AMD Security Vulnerability – The Day After - Seems Financially Motivated

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Mar 14, 2018.

  1. vbetts

    vbetts Don Vincenzo Staff Member

    Messages:
    14,955
    Likes Received:
    1,501
    GPU:
    RTX 2070FE
    I also must admit, if Intel really had a hand in this is would have been planned out way better. I don't think Intel had anything to do with this.
     
    Loophole35 likes this.
  2. waltc3

    waltc3 Maha Guru

    Messages:
    1,063
    Likes Received:
    328
    GPU:
    AMD 50th Ann 5700XT
    At this stage, I'm not convinced that these aren't actually Windows-specific "vulnerabilities" or that Intel systems would not have the same admin-related vulnerabilities. The fakirs who wrote this stuff don't seem to have much of a clue--we'll see what comes of it. ..;)
     
  3. waltc3

    waltc3 Maha Guru

    Messages:
    1,063
    Likes Received:
    328
    GPU:
    AMD 50th Ann 5700XT
    IMO, being a Jew is like being a Protestant or a Catholic in the sense that it's a just a religion--it isn't a race. Many Christians and even some Muslims live in Israel, btw.
     
  4. waltc3

    waltc3 Maha Guru

    Messages:
    1,063
    Likes Received:
    328
    GPU:
    AMD 50th Ann 5700XT
    After reading all of that garbage, I tend to agree--this is obviously a non-technical group trying to affect share prices, and people in Israel (where Intel has offices, actually) were used as fronts to try and evade the heavy hand of the US SEC, imo. This isn't to say that Intel is blameless, of course--because who knows who spurred it and perhaps even paid for it? IF this isn't fodder for a private investigator I don't know what would be...;)
     

  5. SSD_PRO

    SSD_PRO Member Guru

    Messages:
    173
    Likes Received:
    22
    GPU:
    EVGA GTX 1070
    A few other sites and CTS Labs have released statements that they provided proof of concept and code to AMD, MS, and a few others as of 36 hours ago. AMD has not responded with any statement denying the receipt of that information. It would be very easy to update their blog post with something like "As of this moment, CTS Labs hasn't provided any details or code as claimed and so far we are unable to verify these claims. We will continue to investigate and provide additional information as it becomes available". Yet nothing but that strange statement that looks like buffoonery reading "potential security vulnerabilities related to certain of our processors". Certain of our processors?

    As for the stock price, still nothing happening. It actually went up yesterday then down and back up today. AMD is at the exact same 11.38 before and after this dump at very low volume.
     
    Last edited: Mar 14, 2018
  6. Aura89

    Aura89 Ancient Guru

    Messages:
    7,834
    Likes Received:
    1,013
    GPU:
    -
    The fact that you can't separate calling out a religion vs a country is troubling.

    The fact that it's in Israel has absolutely nothing to do with the Jewish religion, so why bring it up? There's over 2 million non-Jewish people living in Israel. And, again, i'm christian, so if i were to say hack some country and extort money out of them, and never say a thing about "doing it for Christianity" or etc., then what would be the purpose of stating i'm christian in a news article about what i did?

    And then you come back all pissed off because your unneeded statements were deleted? Quite literally, this entire article, this entire situation has zero to do with Jewish people, and to bring anything up about Jewish people is simply off-topic and trolling/hating at best.

    The fact that you ask "Who else lives there besides Jews", itself, is very telling, thinking that just because you want them to all be Jewish (for some unknown reason), that it must be so. And while the majority are Jewish, a majority is not all, with around 25% of the population not being Jewish, which is no small number when you compare it to your "Well they must all be Jewish, they live in Israel!" As if even if that were true, that would matter to this article even in the slightest.
     
  7. vbetts

    vbetts Don Vincenzo Staff Member

    Messages:
    14,955
    Likes Received:
    1,501
    GPU:
    RTX 2070FE
    Move on folks, it's done.
     
  8. waltc3

    waltc3 Maha Guru

    Messages:
    1,063
    Likes Received:
    328
    GPU:
    AMD 50th Ann 5700XT
    The thing about the Internet is that anyone can write anything accusing anybody of whatever these days...;) The good thing is that we are under no compunction to believe it. I'll wait and see what AMD says about it--not worried in the slightest. About that stock prices not changing--that just proves the scam isn't working. Did you overlook the quote in the CTS disclaimer in which they admitted to being a financial entity? The whole "Meltdown/Spectre" vulnerability debacle was quite enough for most people, I think, who have tuned it all out, probably because you cannot "get" Meltdown or Spectre.. Just as you cannot "get" any of these "vulnerabilities" unless you have admin rights *and* the malware needed to exploit them on your own machine--neither exist. Also, "proof of concepts" are rejected all the time, btw, for not being very good proofs of anything.... The "CTS" article reads like it was penned by idiots, but AMD will have the last word, no doubt.
     
