13 Major Vulnerabilities Discovered in AMD Zen Architecture (Including Backdoors)

So you thought AMD was not as botnet as Intel, well think again.

These exploits are categorized into 4 main groups.

Attached: b8ef840d7ccc287171d8fe57123b453ea43200e8cd7b0fa01bf119ad72e03d75.jpg (495x495 141.75 KB, 44.08K)

Other urls found in this thread:

hooktube.com/watch?v=ZZ7H1WTqaeo
8ch.net/tech/res/882204.html
viceroyresearch.org/
hooktube.com/watch?v=ZZ7H1WTqaeo
shutterstock.com/image-illustration/computer-notebook-on-working-place-office-332087582
shutterstock.com/image-photo/fashion-modern-office-interiors-483411280
shutterstock.com/video/clip-12717176-stock-footage-data-center-server-room-seamless-loop.html?src=/c1UCORCokdc7kyoIyOUQXA:2:16
gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs
dhmo.org/facts.html
ir.amd.com/news-releases/news-release-details/view-our-corner-street-0
marc.info/?l=openbsd-misc&m=152100351927304&w=2
marc.info/?l=openbsd-misc&m=152080420804198&w=2
twitter.com/NSFWRedditGif

It probably is bullshit but we still have no evidence to connect this to Intel. Just a bunch of fanboys bickering at eachother

Yeah'll need to wait for AMD's official response about them before anything definite can be said.
It's fishy, but a juicy fish at that.

hooktube.com/watch?v=ZZ7H1WTqaeo
Looks like some pretty solid bullshit.

shill more kike

Me calling both intel and AMD botnet is not shilling. In fact, both are botnet regardless of if these exploits are real.
I posted this as I haven't seen any discussion about it anywhere.

No I didn't. I know better.
We're all aware that anything post Bulldozer is botnet.

...

That thread is full of OP being a flamboyant cocksucker who came from a thread on /v/ and is filling his own thread with shitposts

Wait for Zen 2 and Navi.
It will probably be the end of the line on 7nm, and AV1 hardware acceleration and decoder will be a must have by then.

Attached: 03-56-29-gpu_to_2020.jpg (2599x924 297.8 KB, 305.1K)

Looks like I ignored that thread since it had an "Discuss" level OP and the posters in it didn't seem like Zig Forumsies.
Normally, I'd delete this thread since it's a duplicate, but the original one is terrible, so I'll leave it up to the mods.

Read their website. It reads like a parody of security research and exploit disclosures. Me thinks this entire thing is an elaborate ruse

8ch.net/tech/res/882204.html

Already a thread on this needle dick.

this shit is 100% FUD and is used to smear AMD. you need local admin access to perform these "exploits" (so it works on any system, not just AMD), the actual whitepaper has absolutely 0 technical details, viceroy and cts both constantly use emotionally charged language and fearmonger, cts has shutterstock images for backgrounds and logo, and cts gave AMD no time to look into these findings and even notified the media before them.

this sounds like blatant kikery to me

so you think it is done by AMD as a "false flag" tactic?

I think it's an April Fools prank that got leaked early

viceroyresearch.org/
This whole thing is literally a fucking prank and you autists are taking it seriously

What's the prank?

Autist can't recognize a parody website?

They manipulate stock prices for money. What's the parody?

You seriously need mental help

Go fuck yourself retard.

It must really suck having a legitimate mental illness that prevents one from being able to read obvious parody

You're an obvious parody fagtron.

Is there any discussion going on in that thread?

yeah, remember how vega was going to be the greatest leap in GPU ever? I was using integrated graphics for almost three years because of you shills.

do not trust x86
do not trust SMM
do not trust UEFI
do not trust Secure Boot
do not trust

Let's go play on RISC instead

See this: hooktube.com/watch?v=ZZ7H1WTqaeo

...

You glow in the dark, you know that? Secure Boot is proprietary MS's backdoor, don't confuse it with Trusted Boot which is the one controlled by User. And in fact this ""vulnerability"" is actually good, so hackers can start working on debotnetting AMD CPUs as an alternative to Intel's.
Don't bump this shit thread.

Hello Viceroy, how's the weather in Tel-Aviv?

Attached: (((Viceroy Research))).mp4 (1920x1080, 13.46M)

this whole thread in one sentence:

this whole thread in one sentence:

...

It's just a prank, bro!

you deserve it

great damage control, (((Viceroy)))

"quick bet on the stocks and short it" - viceroy after consulting with their research partners

Are you seriously equating deleting system files with being able to run arbitrary code on the security processor?

