| Submit your comments on this article |
| Science & Technology |
| Researchers find 'critical' security flaws in AMD chips |
| 2018-03-14 |
| Security researchers said Tuesday they discovered flaws in chips made by Advanced Micro Devices that could allow hackers to take over computers and networks. Israeli-based security firm CTS Labs published its research showing "multiple critical security vulnerabilities and exploitable manufacturer backdoors" in AMD chips. CTS itemized 13 flaws, saying they "have the potential to put organizations at significantly increased risk of cyberattacks." The report comes weeks after Intel disclosed similar hardware-based flaws dubbed Meltdown and Spectre, sparking widespread computer security concerns and a congressional inquiry. CTS said the newly discovered flaws could compromise AMD's new chips that handle applications in the enterprise, industrial and aerospace sectors, as well as consumer products. In a 20-page white paper, the researchers said the AMD Secure Processor, the gatekeeper responsible for the security of AMD processors, contains "critical vulnerabilities" that "could allow malicious actors to permanently install malicious code inside the Secure Processor itself." |
| Posted by:g(r)omgoru |
| #8 Murphy's law in action. |
| Posted by: Seeking cure for ignorance 2018-03-14 19:11 |
| #7 Do we have idiots designing our chips? |
| Posted by: Vespasian Protector of the Hatfields9991 2018-03-14 16:25 |
| #6 There has been a lot of unusual AMD puts buying the last few days. We now know why. If the SEC is not asleep, an investigation of CTS Labs and friends should lead to a lot of fines and indictments. BTW, the only way to exploit these flaws is to first have the root password. In that case, you are already F'd. |
| Posted by: Throter Spock4390 2018-03-14 15:59 |
| #5 It's real and disclaimers are an attempt to avoid being sued. |
| Posted by: g(r)omgoru 2018-03-14 12:26 |
| #4 Put in english - they took out options against AMD stock and then released the report. So is it real or is it an attempt to skew the market? |
| Posted by: 3dc 2018-03-14 12:03 |
| #3 The four classes of vulnerabilities—dubbed Masterkey, Ryzenfall, Fallout, and Chimera—were described in a 20-page report headlined "Severe Security Advisory on AMD Processors." The advisory came with its own disclaimer that CTS—the Israeli research organization that published the report—"may have, either directly or indirectly, an economic interest in the performance" of the stock of AMD or other companies. It also discloses that its contents were all statements of opinion and "not statements of fact." Critics have said the disclaimers, which are highly unusual in security reports, are signs that the report is exaggerating the severity of the vulnerabilities in a blatant attempt to influence the stock price of AMD and possibly other companies. Critics also faulted the researchers for giving AMD just 24 hours to review the report before it went public and using a dedicated-website to bring attention to the flaws. |
| Posted by: 3dc 2018-03-14 12:01 |
| #2 Are Intel's flawed chips made in China too? |
| Posted by: Bright Pebbles 2018-03-14 11:41 |
| #1 Additional detail. Taiwanese = China Good reasons to manufacture "critical" products and components at home. Globalism not always a good idea. |
| Posted by: JohnQC 2018-03-14 05:48 |