[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

[sazrocks]

3 minutes ago, M.Yurizaki said:

It's important to note that Spectre is a hardware flaw around what appears to be how speculative execution is done. While it's poor form to shirk the impact to others, Intel's right in that anyone else's speculative execution engines could be at fault. And it calls into question if speculative execution itself is a fundamental issue or if it's just how it's implemented.

AMD is only vulnerable to 1 of the 3 vulnerabilities, Intel was implying that everyone was vulnerable to all 3 vulnerabilities just like them. AMD had to clarify that this was not the case.

[LAwLz]

1 minute ago, sazrocks said:

AMD is only vulnerable to 1 of the 3 vulnerabilities, Intel was implying that everyone was vulnerable to all 3 vulnerabilities just like them. AMD had to clarify that this was not the case.

AMD was/is vulnerable to 2 out of 3. They are vulnerable to both Spectre variants.

No, Intel was not implying AMD was vulnerable to all 3.

[Mira Yurizaki]

4 minutes ago, sazrocks said:

AMD is only vulnerable to 1 of the 3 vulnerabilities, Intel was implying that everyone was vulnerable to all 3 vulnerabilities just like them. AMD had to clarify that this was not the case.

And as much as I'd like to take AMD's word for it and that the researchers have found the exact steps they used to reproduce it Intel's side doesn't work on AMD, I'm still skeptical. I don't think there's enough of resources poking at AMD's hardware.

[Digital_Zero]

15 minutes ago, Some Random Member said:

It still is a third or fourth repost of the same topic with no quotes.

It is a repost, but I wasn't aware at the time of posting this. It's not fake news, but it is a HUGE smear campaign. but I'll be happy to remove it nonetheless.

[Guest]

1 minute ago, Digital_Zero said:

It is a repost, but I wasn't aware at the time of posting this. It's not fake news, but it is a HUGE smear campaign. but I'll be happy to remove it nonetheless.

it is a smear campaign, but some news anchors picked up on it thinking it was legitemate news, making it fake news.

[DrMacintosh]

So basically, who cares? 

[Eduard the weeb]

Feel like those lawsuits that happened to intel if done here would put AMD back in the grave pretty much

[LAwLz]

1 hour ago, Space Reptile said:

Turns out its a pile of horseshit , theres a megathread on r/AMD with some interesting revelations in the comments 

What do you mean by "it's a pile of horseshit"?

Other security firms has confirmed that the findings are true.

[Digital_Zero]

Just now, Some Random Member said:

it is a smear campaign, but some news anchors picked up on it thinking it was legitemate news, making it fake news.

The vulnerabilities exist, though are not nearly as big of a deal as they have made them out to be, it's not fake news, it's poorly reported news. But I hope Intel gets a smooth kick in the ass for their part in this "vulnerability assessment". It's bullshit.

[sazrocks]

48 minutes ago, LAwLz said:

No, Intel was not implying AMD was vulnerable to all 3.

Quote

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Quote

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively.

https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

That post was made to address the three variants. Therefore, "these exploits" most likely refers to all three exploits. It is unlikely that "these exploits" magically changed meaning between those two sentences. Thus, Intel was implying that other vendors (AMD, ARM) were susceptible to all three exploits. 

48 minutes ago, LAwLz said:

AMD was/is vulnerable to 2 out of 3. They are vulnerable to both Spectre variants.

There is some confusion here, and I should have addressed that. 

AMD is vulnerable to Variant 1

 

AMD is vulnerable to variant 2 if your definition of vulnerable is "theoretically possible to exploit", however so far (AFAIK) it has been impossible to actually exploit this variant on an AMD processor due to the nature of the architecture. On the other hand, IIRC Intel has proof of concept exploits for this variant in the wild right now.

 

AMD is not vulnerable to variant 3 (Meltdown).

 

https://www.amd.com/en/corporate/speculative-execution

(IIRC the whitepapers also stated something similar to the above, but I don't have the time to go searching though them right now)

 

Given that the researchers had many months to find a way to actually exploit variant 2 on AMD processors and were unsuccessful, I personally do not believe it to be a threat, though I will still happily install patches for variant 2 if they cause no performance penalty.

46 minutes ago, M.Yurizaki said:

And as much as I'd like to take AMD's word for it and that the researchers have found the exact steps they used to reproduce it Intel's side doesn't work on AMD, I'm still skeptical. 

If you're still skeptical even after a team at google of all places took many months documenting every detail of the exploit, I don't know what will convince you.

46 minutes ago, M.Yurizaki said:

I don't think there's enough of resources poking at AMD's hardware.

This may be a valid point. Do you have any evidence? I've been curious about this myself.

