Intel breathes a sigh of relief as the spotlight moves off of them for a beat.
Except the AMD exploit requires ring 0 access and is almost irrelevant to most users, whereas the Intel issues are physically destroying people’s computers. The scale of the issues are utterly incomparable.
I’m much more angry with whatever dipshit at AMD decided to revoke permission for ZLUDA, and that they haven’t yet been fired.
People grant kernel access all the time without thinking. Video game anti-cheat is a good example. It’s a pretty potent vector of attack since you can never trust these companies to keep themselves secure.
ZLUDA was probably taken down to protect AMD from being sued by Nvidia.
Didn’t the author confirm the takedown came from AMD and not NVidia? AMD isn’t responsible for third party software running on their hardware.
Although, IIRC they either sanctioned it or provided some initial funding, which might have put them in a more culpable position. Still, I’m pretty sure the takedown came from AMD, and it doesn’t make sense that they’re doing NVidia’s policing for then.
They were paying for its development for about a year and a half.
Yeah, that’d do it. Although, again, it looks like the restriction wasn’t in the NVIDIA licensing wording until recently. IANAL, but you it both parties are required to agree to contract changes; if AMD’s contributions were all pre-wording change, they merely need to dust their hands; it’s OSS. Why are they doing NVIDIA’s dirty work for them?
I’m not convinced.
what’s ZLUDA? can you ELI5?
ZLUDA was an open source translation layer for CUDA. So basically developers could take code from projects written for Nvidia’s CUDA and use ZLUDA to run them on other hardware. Originally the dev was focused on Intel but AMD started paying him and he focused on AMD hardware. They stopped funding him earlier in the year and now it appears AMD legal has gone back on their earlier permission for him to keep distributing the code.
oof, what a rugpull
This post was sponsored by INTEL™️
/jk
How long were you sitting on that one waiting for the perfect moment?
Which is by pure chance also what the person said who got the exploit list from Intel
Wouldnt be surprised if the researchers were Intel researchers.
*100 employees were fired too allocate budget for this sponsorship
Funny. No. This is not remotely comparable to CPU’s crashing because of a lack of R&D and half ass quarter earnings profiteering culture’s lack of intelligent long term thinking. It is not remote accessible. This is just corporate psyops in an attempt to coverup their overwhelming neo feudal incompetence. If they had the staff and invested reasonably, the problems wouldn’t happen. Paint the world in shit to continue the claim that yours does not stink. Only idiots buy into that.
Physical access is root access, always has been
Despite being potentially catastrophic, this issue is unlikely to impact regular people. That’s because in order to make full use of the flaw, hackers would already need deep access to an AMD-based PC or server.
“FUCK!” - Intel execs
It was really just a matter of time before someone figured a way to exploit those stupid deep management engines. It was so predictable.
And each intel chip runs a minix system behind the scenes that I’m sure someone will soon find a way to play with if it’s not already compromised.
And each intel chip runs a minix system behind the scenes that I’m sure someone will soon find a way to play with if it’s not already compromised.
There was a big story of an expoit of the Intel ME already. I think it was this: https://www.intel.com/content/www/us/en/support/articles/000025619/software.html from Positive Technologies at BlackHat 2017
What the heck? Then get to planning you dicks?
I’ll bet the Intel management engine is just as “vulnerable”. The only context this is likely a concern is large scale corpo deployments, without verified supply chains to the source. Love how the security researcher handwaves that there’s “plenty of existing exploits” that can be used to install the exploit into the SMM, without giving any suggestions of how.
No way that Intel sat on this for years until they needed it for PR.
I was troubled by how many times this article used the word “deep”. Also, what was the bit about the hack likely surviving a reinstall of the OS? Why in the world wouldn’t it if it’s a cpu bios firmware hack?
Deep thoughts with deep
