"amdflaws.com" - What is this?

[Phynaz]

All I can say, is that after round one, their credibility is ZERO, and they still have not proved anything AMD said is wrong, just opinion.

Well, they did find the flaws, and one of them is a major screw-up, so I wouldn't say their credibility is zero. You may not like their practices, but they have been correct.

 

[Panino Manino]

Well, they did find the flaws, and one of them is a major screw-up, so I wouldn't say their credibility is zero. You may not like their practices, but they have been correct.

At this point it's irrelevant if the vulnerabilities are real or not, from the beginning the community considered that they could be real. What was being argued was CTS's behavior. They had "the benefit of the doubt" at first, but now they don't deserve any credit anymore.

Notably, AMD did not provide a time estimate for patching CHIMERA

Of course AMD din't, they can't speak for another company, "this would be irresponsible...".
CTS's only concern seems to be spread FUD towards AMD and Ryzen&Epyc specifically. They do nothing to help, just make personal attacks and some fantastical claims.

 

[Atari2600]

Regardless of views on how we communicated the information, the fact remains that this further raises a red flag about the overall state of affairs in AMD Product Security.

In case anyone had any remaining doubts.

All about stock manipulation. No serious security company would ever say anything like this, let alone a company whose proverbial balls have yet to drop.

 

[ao_ika_red]

Finally, and perhaps most concerning of all, is the fact that six security researchers, albeit highly experienced, managed to identify 13 distinct security vulnerabilities in the flagship products of an $11B company with comparably infinite budget for security, and over a period of only six months.

Full attack mode, huh? Never heard people from GPZ said like that when AMD initially stated that their CPUs were immune to Meltdown and Spectre attack.

 

[piesquared]

Man these IDF members are complete clowns and amateurs. I wonder who's money is behind this that they can risk a legal suit. They are just dumber than a bag of buns, and trying to keep it in the news cycle as long as possible basically calling a well respected CTO in the industry a liar.

 

[LTC8K6]

CTS have gone into FUD overload.

The clock is ticking on their stock shorts/puts, and they are looking a bit panicky.

Looks like a self face plant on their part...

 

[Kenmitch]

Just wanted to say thanks to Ian for not plastering the latest rant from CTS on the main page of Anandtech.

 

[Peter Watts]

CTS labs is the Gloria Albright of techland!

 

[formulav8]

What's this IDF/ADF stuff I see thown around?

 

[epsilon84]

What's this IDF/ADF stuff I see thown around?

Israeli Defence Force? Definitely not Intel Developer Forum

 

[Stuka87]

What's this IDF/ADF stuff I see thown around?

At least one of the members of CTS is a former operative with the IDF Unit 8200, which is their cyber warfare devision.

 

[formulav8]

Ahh, ok, Thanks. I think I saw IDF/ADF somewhere on another thread and thought they were related or something.

 

[CatMerc]

At least one of the members of CTS is a former operative with the IDF Unit 8200, which is their cyber warfare devision.

It's fairly common in the Israeli tech industry. Many never go to higher education for computer science and instead get trained in these units before going to the civilian world and getting hired there.

I wouldn't draw any connection, considering how many of them are all around the industry.

 

[Dayman1225]

What's this IDF/ADF stuff I see thown around?

At least one of the members of CTS is a former operative with the IDF Unit 8200, which is their cyber warfare devision.

Here was me thinking it meant "Intel Defense Force" and "AMD Defense Force"

 

[formulav8]

People really stoop that low calling people IDF/ADF meaning it like that? :\

 

[Hitman928]

People really stoop that low calling people IDF/ADF meaning it like that? :\

Yes.

 

[Kenmitch]

What's this IDF/ADF stuff I see thown around?

It's forum acronym slang for those who prefer red vs blue or blue vs red depending on how you look at it. Usually those who bring up ADF are pro Intel and those who bring up IDF are pro AMD. Has nothing to do with the CTS scandal going on at this time.

Here was me thinking it meant "Intel Defense Force" and "AMD Defense Force"

 

[plopke]

Sigh, so they are complaining that AMD is incorrect in their estimated timeline on how to fix their own products , but they gave us a moral speech on how it was justified to only give them a 24 hour notice. To follow up with a argument they are a 11billion dollar company that would have the budget to fix it?

Sigh all this drama is just distracting of 2 major issues for the entire industry :
1) Give Asmedia a kick in their but for lack of security
2) STOP PUTTING SO MUCH FUNCTIONALITY IN THOSE DARN BLACK BOXES ,Intel,AMD,Apple,ARM,............ , the only thing they do is turn old functional hardware in update nightmares for end users

 

[Stuka87]

It's forum acronym slang for those who prefer red vs blue or blue vs red depending on how you look at it. Usually those who bring up ADF are pro Intel and those who bring up IDF are pro AMD. Has nothing to do with the CTS scandal going on at this time.

No, in this case IDF = Israeli defense forces. Their cyber warfare devision is part of Unit 8200.

 

[dlerious]

I couldn't help it, but I Knd of smiled at this one. https://www.ctsflaws.com/

 

[bononos]

Well, they did find the flaws, and one of them is a major screw-up, so I wouldn't say their credibility is zero. You may not like their practices, but they have been correct.

I remembered you seemed to have the opposite view in other thread about Intel's Meltdown/Spectre problem.

 

[DisEnchantment]

Nevermind.

 

[moinmoin]

Ages old thread by now, and all flaws are apparently fixed now.
CTS Labs did a presentation at Microsoft's BlueHat IL 2019 last month:

 

[DrMrLordX]

I'm a little surprised anyone still lends credibility to CTS labs.

 

[zinfamous]

I'm a little surprised anyone still lends credibility to CTS labs.

I actually still doubt that they are a real entity. Funny, read this article the other week:

https://www.newyorker.com/magazine/2019/02/18/private-mossad-for-hire

and while I know it may seem OT here, it probably isn't. Some of the details in the article point to these private former Mossad groups doing any kind of work, which is mostly online fake advertising campaigns, not just to sway elections but for whatever corporate contract that comes across their table. In one case, it seems the price to play is about $250k minimum, which is kinda chump change if, as most people have reasonably surmised about this AMD story, was a stock price manipulation campaign in order to get a quick short profit.

Anyway, this immediately put my mind on the AMD story because this describes how one of the groups works out of this undisclosed 2nd story mixed-use office building in a "shady" part of Tel Aviv--basically what we came to learn about "CTS labs," and the MO of their type of work is exactly what CTS produced for this story: fake videos with general common-use images of office spaces, fancy PDFs that are clear in intent but essentially without substance in the details, deployed instantly while ignoring common practice within the targeted industry on how these claims are handled.