The AMDFLAWS folks are getting a lot of flak, much of it rightfully so: for overhyping, bad disclosure process,etc. But escalation from root to secure enclave is actually not nothing. Why is this so easily dismissed? Malware in VTL1 is also a threat that seems valid to me.
You know, I fully agree with all of this. I don't agree with the "that aren't relevant bugs, if they are shown to actually exist" analysis.
-
-
in this case it is hard to follow from the "analysis" to an actual problem, even though they describe it very clearly. at least 50% of this smells like a short-selling campaign and that is a smell that makes every analysis smell bad.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
which is the core problem of this case. what made them take this path of disclosure, making everything so fucking problematic. even without proof, we know that Spectre is a problem because of the speculative nature of modern pipelines, the analysis showed the core problem.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.