[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

[Mira Yurizaki]

Just now, Deus Voltage said:

This is actually well known and documented;

https://www.reuters.com/article/us-eu-intel/eu-conducts-antitrust-raid-on-intel-retailers-idUSL1216666220080212

 

https://www.cnet.com/news/eu-antitrust-officials-raid-intel/

 

https://seekingalpha.com/article/64296-eu-antitrust-investigators-raid-intel-munich-office

I'm asking for proof about this specific case.

 

But inferring context is too hard.

[MoonSpot]

3 hours ago, Coaxialgamer said:

only allowed them 24 hours instead of the customary 90 days , which is kind of a duck move in my opinion

I wonder how long it took CTS to make the 'AMD Flaws Overview' video, bout 24hrs maybe?  The names of these exploits are about as subtle as a mallet and immediately make me think there is more to CTS' interests here, but whatever.  Will be interesting to see what developments occur from the EYPC side in particular, and see what professional epyc users/administrators think and say in the coming days.

There never was and never will be a 100% secure bulletproof system, but with AMD trying to wedge into server space these sorts of security concerns are paramount.

 

28 minutes ago, Drak3 said:

So, can I bash Intel for kicking dogs, even though they didn't?

No.  Though I'm fairly sure they kick puppies and light cigars with $100 bills on the regular.  My 'Ouija board' has confirmed this much and has been peer-reviewed by my magic 8-ball.

[Deus Voltage]

1 minute ago, M.Yurizaki said:

I'm asking for proof about this specific case.

 

But inferring context is too hard.

My apologies, but you did not specify the context. 

[Space Reptile]

posting it here aswell , bc we need multible threads for this topic apparently 

its 99.9% horseshit and (likely) stock manipulation 
r/ amd has a megathread on it and the comments have some interesting insights in who or what the fuck that "research firm" is and how this is handled 
https://www.reddit.com/r/Amd/comments/845w8e/alleged_amd_zen_security_flaws_megathread/
 

this is worth a read , that """Research firm""" is well known to be spreading shit to make stocks go down 
https://www.moneyweb.co.za/in-depth/investigations/viceroy-unmasked/

[Methos]

58 minutes ago, Blademaster91 said:

I doubt Intel would so openly and brazenly smear AMD,especially now since they're working with AMD using their GPU's.

I think you're on to something here. I did some digging and and reached out to my contacts etc and 15min later I got an anonymous message with an extremely damning photo.

[LAwLz]

Just now, Space Reptile said:

posting it here aswell , bc we need multible threads for this topic apparently 

its 99.9% horseshit and (likely) stock manipulation 
r/ amd has a megathread on it and the comments have some interesting insights in who or what the fuck that "research firm" is and how this is handled 

Ah yes, because we all know how reliable and unbiased /r/AMD are when it comes to AMD news.

Anyway, even if the research firm is shady, doesn't mean they might be correct in their findings.

 

The Shadow Brokers are not exactly honest or trustworthy either, but they have been right in the information they have published.

[AresKrieger]

Well it is a bs move on them to release it so soon but on the other hand amd was the reason meltdown news leaked early so i see this as karma to an extent. Though the credibility of this CTS will surely be raked over the coals due to the lack of disclosure to make necessary changes.

 

Either way I'm laughing inside at AMD fanboys who were so down on intel for their issue, smug morons didn't realize that amd surely would have similar issues eventually.

[Deus Voltage]

Directly from Viceroy research:

 

"In light of CTS’s discoveries, the meteoric rise of AMD’s stock price now appears to be totally unjustified and entirely unsustainable. We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries."

 

I'm not sure what to say really.

 

https://viceroyresearch.org/2018/03/13/amd-the-obituary/

[Notional]

Just now, Deus Voltage said:

Directly from Viceroy research:

 

"In light of CTS’s discoveries, the meteoric rise of AMD’s stock price now appears to be totally unjustified and entirely unsustainable. We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries."

 

I'm not sure what to say really.

