[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

[mr moose]

19 minutes ago, leadeater said:

There is no place for their conduct and I have no sympathy for the backlash they have gotten. What they have discovered does not excuse or justify their actions. If they are having problems with people questioning their credibility then they should learn from this and never do it again.

This is how I feel about all security reports,  Case by case and threat by threat.  These guys are not only working for their own best interests but they are also working for the interests of the entire industry and in the process they hold the fate of consumers in their hands.  How they carry themselves is just as important as the threats they find.

[sambarr]

30 minutes ago, leadeater said:

You also shouldn't be able to gain access in to the chipset of the system and be able to read or write to that chipset, this should also be locked down and require restricted access only to signed firmware updates for that chipset.

You can flash a BIOS or a graphics card from windows. 

You can flash Management Engine from windows (really? since basically forever). 

You can do CPU microcode modifications through windows update (wow).

 

"You shouldn't be able to write to chipset"... ok. Good luck with that. I don't care if it's by design or not, what difference does it make? I can already fuck everything up with Admin rights, right now. It's just an extra door open at this point. 

[Razor01]

2 minutes ago, VegetableStu said:

what are the chances that they're complete n00bs in terms of disclosure ethics (i.e. completely unaware of the right avenues/proceedures, etc) and just went ahead with what they thought was the way to go about? o_o

Highly unlikely, because such accusations they would have looked into legal protection prior to release.  Now if their attorney is a noob, sux to be them lol.

 

Tin foil hat on, I think they went to AMD, AMD pretty much said yeah so, we aren't paying you till we verify this and its not going to happen any time soon. 

 

They wanted money fast lol, and so ok, here ya go we will release it and force AMD's hand to pay us.

[sambarr]

1 minute ago, VegetableStu said:

second question would be that if Windows has an avenue to interrupt processes that writes to BIOS with sketched out code?

I don't know how it's handled, but if vendors can do it, I can do it. Reverse engineer their code, get the keys, etc etc.

[mr moose]

3 minutes ago, VegetableStu said:

what are the chances that they're complete n00bs in terms of disclosure ethics (i.e. completely unaware of the right avenues/proceedures, etc) and just went ahead with what they thought was the way to go about? o_o

Law of averages says this has to happen at sometime. 

 

1 minute ago, Razor01 said:

Highly unlikely, because such accusations they would have looked into legal protection prior to release.  Now if their attorney is a noob, sux to be them lol.

I would imagine that so long as there claims are legit (validated by any independent), then regardless of how bad they ballsed up the report, so long as they didn't lie and kept any slanderous remarks to personal opinion then there would be little legal recourse.

[Razor01]

2 minutes ago, mr moose said:

I would imagine that so long as there claims are legit (validated by any independent), then regardless of how bad they ballsed up the report, so long as they didn't lie and kept any slanderous remarks to personal opinion then there would be little legal recourse.

True, that is why we need to separate the lack of foresight and marketing spiel from the vulnerabilities.

[Shakaza]

19 minutes ago, leadeater said:

There is no place for their conduct and I have no sympathy for the backlash they have gotten. What they have discovered does not excuse or justify their actions. If they are having problems with people questioning their credibility then they should learn from this and never do it again.

Ah, I see. Thank you very much for this information. And this bit I quoted? I agree 100% (wish I could mark your post as both informative and something I agree with, but I hope that intention shines through in my response). I feel that, in my original post on this, I didn't do enough to express just how deplorable I think the actions of the company are (it was mostly to keep it from getting too long, and my rants get, well...ranty). Security is very, very, VERY important. Did I mention it's important? I can't say for sure what reason they had to release the information early, but unless they provide a VERY reasonable explanation, I can only assume they did it for personal gain, and that's not okay. I mean, imagine if this was Spectre and Meltdown. They would be throwing millions of (if not HUNDREDS of millions if it wasn't patched in time) under the bus for, what, a few (relatively speaking) bucks? They deserve EVERY bit of backlash they receive over this.

