[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

[sambarr]

Just now, Shakaza said:

I know, and that's a shame, but it shouldn't be a reason to compulsively say "This is not a problem." That's a really immature and short-sighted way to look at things. We need to convince people that it's not AMD's fault that security flaws exist, not just tell them "This is fine" as the building burns down around us.

I never said it should not be fixed. It's a design flaw, let them fix it.

I'm saying it's the least of your problems.

[sambarr]

14 minutes ago, leadeater said:

What if you didn't click yes, what if it was the last person who used the computer. What if said computer is a work computer and the person using it is from HR or finance?

You're running as administrator in any environment where information is sensitive, and you shouldn't be allowed to. 

Get rid of your IT guy, reinforce security, do something.

 

If you can afford to be local admin at work, have very good backups. That won't solve everything though. On-site backups, off-site backups, cloud backups. All three, preferably.

[leadeater]

2 minutes ago, sambarr said:

You're running as administrator in any environment where information is sensitive, and you shouldn't be allowed to. 

No they are not, like never. Only admins have admins privileges.

 

And applications like they use don't run on their desktop so getting access to protected memory areas to get their password in to the finance or HR system would be very valuable.

 

Then there is also the issue of someone using a privilege escalation exploit on a system to install malware in to the PSP to then keylog who then comes back later to get that gathered information.

 

More to the world than home computers.

[Shakaza]

3 minutes ago, sambarr said:

I'm saying it's the least of your problems.

Perhaps so, perhaps not. If nothing is supposed to access it, doesn't that mean it would be one of the least-detectable type of attack? There are certainly other ways to make things relatively undetectable, but this strikes me as something one wouldn't expect or look for when troubleshooting a PC. I suppose a microcode update would probably fix it, but it would be horrifying and disheartening if, for example, my grandpa's financial info was stolen even after multiple virus scans turned up nothing and the issue occurred across multiple cards or something. Tho, to be fair, I don't think he would fall for a scammer or a phishing attack anymore.

[sambarr]

11 minutes ago, leadeater said:

Then there is also the issue of someone using a privilege escalation exploit on a system to install malware

And you could've ended that sentence right there and the outcome would've been practically the same. Add an exclusion to the AV while you're at it.

 

You've got the escalation, you don't need a fancy PSP flaw, you have everything you want at this point. You're administrator. You can install a virus, a rootkit, malware, a time bomb, you can directly take the data you want, right now. It doesn't matter at all.

[leadeater]

3 minutes ago, sambarr said:

And you could've ended that sentence right there and the outcome would've been practically the same. Add an exclusion to the AV while you're at it.

 

You've got the escalation, you don't need a fancy PSP flaw, you have everything you want at this point. You're administrator. You can install a virus, a rootkit, malware, a time bomb, you can simply steal data also. It doesn't matter at all.

You can't add AV exclusions, those are centrally controlled by the Endpoint Protection Management server. Later AV definition comes out and finds and removes your malware or it is detected based on activity.

 

I mean you have very little understanding of how enterprise networks are run by the sounds of it and how desktops are managed so I find it odd that you think there is nothing to be gained by such a vulnerability, there totally is.

 

Also just so you know if you encrypt your disk the key is stored in the PSP. You could boot the computer to a USB, break in to the PSP, decrypt the disk then boot a Windows administrator reset tool, remove the password, boot in to Windows then copy all the nice juicy important data.

 

I can list more ways this could be useful to an attacker if you want.

[sambarr]

8 minutes ago, leadeater said:

You can't add AV exclusions, those are centrally controlled by the Endpoint Protection Management server. Later AV definition comes out and finds and removes your malware or it is detected based on activity.

 

I mean you have very little understanding of how enterprise networks are run by the sounds of it and how desktops are managed so I find it odd that you think there is nothing to be gained by such a vulnerability, there totally is.

 

Also just so you know if you encrypt your disk the key is stored in the PSP. You could boot the computer to a USB, break in to the PSP, decrypt the disk then boot a Windows administrator reset tool, remove the password, boot in to Windows then copy all the nice juicy important data.

