Yikes! Lenovo is vendor-locking AMD Ryzen CPUs via PSB

[mr moose]

On 1/19/2022 at 9:14 PM, mr moose said:

I mean, surely AMD or intel have a way to program their own CPU's from running until a "BOMB PSP/TPM" command is given at which point it only allow to reboot once the PSP/TPM is formatted?

 

 

 

@leadeater @LAwLz  This was a serious question (although somewhat grammatically broken, sorry).    Surely there is a way to achieve this without locking the CPU permanently?

[LAwLz]

Just now, mr moose said:

@leadeater @LAwLz  This was a serious question (although somewhat grammatically broken, sorry).    Surely there is a way to achieve this without locking the CPU permanently?

I'm not so sure.

 

I tried thinking about it earlier but couldn't really come up with a good solution.

On 1/18/2022 at 2:06 PM, LAwLz said:

Right now I can't think of a good way to achieve a fully unbroken chain of trust between the secure processor and the OS that also allows for resetting. Maybe if they could make the fuses reset-able, and had a type of passcode shipped with every processor? That way it would work the way it does right now, but if you sold something on the second hand market they could provide you with a reset code that restores the CPU to "factory settings". That potentially opens up the risk of someone attacking the "factory reset" function though at which point the chain is broken again.

 

 

Another suggestion would be that someone like Microsoft had one key that they distributed to motherboard manufacturers and everyone used the same key. That way, if a processor was locked it would be locked to Microsoft's key, which companies like Lenovo, Asus, Dell etc could all use. So if your processor got locked to a Lenovo motherboard you would still be able to reuse it on an Asus board since they were both signed with the same key.

That's the system we have in place for signing of bootloaders for Secure Boot. Pretty much everyone (including GNU/Linux distros) signs their bootloaders with Microsoft's key (with their permission).

The problem there is that if the key were to ever get leaked, the entire layer of protection would become irrevocably useless. I don't think there are more than like 10 companies that have access to Microsoft's bootloader key so the risk of it leaking is small. Having every single motherboard manufacturer use the same key would probably have a retty high risk of leaking though.

[leadeater]

7 hours ago, mr moose said:

 

@leadeater @LAwLz  This was a serious question (although somewhat grammatically broken, sorry).    Surely there is a way to achieve this without locking the CPU permanently?

 

7 hours ago, LAwLz said:

I'm not so sure.

 

I tried thinking about it earlier but couldn't really come up with a good solution

I didn't reply because I couldn't think of anything that simply is not feasible or cost affective on a consumer platform and neither am I sure the basis of the one I am thinking off is entirely secure and foolproof outside of confines of datacenter network with segregated and firewalled management traffic so the BMCs/iLOs can't be as easily attacked.

 

Note the full cost of iLO is more than some low power Atom systems so putting something like that on an i3, Pentium or Celeron motherboard/platform is wildly stupid idea.

 

Fuse locking is not a requirement to achieve this kind of functionality but it is the cheapest and easiest to implement I can think of.

 

7 hours ago, LAwLz said:

Another suggestion would be that someone like Microsoft had one key that they distributed to motherboard manufacturers and everyone used the same key. That way, if a processor was locked it would be locked to Microsoft's key, which companies like Lenovo, Asus, Dell etc could all use.

So like how UEFI Secure Boot works then?

 

7 hours ago, LAwLz said:

That's the system we have in place for signing of bootloaders for Secure Boot. Pretty much everyone (including GNU/Linux distros) signs their bootloaders with Microsoft's key (with their permission).

Oh the very next line, oh well leaving it in lol

 

Other downside not mentioned is that every BIOS update would have to go through Microsoft to be able to be distributed so there would have to be an entire and efficient process for this, which itself may be able to be abused to get something malicious signed.

[leadeater]

6 hours ago, sexychimichanga said:

but the mods outside of leadeater can be dicks

 I'm 100% guilty of being a dick, multiple times 

[jagdtigger]

On 1/19/2022 at 8:22 AM, LAwLz said:

We don't want to end up in a situation where downloading the latest Spider-Man movie will result in you getting a bitcoin miner installed inside your CPU, that can't be removed even if you format Windows for example.