It's not like people brute force root accounts over ssh. It's not like priveledge escalation attacks have not been discovered before.

Blatantly wrong. I can't run arbitrary code on my IME even though I have root access, nor could someone with a PSP. At least for IME the code needs to be signed by intel or it can't be run. If it were possible people would make Linux disable the IME. Feel free to correct me and tell me how this can be done on any system.

shady ass shit, videos barely even explain anything.
on the second video they use a greenscreen and stock photos from here
shutterstock.com/image-illustration/computer-notebook-on-working-place-office-332087582
shutterstock.com/image-photo/fashion-modern-office-interiors-483411280
shutterstock.com/video/clip-12717176-stock-footage-data-center-server-room-seamless-loop.html?src=/c1UCORCokdc7kyoIyOUQXA:2:16

Amanda a shit! Amy best waifu.

Attached: gwdeZ.png (800x600, 40.79K)

Pure FUD.

Attached: попался толстяк.jpg (314x128 78.17 KB, 8.99K)

Attached: Assassination Attempt on AMD by Viceroy Research & CTS Labs YT: ZZ7H1WTqaeo.mp4 (608x342, 14.96M)

It's not my fault you're using systemcocks and don't own your party-issued hardware, Ivan.

Fake news.

Attached: E43E425F-F108-410B-8AA1-BAB574537187.jpeg (1024x962, 137.99K)

You should put the warning that its might be a scam at the top, not the bottom you fucking shill

It's mostly about internal firmwares, like EFI/BIOS
And where exactly is my fault? Maybe in failing to single handedly stop a fucking cartel of (((corporations))) so that bullshit never gets to production?
You seem to vastly overestimate my powers. And if I could do this, I'd probably not be posting here.

I had considered doing so, but opted to put it just after the preliminary explanation of what it was. At least it is high enough in the post that it doesn't get cut off on the index page.
If I was a shill, I wouldn't have put that section in at all, let alone put the warning in big red text so that people don't skim past it.

Fake as fuck
gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs

It was supposed to be a joke but unfortunately most "tech enthusiasts" have autism and clickb8 e-celebs are just adding fuel to this autism fire

Please refer to

...

No thanks

A legitimate journalist is not an eceleb, Viceroy

A "legitimate journalist" that's monetized on YouTube has as much interest in blowing up sensationalist bullshit as Arstechnica or any other bullshit fake news retards doing this

And why the fuck would I be a shill when I'm the one for the fact a paper documenting "exploits" on AMD processors is clearly a fucking lie? Do you have any braincells at all?

First off, you're moving the goalposts, second, he has made his argument plain and simple, so if you want to refute it go ahead, it would be easy.
As things stand, it's obvious Viceroy has propped up CTS as a sockpuppet to control the losses they have incurred in their shorting AMD stock. The evidence is there, the reasoning makes sense, and Viceroy having built a name for themselves by running company reputations into the ground is a well documented fact.
Please explain how any of this could be false.

This
If you anyone actually bothered reading the description of each "exploit" it's obvious this was supposed to be a joke. Since everything they describe can be done on any machine even with standard security features. Literally read the OPs text. Its pretty funny. "amdflaws" was probably written in the same vein as the Dihydrogen Monoxide hoax website. But people fell for that too
dhmo.org/facts.html

No its not and that video is the definition of an argument via assertion fallacy. Sorry retard. But you got pranked

Please start arguing or you'll look a lot like Viceroy damage control

Attached: 1507383133715.jpg (659x613, 57.47K)

see


A symptom of autism is the inability to understand hyperbole or metaphor. You got pranked nigger

Attached: 1518846154788.png (211x239, 35.42K)

How do you explain Viceroy's involvement given their business plan? Do you think a company which produces actual results like them would joke when they have something to gain from messing with anybody?

Their website literally looks lime someones personal blog. And they didn't actually produce "results" if you actually read the OPs fucking text (seriously nigger you don't even have to visit their website, the OP copy-pasted the "exploit" descriptions, it's tongue-in-cheek as fuck)

And they have jack shit to gain because investors don't have mental disabilities because you need some certification to start investing and nobody is going to fall for this shit. Thank goodness none of you are investors.