 

I can list more ways this could be useful to an attacker if you want.

Not everyone has it centrally controlled, and the service can be disabled locally if you even try. What are you trying to nitpick for? I've seen an  SMB with that exact setup.

Quote

I mean you have very little understanding of how enterprise networks are run

I mean I'm not going to try to convince you that you're already too late if you've got privilege escalation. 

Quote

Also just so you know if you encrypt your disk the key is stored in the PSP. You could boot the computer to a USB, break in to the PSP, decrypt the disk then boot a Windows administrator reset tool, remove the password, boot in to Windows then copy all the nice juicy important data.

Yes. And cold boot attacks exist, and good old social engineering. Who cares?

[leadeater]

1 minute ago, sambarr said:

Not everyone has it centrally controlled, and the service can disabled locally if you even try. What are you trying to nitpick for? I've seen SMBs with that exact setup.

I'm nit picking because you're actually saying you gain nothing extra by this which is not true. I'll cut this short since it's rather pointless, this type of access is much better than admin access to just the local OS on the system and none of the protected memory areas the OS cannot see regardless of user privilege in the OS, not without exploiting the PSP/IME.

 

You're entire argument hinges on "But it's too late if they have admin privileges". Admin in the OS doesn't get you everything now days, because security.

 

Do you want an exploit that can be detected and removed or one that can't and survives OS reinstalls, I'll take the second every time.

[sambarr]

5 minutes ago, leadeater said:

Do you want an exploit that can be detected and removed or one that can't and survives OS reinstalls, I'll take the second every time.

Those already existed before today happened, and they didn't need AMD's tiny market share to happen.

 

https://www.pcworld.com/article/3187264/security/uefi-flaws-can-be-exploited-to-install-highly-persistent-ransomware.html

https://9to5mac.com/2015/06/02/mac-vulnerability-bios/

 

Who uses AMD machines in businesses anyway? It's heavily dominated by Intel, isn't it? What use is it even going to be for hacker to hack non-existent RYZEN desktops in businesses?

[leadeater]

2 minutes ago, sambarr said:

Those already existed before today happened, and they didn't need AMD's tiny market share to happen.

What does that have to do with it? Three days ago it wasn't possible to do this on AMD Zen based systems but now it is, based on this information.

[leadeater]

@LAwLz You're turn. *tags out*

[sambarr]

17 minutes ago, leadeater said:

What does that have to do with it? Three days ago it wasn't possible to do this on AMD Zen based systems but now it is, based on this information.

Can you even BUY an optiplex with an AMD processor? 

 

3000 series... can't see any on their website.

5000 series... nope.

How bout' a Precision workstation? Nope! None on the canadian website anyway.

Precision mobile... nope.

A Lenovo thinkstation with an AMD chip? nope (canadian site)

P series thinkpad... no.

 

So that leaves the immense majority of users out of harm, right now, and for the foreseeable future.

 

tldr: You can't infect what doesn't exist in the business world, dominated by Intel.

[LAwLz]

Anandtech will post their 50 minute call with CTE tomorrow. It will be very interesting to hear what he asked and how they responded. 

[LAwLz]

A lot of the misinformation seems to stem from these four areas:

1) What the PSP is and what it does.

2) What these attacks does.

3) What it means to have "local admin privilege", and just how software works in general.

4) What Trail of Bits is, and how security research is conducted in general.

 

 

1)

A lot of people think that admin in Windows is the highest form of privilege you can get on a computer. This used to be more or less true but that is no longer the case.

PSP (Platform Security Processor from AMD), ME (Management Engine from Intel), TrustZone (from ARM), Secure Enclave Processor (SEP from Apple) and the other variants of these functions outside of the OS and handles very low level security functions. It's very complex stuff and I won't even pretend to understand 1/100 of the things I've read. It doesn't help that companies are very hush hush about how they work, and won't release the source code for them either (although I do believe ARM has released an open source reference implementation).