 

Still, I only hope that people will still recognize these flaws as real despite the fact that the company is horrendously shady. Misinformation can only hurt us in situations like this one, and I think keeping an open mind (to an extent. Let's be REASONABLE, folks) is critical.

 

In conclusion, fuck you, CTS. I hope you and the industry at large learn from this and we all strive for professional practices for future issues.

[sambarr]

1. Tell every hacker on earth about the existence of terrible flaws, without giving AMD any time to react. 

 

2. Publish a whitepaper that will give hints on how those POC exploits might work. 

 

3. Rub hands and wait.  If you can't wait, leak some code on github.

 

Although... working on meltdown exploits is probably a better idea. 

Spoiler

 

[leadeater]

59 minutes ago, sambarr said:

You can flash a BIOS or a graphics card from windows. 

You can flash Management Engine from windows (really? since basically forever). 

You can do CPU microcode modifications through windows update (wow).

 

"You shouldn't be able to write to chipset"... ok. Good luck with that. I don't care if it's by design or not, what difference does it make? I can already fuck everything up with Admin rights, right now. It's just an extra door open at this point. 

You can bios flash with valid firmware yes, of course you can that is not the issue. What you're not understanding is it's not the bios that's the target of the attack it's the PSP in the CPU and you should not be able to load unsigned and verified firmware on to it ever, no way no how. Only AMD should be able to release bios updates that can do that, no one else.

 

I can write malicious bios firmware and load it on any system that doesn't verify a digital signature to check who created it, that doesn't mean you can load malicious firmware on to a secure processor in the CPU like AMD PSP or Intel IME. Both of these as standard require signed firmware, it will not normally let you load on just anything. Approved partners such as Dell have been offering Intel IME firmware pre-loaded that disables most of it's functionality but this was done with approval by Intel and previously was only an option for government entities not general businesses.

 

Just like you can't load any old microcode on to an Intel CPU either. All your link is showing is that Microsoft is bundling in an Intel CPU microcode update in to the Windows update, not the first time this has been done. This doesn't allow you to load on CPU microcode you have modified, not at all.

 

Put it this way, someone unknown to you that is not your bank has silent access to your bank accounts and personal information. Any money they take cannot be traced or refunded, you'll never know what they are doing and the only observable thing is your balance going down for no reason if they choose to do this. They could just watch you forever and do identify theft or what ever.

 

Above is not the same as someone having login access to your internet banking, it is not the same as having administrative access to a computer OS.

 

Linking me to valid legitimate ways to update firmware means absolutely nothing, notice the valid and legitimate part i.e. they contain no malicious code. Stop acting like legitimate access and malicious access is the same thing, they are not.

[sambarr]

Quote

Just like you can't load any old microcode on to an Intel CPU either. All your link is showing is that Microsoft is bundling in an Intel CPU microcode update in to the Windows update, not the first time this has been done. This doesn't allow you to load on CPU microcode you have modified, not at all.

 

https://hackaday.com/2017/12/28/34c3-hacking-into-a-cpus-microcode/

Quote

They still didn’t know anything about the microcode, but they knew how to run it.

So they started uploading random microcode to see what it did. This random microcode crashed almost every time. The rest of the time, there was no difference between the input and output states. But then, after a week of running, a breakthrough: the microcode XOR’ed. From this, they found out the syntax of the command and began to discover more commands through trial and error. (...) The result was 29 microcode operations including logic, arithmetic, load, and store commands — enough to start writing microcode code. (...) So take this as a proof of concept that nearly completely undetectable trojans could exist in the microcode that runs between the compiled code and the CPU on your machine. 

 

They started uploading random microcode to see what it did.

 

If Microsoft can change microcode, other people can change microcode. That's why bios mods exist, and POC rootkits in graphics cards, hard drives, etc.

 

The existence of a legitimate way means that there's ALREADY a way. You don't necessarily have to create a different way to access the same data. Why would you? If keys are a problem, once they are released, there's nothing holding anyone back from reading/writing to their hearts' content.