  9. Noisiv

    Noisiv Ancient Guru

    Messages:
    6,852
    Likes Received:
    596
    GPU:
    2070 Super
    TRIGGERED!
    lol

    BTW...
    isn't it kinda ironic that just few days ago AMD nudged [H] into investigation of Nvidia's GPP
    and now they find themselves on a receiving end, although of what seems to be a far more elaborate "nudge"
     
  10. Fox2232

    Fox2232 Ancient Guru

    Messages:
    10,047
    Likes Received:
    2,343
    GPU:
    5700XT+AW@240Hz
    Any board which does not have BIOS flash from OS disabled can be bricked same way as mentioned here. Some boards have bootloader allowing blind-flash and recovery. Not many. So that one is not exactly something I would even consider specific to CPU or chipset.
    Attacker can even reflash your sata controller, vBIOS, ...

    Secondly, does AMD have permanently programmable flash in CPUs? Or does it load microcode upon boot? Because I think attacks mention that it is BIOS type rootkit. And chipset type rootkit.
     

  11. WareTernal

    WareTernal Master Guru

    Messages:
    248
    Likes Received:
    39
    GPU:
    XFX RX 580 GTS BE
    13 flaws on the 13th?
    Did you see the pyramid with the eye in the watermark at the bottom of the CTS website?

    The only valid point I see here is the bit about the 24 hour disclosure - the rest of this is in tinfoil hat teritory...
    Maybe these "flaws" are BS, but it's best to wait and see what more researchers say and not start with crazy theories...
     
  12. SSD_PRO

    SSD_PRO Member Guru

    Messages:
    173
    Likes Received:
    22
    GPU:
    EVGA GTX 1070
    I think you misunderstood the concept. The info was provided to AMD yet all we have from AMD is a poorly written statement (certain of our processors???) showing things are still pretty shoe string over there. They certainly haven't denied receiving the code nor has anyone else. Definitely a lot of process to come but AMD isn't sparking any confidence at this point.
     
  13. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    4,867
    Likes Received:
    1,599
    GPU:
    HIS R9 290
    Well when you've been given 13 speculated problems within a couple days notice, what do you expect? Considering how little we know about what AMD knows, it makes perfect sense why AMD is saying as little about this as possible, especially since they don't want to attract any more attention to this. If you were told "you have cancer" without being told how long you'll live (or whether or not it is terminal), would you with confidence start spending your life savings as though you only had a few months to live?
     
  14. Noisiv

    Noisiv Ancient Guru

    Messages:
    6,852
    Likes Received:
    596
    GPU:
    2070 Super
    Then there is also Benford's Law,

    and it turns out that the probability of finding 13 flaws is ~5 times higher than finding 73 flaws, and almost 2x higher than finding 20-something flaws.
    "1" in 13 is to be expected with high frequency = 30%, and even "3" comes with higher frequency than 4,5,6,7... in second digit.

    [​IMG]
     
  15. vMax1965

    vMax1965 Member

    Messages:
    28
    Likes Received:
    7
    GPU:
    MSI RTX 2080 Gaming
    Whilst this has been handled so badly and there seems like an ulterior motive...MONEY for a security firm that setup in January 2017 to make a big splash!

    Meanwhile the vulnerbilities have been confirmed by other security companies and researchers:

    "All the exploits require root access," said David Kanter, a chip expert who is founder of Real World Technologies. "If someone already has root access to your system, you're already compromised. This is like if someone broke into your home and they got to install video cameras to spy on you."

