AMD Shoots Down NSA Backdoor Claims.

[TechFan@ic]

In light of recent news surrounding security expert Steve Blank stating that he would not be surprised if the NSA had built backdoors into both Intel & AMD processrs, AMD however has shot down these claims in a statement, claiming their processors are as secure as can be & denying the existence of any NSA backdoors to overcome encryption

AMD Told Fudzilla.

Providing security to users of our processors is a key priority for AMD. We've been incorporating security features into our silicon for many years. There's no reason for the unfounded speculation that has been occurring

 

.

[Samdb]

They may not have noticed that there's a backdoor but there is probably one there.

[jonasa97]

Well too bad. If the NSA wants to work they need computers aswell meaning there is a backdoor into the NSA ! (Supposing they use either Intel or AMD)

[Immort]

They may not have noticed that there's a backdoor but there is probably one there.

A backdoor on the silicone level, the type Steve Blank believes exists would have to be engineered into the processor.

If a backdoor does in fact exist on the silicone level AMD would definitely be aware of it, they claim one does not exist, but it's possible they're pressured to say so by the NSA or any other government agency.

[sof006]

Why would they need a backdoor in your CPU? The internet is enough of a backdoor as it is. All you have to do is connect to the internet and you're released into a sea of vulnerabilities.

[efstajas]

A backdoor on the silicone level, the type Steve Blank believes exists would have to be engineered into the processor.

If a backdoor does in fact exist on the silicone level AMD would definitely be aware of it, they claim one does not exist, but it's possible they're pressured to say so by the NSA or any other government agency.

 

But he says here that they don't use hardware- level backdoors, but "microcode" applied on each startup.

[1funnygame]

Why would they need a backdoor in your CPU? The internet is enough of a backdoor as it is. All you have to do is connect to the internet and you're released into a sea of vulnerabilities.

because there might be hardware based systems that watch what you do that would be completely impossible to detect at the software level and no one would ever know as designs are not released to the public and even the designers of the chip don't know lots of what's on it because they only work in a certain area of development

[mymouthandi]

Whether it is true or not, possible or not, AMD's response is only ever going to be to deny that it is possible so this statement means nothing, really. 

[sof006]

because there might be hardware based systems that watch what you do that would be completely impossible to detect at the software level and no one would ever know as designs are not released to the public and even the designers of the chip don't know lots of what's on it because they only work in a certain area of development

Oh well then, I guess we should all throw our CPU's in the bin then I guess. Or since it doesn't really matter i'll keep mine ^_^

[Immort]

But he says here that they don't use hardware- level backdoors, but "microcode" applied on each startup.

To decode any string of microcode you will need a hardware level decoder in the CPU core, which is why this would require an intervention on the silicone level.

 

Whether it is true or not, possible or not, AMD's response is only ever going to be to deny that it is possible so this statement means nothing, really. 

That's what I believe as well, although Intel's lack of response/denial is very worrying.

[mymouthandi]

That's what I believe as well, although Intel's lack of response/denial is very worrying.

 

Intel aren't the most chatty regarding rumours and such. AMD is often more likely to speak up when something arises that concerns both companies.  

[ACatWithThumbs]

Quaestion: do you guys really think that the NSA has more knowledge of PC's then AMD or Intel or MC.
The only way there is a backdoor in the CPU is when AMD want's it in there.
And do you really think the NSA has anough resources to Spy on every Person on the Planet, because they couldn't even if they wanted to  every day there are Trillions of Messages nobody could read all of that.
And they would have to Translate billions of Information in to the English Language.

[efstajas]

Quaestion: do you guys really think that the NSA has more knowledge of PC's then AMD or Intel or MC.

The only way there is a backdoor in the CPU is when AMD want's it in there.

 

It's not about knowledge. Just because Intel and AMD "know" their stuff, doesn't mean they can't be forced politically or with a deal.

[TechFan@ic]

Intel aren't the most chatty regarding rumours and such. AMD is often more likely to speak up when something arises that concerns both companies.  

Intel was quick to deny the BGA socket only rumors, so I'd imagine they would also publish a statement regarding rumors of a fatal security flaw, even if they actually have these backdoors in their CPUs they will act quickly to dispel any such claims to protect their reputation.

[YellowDragon]

Quaestion: do you guys really think that the NSA has more knowledge of PC's then AMD or Intel or MC.

The only way there is a backdoor in the CPU is when AMD want's it in there.

And do you really think the NSA has anough resources to Spy on every Person on the Planet, because they couldn't even if they wanted to  every day there are Trillions of Messages nobody could read all of that.

And they would have to Translate billions of Information in to the English Language.

Do you think they have people at computer terminals actually reading information and collecting info, cause they dont. Its a simple matter to basically "sniff fiber" and copy information packets, thats kinda why I dont get the whole NSA invading my privacy and "why dont you give me your credit card info and drivers license and social security card" its a machine that makes copys and analyzes the data, they dont care if you went to the bar last saturday or about your day to day lives, most people have an over inflated sense of self worth and I think that is not being considered. 

