Initial AMD Technical Assessment of CTS Labs Research

Let's be modern, We Have To Blame Russia. We Must Be Sure that They Want to Promote their Baikal Chips.

 

Intel had nothing to do with this... Unless you have some proof to the contrary....

 

Hose off eh. I am going to blame China because no one else is.

 

Don't you know? This is 2018 in the guru3d forums, where conspiracy theories are facts.

 

My computer is varnurable to molotov attacks please amd and intel fix this!

 

Blame Germany.
I already started to feel guilty, but please tell me why. *lol*
(Pre-guilty-fication! Feeling guilty before you know why! Pro-active behaviour! You can learn a lot from us Germans!)

But BTT:
So AMD says they can fix almost every issue by software patches? This doesn't sound like CTS labs' assumption they cannot fix it. (Nice btw.! I like that! GO AMD! GO GO GO! Now sue them to death!)
But one thing comes to my mind: We are talking about AMD's way of "insecure" security management chips, right? Wasn't there an outcry when intel's ME came up about the facts it is encrypted and noone is able to modify the firmware (digitally signed, checksums, etc.) and all is hardlocked and Intel is a bad guy because ME is locked down too much ("You are not the owner of your system anymore" and all this stuff) and has deep system access and so on? So AMD put out their security processor without most of this stuff, it doesn't require digital signatures on its firmware, so WHAT DO YOU WANT??!! This whole "security processor" stuff is useless from my point of view, so a user should have the option to DISABLE this completely.
A "signed firmware update way" ... couldn't care less! What does this change? Some years ago, while on training for my job, we learned how to fake MD5 checksums for example. Then there are tools out there, I think for Need For Speed (cannot recall what part) which change the checksum (I cannot say if MD5 or what) after you edited your savefile (money, parts and stuff, you know?) to match the one you had before, so NFS does not think you modded the savefile. You are able to sign your own drivers, for example win-raid.com does that for their edited drivers (some kind of universal drivers which fit on most systems / chipsets) and that is a good thing, because you do not have to enable the "developer mode" or accept any unsigned drivers at all. So where does "signing a file" provide you with more security? If I would be able to block my oldest daughter from accessing bad youtube videos, THAT would increase security A LOT from my perspective.
And as it was said so much times before: ASMEDIA chips are not only part of AMD's boards, but that is a whole other issue and should be separated from the main outcry, because it is not specific to AMD's devices.

This is yet another conspiracy theory, and written on guru3d, so it must be fact, too. ;-)

 

It's a firmware update, not software.

Until someone provides solid, substantiated proof that Intel was somehow involved, it's best to avoid the accusation entirely. It doesn't do anyone any good.

 

Wasn't disagreeing.

 

Yes, perhaps I'm overreacting. Intel is known for employing truthful and honest business practices, and this would be a big stain on their otherwise clean name.
I can't help but wonder, when I take into account everything that was laid out, who gets to profit from such "terrible news" about AMD processors?

1. Marketing-type videos produced by a previously-unknown security research company
2. Extremely short 24 hour notice to AMD before the "security issues" are publicized
3. Hyped up "security issues" which require ADMINISTRATIVE access to exploit, at which point your computer security is already down the toilet
....
Just seems like an attempt to slow down the AMD sales, probably manipulate stock prices etc