What's your thoughts on viability of some of these attacks if say for example at home I am sitting behind a fortigate firewall running ids (intrusion detection), utm (unified threat management) etc. Also say for example I only allow known ports as well as having some pretty serious traffic shaping rules in place? Curios on your thoughts more than anything.
-
Competitor rules
Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.
Dubious Research Discovers Ryzen vulnerabilites
- Thread starter jwilliamson47
- Start date
What's your thoughts on viability of some of these attacks if say for example at home I am sitting behind a fortigate firewall running ids (intrusion detection), utm (unified threat management) etc. Also say for example I only allow known ports as well as having some pretty serious traffic shaping rules in place? Curios on your thoughts more than anything.
people aren't understanding the full implications of what these rogue market manipulating scumbags could inflict.
FIXED THAT FOR YOU
Home users I really don't see any real implications - there is no new initial attack vector from a remote intrusion angle and once something is running on your system then like Meltdown there are far easier ways to accomplish that.
There is a very edge case there if your network itself is exposed online via some kind of weird CGNAT setup or something should there be anything to the possibility with the Chimera part of it that might expose the ARM Cortex processor to similar vulnerabilities as Intel's ME - it is thought not to be the case but there is a bit of a grey area as to how certain things work that AMD haven't released any documentation on - for obvious reasons as its part of the secure management engine.
Associate
- Joined
- 31 Oct 2012
- Posts
- 2,243
- Location
- Edinburgh
Meltdown gave remote privelidge escalation, this neither is remote-friendly nor escalates access. Yes, *if* the claims are true it's not ideal and should see patches, but it would be a fairly low-priority vulnerability.
Minty Boiled Sweet said:
That's an interesting point Humbug and one reason why Intel is keeping itself well out of this.
If a rogue security company backed by short sellers is trying to smear AMD by declaring their products insecure if an attacker is given admin control and physical access to the system then the obvious question is, so what, who is secure given those same conditions?
The clickbait is strong and the tech sites were thirsty for it.
Caporegime
- Joined
- 9 Nov 2009
- Posts
- 25,466
- Location
- Planet Earth
All I say look on the biography page of their website - thats some heavy stuff they might have been involved with before! Forget the CrowdCores stuff they did!
Never said the overall theory is specific to AMD - but these potentially give specific paths for working around security aspects in the AMD processor to get information a user wouldn't normally have access to - the vulnerabilities with the ASMedia controller for instance have been demonstrated elsewhere and by using custom firmware for it you can hide away a backdoor that will elude normal security audits and survive a normal machine wipe potentially allowing for an escalating attack within a corporation with an otherwise secure system implementation.
EDIT: This in itself isn't particularly new other than it is yet another potential vector - there have been ongoing attempts for years to infect router, managed switches, NAS and other IoT device firmwares and so on so as to make it very difficult to remove a malware infection once it strikes - there are variants of crypto malware that can stay dormant in certain router operating systems for instance until trigger conditions to reinfect people all over again.
"Minty Boiled Sweet said" 
One can never really protect everyone from hacking attacks, at some point the user needs to take responsibility for their own security, i think if someone does figure out how to flash your BIOS remotely through a live Windows environment (as it would have to be) extremely unlikely as that is such a situation is actually very easy for AMD to mitigate, just take that feature away, you shouldn't be flashing the BIOS through Windows anyway.
This is also an Intel issue if it was such a thing, which its not.
One can never really protect everyone from hacking attacks, at some point the user needs to take responsibility for their own security, i think if someone does figure out how to flash your BIOS remotely through a live Windows environment (as it would have to be) extremely unlikely as that is such a situation is actually very easy for AMD to mitigate, just take that feature away, you shouldn't be flashing the BIOS through Windows anyway.
This is also an Intel issue if it was such a thing, which its not.
@Roff you may not be able to read this but what the hell i'll take you point anyway.
The alleged "vulnerabilities with ASmedia Chip-Sets" well that's more a responsibility for Asus than it is AMD, i understand AMD use them but its down to Asus to fix them if they are indeed broken, if not a fix would be that AMD simply stop using them and go back to making their own.
But, as you describe it seems that all chip-sets are potentially vulnerable.
Having said that this speculation all assumes that CTS Labs intentions here are honorable and there in fact, when the one thing, the only thing that actually has clarity in all of this is that CTS Labs intentions here are to deliberately cause damage to AMD in order to profit from a hit in their share price.
With that in mind all this talk about their allegations in this vain legitimizes what is far more likely an illegal investment fraud.
Its crazy to give this any legitimacy, doing so is perpetuating the scam.