 

In any case, the basis of the different implementations are all more or less the same. There is a chip inside the processor which is called the trusted execution environment (TEE). This is a separate, completely functional computer, inside your computer. You can basically imagine it as a VM. It has its own processor and RAM.

 

The TEE acts as a hardware based root of trust. It is supposed to be the one thing inside the entire computer which can 100% be trusted, and because of this it has privileges to do essentially anything. Or to put it in other terms, it is a "super admin" which your regular computer sometimes contacts to verify things for it.

 

In the iPhone the SEP is what handles all the fingerprint analysis and verification. Neither iOS nor the regular processor knows how to process the fingerprint data to validate that it is correct. That is completely left up to the SEP to handle. iOS basically just sticks the fingerprint into a black box which then spits out an answer to whether or not the fingerprint was correct. Even if you compromise iOS in its entirety, with root access and everything, you still can't for example decrypt encrypted files because neither the OS nor the processor knows how to do that. That's why the FBI struggled to unlock that iPhone.

 

The same thing is happening on laptops and desktops these days. Some functions are deemed as needing extra security and are therefore handed to the TEE to handle. Things like Device guard, credential guard, some types of DRM, system management mode, IOMMU and many more.

 

 

2)

These attacks, although very vaguely described (vague on purpose according to the researchers) compromises the PSP, allowing an attack to have full control over it.

Since the PSP is the root of trust, it can do whatever it wants. It can manipulate any command you do. Steal passwords? Yep. Remain undetected from any type of anti-virus scan? Easy. Block any attempt to remove it? Absolutely possible. Remove any trace of it even existing? Yes.

 

Similar attacks has been carried out against the Intel ME, but that does not mean it is the same attack (completely different hardware and software platforms) nor does it mean we should brush these issues under the rug.

 

 

3)

"Local admin privilege" does not mean physical access. What it means is that the attack must be run, locally on the computer, with admin privileges. There is along list of ways to accomplish this. Everything from packing it with a program that legitimately needs admin privileges, tricking a user into running it as admin or finding a privilege escalation exploit just to name a few.

 

These things can be done remotely, because the computer doesn't care where the attacker is physically located. The code runs locally on the computer regardless.

There are only a handful of scenarios where you would ever need physical access to a computer in order to carry out an attack. Those are scenarios like the recent Cortana exploit, where someone discovered you could use a computer's microphone to have Cortana execute commands. You need physical access for that exploit because the microphone needs to be able to pick up your voice.

Another scenario would be physically modifying the computer or peripherals. Changing the keyboard to one with a built in keylogger for example, cutting a cable or plugging in an infected USB memory stick. Things like that.

 

For malware though? Everything you do with your keyboard and mouse can be done remotely. Your processor doesn't differentiate between you pressing a key on the keyboard, or a program sending the same keystroke to the processor. All it does is see an instruction, and executes it.

That is why it is wrong to say that this requires physical access. Because it is not needed. You need the ability to run a program with administrator privileges, but where that program originated from doesn't matter. Your processor don't care. If it gets asked what 1+1 is then it won't give a different answer depending on who is asking.

 

 

4)

Trail of Bits is a security firm. Yes, Dan Guido (founder of Trail of Bits) got paid to validate the findings but that is completely normal. Security experts don't work for free. What happened was that CTE found these issues and hired Trail of Bits as an independent third party to verify their claims. They were not paid to say their claims were true, they were paid to validate them.

This is how the industry works. The security audit for Truecrypt cost something along the lines of 80,000 dollars. The security firms who did the audit were not paid 80,000 dollars to say Truecrypt was safe, they were paid because they spend weeks analyzing and pen-testing code which is a very difficult job.

 

Also, the reason why they were able to "find these exploits so quickly" (the company is only a year old after all) was because issues with ASMedia chips were already fairly known. They were also not some nobodies with 0 knowledge that started from scratch. They most likely had worked with security research before and had a solid base of knowledge and ideas to build upon.

