Intel claims that AMD processors had almost twice as many security vulnerabilities as Intel CPUs in 2021

[Redaktion]

In its official 2021 product security report, Intel claims that its main competitor AMD has reported a significantly higher number of CPU vulnerabilities in 2021. The statistics on GPU-related security issues, however, are telling an entirely different story.

https://www.notebookcheck.net/Intel-claims-that-AMD-processors-had-almost-twice-as-many-security-vulnerabilities-as-Intel-CPUs-in-2021.597652.0.html

[kek]

Intel better not be making this up, because this is a bold statement that goes further than just saying your cpu gives you 1 more FPS in a certain game.

[Skoe]

It is not the number, Intel. It is the impact of the bugs.

[vertigo]

Also, the key word here is "reported," because anyone who pays any attention knows companies don't always report or fix flaws/bugs that are found.

The most interesting thing I see here is that Intel is a mix of internal and (a significant amount of) bounty finds, whereas AMD is entirely external, which I assume means flaws found and reported for no compensation. This suggests a few things: AMD doesn't seem to do nearly as much as Intel at finding issues with their own chips, they don't appear to have a bug bounty which, along with the first point, indicates they're not as concerned as Intel at finding issues, and without a reward for reporting flaws, there won't be as much effort put into finding them, which could be part of the reason for the lower numbers, and the likelihood of someone that finds one actually reporting it is lower, so there may be more unknown (to the companies and public) ones than with Intel.

[rs]

Another desperate and pointless move from Intel. You can really see how scared they are.

[Aditya]

Yeah, when you launch a CPU so late in the year it is not even widely adopted by the masses yet, of course you will see lesser vulnerability reports.
Does Intel think we're clowns, brain dead or a combo?

[Russel]

Also, the key word here is "reported," because anyone who pays any attention knows companies don't always report or fix flaws/bugs that are found.

The most interesting thing I see here is that Intel is a mix of internal and (a significant amount of) bounty finds, whereas AMD is entirely external, which I assume means flaws found and reported for no compensation. This suggests a few things: AMD doesn't seem to do nearly as much as Intel at finding issues with their own chips, they don't appear to have a bug bounty which, along with the first point, indicates they're not as concerned as Intel at finding issues, and without a reward for reporting flaws, there won't be as much effort put into finding them, which could be part of the reason for the lower numbers, and the likelihood of someone that finds one actually reporting it is lower, so there may be more unknown (to the companies and public) ones than with Intel.
[/quote


Do you remember Meltdown?
It existed since before sandybridge.
Do you remember when it was first reported?
Also, do you remember CTS labs which announced Ryzenfall within 24 hours after reporting it to amd?

And just check cvedetails.
You'll find the numbers to be like this.
Intel -508

Nvidia- 106

AMD - 25..
Or, would you rather believe intel?

[vertigo]

Do you remember Meltdown?
It existed since before sandybridge.
Do you remember when it was first reported?
Also, do you remember CTS labs which announced Ryzenfall within 24 hours after reporting it to amd?

And just check cvedetails.
You'll find the numbers to be like this.
Intel -508

Nvidia- 106

AMD - 25..
Or, would you rather believe intel?

I think you misunderstood me. I was suggesting that Intel may very well have more flaws that were simply not reported, so there could be a difference between reported and known.