Israeli researchers reported finding issues

These (((vulnerabilities))) literally require the system to already be compromised. Are people really this fucking dumb to be buying this shit?

Apparently, those shareholders that use Yahoo Finance are.

Most people who buy CPUs (including "tech enthusiasts") have literally zero idea how they work, how many security flaws exist within them or how they would affect them. The facts are pretty much irrelevant to them, because they don't have even a basic understanding of them. This is already being sexed up as much as possible by tech sites, with clickbait headlines declaring "major flaws" in AMD CPUs. You only need to go look at some comments sections and forums outside of r/AMD to see that people are lapping this up already.

Whoever funding/paying these "researchers" knows most people are just gonna read the headlines. That's already good enough to fuck with AMD shares.

Oy vey...

Attached: jer01nov14BAZ.jpg (1500x1054, 145K)

AMDPOORS BTFOOOOOO

>Requires reflashing the bios and root acess

Attached: merchant.jpg (640x480, 25K)

Fucking hell, it's almost too silly to be true.

>firmware exploit requiring local root access
>compariable with unpatchable hardware flaw exploitable by anonymous javascript
If anything, this is comparable to the IME flaws. Except those were remotely exploitable.

>all ryzen boards literally have in-silicon taiwanese backdoors from ASMedia
I want a taiwanese backdoor to rest my peepee in >.

Attached: 1517866196912.jpg (539x800, 344K)

>requires reflashing the bios and root acess

Attached: WhoIsThatPokemon.gif (452x523, 4K)

Sup Forums was right all along.

>I don't think anyone is surprised that you can do bad stuff if you can reflash the BIOS.
While true, it's also true that if you've just got a malicious BIOS installed, worst case scenario is you can just replace the BIOS chip itself, whereas if someone has used this to reflash the memory inside your CPU or chipset, that's a wee bit more costly replacement.

>wew, it's actually nothing
It's actually really great, one might be able to make something like me_cleaner for PSP with that. This is great news for all freedom loving people.

>the company gave AMD a 24 hour notice instead of the 90 days that are recommended and in some countries required by law

Even an Intel fanboy has to look at this and think come the fuck on

go away, inturd

Security flaw found in linux: you can gain admin access from any administrator login!

Stop molesting my trapwanese backdoor please

Attached: h3a.png (549x641, 283K)

Holy fuck selling all my Linux stock now

I remember some DOS-era malware that did that.

"Responsible" disclosure is a meme. I fail to see why should I as a researcher be forced to not inform the public of any danger that they are in and wait trusting that a company that makes proprietary software and hardware respects its customers.

Attached: 1513488500132.jpg (357x303, 32K)

>AutisticMicroDicks will defend this

Attached: kek2.png (298x288, 100K)

guise if you open terminal and type su then enter a series of numbers, letters and or symbols all you need to do is press enter YOU GAIN ADMIN POWERS
linux is FINISHED!

Attached: KTnfQcq.gif (480x320, 718K)

Attached: Intbecile Inside.gif (438x403, 15K)

>This security flaw allows AMD users to run their processors at clock speeds higher than AMD's specifications, possibly causing hardware damage.
well gosh

>I remember some DOS-era malware that did that.
What equipment did you have in the DOS era that could be reflashed at all?

>ASMedia
Only A320, B350 series and only gen1 Zen AM4 boards from AsRock, Gigabyte, MSi. Anus and BioStar should be fine.

LMAO what a massive faggots

>I fail to see why should I as a researcher be forced to not inform the public of any danger that they are in and wait trusting that a company that makes proprietary software and hardware respects its customers.
Because allowing them some reasonable amount of time to produce mitigations would be the responsible thing to do.

If the exploit is out in the wild, it's likely that it's already been found. If it hasn't been found, then you as a researcher are likely the first to have discovered it.

With that in mind, immediately exposing the exploit puts MORE people at risk, because not everyone reads that kind of news and now all malicious actors know of the exploit.

Giving a company time to patch means that it can be fixed before malcious actors learn of it. If the company takes too long, indicating a lack of desire to solve the problem, then it's best to expose the exploit and give people a chance to jump ship, since its only a matter of time until malicious actors figure it out.

Responsible disclosure doesn't just apply to proprietary software and hardware hardware, either.