Like wendor locking will magically fix every vulnerability in the CPU's black box.... /s

[darknessblade]

This is one hell of a ANTI-Consumer tactic.

 

if the EU gets wind of this, they will Force Lenovo to disable this for Consumers within the EU.

 

[wanderingfool2]

7 hours ago, sexychimichanga said:

-snip-

To address your superfish thing...first, Superfish's response to the entire thing was to blame it on another company's addon they were using (which labelled itself SSL highjacker).  The second is, Lenovo chose to use Superfish [for their own personal gain].  Even at the time people thought Superfish to be adware.  There is a reason why people blame Lenovo, and it's because you have a company that essentially tried putting it's money first at the expense of the customer...and tried twisting it that it was for the consumer.  A note as well, the "others" were more referring to those freeware programs that liked installing the add-ons to make money.

 

It's decisions like that that fuel the hatred when seeing features like this which are effectively locking in people for "security" when in practice it doesn't offer any additional security to like 99.99999% of the people.

[StDragon]

8 hours ago, mr moose said:

 

@leadeater @LAwLz  This was a serious question (although somewhat grammatically broken, sorry).    Surely there is a way to achieve this without locking the CPU permanently?

It's called Pluton.

Basically puts a TPM on the CPU die. It's similar to how Apple put the T2 on the M1 die. The idea being you don't want information between a security chip traversing over traces to the CPU. By having it all on the same die, that information can't be snooped.

[LAwLz]

14 minutes ago, StDragon said:

It's called Pluton.

Basically puts a TPM on the CPU die. It's similar to how Apple put the T2 on the M1 die. The idea being you don't want information between a security chip traversing over traces to the CPU. By having it all on the same die, that information can't be snooped.

Pluton does not serve the same purpose as the PSB. Pluton will not protect from the attacks this "vendor lock" function protects against. 

 

Pluton is, from what I've gathered, basically just TPM 3.0. It's embedded TPM in the same way fTPM is, which protects it from attacks on the bus, and it has an upgraded protocol for communicating with the OS (although not much is known about that yet). 

 

I don't see how Pluton would protect against BIOS malware like this does. 

[StDragon]

11 minutes ago, LAwLz said:

Pluton does not serve the same purpose as the PSB. Pluton will not protect from the attacks this "vendor lock" function protects against. 

 

Pluton is, from what I've gathered, basically just TPM 3.0. It's embedded TPM in the same way fTPM is, which protects it from attacks on the bus, and it has an upgraded protocol for communicating with the OS (although not much is known about that yet). 

 

I don't see how Pluton would protect against BIOS malware like this does. 

"The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU. Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard. Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.

 

This is accomplished by storing sensitive data like encryption keys securely within the Pluton processor, which is isolated from the rest of the system, helping to ensure that emerging attack techniques, like speculative execution, cannot access key material. Pluton also provides the unique Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers."

[leadeater]

48 minutes ago, StDragon said:

even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers."

It's actually only this last part that makes it any different from PSP and fTPMs etc. Because the PSP is supposed to do all of that however the PSP itself can be attacked or hijacked which itself has access to all the protected things.

[StDragon]

3 minutes ago, leadeater said:

It's actually only this last part that makes it any different from PSP and fTPMs etc. Because the PSP is supposed to do all of that however the PSP itself can be attacked or hijacked which itself has access to all the protected things.

To be clear, I'm not suggesting PSB is worthless. What I am suggesting is that it's rendered moot with Pluton going forward. Though that's not to say it won't still be around under the auspices of security when it fact it's just a coy way of ruining the 2nd hand market with vendor binding to the CPU.

[Blademaster91]

10 hours ago, sexychimichanga said:

This is going to be my last post before I have my account deleted, but it is indeed possible that is the only way.  It comes down to the overall design of the HW and how code is "able" to interact with it.  You're better off asking someone at AMD, but they might not be willing to give you a proper answer.  You could also consider this a desgin flaw by AMD, to be honest.

