Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Coaxialgamer

[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

wkdpaul

Please keep the conversation civil and respectful, as per the Community Standards;

Quote
  • Ensure a friendly atmosphere to our visitors and forum members.
  • Encourage the freedom of expression and exchange of information in a mature and responsible manner.
  • "Don't be a dick" - Wil Wheaton.
  • "Be excellent to each other" - Bill and Ted.
  • Remember your audience; both present and future.

 

Message added by wkdpaul

Recommended Posts

1 minute ago, LAwLz said:

I haven't read through the whitepaper yet but where does it say you need physical access? For the BIOS vulnerability it might be needed (although you can update BIOS without physical access), but for the ones that just need admin privilege I don't see why they couldn't be done remotely.

Well if you can update BIOS without physical access, there you go. But updating BIOS looked like a first step in compromising the system.

Link to post
Share on other sites
1 minute ago, M.Yurizaki said:

Well if you can update BIOS without physical access, there you go. But updating BIOS looked like a first step in compromising the system.

Again, I haven't read the entire thing yet (barely started) but it seems to me like it is only one or a few out of the 13 exploits that has to do with the BIOS.

It's not a 13 step process where installing a compromised BIOS is the first step. It's 13 different attacks, some of which has to do with the BIOS.

Link to post
Share on other sites

24h timeframe to fix it sounds more like blackmail to me.

11 minutes ago, LAwLz said:

There is no standard procedure for vulnerabilities disclosures.

What should we call them out for exactly? Should we say "shame on you"? That won't change anything.

Yeah they should have given AMD time to fix these things but they didn't. It's not good but we have to live with their decisions and make the best out of it.

there are 2 ways to make bugs/exploits public, full disclosure and responsible disclosure. they chose the first one. 

24h isnt even enough for a small software company to fix one exploitable bug, but here we have 13 for a company as big as amd to fix.

Link to post
Share on other sites
9 minutes ago, LAwLz said:

Again, I haven't read the entire thing yet (barely started) but it seems to me like it is only one or a few out of the 13 exploits that has to do with the BIOS.

It's not a 13 step process where installing a compromised BIOS is the first step. It's 13 different attacks, some of which has to do with the BIOS.

I'm only focusing on the four that seem to be brought front and center in the OP, and the way I'm interpreting it is you install a compromised BIOS, which messes up the security zone in the CPU, which lets you then do other things in the system.

 

EDIT: From the whitepaper itself:

Quote
MASTERKEY is a set of three vulnerabilities allowing three distinct pathways to bypass Hardware Validated Boot on EPYC and Ryzen and achieve arbitrary code execution on the Secure Processor itself.

The Ryzenfall, Fallout, and Chimera appear to be a consequence of this.

Link to post
Share on other sites

Just to check (although I might be a bit too late for due google diligence): is there a source code for this?

 

if not, add one more to the fishy list. Meltdown and Spectre had working code verifiable by any third party, although I'm not sure how soon after their public announcement were they posted

 

 

 

Link to post
Share on other sites
5 minutes ago, LAwLz said:

Vulnerabilities can be very serious even if they require admin privilege or BIOS flashing.

I will withhold my judgement until I have read through the information we got (actual information, not what some reddit post or whatever says), and I recommend you do the same.

Ive read the white paper, and while my knowledge is severly lacking to make concrete assessments, im not sure any of the things described, such as vtl1 memory write or chipset command execution, can not be achieved by other methods with the proposed methods of access to the system. The most severe thing i see there is access to onchip security conclave, but its not specified whether the encryption keys can be extracted, only command execution from the security proccessor in a limited way

Link to post
Share on other sites
59 minutes ago, LAwLz said:

Gotta love the hypocrisy on this forum.

Intel has a security issue?

FUCK INTEL! I HOPE THEY GET SUED! WOHO AMD! INCOMPETENT MORONS CAN'T EVEN DESIGN A SECURE PROCESSOR!