[apm]

1 hour ago, Blademaster91 said:

The organization stating they have an economic interest seems pretty shady,and only 24 hours to fix it although they aren't required to give a nice time window it still makes them look bad. No source code or Linux testing also seems suspicious,IMO.

while its not required to give the companies time to fix the bugs, it is kind of an industry standard and best practice, if the "researcher" doesnt have malicious intend. 

there are a ton of companies with a bad history of dealing with those bugs and the people who reported them.

8 minutes ago, LAwLz said:

What do you mean by "it's a pile of horseshit"?

Other security firms has confirmed that the findings are true.

whos that? 

it does look like a troll and scam to me tho, look at the FAQ of the site and how badly those videos were made.

 

https://twitter.com/GossiTheDog/status/973592498470866948

[GoldenLag]

18 minutes ago, LAwLz said:

What do you mean by "it's a pile of horseshit"?

Other security firms has confirmed that the findings are true.

Out of curiosity. Please name said companies. To allow for further eyesight into this

[leadeater]

3 hours ago, snortingfrogs said:

The researchers gave AMD less than 24 hours to look at the vulnerabilities and respond before publishing this report.

Err what, that seems insane but w/e.

[Mira Yurizaki]

6 minutes ago, sazrocks said:

If you're still skeptical even after a team at google of all places took many months documenting every detail of the exploit, I don't know what will convince you.

I'm skeptical because they can only work with black boxes. You can only poke at a black box so many times before you come up dry with ideas on how to poke it. It's the same reason why people believe Linux is more secure than Windows by default. Anyone can poke at Linux code and find out what's going on. Only a handful of privileged people can look at Windows code.

Quote

This may be a valid point. Do you have any evidence? I've been curious about this myself.

There's no direct evidence I can show, but I can infer this from:

• AMD has a smaller market share, and so it's not as interesting to look at.
• Security researchers tend to poke at Intel systems and have glancing looks at AMD ones
• The list of CVE vulnerabilities for AMD is much smaller compared to Intel. While a naive conclusion is "AMD is more secure!", it doesn't prove anything other than AMD has fewer publicly disclosed vulnerabilities.

[Misanthrope]

Seems odd to get close to no heads up. Let's hope AMD stays on top. Also, so many of you are making far too much of this it seems, gotta ease up on the conspiracies my dudes. 

[Guest]

21 minutes ago, Digital_Zero said:

The vulnerabilities exist, though are not nearly as big of a deal as they have made them out to be, it's not fake news, it's poorly reported news. But I hope Intel gets a smooth kick in the ass for their part in this "vulnerability assessment". It's bullshit.

The company that wrote the whitepaper doesnt exist. All they have written is false. Thus=fake

 

Also the firm behind it was a stock manipulation firm, they hoped the stock would crash. Seems like intel didnt have too much to do with this.(as far as we know, maybe someone in intel wanted amd stock, we dont know)

[Digital_Zero]

2 minutes ago, Some Random Member said:

The company that wrote the whitepaper doesnt exist. All they have written is false. Thus=fake

 

Also the firm behind it was a stock manipulation firm, they hoped the stock would crash. Seems like intel didnt have too much to do with this.(as far as we know, maybe someone in intel wanted amd stock, we dont know)

Thanks for this information. I just found that out myself. Also there is no proof of concept on any of these vulnerabilities. I work in the industry myself, so I'm sad to say I hopped on the believe the media train as I had seen the information from normally reputable sources. It'll be interesting to see what comes of this.

 

I have a ryzen 1800x myself and I love it, I hope Red Team keeps kicking ass and the 2k line puts them out infront in the CPU market.

[TenThousand]

tfw you get sad that you couldn't get in on it while the stocks were down.

[leadeater]

3 hours ago, LAwLz said:

Remember, with Meltdown and Spectre there was A TON of misinformation being spread around based on assumptions or incomplete facts. I suspect the same thing will happen here. Don't believe everything you read on the Internet.

A lot of people were more pissed off that the companies involved knew about it for 6+ months and the net result was barely anything was done about it. While it was actually very complex and they weren't doing nothing that time frame is what got a lot so annoyed, not the existence of the flaws themselves.

 

Yes there was also a lot of hype over how bad it actually was too.

[Mira Yurizaki]

Just now, leadeater said:

A lot of people were more pissed off that the companies involved knew about it for 6+ months and the net result was barely anything was done about it. While it was actually very complex and they weren't doing nothing that time frame is what got a lot so annoyed, not the existence of the flaws themselves.

There was the bit about how fixes could decrease performance by up to 40%. Too many people glazed over the "up to"

 

[sazrocks]

16 minutes ago, M.Yurizaki said:

I'm skeptical because they can only work with black boxes. You can only poke at a black box so many times before you come up dry with ideas on how to poke it. It's the same reason why people believe Linux is more secure than Windows by default. Anyone can poke at Linux code and find out what's going on. Only a handful of privileged people can look at Windows code.

