Does the CTS report seem a little fishy?

All 4 of the exploits require administrative access.

One of them requires you to reflash the bios with compromised firmware as a prerequisite.

One of them requires that you somehow have compromised drivers signed by the fucking hardware manufacturer.

But they did previously work at intelligence agencies.

>Guys admin access and flashing a bad BIOS is bad

Wow wee

My phones bootloader can be reflashed with elevated access. Is this a critical vulnerability of qualcomm processors?

Remember to screencap op pic and spread it. Fuck shintel and their damage control.

Citation Needed

>screencapping the pic
>not just rightclick and saving it

>One of them requires that you somehow have compromised drivers signed by the fucking hardware manufacturer.
What is an NSA?

>website exposing AMD "vulnerabilities" goes up
>extremely over-designed, with infographics and logos ready on day zero
>the company behind it is, at most, a year old
>whois is scrubbed of information
>they only have AMD 24 hours notice before disclosure
>whitepaper is extremely strange, reading almost like a press release, with almost no technical details
>they're based in Israel, where Intel recently opened a shiny new factory
>viceroy research created an article about how AMD is going to drop to $0
>several news outlets published articles IMMEDIATELY after the site went up
>scroll down to the bottom of the page
>Media Inquiries - Jessica Schaefer, BevelPR: [email protected]
>bevelpr.com
>At Bevel, we are powerful influencers that will help you define what success means for your business. We are unbound by tradition yet grounded in the fundamentals. By helping you to align your communications with business objectives, we will develop a message that is unique to your firm that will penetrate the global markets and connect you with your varied stakeholders. We act as your counselor – the beveled edge that brings together two groups essential to success.
>bevelpr.com/expertise/
>We are known for our extensive media relationships and network. Let us connect you with the right reporters, bloggers, analysts and influencers who will understand your business and share your perspective with the markets.
>We produce videos, apps and social media updates as part of an interactive communications campaign.
>Our in-house creative services team will take your pitch and develop a design that catches the attention of your prospects in a memorable way.
>We leverage our deep media relationships to minimize impact and ensure accuracy and integrity in reporting.
>Jessica Schaefer, the media contact at Bevel, is also the CEO, and she seems to be the only publicly-registered employee

About what? The exploits. Literally just read their "whitepaper".

Hmm... I wonder why they're "former" members of intelligence agencies...

The point is that someone being able to arbitrarily sign drivers is not the fault of the firmware or hardware, and there's really nothing you can do to protect against it.

It has nothing to do with ryzen, it's just basic fucking security. The chain of trust has to end somewhere, and if your trust source gets compromised, there's nothing you can do.

get in the oven schlomo.

(((CTS Labs)))

Attached: Screenshot from 2018-03-14 11-02-13.png (3840x2160, 3.44M)

Are these threads being deleted? I smell a rat.

Attached: 1520981492246.png (439x290, 141K)

I mean at one point there probably were too many but it's nice to see 90% of the internet calling BS on this now.

I see 5 threads up right now about it

I was shitposting in one the pruned threads.
Reasonable, since the main ones are still up and going. It was a good job frankly.

>Two of the exploits need root by the way, and one requires a reflash
all of them, actually. and, apparently, 2 of them required modded BIOS files.

Actually it was this exact one. I see the OP rebooted it.
I thought I was posting in another thread.

buy AMD and crush their schemes!
crash their shorts.

>gave AMD 24 hours notice of these exploits
>registered the website for them 3 weeks ago
>it's some fancy site full of graphics and logos instead of technical details
>the language used is obviously trying to spread FUD
>the company behind this hired a PR firm for this release
>they're also quite possibly connected to Viceroy Research
>the white paper and the website have no proof that their claims are true, or any details about them
>the backgrounds in the videos from their "labs" are just stock images
>disclaimer on the website says the company may stand to profit off of this
Nothing strange here. Honestly, even if these exploits were real, they require root privileges for even the easiest of them. It's like if someone could break into your house already, but now they can install video cameras. The severity is massively overplayed.

Attached: 1345931584462.jpg (448x276, 15K)

>Literally just read their "whitepaper".

Reminder: The highest quality academic journal for the information security field is literally named "Proof of Concept or Get the Fuck Out"

Attached: main-qimg-154c49d5a4f2aa30fc28f9b30cc8d71f-c.jpg (569x564, 123K)

My point was that, that's the evidence that the exploits all require root access. They're literally the ones claiming they do.

Obviously this is all a load of bullshit or else they'd have already shown their POC, but y'know.

>"Proof of Concept or Get the Fuck Out"
Great mag, btw.

***AB SO FU CKING LU TE LY THIS***, though dan guido says he actually received the PoCs and ran them:
twitter.com/dguido/status/973628511515750400

^ interesting

>Israeli security firm that outright says "We have a conflict of interest" that may or may not have caused us to handle the release of this information the way we did
I am genuinely pleasantly surprised that they had the courtesy to admit it.