 

If you could capture all the worlds info, and trace everything you run into the problem of analyzing it, as more content is being created while you are collecting, they have a coputer that basically skims 1000's of documents at a time for key words and that is all, everyone is just too oversensitive and they think someone is sitting at a desk reading everyone's email. The truth is of all data collected they will look at a micro-fraction of a percent of it. 

[mymouthandi]

Intel was quick to deny the BGA socket only rumors, so I'd imagine they would also publish a statement regarding rumors of a fatal security flaw, even if they actually have these backdoors in their CPUs they will act quickly to dispel any such claims to protect their reputation.

Very good point, I forgot about the BGA rumours. However, didn't AMD respond first, forcing Intel to respond? I remember AMD saying they would have sockets for the foreseeable future and only then did Intel talk.  

[TechFan@ic]

Very good point, I forgot about the BGA rumours. However, didn't AMD respond first, forcing Intel to respond? I remember AMD saying they would have sockets for the foreseeable future and only then did Intel talk.  

I'm expecting the same thing to happen with these backdoor rumors as well, intel should follow shortly with a statement of their own.

[Levis95l]

Do you think they have people at computer terminals actually reading information and collecting info, cause they dont. Its a simple matter to basically "sniff fiber" and copy information packets, thats kinda why I dont get the whole NSA invading my privacy and "why dont you give me your credit card info and drivers license and social security card" its a machine that makes copys and analyzes the data, they dont care if you went to the bar last saturday or about your day to day lives, most people have an over inflated sense of self worth and I think that is not being considered.

If you could capture all the worlds info, and trace everything you run into the problem of analyzing it, as more content is being created while you are collecting, they have a coputer that basically skims 1000's of documents at a time for key words and that is all, everyone is just too oversensitive and they think someone is sitting at a desk reading everyone's email. The truth is of all data collected they will look at a micro-fraction of a percent of it.

But imagine how powerful that kind of computer should be. A computer/computers that skim all the documents sent in Internet, also the ones in foreign language. Even if you have the compute power you'll also need fast enough connection to download all the data.

[YellowDragon]

But imagine how powerful that kind of computer should be. A computer/computers that skim all the documents sent in Internet, also the ones in foreign language. Seems

Not that powerful actually, the most important thing is the code behind it and Search Algorithm efficiency, also known as Big O notation, i come from a programming background and proper code makes more of a difference then the top end hardware, you would need a decently powered server room to collect data, however its a basic copy operation to collect the data which any PC is able to do with amazing speed, as for analyzing the data I would imagine a basic Hash table and key value would suffice and its just searching for collisions and proper matches, this isnt all that intensive if optimized properly for the algorithm in question, so they would probably use ASICs to do it, or Application Specific Integrated Circuits as they are optimized for a singular task and do it with incredible efficiency.....for example take bitcoin ASICs that are optimized for SHA 256, they do this kind of algorithm with amazing speed however they are useless outside this application. 

 

To be completely level with you, it would not take much in the realm of the government to collect and analyze all that data, a couple billion dollars, however that is chump change to them.

[Levis95l]

Not that powerful actually, the most important thing is the code behind it and Search Algorithm efficiency, also known as Big O notation, i come from a programming background and proper code makes more of a difference then the top end hardware, you would need a decently powered server room to collect data, however its a basic copy operation to collect the data which any PC is able to do with amazing speed, as for analyzing the data I would imagine a basic Hash table and key value would suffice and its just searching for collisions and proper matches, this isnt all that intensive if optimized properly for the algorithm in question, so they would probably use ASICs to do it, or Application Specific Integrated Circuits as they are optimized for a singular task and do it with incredibly effective.....for example take bitcoin ASICs that are optimized for SHA 256, they do this kind of algorithm with amazing speed however they are useless outside this application. 

 

To be completely level with you, it would not take much in the realm of the government to collect and analyze all that data, a couple billion dollars, however that is chump change to them.

You seem to know this stuff, so maybe you're right.

Also I got an idea of bot net. NSA could sneak a small program to your computer that would analyse all the data in it and send any useful information to NSA. So no computing power would be needed for analysing the data and only the useful data would be sent to NSA's server so bandwidth would not be a problem either.

[YellowDragon]

You seem to know this stuff, so maybe you're right.

Also I got an idea of bot net. NSA could sneak a small program to your computer that would analyse all the data in it and send any useful information to NSA. So no computing power would be needed for analysing the data and only the useful data would be sent to NSA's server so bandwidth would not be a problem either.

Also very possible, not hard to do as they would just sneak it into a copy of windows or OSX and then hide the existence in the EULA, however we would have heard about any such thing long ago as there are people out there that read EULAs religiously or programmers that love to dissect windows, something would have to be found out long ago.