Valid point.

17 minutes ago, M.Yurizaki said:

There's no direct evidence I can show, but I can infer this from:

• AMD has a smaller market share, and so it's not as interesting to look at.
• Security researchers tend to poke at Intel systems and have glancing looks at AMD ones
• The list of CVE vulnerabilities for AMD is much smaller compared to Intel. While a naive conclusion is "AMD is more secure!", it doesn't prove anything other than AMD has fewer publicly disclosed vulnerabilities.

Also valid point.

 

Personally, though I prefer more concrete evidence.

[leadeater]

1 minute ago, M.Yurizaki said:

There was the bit about how fixes could decrease performance by up to 40%. Too many people glazed over the "up to"

Yea good point, also all those test that were that high were all specific server tests and were even limited cases for that market segment.

[LAwLz]

Some facts and thoughts from me:

 

 

The pro-AMD things first, so that people won't get mad at me and stop reading instantly:

 

The white paper is not that well written. I mean, it contains a lot of information which is correct, but it also contains things like on page 2 where it it tries linking Asus' issues with their routers to ASMedia having backdoors. I mean, there is a logical trail to be made between AMD having backdoors in their chipsets because Asus got in trouble with the FTC... But it's a very big stretch. Here their logic by the way:

ASMedia made the chipset for AMD -> ASMedia is owned by Asus -> FTC punished Asus for having poor router security -> therefore AMD chipsets has poor security.

When you read their document it kind of makes sense, but when you strip out all the fluff and link their logic up on a straight line like this, it sounds very silly.

 

There are a lot of mentions of "backdoors" in the paper, even though it also says they are "basic security design errors". Sorry, but a design error is not a backdoor.

Errors are by definitions mistakes.

Backdoors are by deliberate, at least that's how I use the term and that seems to be the agreed upon definition.

So you can't have it both ways. Are they mistakes or deliberate?

 

These are all attacks which relies on the system already being compromised in some way. For example needing admin privilege. Chances are if you are in that situation you're already pretty screwed, but these exploits makes things even worse.

 

The people behind this are unethical and scummy. Chances are they are deliberately trying to lower AMD's stock value. Not sure why though.

 

The statement that these issues are "practically un-patchable" seems to be grabbed out of thin air to me.

 

 

 

And now the "anti-AMD" part:

 

Other security firms, more specifically Trail of Bits, has confirmed that these vulnerabilities do exist, and there is working code to exploit them. In fact he even went as far as to say "we found their documentation far above average for typical security companies, the exploit code all worked exactly as described, and worked on the first try".

Jake Williams (from Rendition Infosec) has also said that "I'm confident this is real".

 

I think it is laughable that some of you are trying to discredit these findings for reasons such as "they have disabled comments on Youtube". Seriously, are you guys for real? Who the fuck cares when the website was registered, or when the Youtube channel was made? None of that matters. What matters is the information they are providing.

It's like listening to 12 year olds trying to play detectives to throw dirt at someone who took their lunch money. Nobody should give two shits if they use stock images in their video or not because that is irrelevant to whether or not their findings are legitimate.

 

They aren't as irresponsible as you might think. They provided AMD and other firms with the PoC without making it public. That reduces the risk of potential attacks by quite a lot.

 

These exploits do not need physical access. Not even the BIOS flashing ones does (which are 3 of the exploits, the other 10 does not need BIOS modifications).

"Local-machine elevated administration privilege" does not mean local as in physical access. It means local as in, on the computer.
 

Some of these issues are related to ASMedia chips, which have been known to be vulnerable before, although right now it's difficult to find articles about it because everything just brings up these AMD news.

[Guest]

8 minutes ago, Digital_Zero said:

Thanks for this information. I just found that out myself. Also there is no proof of concept on any of these vulnerabilities. I work in the industry myself, so I'm sad to say I hopped on the believe the media train as I had seen the information from normally reputable sources. It'll be interesting to see what comes of this.

 

I have a ryzen 1800x myself and I love it, I hope Red Team keeps kicking ass and the 2k line puts them out infront in the CPU market.

Every year a fake news story massively spreads, because journalist nowadays just copy one and another, so if one news anchor gets payed to put out a bs story like that, all the others copy it for free. A similar thing happened with "CNN transmitting hardcore p0rn for 30 minutes straight" Spoiler:that also never happened.

[sazrocks]

6 minutes ago, leadeater said:

Yea good point, also all those test that were that high were all specific server tests and were even limited cases for that market segment.

On the other hand though, datacenter applications were affected by multiple percent, which is huge for that market.