[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

[XenosTech]

6 hours ago, mynameisjuan said:

Look, if you have experience with large companies then you will actually see how much admin access matters in terms of security and even IT management. Reimaging and transferring data is a waste of time for IT and actual downtime for user affected. From experience, its night and day. I dont know how large the company you work for is but you need more data to see it. While I dont do security, my last job as a director I got to work a lot with security admins that were required to pen test frequently, I learned a lot from them and could see hands on how much admin rights can mitigate. 

Guess it's a difference to where we live... Here networks are locked down tighter than prisons (permissions wise) except for where I'm doing an internship now, these guys are a bit loose and don't really care since their data really isn't that huge of a deal if lost.

[Razor01]

8 minutes ago, leadeater said:

https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs

 

So why did they specifically target AMD in the report? They state they were originally investigating ASMedia yet their report does not reflect that, should they not report on the flaws found in the ASMedia chipsets then correlate that through to the AMD chipsets and show that in their findings. Their effected products list for Chimera don't mention any ASMedia chipsets at all but they are effected and they even said this during the call.

 

So I'm not the only person who noticed that oddity....

 

Not kidding, CPUs are not FPGAs but you can update microcode on those so why couldn't you on the chipset.

 

 

CTS needs to get better lawyers to properly advise them on what they can actually do, or not do.

hmm my comment about noob attorneys lol

[ravenshrike]

1 hour ago, WMGroomAK said:

Just wanted to post that Ian Cutress with Anandtech published the transcript and interpretations of their call with CTS and it makes for an interesting read...

 

https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs

 

 

6 minutes ago, leadeater said:

So why did they specifically target AMD in the report?

Because they're lying through their fucking teeth as to why they released early. The idea that a security researcher on Zilberman's level wouldn't be quite knowledgeable about something like SPECTRE/MELTDOWN and how reproducible it was after all the info on it floating around in those circles is pretty goddamn farcical. Yet he throws up his hands and goes "Well, it depends" and we're supposed to place any significant amount of trust in him? Really?

[Arika]

1 hour ago, ravenshrike said:

While there is no direct evidence that this has to do with Intel the fishy thing is that CTS was created 2-3 weeks after Intel was informed of MELTDOWN and it is very, very clearly a hatchet job against AMD given the name of the website and the 24hr notice.

..................That's grasping at straws. .....

 

[ravenshrike]

1 hour ago, Sierra Fox said:

..................That's grasping at straws. .....

Oh it's not likely, but to say there's no evidence is simply untrue. I mean, we already know they're lying in at the very least least one respect. Moreover their disclaimer basically says they could be lying about any piece of information they put out and that they "may or may not have" a financial interest in its effect. It is thus not a huge stretch to surmise they are also lying about the origin of their company. Without further evidence it's not worth harping about of course, but it's a convenient alignment of dates.

[Arika]

3 minutes ago, ravenshrike said:

Oh it's not likely, but to say there's no evidence is simply untrue. I mean, we already know they're lying in at the very least least one respect. Moreover their disclaimer basically says they could be lying about any piece of information they put out and that they "may or may not have" a financial interest in its effect. It is thus not a huge stretch to surmise they are also lying about the origin of their company. Without further evidence it's not worth harping about of course, but it's a convenient alignment of dates.

what is your evidence that Intel has a stake in this?

 

infact, im going to say that you're part of CTS-labs for the simple fact that you registered on this forum on June 8 2017 and the cts-labs.com website was registered as a domain name on 25 june 2017, 2-3 weeks later..... it's not likely, but to say there's no evidence is simply untrue

[ravenshrike]

7 minutes ago, Sierra Fox said:

what is your evidence that Intel has a stake in this?

 

infact, im going to say that you're part of CTS-labs for the simple fact that you registered on this forum on June 8 2017 and the cts-labs.com website was registered as a domain name on 25 june 2017, 2-3 weeks later..... it's not likely, but to say there's no evidence is simply untrue

And my stake in CTS Labs would be what exactly? What actions would CTS Labs take that would be different if they were set up by Intel than the actions that they have done?

