Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.
  • NotNotMike@programming.devEnglish
    2·
    5 months ago

    I mean, I’m not much of a tinfoil hat, but this article feels extremely conveniently timed for Intel, who is currently going through a massive ordeal with their chips. Especially considering that the vulnerability is so extremely difficult to exploit that there’s borderline no story here for 99% of people but the headline will still drive clicks and drama.

    • TheGrandNagus@lemmy.worldEnglish
      1·
      5 months ago

      Intel has literally done this, and stuff like it before.

      They back “independent” researchers who twist themselves in knots to make AMD look bad.

      Look up the multiple counts of bullshit from a “research group” called Principled Technologies.

      Sidenote: the guy who ran it was Ryan Shrout, who used to work for PC Perspective, and would usually give favourable reviews to Intel. After leaving Principled Technologies, he became head of technical marketing at… drumroll… Intel!

      Principled Technologies isn’t the only scam “independent researcher” Intel has set up or paid handsomely either.

    • Drathro@dormi.zoneEnglish
      1·
      5 months ago

      Difficult to exploit, already in the process of being patched. Truly, the most breaking of news.

        • Passerby6497@lemmy.worldEnglish
          1·
          5 months ago

          Most likely. Windows update (or the Linux equivalent on your platform) will download updated microcode to load at boot time to basically be a software patch for hardware issues. At least, that’s how it was explained when the original speculative execution flaw was discovered and Intel was releasing foxes and shit for it.

          • Amanda@aggregatet.orgEnglish
            2·
            5 months ago

            and Intel was releasing foxes and shit

            I realise this is an autocorrect error, but it’s still funny 🦊

  • Avid Amoeba@lemmy.caEnglish
    0·
    5 months ago

    Requires kernel-level access. Also AMD is “releasing mitigations,” so is it “unfixable?”

    • Bjornir@programming.devEnglish
      0·
      5 months ago

      If you have kernel access you can already do almost everything so a vulnerability on top of that isn’t that bad since no one should have kernel access to your computer

      • dosse91@lemmy.trippy.pizzaEnglish
        0·
        5 months ago

        It means it’s what we in the trade call “a nothingburger”. On Windows you need to explicitly install a malicious driver (which in turn requires to you to disable signature verification), on Linux you’d have to load a malicious kernel module (which requires pasting commands as root, and it would probably be proprietary since it has malware to hide and as every nvidia user knows, proprietary kernel modules break with kernel updates)