• The security holes in AMD processors cause HWzone network clutter
ComputersProcessorsFeatured articles

The security breaches in AMD processors are causing network clutter

A young Israeli vulnerability research company makes headlines with sudden exposure to 13 types of loopholes that affect the Zen processors

Get updates from everyone in TelgramGet updates from us all at TelgramJoin the channel now


While processor companies still lick the wounds left by the known security holes Who received the titles Spectre and Meltdown, And needed a variety of different patch updates that created quite a few new issues of their own - Another heavy weight on the shoulders falls in the form of 13 loopholes News related to its latest products, which are divided into four groups, all of which were revealed at the same time by an Israeli company, only 24 hours after the developer had updated the details.

An 20 study paper describes a variety of methods of attack and security vulnerability in the Zen architecture , Which examined all the products available on the market today: from the EPYC processors to the server world (where harming them also means harm to their Threadripper brothers, it seems) and the- Pro desktop and up to Mobile devices that are integrated into the mobile world.

Different methods for different processors - but all are on the way to causing great headaches in AMD

A mechanism called Chimera utilizes gaps Known as ASMedia products, which helped develop the dedicated chipsets in the Ryzen and Ryzen Pro desktop processors to prove the potential for attack and damage to both the computer operating system and all the devices connected to the interfaces , SATA and To an array, all of which pass through the same chipset.

All the vulnerabilities are based on "plugins" in the Zen processors that interface with the core processing core, System and operating system

Mechanisms called Fallout and Ryzenfall include a number of methods for reading information, writing information, and running external malicious code based on the designated security system in the labs Which is based on the A5 Cortex chip and the company's technologies - When the Fallout method has proven to be a risk to the massive EPYC processors, while Ryzenfall as such is affecting the Of all kinds.

From the published research paper - will only material change be able to clog the security flaws?

A final and not very likeable mechanism is called Masterkey and includes attack and damage through the hardware of the Cortex A5 spoken core integrated with models - with the ability to cancel mechanisms Of the processors as part of a malicious malicious firmware update. Given that these firmware updates have become easier and simpler than ever before, you can certainly imagine a situation in which we receive attempts to distribute such an offensive update under the guise of another application or extension.

At this time, there is no known malicious exploitation of these loopholes, although their very exposure may significantly increase the chances of this

On the face of it, it would be quite a challenge to exploit some of the breaches that have been discovered, but a similar statement can be made Most variations of Spectre and Meltdown - This time too, it is doubtful that it will comfort the average consumer who does not specialize in the field, but is certainly concerned about the theoretical ability to damage his personal computers and gain access to his files and details. Will have to provide a solution to the gaps, and there is a high chance that in this case too, a simple and standard program update will not suffice to close the cracks.

Not all methods work on all types of processors, but it seems that no model is completely immune to our sorrow

Question mark exposure?

Throughout the network, questions about the source of this comprehensive security problem began to arise almost immediately. The Israeli CTS Labs company is described as being established only a year ago and is located in Tel Aviv and includes only four employees, with no previous reports of loopholes In other systems and products.

CTS Labs certainly succeeded in breaking into the global consciousness by storm

Many (including factors in Itself) expressed astonishment about the scope of its discovery and its documentation professionalism, which included a dedicated site, professional graphic descriptions with a logo and a corresponding name for each method, declarations to the media and channel videos Which opens just days before the exposure. There do not appear to be any claims about the existence of the security issues, but there is certainly concern that the source behind the information may be a deliberate hand to tarnish the chip developer's reputation - perhaps as part of an attempt to run the company's shares.

While the Spectre and Metldown bursts were discovered with the help of Project Zero dedicated to the study of the subject under , Without too many question marks about the credibility or motivation behind the information - here the situation is different, and the question marks are slightly more significant

Now there seems to be a good reason to wait for the official responses from me , To understand whether she accepts or rejects the allegations and accusations - and in particular how she plans to act to correct the gaps and ensure that these are not repeated in the family. Upcoming 2000, and other products. Watch for updates.


Tags

35 תגובות

  1. Hahaha

    I know some surfers who "danced on Intel's body" at the time
    And make accusations from here to Alaska (well, correctness must be noted)
    And "Discover the Light" at AMD.

    And yet, AMD is also in serious trouble on its face.
    And I say what they said long before -
    Everything that humanity produces suffers from imperfection.
    Like no fortress you can't conquer and no perfect software
    Etc. etc., so is the production of the processors.
    True, it is sometimes tricky and difficult to discover,
    But it is a matter of will and resources only.