[Arika]

10 minutes ago, ravenshrike said:

And my stake in CTS Labs would be what exactly? What actions would CTS Labs take that would be different if they were set up by Intel than the actions that they have done?

wow, you do actually believe it huh?

 

I would then make the claim that CTS-labs is actually funded by AMD and that they intentionally created a sketchy looking report so that people think Intel had a hand in it which would then cause backlash against intel and everyone would rush to defend AMD instead because they are innocent in all this, intel are the bad guys. and they planted people like you in forums to persuade people that Intel is behind it. the momentary dip in stock prices for AMD caused by this scandal would be nothing compared to what Intel would face if people believed it was their doing

 

EDIT: See, making up claims is fun with very little and vague information

[Drak3]

9 minutes ago, Sierra Fox said:

I would then make the claim that CTS-labs is actually funded by AMD and that they intentionally created a sketchy looking report so that people think Intel had a hand in it which would then cause backlash against intel and everyone would rush to defend AMD instead because they are innocent in all this, intel are the bad guys. and they planted people like you in forums to persuade people that Intel is behind it. the momentary dip in stock prices for AMD caused by this scandal would be nothing compared to what Intel would face if people believed it was their doing

Plot twist!

 

It was @ARikozuM the whole time!

[ARikozuM]

Just now, Drak3 said:

Plot twist!

 

It was @ARikozuM the whole time!

Don't give confidential information away. I may be doing this for the greater good, but I tell you whose "greater good" it is for. I can give you a hint: Don Inten.

 

They will make the world's greatest mobile and home computing device ever. It'll have VR, motion controls, a game pad with touchscreen for added functionality while the game is played on the TV, and it can leave the house while maintaining all functionality and efficiency. 

[ravenshrike]

30 minutes ago, Sierra Fox said:

wow, you do actually believe it huh?

No, I think it's a genuine possibility, precisely because of the evidence available. Their disclaimer states that anything in their report could be false and is not presented as fact. Yet Bits Tech has said it the exploits seem to be on the up and up. Thus, one has to question the presence of the disclaimer itself. Effectively, anything they state that cannot be verified through sources other than CTS Labs must be treated as false.

[Arika]

19 minutes ago, ravenshrike said:

No, I think it's a genuine possibility, precisely because of the evidence available. Their disclaimer states that anything in their report could be false and is not presented as fact. 

They don't state that they are in cahoots with AMD to bring down Intel, so does that mean they could be? You're focusing too hard on a vague statement to mean that this was all a ploy by Intel to bring down AMD. I'm saying it's the other way around. Therefore we're both not wrong.

 

[mr moose]

16 hours ago, laminutederire said:

As it is it seems as if only Windows is the only OS where it works so every server running Linux would be okay, that's a good chunk of servers worldwide, then as you pointed out, if your main OS isn't Windows, does it still work? Because there is indeed an abstraction barrier with any hypervisor. So this use case is probably not attackable either. That leaves fewer cases in the server world ( in contrast to what those ... at CTS imply that Epyc is doomed for servers).

 

I cannot find a statistic about the ratios of desktop vs server, but I'd assume you'd have at least 25 percent of computers in the world using Linux based systems, and in operational critical places it may be even more. That still leaves a consequent chunk of computers. Thats assuming their exploit is not specific to one version of Windows, in which case the market share of Windows vulnerable is divided by at least 2. I don't find the info of which version of Windows they made it work on.

Besides, if you want to accuse AMD to make bad products, you better check that the issue appears over all OS and that it is AMD Ryzen processor specific and not Ryzen+Windows specific, which is a veeeery different problem. That's what it bothers me. It's a due diligence they should have done to accuse AMD solely and say it's something wrong with their processor, when it could be Windows drivers being just bad for instance.

Why do you think I want to accuse AMD of making bad products?  To me that's just a silly accusation.  Maybe this mob will explain why they haven't worried about Linux yet.  But I am not going to make up reason, just offer suggestions as to why. 

 

 

13 hours ago, yian88 said:

CTS= intel damage control proxy unit?

