Dubious Research Discovers Ryzen vulnerabilites

ltron · 13 Mar 2018 at 20:34

DragonQ said:
This is only the beginning. Now this kind of thing has more focus, expect more issues to crop up for all major manufacturers going forward.

Note that 3 of the 4 categories of vulnerabilities relate to the PSP (equivalent of Intel's ME), which is a complete non-surprise. The other one relates to the chipset but is just as dangerous. To categorise them as similar to Spectre and Meltdown is disingenuous though to be honest, since those are pure CPU architecture issues; these are platform issues. There will also be no potential performance issues relating to fixes because of this.

Can't the PSP be disabled in the Bios anyway on Ryzen, especially for those who don't need it (desktop users)? The same can't be done with Intel's ME.

sideways14a · 13 Mar 2018 at 20:49

Hotwired said:
Reddit is making itself useful

https://www.reddit.com/r/Amd/comments/845w8e/alleged_amd_zen_security_flaws_megathread/

Some genius has found the backdrops they used in there youtube videos, simple graphics ripped off of other sites.
lol this is hilarious.

d_brennen · 13 Mar 2018 at 21:01

This is akin to saying locks and double glazing is useless as you probably have burglars inside already.

Wonder if someone bet big against AMD recently...

Pants · 13 Mar 2018 at 21:07

Lol at their fake office: https://i.imgur.com/OkWlIxA.jpg

I think this is going to end up being about stock manipulation. Not sure Intel would be dumb enough to get involved with this but who knows.

humbug · 13 Mar 2018 at 21:11

Pants said:
Lol at their fake office: https://i.imgur.com/OkWlIxA.jpg

I think this is going to end up being about stock manipulation. Not sure Intel would be dumb enough to get involved with this but who knows.

Lol this just keeps getting better

CAT-THE-FIFTH · 13 Mar 2018 at 21:13

AMD responds:

http://ir.amd.com/news-releases/news-release-details/view-our-corner-street-0

We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise. We will update this blog as news develops.

humbug · 13 Mar 2018 at 21:14

Was just about to post that ^^^^

CAT-THE-FIFTH · 13 Mar 2018 at 21:21

Some more stuff from AT forums:

https://forums.anandtech.com/threads/amdflaws-com-what-is-this.2540299/#post-39343066

So here is what I found so far.

CFO of CTS-Labs
https://www.linkedin.com/in/yaron-luk-zilberman-09a1795

Former employment
NineWells Capital Management
'NineWells Capital Management, LLC is a privately owned investment manager. The firm manages hedge funds for its clients. NineWells Capital Management is based in New York, New York."

It sure looks like an attempt to drop the stock price.

From Cnet
"When those two security flaws were announced in January, AMD said it was not affected because of the differences in its architecture. These new security vulnerabilities break down into four categories, according to CTS-Labs co-founder and Chief Financial Officer Yaron Luk-Zilberman.

All of the vulnerabilities essentially allow an attacker to target the secure processor, which is crucial to protecting the sensitive information on your device.

"You're virtually undetectable when you're sitting in the secure processor," Luk-Zilberman said. "An attacker could sit there for years without ever being detected."

So you have a CFO from a tech security company that used to work for an investment company tanking the stock price of AMD.

https://forums.anandtech.com/threads/amdflaws-com-what-is-this.2540299/#post-39343075

It gets richer. There's also another CTSLabs website http://www.ctslabsinc.com/index.html who apparently make salves, tonics, and other generic stuff that seems to border on the line of Homeopathy. Not a big deal right? Could just be a completely different company that's located in Greenville, OH vs. Tel Aviv. Except that their CFO, Yaron Luk-Zilberman is listed on Linked-In as an employee on the CTS Labs Profile that has the above link: https://www.linkedin.com/company/cts-labs-inc

So why is the CFO of a high end Security Company like CTS Labs (located in Israel) also listed as an employee of a tonic and lotion company in Greenville, OH by nearly the same name that makes its web pages off of Yahoo Sitebuilder that looks like a throwback to the 90s?




Something continues to seem really really strange about all this.

Rroff · 13 Mar 2018 at 21:22

Pants said:
I think this is going to end up being about stock manipulation. Not sure Intel would be dumb enough to get involved with this but who knows.

Wouldn't surprise me if it was some dubious manipulation.