    1. AMD's "weak points" in this case are not so weak, in fact. I personally try to avoid presenting my full opinion on the subject right now. Waiting for more details and exposures

  2. a quote

    The Israeli CTS Labs is described as established only a year ago, is located in Tel Aviv and has only four employees publicly, without previous publications of security breaches in other systems and products.

    Many (including officials at AMD itself) expressed wonder at the extent of his disclosure and professionalism, which included a dedicated website, professional graphic descriptions with a logo and matching alias for each method, media statements and explanatory videos on the YouTube channel that opened just days before the exposure. … But there is certainly concern that the source behind the information may be a deliberate hand to tarnish the chip developer’s reputation…

    Interesting… this company also opened a website called https://www.amdflaws.com Where they list the problems that AMD processors have.

    The combination of the website name that was opened, the investment made on the site, the fact that the company has no "proven" experience in the field and the fact that the company has only 4 employees does make me think that there is a deliberate hand here that has a lot more resources compared to the small company described here. Wonder if anyone will investigate the issue.

    In any case, you have to wait and see how serious these security breaches are and whether the usual home user has any reason to worry.

  3. Everyone has reason to fear that loopholes are there.

    The issue is whether they can be fixed and if so how much if performance will be impaired.

    At the moment, it does not look nice, to say the least.

  4. Quote of askme

    True, it is sometimes complicated and difficult

    To discover weaknesses, but it is only a matter of will and resources.

    Are you implying here that there is some "will and resources" factor behind this discovery? Because on the face of it, it seems unlikely that a company that was born a year ago suddenly made such exposure, and set up a pretty dedicated site for it, and set up a YouTube channel that opened about two days ago, which is actually the first thing they ever did in their history - and they are a small company of 4 employees from Israel… .. What "will" they have? And especially what "resources" do they have for conducting such research? And why them? Who are they anyway? This company did not exist before this exposure. Where did they suddenly come from? Interesting questions.

    Note that there are quite a few people all over the internet (in fact almost everyone I have seen talking about this topic) who raise questions and all sorts of theories about this source / credibility / objectivity ……

    It will be very interesting to see where it will develop.

  5. Leave it alone, it's not worth mentioning. No loopholes and no plaster.

    It's a pathetic attempt to hurt / make money at the expense of AMD.

    The "security company" that exposed the breaches, did not give AMD time to respond, was unwilling to provide technical information about the "breaches" it found, it was established in 2017 and this is the only and only publicity article it has ever published, in their proper disclosure they may be interested Economists in their publications (probably for fear of being sued for posting nonsense) and they have named a site called amdflaws.

    And even if real loopholes are, they also need physical access to the computer + to make a BIOS + ADMIN passwords. Anyone with such a level of access will be able to install what they need on the computer, they can even take the computer home with them.

    Recommend to see the following videos that summarize the story beautifully.





  6. I'm not hinting at anything.

    I only say, in general, that in everything one can find loopholes,

    And it is only a matter of interests and how much are willing to invest in their realization.

    Without regard to a particular company and / or product, and the best example is game protection

    Danubu. Wanted - broke out. And that's just for illustration.

    But the exploitation of loopholes starts much "lower" and ends, if anything, much "higher" -

    Like the Iranian centrifuges.

    All of the above does not diminish the question of the nature of the company and its motives.

  7. agree. If you are going to represent Israel, do so with respect.

    It is enough for us that companies like CTS do us a heavy image damage. I already see the reactions of hatred across the web and pinched.

  8. Quote of djelectric

    agree. If you are going to represent the ישראל, Do it with dignity.

    It is enough for us that companies like CTS do us a heavy image damage. I already see the reactions of hatred across the web and pinched.

    Agree, and it has already started at the same Sverddit blame Israel \ Jews.

  9. Quote of Milford Cubicle

    I gave up about 30% of his message, I could not read that awful English. Enable digest? What was he trying to say?

    I do not know what he is trying to say, but I am pretty sure that in the last sentence he complains about the problem of impotence

    Quote of k534d

    I can't get it up…

  10. From what I understood.
    Even if that is true.

    None of these "weaknesses" originate in processor design.
    But in the chips surrounding it.

  11. As someone who thinks he somehow understands something about the subject (at least at the basic level)

    The manner in which the weaknesses, the form and the process, including the instrument in which the play is selected, does not imply fraud,

    But sounds and smells like a real scam, and by the way, not done by serious or professional causes

    Especially - they look real amateurs.

    The cautionary values ​​are that it is a group of young people who have bought stock options and are trying to make a quick profit.

    Enough for them to grab hold of the day the stock drops 10-20 percent and they made their cash.

    The identification and connection to Israel is to equate this aroma of luxury, because Israel is considered a cyber power,

    So it is possible that the Israeli halo effect is used here for the purpose of glorifying the subject.