AMD is fine intel is not.

No, there is no AMD  bias on these forums at all.   

 

7 hours ago, ravenshrike said:

While there is no direct evidence that this has to do with Intel the fishy thing is that CTS was created 2-3 weeks after Intel was informed of MELTDOWN and it is very, very clearly a hatchet job against AMD given the name of the website and the 24hr notice.

 

That being said, the 24 hour notice could easily very well be that CTS knows that patches to make the exploits in question exponentially more difficult or even impossible are relatively easy to create. After all, their disclaimer was explicitly that the entire hatchet job was their opinion which means they could be lying through their teeth about the difficulty of any fixes in order to maximize their short term financial position.

 

It's not just that there is no "direct" evidence, it's that there is NO evidence that this has to do with Intel. 

That is the most illogical and ill conceived reasoning to assume anything.

 

 

 

To all the guys trying to maintain some sort of rational position on security, forget it.  It is apparent half of LTT seriously don't think there is a threat because their beloved AMD could not possibly release a chip with an issue.

 

[laminutederire]

7 hours ago, Razor01 said:

 

 

And that has nothing to do with their findings though.  Just like Cauchy, his findings were still valid lol.

That doesn't mean they ahould remain arrogant pricks without any punishment

[Deus Voltage]

Much of the love for AMD stems not just from the fact that they're the underdog, but also from something that should be quite apparent (at least in the CPU department).

 

Pushing the boundaries despite having limited financial edge. 

 

Perhaps it's just me, but when I think of AMD, I always think of Tesla, SpaceX, and many more companies that really pushed technology to its very limits despite having limited resources in a highly cut throat market with an uncompromising and aggressive competition. I, at the risk of seeming very silly, can respect it. 

 

Should AMD be criticized if they indeed deserve it? Heck yea they do, flowers and rainbows won't make them a better company, in fact it'll make them lazy and no different from the rest of the monopolies. 

 

 

 

 

[LAwLz]

8 hours ago, laminutederire said:

Not it shouldn't I can only agree with that, but should it be only modifiable through Windows, that'd mean only the software of Windows is allowed to do it, which points to an oversight on the Windows implementation, which is bad but not as bad as it would necessitate a recall.

I disagree. I can see your trail of logic when you say it is a Windows vulnerability, but I don't think it is correct.

By the same logic, would you say cracking WEP with aircrack-ng is not a vulenrability in WEP, but rather a vulnerability in aircrack-ng? After all, it is the way aircrack-ng behaves that allows it to attack WEP.

I would say the vulnerability is in WEP because that is the target. aircrack-ng is just the software used to break the way WEP was designed to work (designed to protect the network and user data).

 

Likewise, the PSP was (hopefully) not designed to let the "host" OS execute arbitrary code on it.

 

8 hours ago, laminutederire said:

The issue with the PSP here would be that it is too trusting of what you could give to it, but then again, it is supposed to trust the OS at some point, and it is a valid assumption for AMD to allow as long as they make sure that the trusted part of the OS can be indeed trusted and not modified by malicious codes.

Does it really need to trust the OS though, or is that an assumption you're making?

I don't have the knowledge necessary to say it does or doesn't. What I can say however, is that for some functions there is no reason why it would have to trust the OS. The Apple fingerprint verification is an example of that. It might have other functions where it needs to trust the OS, but I am not aware of any such function right now.

 

8 hours ago, laminutederire said:

It's like when you want to design cryptographic protocols, at some point you'll have to make the assumption that the protocols are executed correctly, and the idea is not to isolate nodes of the network but rather to ensure that you can notice when there is an attack on the protocol.

If your cryptographic protocol allows less privileges users to gain unauthorized access to higher privileges then your protocol is poorly designed. I really don't get your argument here.

Besides, a lot of techniques such as HMAC has been invited for the purpose of NOT having to make decisions in good-faith.

To me, your post makes about as much sense as saying "well Windows has to assume you are admin at some point, so not verifying if you really are isn't a design issue". Or maybe I am misinterpreting your post.