Research rarely start from scratch.

 

 

Anyway, there is a lot more to this than what talked about in this post, but hopefully it will give some better insight to what is going on for people for people interested.

Hopefully it also gives some insight to why the "anti-AMD" side (or whatever you want to call us) are saying the things we say.

[leadeater]

9 minutes ago, LAwLz said:

Also, the reason why they were able to "find these exploits so quickly" (the company is only a year old after all) was because issues with ASMedia chips were already fairly known. They were also not some nobodies with 0 knowledge that started from scratch. They most likely had worked with security research before and had a solid base of knowledge and ideas to build upon.

Research rarely start from scratch.

Also the people involved could have been working on this before the company was formed and when they were starting to make significant progress decided to form a security company of their own and publish their whitepaper through that as a way to kick start it.

 

Just a possibility, there's some questionable back story to this, but age of company != length of time investigating exploit.

[Thermosman]

http://www.zdnet.com/article/linus-torvalds-slams-cts-labs-over-amd-vulnerability-report/

checkmate m9s

[laminutederire]

25 minutes ago, LAwLz said:

Also, the reason why they were able to "find these exploits so quickly" (the company is only a year old after all) was because issues with ASMedia chips were already fairly known. They were also not some nobodies with 0 knowledge that started from scratch. They most likely had worked with security research before and had a solid base of knowledge and ideas to build upon.

Research rarely start from scratch.

 

 

Anyway, there is a lot more to this than what talked about in this post, but hopefully it will give some better insight to what is going on for people for people interested.

Hopefully it also gives some insight to why the "anti-AMD" side (or whatever you want to call us) are saying the things we say.

It may more probably because those are the least thought of part of security. In practice the main goal is and always should remain to prevent letting people in. That's what companies focus on and AMD has made a decent job on that front so far. What you can do when everything has broken is still important, but it remains less critical than something which could let anyone from the outside come in.

 

One thing that really bothers me is that it does not seem to be that huge of a deal, when you see that Linux is not mentioned anywhere: meaning that if absolutely nothing can be done on Linux, that's just a software issue, and it therefore can be mitigated, contrary to what the guys from CTS are claiming.

 

When you build around both ideas you see that those individuals no matter how right they were, should maybe end up in jail for the way they disclosed it. Because everything in the way it was disclosed points towards manipulation through unfair assumptions, exaggeration of impact or exaggeration of the impossibility to fix it, as well as downright conspiracy theories that they won't succeed in proving when they speak of backdoors (which are to be left purposely).

 

And that's the same exaggeration that were going on on those 23 pages from you in particular, that made the debate remain polarized for the most part. And if you were perceived as the anti amd side was basically that you were purposely painting a picture which was exaggerated against amd, just like the paper does. (And there was a caution to observe in such a situation to avoid chaos, which you refused to let some us have in the discussion by the way).

[leadeater]

1 hour ago, laminutederire said:

It may more probably because those are the least thought of part of security. In practice the main goal is and always should remain to prevent letting people in. That's what companies focus on and AMD has made a decent job on that front so far. What you can do when everything has broken is still important, but it remains less critical than something which could let anyone from the outside come in.

 

One thing that really bothers me is that it does not seem to be that huge of a deal, when you see that Linux is not mentioned anywhere: meaning that if absolutely nothing can be done on Linux, that's just a software issue, and it therefore can be mitigated, contrary to what the guys from CTS are claiming.

 

When you build around both ideas you see that those individuals no matter how right they were, should maybe end up in jail for the way they disclosed it. Because everything in the way it was disclosed points towards manipulation through unfair assumptions, exaggeration of impact or exaggeration of the impossibility to fix it, as well as downright conspiracy theories that they won't succeed in proving when they speak of backdoors (which are to be left purposely).

 

And that's the same exaggeration that were going on on those 23 pages from you in particular, that made the debate remain polarized for the most part. And if you were perceived as the anti amd side was basically that you were purposely painting a picture which was exaggerated against amd, just like the paper does. (And there was a caution to observe in such a situation to avoid chaos, which you refused to let some us have in the discussion by the way).