    Cyber ​​professionals and code experts, the first thing when discovering a breach, is the transfer With discretion The information

    The manufacturer to help him close the breach. Only after the manufacturer has been placed in the picture does the information be transmitted to the public in a coordinated manner

    And arranged as post-confirmation information and treatment (or at least starting treatment), and of course without disclosing the weakness itself that allows

    To evil and evil elements to exploit it, but only after the closure of the breach was completed.

    Sometimes the manufacturer involved gives a bonus to the company that surpassed the weakness as a reward to professionals that is acceptable in the industry.

    There are also global competitions in the field, experts who compete there every year help manufacturers close the loopholes before

    Whose information is freely available to the world.

    I have no doubt at this stage that this is a deception for its own sake and not one that is particularly successful.

    I hope that a hawk will find such outposts and send them to jail. I have a feeling that this society is doubtful in Israel

    Doubt on US soil is going to learn a heavy lesson, once they find out that they are behind bars for attempting to manipulate the stock market.

    This has strict implications for the law.

  12. At the end of the day, all these outbursts do is slow down my computer. Ever since Spector and Meltdown have been discovered, and Microsoft has made it worse, I've got all kinds of crazy banging on the computer at home and at work. Suddenly Outlook works like a turtle and my mobile brought blue screens to the patch that fixed it. Kill me that I'm working on fourth-generation processors barely. It's like Apple has slowed down the iPhone to sell more, Intel seems to be doing the same thing. Now it's just that they will not find out what a gap in the graphics cards is in order to try to force us to change them too, especially when prices are in the sky.

    post Scriptum. Whatever the case, I liked the name Ryzenfall. :)

  13. Interestingly, no one bothered to mention that one day before the announcement, 18 acquired a million shares of AMD in short position, and that one of the owners of CTS owns a hedge company trading on the stock exchange and if anyone bothers to read the document 20 pages will show how delusional and biased against AMD On the assumption that if you have access to a computer or a computer, you can do anything you want without breaking anything, and all the weaknesses mentioned in the document rely on access to the computer, of course, any device with an operating system.

  14. Quote of avi_levy

    It is interesting that no one here bothered to mention that in addition to the day before the publication 18 was acquired a million shares of I HAVE D In a short position, and that one of the owners of CTS owns a hedge company trading on the stock exchange

    I heard something about it. If they do find a connection, the guys will soon find themselves in an investigation by the American authorities, and they will kidnap them (and rightly so).

    Quote of avi_levy

    If someone bothers to read the 20 document, the pages will show how delusional and biased against I HAVE D Not to mention the assumption that if you have a computer or a computer, you can do anything you want without breaking anything

    Yes indeed. In fact, the only thing that made Spectre / Meltdown scary (and caused a massive response on the part of everyone) is the fact that they may reveal sensitive information without privilege and without leaving any traces. Those who run as admin can anyway do it much simpler and use a valid operating system API.

    There is a nice XKCD on the subject:

    https://xkcd.com/1957/

  15. I wouldn't be surprised if "Israeli Society" was set up by Intel, and received funding from Intel,
    To look for these loopholes.

    If so, it seems to me that Intel should focus on its own problems and loopholes, rather than its competitors.

  16. Quote of avi_levy

    It is interesting that no one here bothered to mention… ownership of the stock exchange hedge company

    If you go back one page you'll see that I've already cooled it down

    Quote of lompy

    One of the founders is a hedge fund manager.

    Quote of QttP

    I heard something about it. If they do find a connection, the guys will soon find themselves in an investigation by the American authorities, and they will kidnap them (and rightly so).

    And although I hope you're right, I'm not sure it will happen. They have covered (or at least tried to cover) themselves legally, they have declared that they may have economic interests in advertising and other chatter and other sentences.

    There is probably nothing illegal in what they have done as long as it is impossible to prove that what they have posted is a knowingly false lie.

    Although the outbursts they found in my opinion ridiculous and unimportant but one, they probably can stand behind them more or less also because the document is written in such a way that it really does not have details about how it works and because they have mobilized it people if background behind it.

    Everyone understands that there is something stinking here but to prove it is a different story already, it remains to be hoped that they have messed up or are even less clever than they thought and would go into.

  17. ^^^

    Quote of radar

    I wouldn't be surprised if "Israeli society" was founded by me Intel, And received funding from Intel to look for these loopholes. If that's the case, I think it would be better for Intel to focus on the problems and the outbursts of itself, rather than the competitors.

    From all that is said here (and it is said), this is the least logical possibility.

    Why should Intel deal with CAx and risk a lot of problems?