    Still, Kanter agreed with Guido that the vulnerabilities were a major embarrassment for AMD, particularly because most of them reside in the Platform Secure Processor, which is AMD's version of the secure enclave in the iPhone. Unlike Apple, which custom-designed its secure enclave, AMD relies on a 32-bit Cortex A5 processor designed by ARM
     

  16. Romulus_ut3

    Romulus_ut3 Master Guru

    Messages:
    671
    Likes Received:
    138
    GPU:
    AMD RX 570 4GB
    I think I'll move to India for the next six months, rent a place with a billboard that reads "TCS Labs" which should have a nice office place with nothing but furniture in it, and have a dimly lit sound proof chamber with a few open benches running intel systems laying around, have a couple of guys wearing glasses type stuff on the keyboard whole day, come up with a couple of modded BIOS for each and every relevant intel platform that would read "1337" at the bottom right corner during boot up, and identify 13*13=169 security vulnerabilities that will require me to have elevated administrative privilege and physical access to the point I can flash my bugged UEFI/BIOS ROMs on them to infect them for my intended malicious purposes, then send my findings over to all of the tech press first, then OEMs, and lastly intel, and then within the time frame of 24 hours publish my findings to the public with the following classes of vulnerabilities:

    • Skeleton Key (Master Key.. Cough)
    • Weed Field (A reference to Lynnfield)
    • Client Valley (A reference to Clarkdale)
    • Death Valley (A reference to Bloomfield)
    • Missing Link (A bridge between Sandy and Ivy)
    • Farewell (A reference to Haswell)
    • Back alley (A reference to Broadwell)
    • Root Canal (A reference to all the lakes)
    • ClockBlock (A reference to disabling overclocks on Skylake non K SKUs)
    • PhaseShift (Because Z370 has more power phases which Z100/Z200s don't)
    • Core iFlawed
    Oh, and I must blame intel for hiring Raja Koduri who previously worked at AMD for bringing all these flaws over to them when he joined them despite this having nothing to do with the actual subject, but is still valid since my organization has 18 years of experience in the field of Cyber Security since we are the ones responsible for averting the Y2K disaster.

    Then have intel fanboys put the blame AMD for doing such a thing while I publish a whitepaper and have my good buddies over Viceroy do their magic with intel stocks for me, and mission accomplished.
     
    Last edited: Mar 14, 2018
    Fox2232 and Jagman like this.
  17. Jagman

    Jagman Ancient Guru

    Messages:
    2,232
    Likes Received:
    299
    GPU:
    5700XT Pulse
    ^ Awesome :D
     
    Romulus_ut3 likes this.
  18. Dazz

    Dazz Master Guru

    Messages:
    881
    Likes Received:
    91
    GPU:
    ASUS STRIX RTX 2080
    soooo if you need root access and physical access then it's no different than Intels meltdown/Spectre, where admin can remove the windows security patch and downgrade the macro code to make them vulnerable to exploits. Reality is if someone has this kind of access you are already screwed! Be it AMD or Intel.
     
    386SX likes this.
  19. Fox2232

    Fox2232 Ancient Guru

    Messages:
    10,047
    Likes Received:
    2,343
    GPU:
    5700XT+AW@240Hz
    Count me in. I'll be manager there. Will spend my time on lunches with employees and will talk cooking recipes.

    And I'll make one extra hack there:
    Go0ReMover => It will be moving toothpaste intel uses between CPU and IHS via thermal manipulation through load on different parts of CPU. After 2 months, unsuspecting victim ends up with Go0Less CPU and no kind of cooling will keep it stable... forcing RMA.
     
    Romulus_ut3 likes this.
  20. Aura89

    Aura89 Ancient Guru

    Messages:
    7,834
    Likes Received:
    1,013
    GPU:
    -
    I'm sorry, but unless there's more to go on that quote, then i don't understand how someone reading the white paper, regurgitating it and saying you'd already have a problem if root access is required in the first place, is someone "confirming" that the exploit exists?

    The only thing confirmed there is that if there's an exploit and it requires root access, you're screwed either way. Key word there is "if".

    And looking into what this guy has said about the flaws indicates he has no idea if they are vulnerabilities or not, only that, IF they are, he believes they are not a big deal due to the requirement to have root access. Also, the only other thing he has said so far pretty much is he does not believe Intel would be to blame for this situation, as he believes Intel is "too forward".

    "When Intel wants to talk smack, they don’t hide." - David Kanter

    Which i'll be honest, that's a load of crock. I'm not saying intel is behind this, regardless if the vulnerabilities are true or not. That being said, this idea that Intel "doesn't hide" when they try and hurt the competition is pure bogus, anyone with a history lesson on Intel knows that's incorrect. They have a huge list of shady, under the table, anti-competitive dealings that they would never admit to have done if they didn't get caught. So i have no idea what this guy is smoking, because that statement makes zero sense.
     
    Last edited: Mar 14, 2018

Share This Page