AMD has security issues?

FUCK INTEL! I BET THIS IS FUNDED BY INTEL JUST TO MAKE AMD LOOK BAD! BY THE WAY NO NEED TO BE SCARED YOU GUYS! AMD PROCESSORS ARE SUPER SECURE!

How about we all calm down until we actually know what is going on?

It was announced just a few hours ago and I doubt people have even had the time to properly read through the white papers yet, much less analyzed the risks properly yet.

Remember, with Meltdown and Spectre there was A TON of misinformation being spread around based on assumptions or incomplete facts. I suspect the same thing will happen here. Don't believe everything you read on the Internet.

Edit: Also, regardless of whether or not it is a smear campaign (and regardless of who is behind it), the information and potential exploits should be taken seriously. You don't ignore potentially serious issues just because you don't like how the information was presented or obtained.

People are so quick to accuse anything but positive of AMD to be Intel shilling. I doubt Intel would so openly and brazenly smear AMD,especially now since they're working with AMD using their GPU's. Only 24 hours to examine is pretty low of them though taking this with a pile of salt and waiting to see how valid any of this news is.  Most of these attacks require root or BIOS access and makes them seem to be malware in comparison to spectre and meltdown.

Link to post
Share on other sites
3 minutes ago, VegetableStu said:

Just to check (although I might be a bit too late for due google diligence): is there a source code for this?

From what I can tell, no.

 

3 minutes ago, VegetableStu said:

Meltdown and Spectre had working code verifiable by any third party, although I'm not sure how soon after their public announcement were they posted

The day after.

 

 

2 minutes ago, hobobobo said:

Ive read the white paper, and while my knowledge is severly lacking to make concrete assessments, im not sure any of the things described, such as vtl1 memory write or chipset command execution, can not be achieved by other methods with the proposed methods of access to the system. The most severe thing i see there is access to onchip security conclave, but its not specified whether the encryption keys can be extracted, only command execution from the security proccessor in a limited way

I've only read a little bit of the paper, but so far it seems like a pretty bad document (as in, badly or vaguely written for a security white paper).

In any case, I think people should take a deep breath and wait until we have some more information before jumping to conclusions. It's a pretty bad idea to just assume things are one way or the other. All we know for now is that there might be known security issues with Ryzen processors. How severe they are remains to be seen but until then we should neither assume everything is fine, nor act like it's the end of the world.

Link to post
Share on other sites

There is some shady shit with below average white paper, YT channel popped up 3 days ago and then domain just registered less then a month ago while demanding an immediate fix. 

Link to post
Share on other sites
24 minutes ago, LAwLz said:

I've only read a little bit of the paper, but so far it seems like a pretty bad document (as in, badly or vaguely written for a security white paper).

In any case, I think people should take a deep breath and wait until we have some more information before jumping to conclusions. It's a pretty bad idea to just assume things are one way or the other. All we know for now is that there might be known security issues with Ryzen processors. How severe they are remains to be seen but until then we should neither assume everything is fine, nor act like it's the end of the world.

Not saying its the end of the world of everything is just fine, im not even on the "intel shenenigans lul" bandwagon, im just saying that considering the quality of materials provided, wording of the paper, site and video, timing, method of disclosure and the disclaimer the motive does not seem to be as stated, as in "informing the public", esp with the "no known methods of mitigation" generously sprinkled through the whitepaper and the whole thing is being artificially inflated to be seen as the new meltdown but this time amd. This whole thing should be taken with a generous grain of salt and, probably, disregarded until AMD and qualified third parties have time to put out a statement.

This shit is everywhere and considering the way most, if not all, major vulnerabilities in the last god knows how long have been presented it is suspicios

 

And the most sus part of it all, as i see it, is the last paragraph on this page: https://amdflaws.com/disclaimer.html

 

edit: I guess im just annoyed since i also have vested interest in the amd stock wellbeing, and regardless of the market trend now i find such lobsided accusations distastefull

Link to post
Share on other sites
1 hour ago, cj09beira said:

is intel being shady again? :| 

  Reveal hidden contents

 

 

I'd recommend people go read the white papers or wait for more news on these vulnerabilities instead, of course r/AMD is going to conspiracy theorize and blame Intel before we have any information or facts on the source.