    One might think that AMD brought it to the bottom of the chasm.

    And it's much more likely that if and when Intel does so, it would

    Much more professional and reliable than what we've seen from CTS.

  18. It looks like there's an overall attack on AMD.

    Earlier this week, we announced the Anadia Partner Program that could significantly harm AMD's graphics division, and are now also trying to hit the CPU division.

  19. Yes .. Lela ... Yes Clowns!
    Soon you too will become anti-Semitic because of this line of thinking.
    What happened ... What can't 4 company sit and tear (no matter who) the shape?
    Ie…. In Israel, the most likely such a thing will happen!
    What happens when you remove silicones and make and inflate and restore products.
    10 years after and there is the knowledge and ability to destroy.
    If the manufacturers were investing in development rather than recycling…. Maybe all this would not have happened.

    Anyone who is involved in computer engineering and programming and many industries is certainly not excited by the fact that all this is made in the country.

    Now we have to wait for the anti-Semitic theories of antisemitism.

  20. Quote of radar

    I wouldn't be surprised if "Israeli society" was founded by me Intel, And received funding from Intel to look for these loopholes.

    Of course, this is a complete gag and your invention, and in any case - I would be surprised if that was the case (something whose chances are slim to none). Huge companies like Intel aren't dealing with the primacy level as much as it looks for now.

  21. Quote of lompy

    And although I hope you're right, I'm not sure it will happen. They have covered (or at least tried to cover) themselves legally, they have declared that they may have economic interests in advertising and other chatter and other sentences.

    There is probably nothing illegal about what they did so long as it is impossible to prove that what they published is a complete lie knowingly.

    Perhaps it can be considered as trading based on inside information, which is prohibited. Although this language is not internal information from the company, but external advertising, it may still be possible to claim that it was significant information that was visible to the trader at the time of the stock exchange operation, and was not known to the general public. But I do not know the law in sufficient detail, so maybe I'm just kidding here.

    What is enough is enough to raise suspicion that the US Securities and Exchange Commission (or whatever their name is) will give the guys the juice, and that would be enough punishment. It's not that there was actually any significant impact on AMD's stock, so anyway the "exercise", as much as it was an exercise, was unsuccessful.

  22. Quote of 1stcowgirl

    Yes .. Lela ... Yes Clowns! Soon you too will become anti-Semitic because of this line of thinking. What happened ... What can't 4 company sit and tear (why change who) the shape? Ie…. In Israel, the most likely such a thing will happen! What happens when you remove silicones and make and inflate and restore products. 10 years after and there is the knowledge and ability to destroy. If the manufacturers were investing in development rather than recycling…. Maybe all this would not have happened. Anyone who is involved in computer engineering and programming and many industries is certainly not excited by the fact that all this is made in the country. Now we have to wait for the anti-Semitic theories of antisemitism.

    No one says that what they have published is a lie, but they all point to suspicious signs.

    Indeed, amd yes renewed, they do infect cores but in an innovative way that allows them to create multicore processors in a much cheaper way than Intel.

    But Intel's technological advantage is still (in terms of performance) even though the development in recent years has been quite minor.

  23. When you have full administrative access to your computer for its hardware and software - you can enter malicious code into your computer and utilize it in a thousand ways regardless of the type of processor you have on your computer.

    Do about this research? come on: kopfpatsch:

    A one-year-old company opening a "dirty" site on AMD - that's the most No Professional marble.

    In their presentation, they eventually stated that the "article" could be just their opinion and that they might have an economic interest

    For me, this company and this "research" are simply FAKE NEWS of amateurs

  24. Quote of QttP

    I heard something about it. If they do find a connection, the guys will soon find themselves in an investigation by the American authorities, and they will kidnap them (and rightly so).

    Even if it's all a legal name, the names of all their staff are famous on the company's website and I think getting attached to such an affair already harms these people (at least in the short term). This is all the more so if one speaks fraudulently.

  25. It's a bug, not a security breach.

    It is a bug that we will not feel because to expose it should:

    A. Access to hardware.

    B. Admin / root permissions on the system

    third. Replacing the processor BIOS / microcode with malicious version

    And that's what experts ask "Walla?"

    What do I need to break my head using a security breach if I already have physical access and root permissions?

    More here:

    http://www.zdnet.com/article/linus-torvalds-slams-cts-labs-over-amd-vulnerability-report/

  26. It has long been known that the outbursts are real, it is not something new, the anger was mainly about the conduct, the exaggeration in describing the problem and their hidden interests.

    Because of all their behavior at first, the whole thing seemed to be sucked from the finger and when they found out what the gaps were, they saw that they were not at all critical.

Leave a Reply

Back to top button
Close
Close