Published in News

AMD sued over Spectre exploits

by on07 February 2018


It should not have spoken until it was certain

AMD has been sued by a company because of the way it handled the Spectre and Meltdown bugs.

It is not exactly because of the flaws, but because of the speed at which AMD said that it was not in trouble because its chips did not suffer from the bugs.

Rosen Law Firm is a global investor rights firm, where a class action lawsuit has been kicked off on "behalf of purchasers of the securities of Advanced Micro Devices". The lawsuit details: "Defendants during the Class Period made materially false and/or misleading statements and/or failed to disclose that: (1) a fundamental security flaw in Advanced Micro's processor chips renders them susceptible to hacking; and (2) as a result, Advanced Micro's public statements were materially false and misleading at all relevant times. When the true details entered the market, the lawsuit claims that investors suffered damages".

So AMD is in deep trouble over saying: "To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors currently. We expect the security research to be published later today and will provide further updates at that time".

AMD boldly splitting infinitives which had not been split before said the allegations were without merit and it intends to "vigorously defend against these baseless claims".

AMD’s current CPUs, Zen core-based products, are entirely immune to Meltdown. Type 2 Spectre attacks that work on AMD hardware are tricky to carry out and need a different set of code for the “same” attack on a different device. AMD Type 1 attacks will not work on Intel or ARM hardware because of implementation differences, and the converse is true too. This means hackers would have to tailor their malware to not just the Type 1/2/3 attack but also for the specific hardware.

 

Last modified on 07 February 2018
Rate this item
(0 votes)