 

If understanding is a problem (security through obfuscation), you end up like those guys, uploading random microcode, until you learn how it works. Then you do it the way Intel does it, or Microsoft does it. 

 

Before you point out that it's an old AMD cpu they're talking about, yes. 

 

https://media.ccc.de/v/34c3-9058-everything_you_want_to_know_about_x86_microcode_but_might_have_been_afraid_to_ask

 

 

[leadeater]

20 minutes ago, sambarr said:

 

https://hackaday.com/2017/12/28/34c3-hacking-into-a-cpus-microcode/

 

If Microsoft can change microcode, other people can change microcode. That's why bios mods exist, and POC rootkits in graphics cards, hard drives, etc.

 

The existence of a legitimate way means that there's ALREADY a way. You don't necessarily have to create a different way to access the same data. Why would you? If keys are a problem, once they are released, there's nothing holding anyone back from reading/writing to their hearts' content.

It's possible to exploit anything, what's your point? Don't make anything more secure if you can because what's the point anyway?

 

Microsoft is not changing the Microcode it's Intel, it's an Intel update delivered within the Microsoft Update. You can get the update from Intel directly if you want, it's the exact same microcode update.

 

Can you please send me your house keys, your banking password and all official identification documents? What's the harm, they exist and there are already ways to access them. Save me the hassle because apparently I'll be able to get all of these if I want to anyway.

 

Either way you don't care about this issue or don't understand it.

 

It's not like I'm worried about my home computer getting hit by this either (if I even had an AMD system) but this isn't a me or you issue. You can not care and hold the opinion that there is near zero risk of it effecting you but that's strictly a you point of view. I wouldn't be worried either if my computer was a Ryzen system but I'm not going to say this is a nothing issue, that's about as true and saying fire isn't hot.

[sambarr]

14 minutes ago, leadeater said:

It's possible to exploit anything, what's your point? Don't make anything more secure if you can because what's the point anyway? (...) Stop acting like legitimate access and malicious access is the same thing, they are not.

My point is, accessing data means utilizing what's ideally already there as a means of communication.

 

The malicious/legitimate doesn't mean anything at all. If there is an infrastructure in place, everyone can use it (once they figure out how it works, since they weren't the ones who built it).

 

My posting of different ways hardware/firmware can be updated from windows means that anyone can use the infrastructure, simply because it exists (and I'm the administrator).

 

If CPU microcode was something that could not be updated by Msft/Intel, then that would mean it probably can't be compromised. Because it's possible, it means it certainly can be compromised. Therefore, if it can be done in windows as admin, heck, it's not very safe.

 

That applies to a lots of things you can update nowadays, and ultimately it means that we're very vulnerable when getting "admin" is all it takes.

[Shakaza]

2 minutes ago, sambarr said:

My posting of different ways hardware/firmware can be updated from windows means that there's a chance anyone can use the infrastructure, simply because it exists.

And if another way to do so comes to light, we'll address it. But right now, we are dealing with a specific issue, if I'm reading this right. A so-called general issue or exploit may still be carried out, but that doesn't mean we shouldn't get rid of this one as well if it gives malicious actors an efficient way to gain access to computers.

[leadeater]

14 minutes ago, sambarr said:

My posting of different ways hardware/firmware can be updated from windows means that anyone can use the infrastructure, simply because it exists (and I'm the administrator).

You are not the administrator of the PSP or the chipset, you never were. You're locked out of these and you don't have access. There are very limited tools that you can use to update certain aspects of these but you can neither create them or modify them.

 

These are exploits so you can gain administrative access to them, the same as an exploit giving you administrative access to the OS.

 

You are the administrator of your OS, not the hardware and firmware that it runs on. That hasn't been a thing for a very long time.

 

You are the user of the firmware and you are exploiting a privilege escalation vulnerability to gain higher privileges to the firmware.

