what's more secure? AMD or Intel?

[Marzipan]

https://www.tomshardware.com/features/intel-amd-most-secure-processors

article concludes AMD, but I suspect that's because nobody has tried hard enough to find vulnerabilities in AMD products like they have Intel's.

 

[Izerous]

I don't think thats quite it, I think the problem is people are taking intel vulnerabilities and trying to attach them to AMD. Zen really changed their design approach and you can't necessarily use the same mentality to attack it.

Instead of attacking the chiplets for example, maybe the focus needs to be on the infinity fabric for example (and this is probably a poor one) but people keep talking about how 3600 is the sweet spot to keep 1:1 FCLK, and pushing it further enters a 1:2 state... what would happen if you were able to cause it to enter a 1:1,000 state, or a 1:100,000 could you cripple it enough to shut it down remotely and bring a server/service down.

Sometimes if your used to shooting things with a gun and suddenly it doesn't work you don't necessarily get a bigger gun maybe you get a hammer.

 

[JD]

I think the bigger part is that Intel's architecture is mostly based upon Sandy Bridge from 2009? Zen is much newer and came out in 2017. Totally different mindsets around security when they were designed.

 

[Bond007]

There are 2 parts to this question; known and possible (unknown) vulnerabilities. While I agree Intel CPUs have probably had more people try to expose weaknesses, we can't evaluate the unknown. Since I (and I assume almost everybody else) have no idea about possible vulnerabilities we can only go by what is known.

The bottom line is Intel has more known vulnerabilities. Easy answer. That said, it could all change in an hour if someone figures something new out.

 

[Marzipan]

I think a lot of it also has to do with Intel having majority market share, so it's worth the time trying to find exploits. AMD's day will come and Intel will rub it in their faces just like AMD is doing now to Intel.

 

[FreeKnight]

Intel may be more vulnerable for a number of reasons similar to the 'mac vs windows' discussions. With the vast majority of users on intel, there's more incentive to target them. There could also be a difference in the amount of effort the two companies spend on attracting good hackers to identify flaws (either via bounty or whatever).

But really, your CPU vulnerabilities aren't going to be what gets you hacked for 99% of users, it's going to be from going to questionable sites via social media links, trying to download free or pirated software, etc. Just like when downloading via limewire was like kissing ebola patients for your PC :S

 

[Dead Things]

Actually, the most likely attack vector is going to be your decision to give your fridge unencrypted access to your home network. When was the last time anyone updated the firmware on their "smart" appliances? I'm pretty sure nobody ever has, even once.

 

[JD]

When was the last time anyone updated the firmware on their "smart" appliances? I'm pretty sure nobody ever has, even once.

I would hope they update automatically... but you're right... we can't even trust phone manufacturers to update phones, how would appliance companies fair any better.

 

[Marzipan]

I would hope they update automatically... but you're right... we can't even trust phone manufacturers to update phones, how would appliance companies fair any better.

imagine the outrage when updates failed and fridges / freezers started to fail and food go rotten and stuff! >.<

 

[Entz]

I can't think of any of my "smart" devices that update themselves unless I specifically go in an do a check for updates in an app. Don't even get notifications.

I seriously doubt the more popular cheap ones that cant even be bothered to have real testing certifications are gonna update their firmware more than once if even that much.

imagine the outrage when updates failed and fridges / freezers started to fail and food go rotten and stuff! >.<

Gives new meaning to blue screen of death.

Heck most consumer networking gear (read routers) won't even do this, how is a 9.99$ amazon special going to