There is one area that is of concern IF these turn out to be real. The server aspect of it.

 

If you host VMs be it for a private company, a private cloud with internal clients, a public hosting company or a public cloud host like AWS then you are at high risk. Your hosting VMs for other people that could be internal or external, random people or giving access to software vendors to install products, all manner of things and they all will have administrative rights on those VMs. That means Joe Public client of yours with his VM could break in to the EPYC secure processor and gain read access to every other VM on the system even if the memory is encrypted and the virtual disks, they could then also load in malicious firmware and scrape out all manner of sensitive information from other clients/VMs.

 

However I believe the above is impossible from within a VM, you must be running your exploit attack from the bare metal OS and it from the sounds of it must be Windows. So just Hyper-V and if you're giving unauthorized people any kind of access at all to the hypervisor then you've got much bigger issues. EPYC also has extra VM encryption and isolation features that would make it even harder to do anything like this, so double impossible?

 

Getting access to the secure processor on EPYC is a really big deal, servers are shared systems and isolation is key for people to trust your hosting platform and pay you money.

 

Fortunately EPYC servers in production use is very rare, most people are still evaluating them and finding out what they are good at and the economics break down to make sure they are making the right purchases.

 

Don't let this detract from my outrage of these CTS [insert string of terrible words].

[LeonStrand]

I think this is a sign how desperate Intel are, they don’t want to change or take responsibility for their actions.

For years Intel has been the leading company when it comes to the quality and performance on their CPU´s and they know it, but they have been so greedy that they have given us “new” generations of CPU´s for years paying more and more for less performance/$. This is because they thought that since they were on top of this they could just enjoy the control on the market. AMD shows up with a new line, that are not as strong as Intel but close enough with about 90%-95% performance, to half the price of Intel CPU line.

Of course that makes loads of consumers to go “I think I will buy the Ryzen 5 or 7 series, I can afford a better GPU with more VRAM with that saved money”. This also goes for the companies like HP, Lenovo, Asus etc., These companies buy´s in bulk and if they can sell a laptop with almost the same performance as it had Intel CPU with lower production costs and same retail price they will do it, they also want to earn money.

The reason I think this is a really ugly scam done by Intel is simple, they are trying to scare the group of users that does not have that high knowledge as we have here on Linus tech tips forum. Most companies hire IT-Engineers and consultants that knows how to configure and setup servers and clients, but they don’t have knowledge on hardware as we (Yes I mean you and me and the others here). So when they hear that hardware with security issues they don’t look it up and look into what actually is said about the issue. They turn to their supplier of clients and servers and say “I can’t have that we need Intel CPU for security reasons”, and keep in mind most companies around the world buys their clients and servers from IBM, Hewlett Packard and many other companies like this that buys in bulk.

Now they are spending money on trying to save their market doing this kind of ugly stuff, instead of spending the money on actually create and develop better CPU to lower costs for consumers.

My English is not so great but I hope you understand what I want to have said.

[mr moose]

2 minutes ago, LeonStrand said:

I think this is a sign how desperate Intel are, they don’t want to change or take responsibility for their actions.

For years Intel has been the leading company when it comes to the quality and performance on their CPU´s and they know it, but they have been so greedy that they have given us “new” generations of CPU´s for years paying more and more for less performance/$. This is because they thought that since they were on top of this they could just enjoy the control on the market. AMD shows up with a new line, that are not as strong as Intel but close enough with about 90%-95% performance, to half the price of Intel CPU line.

Of course that makes loads of consumers to go “I think I will buy the Ryzen 5 or 7 series, I can afford a better GPU with more VRAM with that saved money”. This also goes for the companies like HP, Lenovo, Asus etc., These companies buy´s in bulk and if they can sell a laptop with almost the same performance as it had Intel CPU with lower production costs and same retail price they will do it, they also want to earn money.