The alleged "vulnerabilities with ASmedia Chip-Sets" well that's more a responsibility for Asus than it is AMD, i understand AMD use them but its down to Asus to fix them if they are indeed broken, if not a fix would be that AMD simply stop using them and go back to making their own.
But, as you describe it seems that all chip-sets are potentially vulnerable.
Having said that this speculation all assumes that CTS Labs intentions here are honorable and there in fact, when the one thing, the only thing that actually has clarity in all of this is that CTS Labs intentions here are to deliberately cause damage to AMD in order to profit from a hit in their share price.
With that in mind all this talk about their allegations in this vain legitimizes what is far more likely an illegal investment fraud.
Its crazy to give this any legitimacy, doing so is perpetuating the scam.
Well you seem utterly stupid now don't you? (Rhetorical btw)
Also Rroff i'm surprised you actually humoured this news. It's so obviously a bad attempt at a bad PR attack on AMD it's cringe worthy. You only have to do some digging to find CTS labs is a nobody company contemplating of only 4 people. The fact their Youtube channel is barley a week old with what only two videos with comments disabled screems scare mongering. Otherwise comments would be full of people shutting them down and slating them for being fake.
Not so fast there... maybe because I understand enough to know there potentially are some actual issues in there, if this information verifies, despite the overall attempts to inflate the threat level:
https://arstechnica.com/information...-in-amd-chips-make-bad-hacks-much-much-worse/ I'm gonna assume those "experts" that have a traceable history going back 10 years are legit and not on the payroll so to speak or part of some long game.
Notice for instance that you can supposedly write unsigned code to the hardware - this doesn't require BIOS compromisation and can stay resident so unless you can track your CPU to source its possible for it to have something nasty hidden away before it was put into your system, etc. (not that AMD are alone in having potential exploits like that - Intel's ME had similar patched awhile back).
Despite the fact most of these need admin or BIOS access - many of these issues if they exist are within parts of the system where such flaws really shouldn't exist which begs the question if they are real - and don't automatically assume they aren't just because of the source of the information - what else is amiss?
EDIT: And as always take into account the first couple of posts I made in this thread - seems some have quickly forgotten them.
Anyone seen Hardware Unboxed's new video about the R9 280X? Their first comment:
Hardware Unboxed said:
Soldato
- Joined
- 18 May 2010
- Posts
- 23,287
- Location
- London
Linus thinks that they are clowns.
They are clowns, without any doubt.
Clowns but as per the comments in the article I linked to before just because they are scumbags doesn't automatically mean everything they say is wrong. Linus like many here seem to have jumped on the fact they've acted in what looks like and probably is bad faith and that at face value many of these "exploits" require already having elevated privileges and made a conclusion without looking at the full picture. It will be interesting to see what AMD have to say.
Soldato
- Joined
- 19 Feb 2011
- Posts
- 5,849
Jesus Roff could you be any more blatant in your constant anti AMD campaign? even the very slightest hint of the chance to bad mouth AMD even if its in a very roundabout manner, your on it like a Great White Shark smelling a drop of blood in a mile of ocean... Give it a rest already or disclose how much Intel / Nvidia pay you to constantly drag AMD down.
You think your clever in the way you word your posts but your really not as your posting history clearly shows you have an agenda, and its quite boring now as everyone is aware of it.
I have no doubt that there is some truth to the vulnerabilities. The fact that they've blow them out of all proportion, suggested AMD is worth $0, not given AMD anywhere near sufficient notice, etc. clearly indicates they're just scumbags looking to make a quick buck at the expense of AMD.
AMD will update their PSP just like Intel update their ME at least once a year to fix these kinds of issues, and that will be that. I am still dubious as to whether AMD's "disable PSP" BIOS option actually fully deactivates it as an attack vector, but at least they have some kind of option, unlike Intel.
Its sad, very very sad, you only ever see the posts where I talk negative about AMD and overlook that it is usually based on reasoning rather than just the knee jerk reaction that is going on in defence of AMD in a good amount of this thread.
These features annoy me a lot - some of it has functionality but not giving users transparency and options to control it properly is very poor. Intel's implementation is even worse as it is exposed to remote attacks even more than AMD's should anyone ever find a comprehensive way to exploit it.
I actually really hope one day something really bad happens and people actually see how bad this kind of approach is and there is public backlash against it - likewise with forced updates in Windows 10. Sadly the general public usually lack vision when it comes to these features until something bad happens.
Associate
- Joined
- 27 Apr 2007
- Posts
- 968
Is it true that some of these alleged exploits don't require a firmware reflash but remote administrator access only?
There's usually so much misinformation on threads like these from fanboys on both sides that the basic facts get lost
There's usually so much misinformation on threads like these from fanboys on both sides that the basic facts get lost