>I fail to see why should I as a researcher be forced to not inform the public of any danger that they are in and wait trusting that a company that makes proprietary software and hardware respects its customers.
Is this exact example not enough for you?
>LISTEN UP EVERYONE! THE PRODUCTS FROM [X] COMPANY HAVE PROBLEMS! DO NOT BUY!
>Whoops, turned out it's a non issue for pretty much everyone. Sorry about dragging your name through the mud btw

>Linux stock
REMEMBER THE CRASH OF 99/2000! NEVAR FORGET!

funny that most problems only appear when you use windows 10, too.

When Intel Jews compare it to the Meltdown or IME exploits, yes.

Attached: 3409539.png (544x544, 1.13M)

>I fail to see why should I as a researcher be forced to not inform the public of any danger that they are in and wait trusting that a company that makes proprietary software and hardware respects its customers.
So they have time to fix the vulnerability before criminals can use it? Imagine if shellshock was made public before any fixes.

>vulnerabilities are found in intel processors
haha guys they are absolute shit and le housefire meme everywhere
>vulnerabilities are found in Aymd processors
evrything is ok and its just a false flag because le joos found them

how hypocritical Sup Forums can be

I know you're just shitposting, but in case you're not, I genuinely urge you to learn how to read.

>All those dump "Investor" panicked.
It's time to buy AMD stock.

amd is Sup Forums's nintendo

Intel has hardware vulnerabilities that can be exploited through javascript on a website and can't be fixed without redesign, and AMD has software vulnerabilities that can only be performed on an already compromised system and can be fixed with an update.

>vulnerabilities are found in AMD processors

Nope: ~

These are literally not real vulnerabilities.

Nah, it's actually , really.

$AMD rallying 4.17%

Fuck these heebs

Attached: amd.png (413x289, 13K)

Dear Intel shitposters, why did CTS not include any technical details in their white paper?

lol@amdfanboys literally cant play overwatch with 60 bits but will defend literal s*it

Posts like these are a great insight inside the mind of a 60 IQ subhuman.

Stock up 4% now

>Because allowing them some reasonable amount of time to produce mitigations would be the responsible thing to do.
I am not getting paid to do it, why should I try to be "responsible" to them? Especially when they are a for-profit company that creates proprietary hardware and software.

>With that in mind, immediately exposing the exploit puts MORE people at risk
This is a good thing, I am one of the people who actually were happy with wannacry. That way people will learn to demand their freedom.

>Responsible disclosure doesn't just apply to proprietary software and hardware hardware, either.
For me it does not apply at all to proprietary software.
Moreover there is no point of responsible disclosure of vulnerabilities in foss projects are there is the consent of fork and the ability for anyone to modify the software.

>turned out it's a non issue for pretty much everyone
They say in their paper how much of an issue it is for every vulnerability.

>before criminals can use it?
How about before people who want to free their devices?
And yeah, having criminals to use it is a great thing, that way more people will learn to demand their freedom.

>Imagine if shellshock was made public before any fixes.
Well, it was before the proper fix I think.

In any case, it's not like they published working code.

>Intel has hardware vulnerabilities that can be exploited through javascript on a website
Did it? I admit that I have not been following the meltdown story. Is there any link? I presume that they patched it on the browser end by changing the JIT code generator?

>AMD has software vulnerabilities that can only be performed on an already compromised system and can be fixed with an update.
And this is a great thing for people that want their freedom.

>the holocaust wasn't real, no evidence needed because da joos

I presume because they wanted to publish it soon. I would wait a few weeks to see.

Attached: 1500565990856.jpg (540x797, 79K)

Jesus, you have brain damage, my friend.

Attached: 1497658837285.gif (2000x1153, 365K)

Quality argument.

Attached: 1492793997002.jpg (967x1400, 383K)

>Israeli
Obviously fake news.

OHHH SHITT
This user droppin the bantz.
Too funny mah dog.

First words are
>I am not getting paid to do it
FUCK PAID SHILLING, IS INTEL HOLDING YOU AS A SLAVE SHILL user???!!!

60 is not subhuman, 21 or less is. Average Apple fanatic has 18, average X-Box fanatic has 20, average Intbecile has 15, average noVideot has 5.

>I am not getting paid to do it, why should I try to be "responsible" to them?
The ones you're being responsible to are the users of the hardware/software in question, not the makers of it.

>autism = the post

>everyone who disagrees with me is jewish, works at intel, and a cuck as well!
In any case, please do feel free to post what you disagree with.

Not paid by AMD to find their bugs as a security researched, I thought that it was clear from the context.

