• @[email protected]
    link
    fedilink
    English
    464 months ago

    As pointed out elsewhere, the attack requires kernel-level access, and anyone with that access can do a lot of damage anyway.

    And the flaw can be fixed (there’s a fix out), it’s just that there’s no remediation once the flaw has been exploited.

    • @[email protected]
      link
      fedilink
      English
      114 months ago

      It also means no AMD server could be resold because there is no way to know if it was previously infected

    • mox
      link
      fedilink
      English
      84 months ago

      anyone with that access can do a lot of damage anyway.

      it’s just that there’s no remediation once the flaw has been exploited.

      One of these things is not like the other.

        • @FierySpectre
          link
          English
          -14 months ago

          It’s always been a thing that the only way to completely be safe after malware is yeeting the old system and getting a new one…

          And even then there have been actively exploited issues where the system gets re-infected when reloading the data from a backup. (My memory is a bit rusty on that one, but it was just data being restored, nothing that should install anything)

          • @[email protected]
            link
            fedilink
            English
            14 months ago

            There has been a small element of risk, but it’s low enough that this meaningfully increases it.

      • @[email protected]
        link
        fedilink
        English
        154 months ago

        They’re intrinsically linked, in fact. If you have kernel access, you can do any number of things, including but not limited to persistent rootkits. I agree that this bug is one step further, since it affects the processor itself, but if somebody has ring 0 access that shouldn’t, you already have problems.

        • mox
          link
          fedilink
          English
          2
          edit-2
          4 months ago

          No, it is misleading. An exploit with no remediation is not remotely comparable to a normal root exploit, which can be fixed with a simple OS reinstall.

          Edit: And their follow-up comment, “if somebody has ring 0 access that shouldn’t, you already have problems,” is dangerously misleading. While technically true that you would have a problem in both scenarios, presenting it that way is like telling someone not to worry about losing a leg because their sprained ankle is already a problem.