One other thing before I go since people are still talking about Superfish.  1)  That's not even made by Lenovo.  Superfish was an ad company  2)  Lenovo had no actual idea about the actual problem, so yes that British firm was correct.  3) The problem was actually with a third party add-on that they weren't aware of, but people blindly blamed Lenovo for that.  Look up Komodia, that's who you actually have a problem with.  In fact, you can find Komodia's stuff in parental control SW.  Mob mentality never seems to amaze me.  I know research is hard for some of you, but let's see!  "Komodia itself refers to its HTTPS-decrypting and interception software as an "SSL hijacker".  Lenovo bad because their name is Komodia?  4)  You should blame a lot of companies since others have used Superfish as early as 2010, before Lenovo even used it.  I'm assuming most of you failed to even look into it and just flipped out due to paranoia?  This is partly why I'm leaving.  It's seems like people here have an unreasonable fear of Lenovo because they rather not do research and not use critical thinking.  Goodbye.  Have fun with the mob mentalty and obvious biases.  I really don't care if a mod deletes this as reality is not something people enjoy.  I'm out.  No, it wasn't purely this thread as much as it was overall forum biases, poor moderation, and poor information from LTT.  Remember kids, put your electronics in the oven.  All those parts are meant to get that hot.  Let's not even diagnose it and assume we need to ghetto reflow it.  I also love how one of the rules is to not be a dick, but the mods outside of leadeater can be dicks. Yet, you're not supposed to question their authority.  Peace.

IMO people shouldn't be avoiding Lenovo because of Superfish, they removed that and fixed it.

But I think Lenovo is partly to blame for using the PSB feature, from the comments here HP doesn't use it, and while the feature is AMD's, Lenovo chose to use it, on the other hand the feature doesn't seem to make much sense and yeah I think AMD is to blame also. The CPU being locked down doesn't make sense if someone already has access to a system, I think you're pretty well screwed at that point if someone had access or got into the servers its connected to. As for your last point, I agree the forum has changed, I noticed it has changed quite a bit since I've joined.

[wanderingfool2]

1 hour ago, sexychimichanga said:

I'll address this one last thing since you failed to read

Trust me, it's not my failure to read.  It really seems like you are biased towards Lenovo, but lets make this clear it's foolish to say Lenovo doesn't take blame on pre-shipping a product that by many was considered ad-ware and had a vulnerability in it (it doesn't matter if it Superfish utilized an add-on that caused it).

 

Lenovo had Superfish installed (and no matter what you say at the time a lot of people even considered it adware)

Superfish had utilized and add-on that had the certificate flaw in it.  And the rest is history.  It is why you don't partner with such companies to include it.  It was to the point that US officials warned to uninstall superfish.

 

If you don't see how a company like Lenovo gets a bad wrap from it, then fine, but don't expect people not to blame Lenovo.  It's similar to how I hold it against Windows installing Candy Crush (even though there wasn't a vulnerability), although in Windows case less drastic.  Other examples of what to blame is Norton and their Crypto [for different but still similar reasons].

 

Here's a hint though, they used that third party and released Superfish with that.  A software developer doesn't get a pass because they didn't realize what the third-party was doing.  All you have to ask is was the Superfish packaged with Lenovo the cause of the certificate issue.  The answer was yes, it doesn't matter if Superfish relegates the blame to a third party, the fact is it was part of their release.

[BlueChinchillaEatingDorito]

On 1/20/2022 at 3:15 PM, Blademaster91 said:

IMO people shouldn't be avoiding Lenovo because of Superfish, they removed that and fixed it.

But I think Lenovo is partly to blame for using the PSB feature, from the comments here HP doesn't use it, and while the feature is AMD's, Lenovo chose to use it, on the other hand the feature doesn't seem to make much sense and yeah I think AMD is to blame also. The CPU being locked down doesn't make sense if someone already has access to a system, I think you're pretty well screwed at that point if someone had access or got into the servers its connected to.

