Remember the time when security vulnerabilities were taken seriously? When those vulnerabilities weren’t given cute names and their own branding with logos? When companies were given more than 24 hours to react to accusations?
Yesterday, a company unknown to anyone, CTS-Labs, came out of nowhere with a vulnerability website, AMDFlaws.com, and an in-depth whitepaper showcasing no less than 13 different vulnerabilities plaguing AMD’s Ryzen and EPYC processors. From the get-go, it felt obvious this was a targeted hit on AMD, but one that had a lot of effort put behind it to give off the facade of in-depth research.
There are at least a dozen reasons why this attack on AMD is sketchy, but allow me to list a few. For starters, the whitepaper draws attention to the fact that the research is just for “educational purposes”, and, “Although we have a good faith belief in our analysis and believe it to be objective and unbiased, you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports.” I’m reading that as they absolutely do have an economic interest. If there was none, there’d be no doubt.
Adding to this absurd research is a hit piece by so-called “Viceroy Research” that had the gall to publish a piece titled “AMD – The Obituary“, which isn’t so much a hint at a targeted attack but more like a blunt hit to the face. The post ends, “We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries.”
I’d say this sounds like it was written by a child, but that’d be an insult to children. Unlike Spectre and Meltdown, or the countless number of vulnerabilities ousted in recent years, this research seems to talk more about the downfall of AMD than the actual realities of the vulnerabilities – which to this untrained eye seem modest. I almost feel embarrassed for these researchers who tried so hard to cough up as many vulnerabilities as possible by latching onto superfluous issues.
This is not to say that all of the vulnerabilities in this research paper are wrong, but the way all of this information has been presented leaves nothing to the imagination about the intent.
Gamers Nexus have covered this entire sketchfest in great detail in the video below, and also in a written version. I’m just covering the surface here. There’s enough tomfoolery involved here to write an entire book.
It’s worth noting that as of the time of writing, AMD’s stock (NASDAQ: AMD) is down 1.89%, but it’s not alone, as Intel’s (NASDAQ: INTC) is down 0.25%. NVIDIA’s (NASDAQ: NVDA) is up 0.52%, so it’s not the best day for CPU companies, but there’s no proof that this research has caused any stock to move at all. If it has, it likely would have been much worse if there weren’t so many red flags. If only all researchers were so kind as to be transparent with their motivation.
Rob founded Techgage in 2005 to be an 'Advocate of the consumer', focusing on fair reviews and keeping people apprised of news in the tech world. Catering to both enthusiasts and businesses alike; from desktop gaming to professional workstations, and all the supporting software.