Hacker News new | ask | show | jobs
by betterunix2 3095 days ago
The followup sentence: "The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault."

That is a pretty specific reference to the root of the problem, and a pretty clear indication that AMD's design decisions protect against whatever the attack is. Sure, we may find out that there is more to the attack than just speculative memory references, but so far what we have seen suggests a fairly specific vulnerability (that just happens to involve the particular design choices of a dominant chipmaker).
1 comments
thehardsphere 3095 days ago
And, 17 hours later, we now know that there were three distinct vulnerabilities, of which one applies to AMD.

https://googleprojectzero.blogspot.com/2018/01/reading-privi...

link
betterunix2 3095 days ago
Only under specific software configurations that are not enabled by default, or confined to a userspace single process (which is bad for web browsers running Javascript but not nearly as bad as the Intel-specific attacks). So while AMD is somewhat vulnerable, the most severe and easiest to exploit vulnerabilities are pretty specific to Intel. In a pedantic sense you were right, AMD chips are affected, but it is literally not on the same level as for Intel chips.
link