I think AMD takes a majority of the blame here. In the words of Gamers Nexus, this is a bad product (yes it's just a bad feature of a product... much the same way exploding is a bad feature of Gigabyte GP PSUs). Lenovo was just the poor sucker who decided to use all of the product's bundled features and it exploded in their face (no Gigabyte reference intended). Lenovo could've explained the rationale better of course. But at the same time the sort of explanation that made complete sense to me was extremely technical, more relevant for actual IT professionals. Something the average brain on this forum does not have the patience to even sit through. 

 

Quote

As for your last point, I agree the forum has changed, I noticed it has changed quite a bit since I've joined.

It's widely why for the most part I rarely partake in News Articles anymore. It's really just Apple bashing and AMD circle jerking at this point. 

[Blademaster91]

4 hours ago, BlueChinchillaEatingDorito said:

I think AMD takes a majority of the blame here. In the words of Gamers Nexus, this is a bad product (yes it's just a bad feature of a product... much the same way exploding is a bad feature of Gigabyte GP PSUs). Lenovo was just the poor sucker who decided to use all of the product's bundled features and it exploded in their face (no Gigabyte reference intended). Lenovo could've explained the rationale better of course. But at the same time the sort of explanation that made complete sense to me was extremely technical, more relevant for actual IT professionals. Something the average brain on this forum does not have the patience to even sit through. 

I've seen Gamers Nexus discuss PSB, and from what I understand AMD cpu's don't need a PCH chipset like Intel cpu's do, as everything needed for security is on the CPU, instead of something like Intel management engine using the PCH on the motherboard.

I think the feature is bad, but in my opinion Lenovo didn't have to use it, it makes no sense on desktops, and completely ruins reusing any parts once the system is sold by the company using it.

4 hours ago, BlueChinchillaEatingDorito said:

It's widely why for the most part I rarely partake in News Articles anymore. It's really just Apple bashing and AMD circle jerking at this point. 

I see more people in tech news defending Apple for the anti-consumer things they do, and more crapping on AMD for "but drivers bad" and people getting pissed over BIOS updates when a lot of people on this forum probably upgrade more often anyway, or completely sh*tting on the 6500XT which is something gamers can actually buy, yet there was almost no criticism for the RTX 3080 12GB which was a significant price increase over the 3080 10GB without much of a performance improvement.

[leadeater]

6 hours ago, BlueChinchillaEatingDorito said:

Lenovo was just the poor sucker who decided to use all of the product's bundled features and it exploded in their face

I would hardly say exploded in their face. The only vocal complainers are "gamers" who were never going to buy a Lenovo business/Pro product and were extremely unlikely to encounter a used Lenovo system or Ryzen Pro CPU. The majority of this whole situation is complaining for the sake of complaining.

 

It's a legitimate feature that many businesses would want, hence where it's being used and only being used. It needed no explanation at all because it's already explained in both Lenovo's security features and product portfolio, talk to a product manager or pre-sales engineer as well, or AMD's Security Feature Whitepaper for Pro products (however light on detail).

 

Neither does it help when it's incorrectly reported on, like Linus and Luke on the WAN show, where they talk about fuses blowing and the product becoming useless which is not at all, not even slightly close to how PSB works. It's not destructive, it doesn't stop the CPU from working nor render it useless and not even if you put the CPU in a different vendor system and try and boot it. It's not similar to, tangentially related or in the distant proximity of exploding Gigabyte PSUs.

 

It absolutely is a feature that is irrelevant to custom PC builders and gamers, it will negatively impact the used market however to an unsubstantiated degree, but that doesn't make it a "bad feature". It just makes it a bad feature for you. If it were a feature available on Ryzen, not even actually used, then that would be quite the different discussion.

[wanderingfool2]

6 hours ago, sexychimichanga said:

Except you did fail to read since this wasn't done by Lenovo nor Superfish.  Also, just becasue that's how they feel doesn't mean it is adware, it just means you and they don't understand cybersecurity.  It's a 3rd party who injected malicious code, not my fault you don't understand cybersecurity.  I've only logged back in, by the way, to disable 2FA for the people to disable my account.  Then I got a notification telling me that you still don't understand what you're talking about.

