Ryzen/Epyc what about Excavator/Bulldozer arch and APU's like Carrizo/Bristol Ridge?

                      Comment

                      Working...
                      X