 

https://viceroyresearch.org/2018/03/13/amd-the-obituary/

Yup. Like I stated, this is stock market manipulation.

[Space Reptile]

Just now, LAwLz said:

Ah yes, because we all know how reliable and unbiased /r/AMD are when it comes to AMD news.

Anyway, even if the research firm is shady, doesn't mean they might be correct in their findings.

 

The Shadow Brokers are not exactly honest or trustworthy either, but they have been right in the information they have published.

https://www.nytimes.com/reuters/2018/03/12/business/12reuters-prosieben-media-accounts.html

also the way they handled the whole thing , setting a 24hr ultimatum? stating that AMD Stock shud be worth 0$ ? man that sounds proffesional 
you know , instead of going out and tooting your horn w/ some THIRTEEN vulnerabilities you normally contact the guys beforehand , as its a MASSIVE security issue if those things actually existed 
heres an official statement on one of AMD's sites about it http://ir.amd.com/news-releases/news-release-details/view-our-corner-street-0

[AresKrieger]

5 minutes ago, Deus Voltage said:

Directly from Viceroy research:

'Dumb fanboy gibberish'

I'm not sure what to say really.

https://viceroyresearch.org/2018/03/13/amd-the-obituary/

Do these people have any relevance to the discussion on the vunerability or are they an unrelated group of fanboys who have reason bash for anything they can find (in other words are they associates of this CTS), because that sounds more like a reddit post from 12 year olds than anything worth taking seriously (though they are right that amd's stock is overvalued just they clearly are not pushing a reasonable conversation just stupid nonsense)

[Space Reptile]

2 minutes ago, AresKrieger said:

Do these people have any relevance to the discussion on the vunerability or are they an unrelated group of fanboys who have reason bash for anything they can find (in other words are they associates of this CTS), because that sounds more like a reddit post from 12 year olds than anything worth taking seriously (though they are right that amd's stock is overvalued just they clearly are not pushing a reasonable conversation just stupid nonsense)

hey man , it seems to works since nobody bothered to google that """""reseach firm""""" 's name and find out that they are a pretty shitty stock manipulator company and posted this story as fact asap to get those views 

[Guest]

11 minutes ago, LAwLz said:

Ah yes, because we all know how reliable and unbiased /r/AMD are when it comes to AMD news.

Anyway, even if the research firm is shady, doesn't mean they might be correct in their findings.

 

The Shadow Brokers are not exactly honest or trustworthy either, but they have been right in the information they have published.

The thread is over. It was stock manipulation by private guys, intel was not behind it this time(as far as we know for now). The firm that published "these findings" has done stock manipulations earlier too. Most of the stuff(more like all) is BS that they made up in hopes that the stock price would go down.

[Space Reptile]

Just now, Some Random Member said:

The thread is over.

one last post 

[AresKrieger]

7 minutes ago, Space Reptile said:

hey man , it seems to works since nobody bothered to google that """""reseach firm""""" 's name and find out that they are a pretty shitty stock manipulator company 

 

I'm not critsizing the post I quoted I just don't reddit due to the amount of contradiction and mis-information that goes on their, either way whether these people are trolls or stock manipulators as you pushed forth they are very bad at it as obvious troll is obvious. Though wallstreet is quite stupid so maybe it would work? I think even they aren't this dense if this truly is a scam.

 

That green screen blurry interview is hilarious, point validated 

(you think they would just film in front of a office space wall truly poor effort)

[Digital_Zero]

https://thehackernews.com/2018/03/amd-processor-vulnerabilities.html

 

Luckily it appears none of these are unpatchable, but defeating SEV is scary at the very least.

 

Edit: Take this information with a HUGE grain of salt, there has been NO proof on concept, The people who discovered the "vulnerabilities" have no clout and are unknown, and the group funding these guys are known for stock manipulation. Until it can be proven or dis-proven though I believe it's helpful for the information to be there. Sounds like someone really wants that AMD stock to drop. but that is my opinion and not based in any proof.