[sambarr]

17 minutes ago, Shakaza said:

And if another way to do so comes to light, we'll address it. But right now, we are dealing with a specific issue, if I'm reading this right. A so-called general issue or exploit may still be carried out, but that doesn't mean we shouldn't get rid of this one as well if it gives malicious actors an efficient way to gain access to computers.

I'm not concerned about being able to write to chipset as admin when you can write to basically ANYTHING as admin.

 

It's a rights management problem. With these AMD vulnerabilities, if you don't have the credentials to back it up, you can't do anything at all. Nothing.

 

It's an issue for AMD because it wasn't DESIGNED to be accessible like that, so it makes them look bad. But it's not a security risk for anyone, because you need elevated privileges. If anyone unauthorized has elevated rights, you're fucked anyway.

[Arika]

for those of you who got this far

 

TL;DR

Complicated things can have exploits and flaws

[leadeater]

8 minutes ago, Sierra Fox said:

TL;DR

Complicated things can have exploits and flaws

I think we're 5 levels deep in TL;DR by now lol.

[Arika]

Just now, leadeater said:

I think we're 5 levels deep in TL;DR by now lol.

TL;DR

Complicated things are Complicated 

 

thats about sums it up

[Shakaza]

3 minutes ago, sambarr said:

I'm not concerned about being able to write to chipset as admin when you can write to basically ANYTHING as admin.

 

It's a rights management problem. With these AMD vulnerabilities, if you don't have the credentials to back it up, you can't do anything at all. Nothing.

 

It's an issue for AMD because it wasn't DESIGNED to be accessible like that, so it makes them look bad. But it's not a security risk for anyone, because you need elevated privileges.

@leadeater Can you explain this a bit more? I believe you and @LAwLz were talking about a privilege level that was technically higher than admin that you're normally not supposed to access, but which these exploits allow in a way that is specific to AMD processors, which is why this can and should be addressed for AMD processors in particular to remove a potential attack vector. Am I understanding this correctly, and if not, can you and @sambarr explain a bit more?

 

But in order to access that ultimate privilege level, you must first have admin privileges in the first place, right? If that is indeed the case, it's not super terrible, but I can still see some problems. Ya'll are familiar with tech support scams, right? The hapless, less-tech savvy folk will basically agree to anything, and once a scammer hass access to the victim's computer, they could perform the exploit without anyone complaining. Now, I'm not sure what they could do with that super amazing ultimate power level over 9000 privilege level that they couldn't do with plain ol' admin privileges, but it's a thought, and people more creative than me might think of something.

[Shakaza]

4 minutes ago, Sierra Fox said:

TL;DR

Complicated things are Complicated 

 

thats about sums it up

Yup. My head is reeling at this point. It's also 2 A.M. RIP my brain.

[leadeater]

2 minutes ago, Shakaza said:

@leadeater Can you explain this a bit more? I believe you and @LAwLz were talking about a privilege level that was technically higher than admin that you're normally not supposed to access, but which these exploits allow in a way that is specific to AMD processors, which is why this can and should be addressed for AMD processors in particular to remove a potential attack vector. Am I understanding this correctly, and if not, can you and @sambarr explain a bit more?

In processors now days there is a dedicated security processor running it's own OS. This has special control over the hardware and controls things like secure boot to holding encryption keys in an inaccessible place so you can't see or try to brute force them.

 

Quote

The AMD Platform Security Processor (PSP), officially known as AMD Secure Technology, is a trusted execution environment subsystem incorporated since about 2013 into AMD microprocessors similar to the Intel Management Engine for Intel processors.[1] According to an AMD developer's guide, the subsystem is "responsible for creating, monitoring and maintaining the security environment" and "its functions include managing the boot process, initializing various security related mechanisms, and monitoring the system for any suspicious activity or events and implementing an appropriate response."[2] Critics worry it can be used as a backdoor and is a security concern.[3][4][5] AMD has denied requests to open source the code that runs on the PSP.[6]

https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor

https://www.amd.com/en/technologies/security

 