And I am being responsible by letting them know.

Attached: 1516751164313.jpg (1441x2048, 543K)

Fuck you its now only down 1,79 %

>And I am being responsible by letting them know.
No, that is what's called irresponsible, since it allows attackers to exploit the shit out of them before mitigations can be produced. You are responsible by letting them know *after* you've given an opportunity the produce mitigations.

I'm really glad you don't actually know anything about security, and so you'll never actually discover any bugs.

Hnnngg those legs, source please.

because if one of only two companies that makes decent CPUs dies it's straight down to dark ages for 5th time in human history from that point
people don't really understand how vulnerable whole semiconductor industry is due to how complex it is?

>because if one of only two companies that makes decent CPUs dies it's straight down to dark ages for 5th time in human history from that point
Kill yourself. Even if both AMD and Intel went under, the remaining CPUs are more than powerful enough for anything humanity needs.

Can I have some of the drugs you're ingesting?

>that is what's called irresponsible
I disagree, the vulnerabilities exist so I have to inform the people who have them as government agencies, the AMD/whomever else produces the chips, or even criminals might have access to them.

>since it allows attackers to exploit the shit out of them
And this is great, then they might move to free hardware such as risc-v and maybe even give a push to modern safe OSes.

>I'm really glad you don't actually know anything about security
Why? Are you a non-free software developer?

JC no life

>because if one of only two companies that makes decent CPUs dies
RISC-V will become popular!

Attached: 1511485341349.jpg (1441x2048, 597K)

Morpheus might be able to spare some redpills if you go and ask him

>I disagree, the vulnerabilities exist so I have to inform the people who have them as government agencies, the AMD/whomever else produces the chips, or even criminals might have access to them.
>What is **reponsible** disclosure
Are you actually retarded or baiting?

Mention anything at all outside of gaymes that you absolutely need an x86 processor for.

He's right though

ThunderX and Power9 are MORE than humanity needs

Sorry, JC no life was for No idea where this is from, I think it was from a gender bender but I am not sure.

This is exactly what responsible disclosure is.

You're dumb for repplying to obvious bait.

>I disagree, the vulnerabilities exist so I have to inform the people who have them as government agencies, the AMD/whomever else produces the chips, or even criminals might have access to them.
If you simply disclose it, then criminals totally certainly have access to them, whereas if you allow time to produce mitigations, that's merely a risk. You make exactly nothing better by being rash.

just stock manipulation from the kikes

>JC no life
Thanks... another non-h manga orz

There is no code nor are the vulnerabilities exactly in the clear. Only a short description of them. How do they have access to them exactly? The only thing that this does is warn the public.

>from the kikes
Kikes are usually smarter than that.
It's the usual $AMD short crowd.

imagine all servers gone. just for a second.
for one complete economical and banking collapse, back to 19c economy

Yes, this """announcement""" is completely pointless and only serves Intel's monetary interests, but that's a different thing, unrelated to responsible disclosure.

What's the point of ''warning'' the public? Right, shifting the market towards competitors.

they are saying they're going to fully disclose it to the public in 24 hours

You know, Intel and AMD going under doesn't mean that the servers previously produced using their technology go up in smoke.

Found it sukebei.pantsu.cat/view/1828319

Attached: 1473531036407.png (1832x2600, 1.24M)

sure, first 50 years, you know complicated knowledge has tendency to fade away?

>All these fake news articles from "tech" sites that are just copy pasting this completely useless white paper that includes no code or anything technical whatsoever.
It's actually disgusting, what should be the consequences for these sites?

Yes, but as I said, there are tons of other manufacturers of CPUs, and those are more than powerful enough for any needs humanity might have.

>Kikes
>smarter

Attached: Golden Inturd.jpg (1428x2160, 1.17M)

Dumb amadaposter.

Apparently there is also a PSP privilege escalation vulnerability. This will be great for projects like libreboot.

>oh no, they told people of the existence of the vulnerabilities, what shall we do!!!
Literally everyone in the security community supported Tavis Ormandy when he told the public about the MS security issues. Letting the people know about their devices is more important than your jewgold.

See above.

Sounds good. Also if they waited you would probably say that this all it's fake anyway.

Thanks user.

>what should be the consequences for these sites?
None? Free speech is important.
If you want you can criticise them in public and stop using them but that's all.

Attached: 1494505334149.jpg (640x480, 173K)