After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip

archive.fo/8CPDI

Why Sup Forums is not talking about that? When it comes to Intel everybody says something.

Other urls found in this thread:

archive.fo/8CPDI
twitter.com/NSFWRedditGif

because no one actually has amd processors.

I think I've got an old beige box with a duron or something.

well let's see, AMD has acknowledged and patched the exploit, and it should trickle down to OEMs soon. The 90-day disclosure window just ran out on this.
Still more transparent than Intel (and until now, I used to be a bit of a shill. No more.)

it wasnt ME it was since 1995 intel are stupid pieces of shit
realy

>Cohen's post described the vulnerability as remote code execution flaw. However, physical access is a prerequisite.
Because it's a big old all beef nothingburger.

only because it requires getting off your ass and fumbling around with the target computer

>archive.fo/8CPDI
Shows two screenshots with it disabled, ffs. Did you even read the article?

"Haha intel is so shit look at their botnet ME and the meltdown they're so incompetent"
"Now hold on there partner sure AMD has their own version of ME and a similar bug as Intel but look at Intel not AMD because they're bad"
God I hate AMD fags.

THIS ISNT THE SAME THING FUCKING FAG
BOTH have those hidden os's right.
?
INTEL ARE HACKABLE WITHOUT HACKING THE HIDDEN OS'S IN 2000BIT

Yeah it's almost like Ivan Ivanovich Ivanofski can't build a botnet if it involves breaking into tens of thousands of houses.

Shit font.

You're a little late with this information but regardless of that it's something Sup Forums should be aware of and talk about.

tl;dr which OP and his link seems to have missed is that the firmware code is publicly available and it's that code that has a security flaw (they didn't even test it on the AMD PSP, just ran it in some emulator and found there was a problem with it there).

Good news is that this is a software bug that can be fixed with a software update.

The implications really aren't that serious. If you already have root / admin rights on a box then you can send a specially crafted certificate to it and possibly make it run your own code.

pathetic intel damage control

get a life

>requires local physical access

Not quite up there with passwordless remote login and remote overflow allowing JTAG on Intel.

Pretty sad actually.

Because the code that's drives the SPS is publically available and vulnerabilities to it can be easily patched out with a firmware update.

It's also not literally another OS running on your chip with higher than root access and http services unlike Intel's ME.

Most chips have a TPM for a very good and innocent reason. It handles cryptography securely and quickly without exposing it to side-channel or RNG attacks.

>after

we've known about it for awhile. its literally a non issue

>physical access is a prerequisite
Aye at this point you might as well just give the hackers your passwords

>the code that's drives the SPS is publically available
wait a sec, this is open source? AMD open sourced this?

There are two types of criminals in this world, those who are interested in your physical property and those interested in your bank account/shitcoins. Computer hackers don't break into houses for computer access because they are usually white.

If you are anyone important enough to attract hackers who are willing to break into your house, then you should already have the funds available for decent security systems and locks. You deserve to get your shit stolen if you are stupid enough to not have any of that.

This. At this point is pretty clear Intel has paid shills trying to kick up dirt on AMD even when it's literally fucking nothing. Like this requires some corporate espionage shit, actually getting into offices to exploit it but at that point this is the least of your worries

Because if I find shit in the toilet, its not all that surprising.

Intel absolutely desperate to blow smoke over this meltdown fuckup. I posit the embargo PoC is going to BFTO the fuck out of Intel's shitty product.

Doesn't the Intel one allow unfettered memory access, and the AMD one requires a vulnerable program? Not quite the same.

>However, physical access is a prerequisite.

As far as he knows today.

That comment is an absolute holocaust someone call the Hague on this antisemite Nazi! HITLER HITLER

But when I find a log of shit in the middle of my kitchen, then I know something is not right.

Intel would have you believe a nugget floating in the latrine is the same as having diarrhoea smeared all through your house and anyone walking by can lob a big turd in your open front door.

>ashkeNAZI
no jew

Because it's basically a non-issue at this point. Intel's fuck up is several times larger in scale and affects much more than this bug will.