Quote

TrustZone (for Cortex-A profile)
The Security Extensions, marketed as TrustZone Technology, is in ARMv6KZ and later application profile architectures. It provides a low-cost alternative to adding another dedicated security core to an SoC, by providing two virtual processors backed by hardware based access control. This lets the application core switch between two states, referred to as worlds (to reduce confusion with other names for capability domains), in order to prevent information from leaking from the more trusted world to the less trusted world. This world switch is generally orthogonal to all other capabilities of the processor, thus each world can operate independently of the other while using the same core. Memory and peripherals are then made aware of the operating world of the core and may use this to provide access control to secrets and code on the device.[91]

 

Typically, a rich operating system is run in the less trusted world, with smaller security-specialized code in the more trusted world, aiming to reduce the attack surface. Typical applications include DRM functionality for controlling the use of media on ARM-based devices,[92] and preventing any unapproved use of the device.

 

One option for the more trusted world is TrustZone Software, a TrustZone optimized version of the Trusted Foundations Software developed by Trusted Logic Mobility. Trusted Foundations Software was acquired by Gemalto. Giesecke & Devrient developed a rival implementation named Mobicore. In April 2012 ARM, Gemalto and Giesecke & Devrient combined their TrustZone portfolios into a joint venture Trustonic.[93][94]

 

In practice, since the specific implementation details of proprietary TrustZone implementations have not been publicly disclosed for review, it is unclear what level of assurance is provided for a given threat model, but they are not immune from attack.[95][96]

 

Open Virtualization[97] and T6[98] are open source implementations of the trusted world architecture for TrustZone.

 

AMD has licensed and incorporated TrustZone technology into its Secure Processor Technology.[99] Enabled in some but not all products, AMD's APUs include a Cortex-A5 processor for handling secure processing.[100][101][102] In fact, the Cortex-A5 TrustZone core had been included in earlier AMD products, but was not enabled due to time constraints.[101]

 

Samsung Knox uses TrustZone for purposes such as detecting modifications to the kernel.[103]

https://en.wikipedia.org/wiki/ARM_architecture#TrustZone_(for_Cortex-A_profile)

 

There is an obvious issue with having this hidden OS always running unseen and unheard, what if someone manages to make it do bad things?

[sambarr]

By the time these vulns come into play, it's already game over. 

 

"[hacker] / [amd] / [grandmother] shouldn't be able to read/write from the chipset"

 

[hacker's] executing code with elevated privileges, what are you complaining about? You clicked YES!!

 

AMD's reputation is going to take most of the damage, not end users or businesses. It's just bad PR at this point. This shouldn't prevent anyone from going out and buy AMD hardware, but it will.

[Shakaza]

3 minutes ago, leadeater said:

-coolsnippity-

Right...so, I really don't see a reason not to patch this. From what I can tell, the other guy's argument is that because there are other ways to exploit this PSP that may not be specific to AMD processors, it would be unnecessary to patch an exploit that only works on specific processors in a very specific scenario, and that having admin privileges would allow an attacker to do most of what they want with a computer, so it would be unnecessary to use the exploit in that case anyway. I can mostly see that, but there are a lot of creative people out there, so there's probably a way to abuse it that would make it more viable than other tactics, so I would prefer AMD to patch it anyway.

[leadeater]

3 minutes ago, sambarr said:

[hacker's] executing code with elevated privileges, what are you complaining about? You clicked YES!!

What if you didn't click yes, what if it was the last person who used the computer. What if said computer is a work computer and the person using it is from HR or finance?

[Shakaza]

1 minute ago, sambarr said:

AMD's reputation is going to take most of the damage, not end users or businesses. It's just bad PR at this point. This shouldn't prevent anyone from going out and buy AMD hardware, but it will.

I know, and that's a shame, but it shouldn't be a reason to compulsively say "This is not a problem." That's a really immature and short-sighted way to look at things. We need to convince people that it's not AMD's fault that security flaws exist, not just tell them "This is fine" as the building burns down around us.