Strojna oprema @ Slo-Tech Wed, 21 Mar 2018 15:39:09 +010015AMD ZEN - nova X86 Jedra, 21 Mar 2018 15:06:42 +0100 ]]> Nvidia Volta, 21 Mar 2018 14:34:01 +0100

Naj bo to tema o, najprej seveda, govoricah, potem pa še o testih. Predvsem so zaželeni linki ob trditvah, da se ve na podlagi česa vaše trditve temeljijo. Torej, glede na to, da sami ne moremo karkoli vedeti o Volti, moramo prilepiti link, kje smo prebrali kar tukaj napišemo. ]]>
Ranljivost v AMD Ryzen procesorjih, 21 Mar 2018 08:55:24 +0100LINK

-Master key
When a device starts up, it typically goes through a "Secure Boot." It uses your processor to check that nothing on your computer has been tampered with, and only launches trusted programs.

The Master Key vulnerability gets around this start-up check by installing malware on the computer's BIOS, part of the computer's system that controls how it starts up. Once it's infected, Master Key allows an attacker to install malware on the Secure Processor itself, meaning they would have complete control of what programs are allowed to run during the start-up process.

From there, the vulnerability also allows attackers to disable security features on the processor.

This vulnerability specifically affects AMD's Ryzen chips, and would allow malware to completely take over the secure processor.

That would mean being able to access protected data, including encryption keys and passwords. These are regions on the processor that a normal attacker would not be able to access, according to the researchers.

If an attacker can bypass the Windows Defender Credential Guard, it would mean they could use the stolen data to spread across to other computers within that network. Credential Guard is a feature for Windows 10 Enterprise, which stores your sensitive data in a protected section of the operating system that normally can't be accessed.

"The Windows Credentials Guard is very effective at protecting passwords on a machine and not allowing them to spread around," Luk-Zilberman said. "The attack makes spreading through the network much easier."

Like Ryzenfall, Fallout also allows attackers to access protected data sections, including Credential Guard. But this vulnerability only affects devices using AMD's EPYC secure processor. In December, Microsoft announced a partnership with for its Azure Cloud servers using AMD's EPYC processor.

"Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. Our standard policy is to provide solutions via our current Update Tuesday schedule," a Microsoft spokesperson said.

These chips are used for data centers and cloud servers, connecting computers used by industries around the world. If an attacker used the vulnerabilities described in Fallout, they could use it to steal all the credentials stored and spread across the network.

"These network credentials are stored in a segregated virtual machine where it can't be accessed by standard hacking tools," said CTS-Labs CEO Ido Li On. "What happens with Fallout, is that this segregation between virtual machines are broken."

Segregated virtual machines are portions of your computer's memory split off from the rest of the device. Researchers use it to test out malware without infecting the rest of their computer. Think of it like a virtual computer inside your computer.

On Credential Guard, the sensitive data is stored there, and protected so that if your computer were infected by normal malware, it wouldn't be able to access it.

Chimera comes from two different vulnerabilities, one in its firmware and one in its hardware.

The Ryzen chipset itself allow for malware to run on it. Because WiFi, network and Bluetooth traffic flows through the chipset, an attacker could use that to infect your device, the researchers said. In a proof-of-concept demonstration, the researchers said it was possible to install a keylogger through the chipset. Keyloggers would allow an attacker to see everything typed on an infected computer.

The chipset's firmware issues means that an attack can install malware onto the processor itself.

"What we discovered is what we believe are very basic mistakes in the code," Uri Farkas, CTS-Labs's vice president of research and design said. ]]>
USB recovery, 20 Mar 2018 16:44:39 +0100