[Digital_Zero]

3 hours ago, rcmaehl said:

This all screams smear campaign
 

1. 24 hour disclosure instead of industry standard 90/180 day


2. Amdflaws links to a YT video, with comments disabled

3. YT Channel with video was just just March of this year



4. Domain (website records) for this "16 years in operation" company don't exist any earlier than February of this year

 

5. This sketchy quote from their disclaimer

 

6. This OTHER sketchy quote from their disclaimer



7. Exploits are common sense when it comes to security

MASTERKEY: "Exploiting MASTERKEY requires an attacker to be able to re-flash the BIOS with a specially crafted BIOS update. "

REBUTTAL: By the time you let attacker install BIOS you are already PWND
 

RYZENFALL: Exploitation requires that an attacker be able to run a program with local-machine elevated administrator privileges. Accessing the Secure Processor is done through a vendor supplied driver that is digitally signed.

REBUTTAL: By the time you let attacker to have admin rights, they can do anything they want anyway!
 

FALLOUT: Exploitation requires that an attacker be able to run a program with local-machine elevated administrator privileges. Accessing the Secure Processor is done through a vendor supplied driver that is digitally signed.

REBUTTAL: Same as above. Not a major concern
 

CHIMERA: A program running with local-machine elevated administrator privileges. Access to the device is provided by a driver that is digitally signed by the vendor.

REBUTTAL: Same as above. Not a major concern.

This is absolutely a huge smear campaign. Doesn't mean the vulns don't exist, but the extreme lack of notice screams some competitor is nervous and most likely helped push these guys to release early. As someone who does this for a living, it is ABSOLUTELY unprofessional to do what these guys have done. It would get your average analyst blacklisted hard.

[Blademaster91]

27 minutes ago, AresKrieger said:

Well it is a bs move on them to release it so soon but on the other hand amd was the reason meltdown news leaked early so i see this as karma to an extent. Though the credibility of this CTS will surely be raked over the coals due to the lack of disclosure to make necessary changes.

 

Either way I'm laughing inside at AMD fanboys who were so down on intel for their issue, smug morons didn't realize that amd surely would have similar issues eventually.

I don't know if it is karma rather than AMD's processors not being perfect either,despite AMD bragging they're impervious to spectre. I think it should be thoroughly investigated as AMD is getting into the server space with these Ryzen/Epyc cpu's, better for them to solve it now rather than later if these vulnerabilities aren't all BS.

CTS isn't going to have much credibility with their insufficient whitepaper and their 24hr timing surely won't help them.

On a side note you should watch using the f-word,LTT doesn't like it according to the CS.

 

Edit: oh it was just a BS smear campaign,lol they should have tried harder with those stock images.

[AresKrieger]

1 minute ago, Blademaster91 said:

On a side note you should watch using the f-word,LTT doesn't like it according to the CS.

That only applies to calling users fanboys, calling outsiders fanboys does not apply as the point of the rule is to prevent fighting between users, I did not refer to anyone thus it is irrelevant. Either way I can agree that this is an easy way to lose all credibility assuming they had any to begin with though the terrible blurry stock photos have added a large spoonful of doubt to that.

[Space Reptile]

5 minutes ago, Blademaster91 said:

But it was fine when researchers leaked meltdown with AMD helping to spread the news?

it was discovered and reported to intel and AMD weeks before dude

 
infact that vunerability exists on every intel chip made after 1995 (according to wikipedia) 
 

[sazrocks]

1 minute ago, Blademaster91 said:

But it was fine when researchers leaked meltdown

1. Before I say #2, I just want to say that this should not have happened and there should have been more care taken to ensure the vulnerability was kept under wraps until the reveal date.

2. That is a completely different situation. Intel (and AMD!) had ~6 months before the vulnerability leaked a few weeks early. Here AMD had 24 Hours before the research firm goes directly to the media with (seemingly) predetermined appointments. Intel (and amd) had 180 times the time that AMD had to respond to this.

