Comment on AMD won't patch all chips affected by severe data theft vulnerability — Ryzen 3000, 2000, and 1000 will not get patched for 'Sinkclose'

<- View Parent
princessnorah@lemmy.blahaj.zone ⁨2⁩ ⁨months⁩ ago

Except that doesn’t at all explain the wider recall of 100 million units. Not every single one of those airbags were faulty. First of all, how could we know? Testing an airbag is a potentially dangerous thing to do, let alone on an enormous scale that would require under-qualified persons to run the tests. Secondly, it’s not a 100% failure rate. If it were, it would have been picked up far sooner than it would take to sell 100 million units. If it happened just as severely no matter the unit’s age, it would have been picked up during crash-testing. What actually happened was an analysis of statistical averages that showed a far higher rate of failure than there should have been.

The similarities to me come from a comparison to Schrödinger’s cat. In the airbag example, you don’t know if the unit in front of you is going yo fail until you “open the box” by crashing. With the AMD vulnerability, you don’t know if ur motherboard has been infected by any virus/worm/etc until a “crash” or other signs of suspicious behaviour.

In both cases, the solution to the vulnerability removes that uncertainty, allowing you to use the product to it’s original full extent.

Look at it this way, imagine if this vulnerability existed in the ECU/BCU of a self-driving capable car. At any point someone could bury a piece of code so deeply you can’t ever be sure it’s gone. Would you want to drive that car?

source
Sort:hotnewtop