Followed by the news of the Zombieload v2 attack news today, Intel yesterday posted a security blog, in which they state to close 77 vulnerabilities in November.... Intel will be addressing 77 security vulnerabilities this month
First, I believe everything in this news item beyond the first paragraph is from Intel's update, so the wording is from them. Thanks @Hilbert Hagedoorn for posting it nonetheless. And at the same time, you have to get them yourselves: So yeah... thanks for letting us know (since we even bother to reach out for tech sites) that we have to do any patching ourselves? Great customer support. So... when's Zen 4k going to release?
DAAAAAAAAAAAAAAAAAAAMN...….. Feeling better and better about my step over toward the red side. I don't even like the idea that I still have to install Intel drivers for my Lan shtuff on my AMD system. Heck I never liked seeing the "AMD Core Optimizer" installed on my Intel system before. Intel has to be taken up on all of these hardware level vulnerabilities that are just pouring out of them. There needs to be another form of repercussion against them I believe.
Some lawyers woke up today with a LOT of stuff to, suing people and companies, make some cash out of it. IMHO, Intel, why oh why wouldn't you go open source on Management Engine or disable it completely and develop some layered security mechanism which can me improved constantly by a huge open team? This applies to AMD, of course, they still have PSP active on their CPU and uses security by obscurity. I guess we will never have something good and cheap. We pay with out data and our privacy.
Haha well, it's not really security by obscurity anymore when everyone malicious knows it's available. I guess the "obscurity" part comes into play considering AMD's relatively low market share, and, the amount of viable use-cases for PSP.
DAAAAAAMN, RX 5700 series has a driver written from scratch. Just imagine how many bugs lie in there that weren't found yet. Zen is a clean sheet design which, inherently has some new bugs that weren't present or were fixed in previous uArch. If a bug wasn't found it doesn't mean it doesn't exist. So I think that all this bad press for Intel is just intentional to lead people into believing that AMD, ARM and whatever chip maker exists in this world doesn't have security bugs. Intel has the bad luck of being the big boy so everyone focuses on Intel products to find vulnerabilities. I can bet that if people would focus on AMD or ARM products they would find at least as many bugs as they already found in Intel products.
You're halfway right. I'll explain my point. Yes, hardware has vulnerabilities, some discovered, some don't. Every modern processor has something that can be escalated, doesn't matter the brand. To vast majority of worldwide users, hardly matters. Ignorance is bliss, right? But to those who matters, the important thing is HOW you deal with your brand, hardware and vulnerabilities. Intel didn't handle it like pros, they tried to smear everyone, and launched some shady tactics at AMD. AMD took it like it should, and did their thing. Is AMD the hero here? Hardly. But how they managed their problems in the eyes of the consumer matters. It's about perception.
