security New details about the newly discovered CPU vulnerabilities namely Spectre 1.1 and 1.2

Stefan Payne · July 13, 2018

Just now, leadeater said:

But let me pose you this question, once security researchers finish focusing on Intel who hold the largest install base of products by the biggest margin possible to think of (yea it is that much different) they will start to focus more on AMD.

No they won't because AMD isn't that big.

The next in Line are Qualcom and Apple. AMD is tiny in comperasation to those.

Just now, leadeater said:

So what happens then?

We will see what happens when it happens. Right now we know that there is no exploit disclosed on AMD Hardware.

But people still claim that AMD is as bad as Intel. WHY??

Now Intel has some flaws and people are trying to put it under the carpet.

And upplaying those bogus Flaws...

Just now, leadeater said:

You're riding a bit too close to the security by obscurity mantra, or if it's not know then it's not a problem mantra. You are actually more secure in knowing the limitations of a product than not knowing.

No, I'm saying that AMD claims that they might not be affected at all but there is a slight possibility they might be because of how this exploit works, nobody can say for sure.

And that is what we should try to say that AMD might also be affected, not that AMD is affected.

Because right now it looks like people are trying to defend Intel for this shit. And there is still more to come in about three Weeks...

Stefan Payne · July 13, 2018

Just now, captain_to_fire said:

If I were you, I’d stop putting words in my mouth since all you’re doing is raising strawman arguments and moving goalposts. You remind me a lot of zMeul but the AMD version.

Then why don't you say that AMD might be safer with what we know right now?
And also why do you ignore what is already said about TLBleed??

leadeater · July 13, 2018

37 minutes ago, Stefan Payne said:

Right now we know that there is no exploit disclosed on AMD Hardware.

Yes there is, Spectre Variant 1.

Quote

Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors.
We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.

Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.

Linux vendors are also rolling out patches across AMD products now.

GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors.
While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat. We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat.

AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. These software updates will be provided by system providers and OS vendors; please check with your supplier for the latest information on the available option for your configuration and requirements.

Linux vendors have begun to roll out OS patches for AMD systems, and we are working closely with Microsoft on the timing for distributing their patches. We are also engaging closely with the Linux community on development of “return trampoline” (Retpoline) software mitigations.