 

 

8 hours ago, laminutederire said:

I'm fairly convinced Ryzen has no issue with rejecting things from actors that it are not supposed to send it things, but rather that the software allowed to talk to it is being externally controlled in their attack, which can be mitigated without touching the psp ( and making the flaws more OS dependant). I don't know if I'm being very clear thoigh

I understand what you mean, but to me it seems like very poor design (keep in mind that my knowledge about the PSP is extreme limited) to let the host OS modify the PSP if it's intentional.

[LAwLz]

7 hours ago, Trixanity said:

Despite being supposed experts with 16 years of experience, they seem to know very little. It seems to be all PR. I think someone handed them a smoking gun. 

 

I just can't wrap my head around the idea of people so confused and ignorant being able to find 13 vulnerabilities just like that.

 

So yeah, I don't think these guys did the work. They're a proxy to cover up the trail.

Being good at analyzing protocols and hardware does not necessarily mean you are good at writing reports and disclosures though. They usually go hand in hand, but you shouldn't judge a fish by its ability to climb a tree.

 

6 hours ago, ravenshrike said:

Well, if 16 people work at the company and it was started a year ago...

 

 

Addendum - Well, it was started 9 months ago. So maybe 20 people work at the company.

Or you know... They count experience from before the company they currently work for.

If I work at Intel as a CPU architect for 30 years, and then move over to AMD, that 30 years at Intel still counts towards my "amount of experience". It doesn't get reset to 0 years of experience.

 

 

9 hours ago, Trixanity said:

If a lot of these vulnerabilities are inherent to the PSP, isn't it then an ARM issue? The PSP is an ARM processor employing ARM's TrustZone technology. We don't know if AMD has modified it or if the issue stems from how it's implemented. Depending on the issue, it could be problematic for other chip designers using TrustZone as well. If so, all of these vulnerabilities would actually stem from AMD outsourcing chip designs to third parties. Not that it makes AMD exempt from blame as they did vouch for it to begin with. But that would be a funny scenario and perhaps a lesson learned.

It could be a TrustZone issue, but as ARM said to Ian when he contacted them, their customers makes so many modifications to their reference designs that ARM usually don't have any idea how different implementations of TrustZone work.

 

 

Edit: Going to read the Anandtech - CTS call now.

I think Ian put it pretty well when he said there are two stories here.

One are the exploits themselves, and the other one is all the things surrounding viceroy, how it was disclosed and so on.

To me it seems like a lot of people are trying to use facts from "story 2" to discredit "story 1", which I don't think you can do (and it seems like the community of security experts agree).

[David89]

Quote

IC: As some of these attacks go through TrustZone, an Arm Cortex A5, and the ASMedia chipsets, can you speak about other products with these features can also be affected?

ILO: ...The client works on AMD Ryzen machines but it also works on any machine that has these ASMedia chipsets and so quite a few motherboards and other PCs are affected by these vulnerabilities as well. If you search online for motherboard drivers, such as the ASUS website, and download ASMedia drivers for your motherboard, then those motherboards are likely vulnerable to the same issues as you would find on the AMD chipset. We have verified this on at least six vendor motherboards, mostly the Taiwanese manufacturers. So yeah, those products are affected.

Quote

IC: ...How do you marry the fact that you are requesting mitigations and not providing any detail for anyone to replicate the issues? ...

YLZ: I would add that we can’t assume that we are the only people who have been looking into those processors and found problems there. So what we are saying is that in addition to ourselves, if anyone has mitigations against them, we are happy to share them with the company and to receive it from individuals.

IC: Even though that not producing the details actively limits who can research the vulnerabilities?

YLZ: Yes.

Man. Those guys are absolutely laughable.

 

Hey, maybe i should search for some random fourth stage attacks, that haven't been fixed for years. For those who do not know what the stages are:

Spoiler

Stage 1: Reconnaissance – The first stage is identifying potential targets that satisfy the mission of the attackers (e.g. financial gain, targeted access to sensitive information, brand damage). Once they determine what defences are in place, they choose their weapon, whether it’s a zero-day exploit, a spear-phishing campaign, bribing an employee, or some other.

