CTS Labs is the Israeli security firm that reported 13 Spectre-Like AMD security Exploits and noted that virtually all AMD CPUs are vulnerable to these exploits and since then many have questioned the legitimacy of the report and now Linux creator has chimed in on the debate saying that it looks more like stock manipulation.
According to Linus Benedict Torvalds, these security AMD security Exploits in the report from CTS Labs “looks more like stock manipulation than a security advisory”. He added that is you replace the “BIOS or the CPU microcode with an evil version, you might have a security problem?’ Yeah”.
He further criticized the report by saying that “I just found a flaw in all of the hardware space. No device is secure: if you have physical access to a device, you can just pick it up and walk away. Am I a security expert yet?”
He added that the exploits noted by the report are actually bugs but they don’t impact to the extent which the firm is making them be which annoys him.
However, Torvalds isn’t the only one to question the legitimacy of the Spectre-like exploits for AMD CPUs as a report suggests that the exploits might be fake. The reason why CTS Las has been criticized is the lack of proof-of-concept for these Spectre-like exploits in the report.
However, according to the firm itself, they sent out the proof-of-concept for the Spectre-like exploits to not only AMD but to other major tech companies.
Also, CTS Lab has asked everyone to look at the situation objectively as the AMD costumers and the company itself are aware of the exploits.
If you look at the situation in the following way: right now the public knows about the vulnerabilities and their implications, AMD is fully informed and developing patches, and major security companies are also informed and working on mitigation.
Do you agree with Linus Benedict Torvalds? Let us know in the comments.
Source: Fudzilla