The reason I think this is a really ugly scam done by Intel is simple, they are trying to scare the group of users that does not have that high knowledge as we have here on Linus tech tips forum. Most companies hire IT-Engineers and consultants that knows how to configure and setup servers and clients, but they don’t have knowledge on hardware as we (Yes I mean you and me and the others here). So when they hear that hardware with security issues they don’t look it up and look into what actually is said about the issue. They turn to their supplier of clients and servers and say “I can’t have that we need Intel CPU for security reasons”, and keep in mind most companies around the world buys their clients and servers from IBM, Hewlett Packard and many other companies like this that buys in bulk.

Now they are spending money on trying to save their market doing this kind of ugly stuff, instead of spending the money on actually create and develop better CPU to lower costs for consumers.

My English is not so great but I hope you understand what I want to have said.

 

No.  This has nothing to do with Intel.

[mr moose]

2 hours ago, laminutederire said:

 

One thing that really bothers me is that it does not seem to be that huge of a deal, when you see that Linux is not mentioned anywhere: meaning that if absolutely nothing can be done on Linux, that's just a software issue, and it therefore can be mitigated, contrary to what the guys from CTS are claiming.

 

Or they just haven't invested any time working on a Linux machine (remember 90% of the world uses windows for desktop and 30% for servers).  

[spartaman64]

so basically they are saying your system is vulnerable if someone gets your admin root password ... um no shit?

[LAwLz]

7 minutes ago, spartaman64 said:

so basically they are saying your system is vulnerable if someone gets your admin root password ... um no shit?

No, that is not what they are saying at all...

 

 

28 minutes ago, LeonStrand said:

The reason I think this is a really ugly scam done by Intel is simple, they are trying to scare the group of users that does not have that high knowledge as we have here on Linus tech tips forum. Most companies hire IT-Engineers and consultants that knows how to configure and setup servers and clients, but they don’t have knowledge on hardware as we (Yes I mean you and me and the others here). So when they hear that hardware with security issues they don’t look it up and look into what actually is said about the issue. They turn to their supplier of clients and servers and say “I can’t have that we need Intel CPU for security reasons”, and keep in mind most companies around the world buys their clients and servers from IBM, Hewlett Packard and many other companies like this that buys in bulk.

I don't know if I should laugh or cry at this entire paragraph. There are so many things wrong with it I don't know where to start.

[spartaman64]

2 minutes ago, LAwLz said:

No, that is not what they are saying at all...

 

 

I don't know if I should laugh or cry at this entire paragraph. There are so many things wrong with it I don't know where to start.

"But, Guido also admitted, "Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality.""

am i missing something lol

[laminutederire]

1 hour ago, leadeater said:

 

As it is it seems as if only Windows is the only OS where it works so every server running Linux would be okay, that's a good chunk of servers worldwide, then as you pointed out, if your main OS isn't Windows, does it still work? Because there is indeed an abstraction barrier with any hypervisor. So this use case is probably not attackable either. That leaves fewer cases in the server world ( in contrast to what those ... at CTS imply that Epyc is doomed for servers).

 

19 minutes ago, mr moose said:

Or they just haven't invested any time working on a Linux machine (remember 90% of the world uses windows for desktop and 30% for servers).  

I cannot find a statistic about the ratios of desktop vs server, but I'd assume you'd have at least 25 percent of computers in the world using Linux based systems, and in operational critical places it may be even more. That still leaves a consequent chunk of computers. Thats assuming their exploit is not specific to one version of Windows, in which case the market share of Windows vulnerable is divided by at least 2. I don't find the info of which version of Windows they made it work on.

Besides, if you want to accuse AMD to make bad products, you better check that the issue appears over all OS and that it is AMD Ryzen processor specific and not Ryzen+Windows specific, which is a veeeery different problem. That's what it bothers me. It's a due diligence they should have done to accuse AMD solely and say it's something wrong with their processor, when it could be Windows drivers being just bad for instance.