So this http://AMDflaws.com business... CTS Labs asked us to review their research last week, and sent us a full technical report with PoC exploit code for each set of bugs.
Show this thread
-
Have you had any previous dealings with CTS Labs, or the people therein? Any reason why a company like this would reach out to you in this way, before disclosing to AMD? Not trying to pick, just trying to understand if this is standard practice
They found us through a mutual friend. I had never spoken to them before, and I have no ongoing relationship with them. They sought us out because they were concerned about the validity of their findings.
-
-
Additional, just because I've seen people thinking you are being paid, having billed CTS for the work: Did you start investigating the issues first, then discuss billing arrangements, or did a contract come first? (People love to think everyone works for free, sadly)
-
- 3 more replies
New conversation -
-
-
Thanks, much appreciated.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.