7 minutes ago, Blademaster91 said:

with AMD helping to spread the news?

3. I had not heard of this. Do you have a link? As far as I remember, amd had first a stand by post, then a post explaining what did and did not affect them on their website, without mentioning anything about intel. Intel on the other hand, their first reaction was to state that both ARM and AMDs processors were affected too, trying to deflect the blame to the group.

[samcool55]

Sounds like BS to me, Spectre and meltdown had proper CVE's, these don't.

If it's a genuine security flaw that's properly reported it would at least have that, but it doesn't...

As long as that isn't the case i'm not going to worry about this tbh.

[David89]

2 hours ago, LAwLz said:

Edit: Also, regardless of whether or not it is a smear campaign (and regardless of who is behind it), the information and potential exploits should be taken seriously. You don't ignore potentially serious issues just because you don't like how the information was presented or obtained.

No. It doesn't, especially not if the Whitepaper is as badly written as that. Especially considering what background "Viceroy" (the company behind CST) has. They have a background of manipulating stock and are currently under investigation from many around the world. Most notably Germany for crashing the ProSieben stock last week.

53 minutes ago, LAwLz said:

AdoredTV is a drooling moron who doesn't know what he is talking about 80% of the time.

And yes, "glued together" is in fact the correct term for what AMD is doing with their processors.

Can you do something else, or is throwing swear words and bad mouthing people everything you can do? Have you studied that somewhere? I'd like to know that course, maybe i can jump down to your standard.

43 minutes ago, LAwLz said:

Ah yes, because we all know how reliable and unbiased /r/AMD are when it comes to AMD news.

Anyway, even if the research firm is shady, doesn't mean they might be correct in their findings.

 

Many at /r/AMD are everything but biased. They heavily favour AMD - me included - which COULD be bias, but most definitely isn't. Same goes for AdoredTV. "Bias" is something extremely unreasonable, but "we" (those, who favour AMD over Intel under many, many circumstances) have reasons for it. Which makes it - by definition - unbiased.

 

@Topic: It's absolute BS.

 

https://www.moneyweb.co.za/in-depth/investigations/viceroy-unmasked/

 

Their Office is made up from stock photos and green screen.

 

Basically, if you've got Admin rights on a PC, you can do everything you want with that thing. No shit...

[LAwLz]

Update from Dan Guido (highly respected security researcher, CEO of Trail of Bits).

CTS Labs reached out to Trail of Bits last week to review their findings, and they submitted a technical description as well as PoC.

All the exploits described in the white paper are legitimate. It is not just a smear campaign. AMD CPUs and chipsets do in fact have 13 vulnerabilities in them which should be fixed.

 

https://twitter.com/dguido/status/973628511515750400

 

 

He also says that:

Quote

It’s important to note that all these vulnerabilities require hackers to get on the computers and gain administrative privileges some other way first, such as with a phishing attack that tricks the victim into running a malicious application, according to the CTS researchers and Guido.

 

This means that they are “second stage” vulnerabilities, which would allow attackers to move from computer to computer inside the same network, or install malware directly inside the processor that can’t get detected by security software. This would allow an attacker to spy on the target without detection.

 

“It makes a bad compromise worse,” Guido said.

 

To that I would also like to add that since the PoC is not public (yet), the risk is lower than normal.

[Mira Yurizaki]

6 minutes ago, sazrocks said:

3. I had not heard of this. Do you have a link? As far as I remember, amd had first a stand by post, then a post explaining what did and did not affect them on their website, without mentioning anything about intel. Intel on the other hand, their first reaction was to state that both ARM and AMDs processors were affected too, trying to deflect the blame to the group.

It's important to note that Spectre is a hardware flaw around what appears to be how speculative execution is done. While it's poor form to shirk the impact to others, Intel's right in that anyone else's speculative execution engines could be at fault. And it calls into question if speculative execution itself is a fundamental issue or if it's just how it's implemented.