Stage 2: Initial compromise – The initial compromise is usually in the form of hackers bypassing perimeter defences and gaining access to the internal network through a compromised system or user account.

Stage 3: Command & control – The compromised device is then used as a beachhead into an organisation. Typically, this involves the attacker downloading and installing a remote-access Trojan (RAT) so they can establish persistent, long-term, remote access to your environment.

Stage 4: Lateral movement – Once the attacker has an established connection to the internal network, they seek to compromise additional systems and user accounts. Because the attacker is often impersonating an authorised user, evidence of their existence can be hard to see.
Stage 5: Target attainment – At this stage, the attacker typically has multiple remote access entry points and may have compromised hundreds (or even thousands) of internal systems and user accounts. They deeply understand the aspects of the IT environment and are within reach of their target(s).

Stage 6: Exfiltration, corruption, and disruption – The final stage is where cost to businesses rise exponentially if the attack is not defeated. This is when the attacker executes the final aspects of their mission, stealing intellectual property or other sensitive data, corrupting mission-critical systems, and generally disrupting the operations of your business.

Although you could even argue, that those are stage six attacks, since you are corrupting "something" (be it the ASMedia Controller or the PSP)

 

I also just had a bit of a play with deactivating the PSP in my UEFI. That works and there is no PSP and TPM Device anymore.

 

Edit: Even Trail of Bits says, those attacks are not viable. https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/

Quote

This level of effort is beyond the reach of most attackers

 

[laminutederire]

1 hour ago, LAwLz said:

 

It was designed to execute code from signed applications, which makes sense because otherwise it would have no contact with the rest of the cpu/computer parts. That's intentional and understandable. The issue is that the signed code can inject unsigned code it seems (which is bad), so it would seem to me that the issue is with the signed code solely because the psp interacts with it in a possibly fine matter. It may be an issue in the cryptographic protocol, but that's something else entirely and would be pretty stupid of AMD (There are proofing tools for God's sake.. which is also why I think that the protocol is okay but they haven't coded the protocol execution on the actors part).

To me it seems as if the privilege escalation happens through their signed driver, meaning that's where the trust disappear. In theory the signed code should run as an equal level as the system admin (or whatever it's called in English (You know the admin account of the system itself which runs at higher privileges than user admin accounts). This level should be an allowed to talk directly to the psp otherwise nothing could. Like in the iPhone the system talks to it, send it a request and get an info back of whether it is validated. I think the issue here is that you could send code it should not (akin to sql code injection methods). That'd basically mean that the issue is not the privileges hierarchy but that you could fool an entity of higher privileges to do something it shouldn't without having the rights ever to do it yourself.

 

I however do agree that it isn't smart of them to allow modification like this. They should have done something like read-only and update through random container with a signed driver through a crypted connection to their server only on boot. That way you can use cryptographic proofs to ensure the drivers are authentic and retrieved from the right place will still being unchanged. It's a bit slow but you should update the psp code that often anyway so it should be okay. (That's somehow how the secret services configure their machines to listen on networks.)

[Stefan Payne]

On 3/13/2018 at 5:13 PM, Energycore said:

Isn't this against the law in some way? Every other vulnerability has been given months in advance before being announced. What gives?

Yeah, but this isn't a vulnerability, its not hacked.

When you need admin rights to do stuff, it isn't a problem because that's the way its intended.

 

Its just utter nonsense of the "no shit, Sherlock!" category. 

 

Or to rephrase it:
If you can do the things this "exploid" claims, you have admin access to the system anyway. So you can already do other, more important stuff. Why would you care about the AMD processing shit when you just could install anything you want?!

[Trixanity]

2 hours ago, LAwLz said:

Being good at analyzing protocols and hardware does not necessarily mean you are good at writing reports and disclosures though. They usually go hand in hand, but you shouldn't judge a fish by its ability to climb a tree.

 

Or you know... They count experience from before the company they currently work for.