You do you, because you obviously are the one not understanding.  Under that logic SolarWinds shouldn't be held accountable for having their servers compromised and invalid updates being sent to people.  I understand cybersecurity well enough, just because you are buying into Superfish's official statement that it wasn't their fault that they used a 3rd party addon doesn't give them an excuse.  Also, there was an handful of software back then that did consider Superfish adware (and users complaining about it)...so yea, adware.

 

Like it or not, Lenovo made a decision based on profit back then with Superfish, and for lack of a good reason it seems like they might be doing a similar thing here.  There really isn't a good reason for Lenovo for implementing it on this hardware.

[hishnash]

I find this enter story a little bit overblown.

These are Pro-sereise cpus being sold to companies. The companies want these cpus to have a proper secure boot implementation. To do secure boot properly you need to ensure that you do not run an un-trusted/modified bios otherwise the modified bios (that starts before the OS) can turn off the other secure boot stages bypassing all of your security. Given how TMP works (it stores and provides keys but does not do the encryption/decryption itself) if you are able to compromise the cpu at a bios level you are able to read out those keys in plain text meaning cracking disk encryption becomes purely a matter of guessing the suers PW and since you have the other part of the keys you can do that in parallel.

To do this properly you really have 2 options:

1) Do what AMD did make it so that once the cpu is paired with a bios vendor it will only execute a bios signed by that vendors root certificate
2) Do what Appel did with the T2, have a (costly) additional chip on the motherboard that powers on before the cpu (and controls cpu power) that loads the cpus bios and validates its signature before providing the cpu with its bios. 

What would be nice is if AMD did not use e-fuses but rather NAND within thier cpu so that you could reset this signature lock, it would be important just like when you re-set the T2 firmware that the TMP keys were all randomised so that a resetting of the cpu did not bypass the system security however.

[the_everafter]

Hey, new here.
right whenever the chip shortage was starting i decided that waiting on trying to find good deals on parts and build my own system just wasnt worth it for me.

I bought a Lenovo Legion to get me started, with the impression that if there was anything that i didnt like or that did not suit my needs i could just upgrade it along the way and go ahead and get a decent prebuilt for what i needed. so that being said now that the PSB lock thing has come out it makes me worry about whether i could replace this motherboard (especially since i damaged one of the very few USB 3.1 ports in a moving accident.) 

I have looked online and tried to see if my Ryzen 5 3600 has PSB functionality or not. i have looked all through the uefi and cannot find a setting saying it is or isnt enabled. so i feel somewhat safe in replacing the board but i would like to be 100% sure and am hoping you guys could help. 
What AMD CPU's have the PSB feature? Also, am i safe to change out the motherboard on this computer to a non-lenovo board without replacing the CPU as well?

[BlueChinchillaEatingDorito]

2 minutes ago, the_everafter said:

Hey, new here.
right whenever the chip shortage was starting i decided that waiting on trying to find good deals on parts and build my own system just wasnt worth it for me.

I bought a Lenovo Legion to get me started, with the impression that if there was anything that i didnt like or that did not suit my needs i could just upgrade it along the way and go ahead and get a decent prebuilt for what i needed. so that being said now that the PSB lock thing has come out it makes me worry about whether i could replace this motherboard (especially since i damaged one of the very few USB 3.1 ports in a moving accident.) 

I have looked online and tried to see if my Ryzen 5 3600 has PSB functionality or not. i have looked all through the uefi and cannot find a setting saying it is or isnt enabled. so i feel somewhat safe in replacing the board but i would like to be 100% sure and am hoping you guys could help. 
What AMD CPU's have the PSB feature? Also, am i safe to change out the motherboard on this computer to a non-lenovo board without replacing the CPU as well?

This is currently only present on Lenovo's Think line of business devices as far as we know. This hasn't trickled down to their consumer lineup yet. Not sure if it will, but so far, no. 

[the_everafter]

Fantastic. Thank you for clearing that up for me!

44 minutes ago, BlueChinchillaEatingDorito said:

This is currently only present on Lenovo's Think line of business devices as far as we know. This hasn't trickled down to their consumer lineup yet. Not sure if it will, but so far, no. 

Fantastic. Thank you for clearing that up for me!