33 minutes ago, apm said:

24h timeframe to fix it sounds more like blackmail to me.

there are 2 ways to make bugs/exploits public, full disclosure and responsible disclosure. they chose the first one. 

24h isnt even enough for a small software company to fix one exploitable bug, but here we have 13 for a company as big as amd to fix.

The organization stating they have an economic interest seems pretty shady,and only 24 hours to fix it although they aren't required to give a nice time window it still makes them look bad. No source code or Linux testing also seems suspicious,IMO.

Link to post
Share on other sites

I'm curious.. any good researcher would not only look at this from a Windows point of view but... what about Linux? Not one mention of Linux anywhere on website or white paper.

Link to post
Share on other sites
21 minutes ago, Blademaster91 said:

People are so quick to accuse anything but positive of AMD to be Intel shilling. I doubt Intel would so openly and brazenly smear AMD,especially now since they're working with AMD using their GPU's. Only 24 hours to examine is pretty low of them though taking this with a pile of salt and waiting to see how valid any of this news is.  Most of these attacks require root or BIOS access and makes them seem to be malware in comparison to spectre and meltdown.

Didn't you know? It's the cool thing to bash the popular one regardless of anything they did or did not do.

Link to post
Share on other sites
4 minutes ago, M.Yurizaki said:

Didn't you know? It's the cool thing to bash the popular one regardless of anything they did or did not do.

So, can I bash Intel for kicking dogs, even though they didn't?


Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to post
Share on other sites
1 hour ago, M.Yurizaki said:

What's your proof that Intel paid for this?

Dont you know of intels history of making fake stuff up about AMD?

The second most recent one was when they called the new amd server chips "glued together" and lacking any ecosystem. ADOREDTV did a short 30min documentary of all the shady stuff intel has done over its existance, give it a watch.

Link to post
Share on other sites

24h though huh what a joke. Their statement makes no sense whatsoever.


Ryzen 7 3800X | X570 Aorus Elite | G.Skill 16GB 3200MHz C16 | Radeon RX 5700 XT | Samsung 850 PRO 256GB | Mouse: Zowie S1 | OS: Windows 10

Link to post
Share on other sites
Just now, Some Random Member said:

The second most recent one was when they called the new amd server chips "glued together" and lacking any ecosystem.

Basically, EPYC is four Ryzen dies 'glued' together, and when those slides where created and used, it was extremely likely that there wasn't an ecosystem revolvong around EPYC. Both things were true when said.


Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to post
Share on other sites
31 minutes ago, Blademaster91 said:

People are so quick to accuse anything but positive of AMD to be Intel shilling. I doubt Intel would so openly and brazenly smear AMD,especially now since they're working with AMD using their GPU's. Only 24 hours to examine is pretty low of them though taking this with a pile of salt and waiting to see how valid any of this news is.  Most of these attacks require root or BIOS access and makes them seem to be malware in comparison to spectre and meltdown.

More of the fact that website poped up a few months ago, youtube channel a few days, comments disabled, they only gave 24hours instead of 90 days, their website is full of shady stuff, the whitepaper is really vague, no source codes or linux testing etc.

Shady quote number 1:

"The report and all statements contained herein are opinions of CTS and are not statements of fact"

number 2

"CTS reserves the right to refrain from updating this website even as it becomes outdated or inaccurate."

Link to post
Share on other sites
43 minutes ago, M.Yurizaki said:

Well if you can update BIOS without physical access, there you go.