If I work at Intel as a CPU architect for 30 years, and then move over to AMD, that 30 years at Intel still counts towards my "amount of experience". It doesn't get reset to 0 years of experience.

 

 

It could be a TrustZone issue, but as ARM said to Ian when he contacted them, their customers makes so many modifications to their reference designs that ARM usually don't have any idea how different implementations of TrustZone work.

 

 

Edit: Going to read the Anandtech - CTS call now.

I think Ian put it pretty well when he said there are two stories here.

One are the exploits themselves, and the other one is all the things surrounding viceroy, how it was disclosed and so on.

To me it seems like a lot of people are trying to use facts from "story 2" to discredit "story 1", which I don't think you can do (and it seems like the community of security experts agree).

They didn't understand virtualization and the enterprise market for one. That was so bizarre. I would think Israeli intelligence officers would have at least rudimentary knowledge of these things. They didn't understand microcode updates either. I mean what the hell? We've just had Spectre being patched wholesale by the industry and everyone talking about precisely that and they somehow don't know a damn thing about it. 

Generally their answers were lackluster and they dodged many important questions and even did the classic "gotta go now" when the heat got uncomfortable. It's not an admission of guilt necessarily but it damn sure is odd that you suddenly had no more time. This is straight from the shady politician playbook.

 

And regarding TrustZone: it seems AMD has made their own OS and bootloader for it or it's at least branded as such but it's obviously not open source which has been a news story of its own. Perhaps it's time for AMD to revisit that path. 

 

Anyway their primary concern seems to have been publicity. They've spent a lot of money on PR firms. On making pretty graphs, dramatized language and a whole website dedicated to their one "product" instead of using their regular website. That's strange for a usually more muted approach from security folks.

 

They're also consultants which means they were allegedly hired to find exploits but it was not AMD. So the goal is pretty clear. But the important thing is they were hired by an unknown party with malicious intent. They probably dictated some of their actions.

 

I still believe the amateur behavior indicates they aren't behind all of it. The question is how far does that go?

 

Edit: to clarify

Either they're amateurs or they're intentionally acting like amateurs. Either way it furthers their goals.

[Stefan Payne]

2 hours ago, Deus Voltage said:

Much of the love for AMD stems not just from the fact that they're the underdog, but also from something that should be quite apparent (at least in the CPU department).

 

Pushing the boundaries despite having limited financial edge. 

 

Yes and not being total dicks with their products like disabling shit on their overclockable processors, ECC for any desktop CPUs or castrating the chipsets in various ways like disabling RAID features and so on...

2 hours ago, LAwLz said:

Likewise, the PSP was (hopefully) not designed to let the "host" OS execute arbitrary code on it.

 

And can be disabled in the latest AGESA versions as well...

[Stefan Payne]

4 minutes ago, Trixanity said:

And regarding TrustZone: it seems AMD has made their own OS and bootloader for it or it's at least branded as such but it's obviously not open source which has been a news story of its own. Perhaps it's time for AMD to revisit that path. 

No, they haven't.

Its a licensed product from Acorn RISC Machine, AMD just implemented it. 

[leadeater]

2 hours ago, mr moose said:

No, there is no AMD  bias on these forums at all.   

Yea it's purely just Intel hate 

 

2 hours ago, mr moose said:

To all the guys trying to maintain some sort of rational position on security, forget it.  It is apparent half of LTT seriously don't think there is a threat because their beloved AMD could not possibly release a chip with an issue.

My AMD system is unhackable so there is no way AMD could have released a product with security flaws in them*.

 

*No AMD systems are owned by me and I do not use any current AMD systems.

 

I'd actually say something serious about the topic but I've literally said everything that I need to, I don't feel like sitting here punching myself in the face while chanting "This does not hurt, my face feels no pain".

[Trixanity]

10 minutes ago, Stefan Payne said:

No, they haven't.

Its a licensed product from Acorn RISC Machine, AMD just implemented it. 

Yes but ARM has denied that. They say their customers modify aspects of it and AMD (as I also said) at least brands it as made by AMD. Go have a look at the product page. It's all there.