AMD Silently Removed a Security Feature
AMD quietly removed memory encryption (SME/TSME) from consumer Ryzen CPUs without announcement. The HN thread surfaced two competing reads: one camp said this is serious because silent removal of a security feature implies either regulatory pressure or deliberate market segmentation to push buyers toward more expensive EPYC server chips. The other camp argued that if a feature can be silently removed via a firmware or microcode update, it was never reliable security to begin with.
The more pointed comment in the thread was a single line: 'Hint: NSA said no.' That framing, whether accurate or conspiratorial, captured the mood. Builders running sensitive workloads on consumer hardware, a common pattern in cost-conscious startups and self-hosters, are now wondering what they actually have.
The deeper issue is that hardware security guarantees have always been shakier than they look, and this is another data point. Intel had Spectre and Meltdown. AMD now has this. The market segmentation angle is real: enterprise-grade security features increasingly require enterprise-grade prices, and the line is being drawn more explicitly.
So what?
If your threat model includes memory-level attacks and you're running on consumer Ryzen hardware, you need to audit what protections you actually have right now. More broadly, this is a reminder that hardware security features are not guaranteed across firmware updates, so your security documentation should stop treating CPU-level encryption as a stable given. For founders pitching security products, this is a useful concrete example of why layered security matters.