There exists ways to flash bios from within Windows. There exists known and unknown vulnerabilities in Windows that could lead to local code execution. Put the two together, and there you go. This type of attack to me sounds like something a determined entity might go through to a very selective and specific target. I don't think it is something you need to be worried about as a regular nobody as it isn't something that could be made sufficiently generic as you'd have to match the bios to the mobo.


Main rig: Asus Maximus VIII Hero, i7-6700k stock, Noctua D14, G.Skill Ripjaws V 3200 2x8GB, Gigabyte GTX 1650, Corsair HX750i, In Win 303 NVIDIA, Samsung SM951 512GB, WD Blue 1TB, HP LP2475W 1200p wide gamut

Gaming system: Asrock Z370 Pro4, i7-8086k stock, Noctua D15, Corsair Vengeance LPX RGB 3000 2x8GB, Gigabyte RTX 2070, Fractal Edison 550W PSU, Corsair 600C, Optane 900p 280GB, Crucial MX200 1TB, Sandisk 960GB, Acer Predator XB241YU 1440p 144Hz G-sync

Ryzen rig: Asrock B450 ITX, R5 3600, Noctua D9L, G.SKill TridentZ 3000C14 2x8GB, Gigabyte RTX 2070, Corsair CX450M, NZXT Manta, WD Green 240GB SSD, LG OLED55B9PLA

VR rig: Asus Z170I Pro Gaming, i7-6700T stock, Scythe Kozuti, Kingston Hyper-X 2666 2x8GB, Zotac 1070 FE, Corsair CX450M, Silverstone SG13, Samsung PM951 256GB, Crucial BX500 1TB, HTC Vive

Gaming laptop: Asus FX503VD, i5-7300HQ, 2x8GB DDR4, GTX 1050, Sandisk 256GB + 480GB SSD

Total CPU heating: i7-8086k, i3-8350k, i7-7920X, 2x i7-6700k, i7-6700T, i5-6600k, i3-6100, i7-5930k, i7-5820k, i7-5775C, i5-5675C, 2x i7-4590, i5-4570S, 2x i3-4150T, E5-2683v3, 2x E5-2650, E5-2667, R7 3700X, R5 3600, R5 2600, R7 1700

Link to post
Share on other sites

"Bring it to public awareness before it becomes a real problem for society" with 24h notice to AMD huh. Say what?


Ryzen 7 3800X | X570 Aorus Elite | G.Skill 16GB 3200MHz C16 | Radeon RX 5700 XT | Samsung 850 PRO 256GB | Mouse: Zowie S1 | OS: Windows 10

Link to post
Share on other sites

IMO it's complete BS or marketing spam. Cuz in the report they say something about "it can be fixed with firmware update, but it would need few months of research"... and they they inform AMD 24h prior. WTF.

 

I don't like conspiracy theories, but I feel like this could be Intel's way of "leveling the playing field" since everything seems so overly rushed and the principles of exploit are basically the same.

Link to post
Share on other sites

After looking through the whitepaper some more, and despite the shadiness of the operation and the presentation of the paper and the extremely short window of time they presented the vulnerabilities, it still brings up a good point:

Quote

Since its early days the AMD Secure Processor has been a center of controversy within the open-source and security communities. Critics are concerned that the Secure Processoris a black box: few understand how it actually works, yet it has complete access to the system, and its actions are highly privileged and mostly invisible to the operating system. There have been petitions asking AMD to open-source the Secure Processor, but AMD refused. The company emphasized that it has performed extensive security audits on the Secure Processor, and that it is secure.

Security by obscurity isn't an effective means of securing your system. This is what bit Intel in the ass over IME and AMT.

 

5 minutes ago, Some Random Member said:

Dont you know of intels history of making fake stuff up about AMD?

The second most recent one was when they called the new amd server chips "glued together" and lacking any ecosystem. ADOREDTV did a short 30min documentary of all the shady stuff intel has done over its existance, give it a watch.

Until you have actual proof, you're spouting accusations that amount to slander, history of shady business practices or not.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×