CAT-THE-FIFTH · 13 Mar 2018 at 21:29

Also,Viceroy research was in the news:

https://www.nytimes.com/reuters/2018/03/12/business/12reuters-prosieben-media-accounts.html

Germany's Bafin said on Monday that "short-seller" Viceroy Research breached securities law with a report on ProSiebenSat.1 by not notifying the financial watchdog beforehand.

Yep,Viceroy research is a short seller.

https://www.moneyweb.co.za/in-depth/investigations/viceroy-unmasked/

Identity of individuals behind Viceroy Research revealed
The three-man firm is headed by a previous social worker and two Australian youngsters.

https://www.iol.co.za/business-repo...-and-why-do-their-accusations-matter-13010688
https://twitter.com/cataclysmza/status/973624240317652992

Here's a short summary of their activities to date: https://www.iol.co.za/business-repo...-and-why-do-their-accusations-matter-13010688 …. They caused nationwide panic recently when they targeted Capitec and claimed they were close to bankrupt and didn't have stability. Nearly caused mass withdrawals.

Edit!!

A poster on TPU noticed this too:

https://www.techpowerup.com/forums/...ncluding-backdoors.242328/page-3#post-3812183

Hmmm what an interesting connection in the CTS Labs contact page.

http://www.bevelpr.com/

Why would an infosec research firm have an external marketing department... Or is it the other way around?

I can smell the money from here.

CNBC was going to interview the company but backed out at the last minute it appears:

https://twitter.com/ScottWapnerCNBC/status/973597591400337408

David Kanter said the following:

"All the exploits require root access," said David Kanter, a chip expert who is founder of Real World Technologies. "If someone already has root access to your system, you're already compromised. This is like if someone broke into your home and they got to install video cameras to spy on you."

humbug · 13 Mar 2018 at 22:17

These people need to be shut down ^^^

DragonQ · 13 Mar 2018 at 22:22

ltron said:
Can't the PSP be disabled in the Bios anyway on Ryzen, especially for those who don't need it (desktop users)? The same can't be done with Intel's ME.

IIRC some BIOSs have an option that implies you can disable the PSP but I don't believe it actually does, at least not fully.

CAT-THE-FIFTH · 13 Mar 2018 at 22:25

humbug said:
These people need to be shut down ^^^

It gets better. The CEO of CTS Labs worked for an investment firm in New York,they are also using a marketing firm in New York,and apparently there is a New York security expert defending them(read some of the articles like the AT one).

He is located in New York and got sent the documents a week ago,and AMD had less than 24 hours to look at them. Apparently he says he has never met any of the CTS Labs guys at all,so don't know if they are playing him.

Also,Linus Torvald wades into it all:

https://plus.google.com/+LinusTorvalds

It looks like the IT security world has hit a new low.

If you work in security, and think you have some morals, I think you might want to add the tag-line

"No, really, I'm not a whore. Pinky promise"

to your business card. Because I thought the whole industry was corrupt before, but it's getting ridiculous.

humbug · 13 Mar 2018 at 22:32

yeah its all a bit mad really

AmateurExpert · 13 Mar 2018 at 22:36

It's a shame that so-called tech journalists do very little or no fact checking even on pieces as smelly as this. It seems we have to rely on skeptical readers to challenge and debunk scams and shill pieces parrotted by the IT media.

jwilliamson47 · 13 Mar 2018 at 22:43

I've edited the title which was pasted from the source and didn't reflect the situation accurately.

Hotwired · 13 Mar 2018 at 22:45

AmateurExpert said:
It's a shame that so-called tech journalists do very little or no fact checking even on pieces as smelly as this. It seems we have to rely on skeptical readers to challenge and debunk scams and shill pieces parrotted by the IT media.

Pff, first page of this thread are a handful of replies falling for the face value that its bad news for AMD and that's all they needed or wanted to hear.

humbug · 13 Mar 2018 at 22:45

jwilliamson47 said:
I've edited the title which was pasted from the source and didn't reflect the situation accurately.

:Thumbsup:

TrixP10 · 13 Mar 2018 at 22:47

CAT-THE-FIFTH said:
I had a quick look - where is that posted on their website??

CTS-LABS.COM

Media enquires

http://www.bevelpr.com/expertise/

CAT-THE-FIFTH · 13 Mar 2018 at 22:52

TrixP10 said:
CTS-LABS.COM

Media enquires

http://www.bevelpr.com/expertise/

Wow.