-
Had a lot of fun speaking about
#AMDFlaws at#BlueHatIL today. Thank you all for coming! Slides are available at http://cts-labs.com/past-publications …@uri_farkas -
Linus Torvalds on the
#AMDflaws, now referring "security people" as having an "attention-whoring problem"
pic.twitter.com/PL5ecpXoK5
-
On the
#AMDflaws — I have seen the technical details and there are legit design & implementation issues worth discussing as part of a coordinated disclosure effort. The media storm and handling around that is sadly distracting from a real conversation around security boundaries.Prikaži ovu nit -
My initial take on
#AMDFLAWS Near-zero concern. You have to be fully compromised BEFORE these flaws can be used. No reason to use them except for long-term clandestine ops. Ignore this noise and go find those self-hosted WordPress sites you've forgotten about. -
Thoughts on the
#amdflaws stuff: most of the attacks described appear to require some level of privileged access (and possibly physical access in one case), which will lead to people writing it off as entirely overhyped. This is a mistake.Prikaži ovu nit -
-
We crawl through the highly inflammatory, unproductive, and questionable language of
@viceroyresearch in the new$AMD security report: https://www.youtube.com/watch?v=ZZ7H1WTqaeo …#AMDflaws -
So these days you can’t take a 7h flight without someone releasing CPU vulnerabilities?
#amdflawsPrikaži ovu nit -
AMD Finally Acknowledges 13 Newly Disclosed Vulnerabilities—RyzenFall, MasterKey, Fallout, and Chimera—In Its Processors. https://thehackernews.com/2018/03/amd-processor-hacking.html … Company promised to release firmware patches for
#AMDflaws in the coming weeks and expects that updates wouldn't impact performance. pic.twitter.com/D1XeH29IUp
-
For clarity, both these pics refer to http://www.cts-labs.com , not the
#amdflaws website. That's now classified as malicious by various dns filters
-
I read the
#amdflaws whitepaper and additional documents and I think the shit is real. And yes running code without visibility of the user or the OS is a huge issuePrikaži ovu nit -
#Amdflaws is the worst excuse for vulnerability research that I've seen to date. They're looking for a quick buck, nothing more. The infosec community needs to figure out how to sort the wheat from this chaff. pic.twitter.com/cHuD29h7Sj
-
So, I gather, the "the OS is too insecure, let's move all security to hardware and rely on firmware makers who've already given us 40 years of grief" school of thinking has just had another setback.
#amdflaws -
-
ASMediaflaws and Intelflaws sites missed by Joel Hruska
#AMDflaws https://twitter.com/ExtremeTech/status/974266623036141568 …
-
Well $@&!, need a new freezer after all
#AMDflaws https://twitter.com/svenkrasser/status/949056901567803392 …
-
Tidbit I just found in the
#amdflaws website’s disclaimer: “[W]e may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports.” https://media.giphy.com/media/9Hx588Vn8ySXe/giphy.gif … -
Would any sane person buy and install a used AMD server on their network now?
#AMDflaws -
More facts, less hysteria.
#amdflaws https://twitter.com/jleyden/status/973816061832384512 … -
#AMDflaws they wrote themselves: Ryzenfall, Masterkey and Fallout can be fixed via firmware updates. Chimera can’t be fixed with firmware, it’s an hardware issue, can be addressed with a workaround.... So they rushed it out intentionally, giving AMD no time to address the issue
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.