Of course there's a financial reason, they've probably done a cost/benefit analysis and decided that it's financially better to screw over those customers than to spend money fixing it. But that's exactly the issue!
Grippler
joined 1 year ago
I think what most people disagree with, is that the active choice from AMD to not fix a very fixable issue, is a choice they know leaves customers is a seriously bad position. This is something they choose to do to their customers, because they could just as well choose to help them.
Why bother then?
Usually it's Mr. Moneybags over there...
what I meant was that apparently only compromised systems are vulnerable to this defect.
That is not correct. Any system where this vulnerability is not patched out by AMD (which is all of gen 1, 2 and 3 CPUs) is left permanently vulnerable, regardless of whether or not they already are compromised. So if your PC is compromised in a few months for some reason, instead of being able to recover with a reinstall of your OS, your HW is now permanently compromised and would need to be thrown out...just because AMD didn't want to patch this.
Ryzen 3000 series CPUs are still sold as new, I even bought one six months ago, they're no where near being classified as "old", they're hardly 5 years old. And this is not only an issue for already infected systems because uninfected systems will intentionally be left vulnerable.
No they are just choosing not to roll out the fix to a known issue, which is screwing customers over on purpose (to increase profits). It's not a matter of goodwill, they sold a product that then turned out to have a massive security flaw, and now they don't want to fix even though they absolutely could.
They are 100% not patching old chips intentionally by not allocating resources to it. It's a conscious choice made by the company, it is very much "on purpose".
I mean, it's been 15+ years since smartphones hit the market as a regular device, so those people where only in their mid/late 60's when that transition happened. And there are solutions in place for both digital access without smartphone and physical only access. I'm not sure I see how that is hostile to elderly or people that can't/won't use a smartphone or insist on physical access. Obviously physical access is going to be a hassle, that's why it's not the default anymore.
For banking and other official business, they have to go physically. If their bank has no physical department near them well then it sucks to be them. For digital mail you can apply for exemption and you will get physical letters.
You can order a digital code generator so you don't need the app if you still want 2FA for digital handling. But I don't want to have to carry that with me it would be a significant inconvenience for me.
It's a must for me. My phone is my primary day-to-day computer, so I need to be able to so everything from that. Unfortunately that is also why I'm not using graphene OS, because our government 2FA system doesn't work in graphene OS (even with play services installed) so it's impossible to do anything. I can't check anything WRT banking, schools, taxes, daycare, doctors appointments, hospital record or change anything that requires the involvement of city hall, including checking digital mail from the municipality or government. It's basically not possible to function in our society without it.
Should you really be concerned about a system that can be physically ruined by malware? I would say definitely yes...