According to AMD they've never heard of (((CTS Labs)))
ir.amd.com/news-releases/news-release-details/view-our-corner-street-0

Attached: cts_intelaviv.jpg (960x1198, 132.32K)

It's almost as if they were a fake company meant to parody off of known security research firms and exploit whitepapers made by a group of shitposters

The average person is completely retarded. More than likely this was intended to be taken seriously by the average person.

oh wow it must be a prank this shill is samefagging the fuck out of the thread as a prank bro. He just wants us to think he's a dumb shill haha he tricked us all.

I think its more likely this was meant to only be shared around the security research community with the pretense they're not retarded but clickb8 news blew it up and exposed it to normalfags. If anything they were the ones being paid off by Intel

Do you actually believe ANYTHING in the whiteaper is a real exploit? Did you bother reading it at all? Do you have a mental disability?

Scareing lots of small investors who don't know much about tech but have a small amount of AMD stock as part of their diversified portfolio is their intention. If lots of small guys panic sell then it can cause a snowball effect where even the big guys sell everything and AMD stock goes to nothing.

Given the short positions on AMD by these guys it's obvious they are salty about it going up.

Your Occam's Razor is getting awfully dull there m8. And small investors who want to maintain a diverse portfolio are the least likely to sell off their stock in a given company

hahah you got fucking parodied son. lmao your sitting there reading that crap being like oh I can tell it's a prank from some of the pixels and I'm like nah bro you just got played.

So you didn't read it? Gotacha

I'm seeing a lot of people say this. Who is pushing this argument? I'd figure an eceleb because it is wrong.
Please explain how you can currently exploit AMD's PSP or Intel's ME to run arbitrary code. You say that is possible on any machine so you better have facts to prove that it is possible. As I've said earlier in the thread, it would be very beneficial to know how to run arbitrary code on the security processor so we can put it in an infinite spinlock so we don't have to worry about it.

I meant about the validity of the vulnerabilities. I already know they've acknowledge the fact they've received a report.

That's because you don't understand things yourself, so you misread others and get mad not knowing what happened.

If someone wants a diversified portfolio, they can just by an index fund. It's been that way since the 70's.

I'm not talking about this instance, I'm talking about the past history of this group, like the time they fucked with that African pharma company

Their continued existence refutes you

Except this has been brought to the media by CTS themselves first, then to AMD, so this is utterly false.

...

>ir.amd.com/news-releases/news-release-details/view-our-corner-street-0
what the fuck does this crap want?
I gave it first-party scripts and it still doesn't show shit

Attached: Screen Shot 2018-03-15 at 11.58.08.png (1126x862, 24.21K)

Their site is terrible, you can't even scroll the driver downloads page without js, and the actual link gives an error when refers are disabled. Fuck Windows.

Disable CSS completely for the site. I have to do that very often these days to read the text underneath the crap.

Nobody is surprised.

You also view->no style which does the samr

marc.info/?l=openbsd-misc&m=152100351927304&w=2
marc.info/?l=openbsd-misc&m=152080420804198&w=2

It focuses on the important part (jews) while your wastes pixels on irrelevant technicalities.

I don't get it. Under what circumstances would you have administrative privileges but *not* be able to run code? Is "sudo wine malware.exe" considered a hardware bug now?

>on the security processor
learn to read faggot

This is a privilege escalation from root to the highest privilege in which it is invisible to the whole CPU minus the security processor which your code is currently controlling.

You are not normally able to run code on the security processor which is an ARM based processor in the CPU. This security processor is able to do operations undetectable by the regular CPU. For example, it could read or write any value of any progress without having to communicate with the kernel.

Yeah, but you still need administrative privileges in the OS running on the primary processor, right? If a hacker gains root access to your OS, your system is compromised anyway.

Can someone spoon-feed me why CTS Labs is getting the amount of hate that they are? I get that they are jewish and probably funded by Intel, but wouldn't the bottom line of this be more secure processors for everyone?

What if there was a vulnerability where you could become root from a normal user. Do you think that's fine not to fix because if someone has access to a nonprivileged account they can launch a DOS attack? A bug is a bug.

They have no reputation and didn't make a good first impression.

So did CTS Labs release their PoC's yet or what?

I know some cucky news outlets are still reporting on this, third rate fake news organizations like Bloomberg mostly.

Holy FUCK that's fucking Jewish of them.

See and

From the Ars Technica article, it sounded like they were shared with a few select security researchers.

Are you aware you have one space in the email field?

yes

Sayanim?

Until CTS publishes properly it's literally nothing and anybody in the security community who goes along with this farce shall be forever branded a lying kike.

Forget it user, content and botnet are by now intertwined in a siamese manner and it's only to get worse in the future.