» »

Ranljivost v AMD Ryzen procesorjih

Ranljivost v AMD Ryzen procesorjih

Xserces ::

Torej sedaj so priplavale informacije o "kritičnih" varnostnih luknjah tudi za AMD Ryzen procesorje. LINK

Luknje
-Master key
When a device starts up, it typically goes through a "Secure Boot." It uses your processor to check that nothing on your computer has been tampered with, and only launches trusted programs.

The Master Key vulnerability gets around this start-up check by installing malware on the computer's BIOS, part of the computer's system that controls how it starts up. Once it's infected, Master Key allows an attacker to install malware on the Secure Processor itself, meaning they would have complete control of what programs are allowed to run during the start-up process.

From there, the vulnerability also allows attackers to disable security features on the processor.

-Ryzenfall
This vulnerability specifically affects AMD's Ryzen chips, and would allow malware to completely take over the secure processor.

That would mean being able to access protected data, including encryption keys and passwords. These are regions on the processor that a normal attacker would not be able to access, according to the researchers.

If an attacker can bypass the Windows Defender Credential Guard, it would mean they could use the stolen data to spread across to other computers within that network. Credential Guard is a feature for Windows 10 Enterprise, which stores your sensitive data in a protected section of the operating system that normally can't be accessed.

"The Windows Credentials Guard is very effective at protecting passwords on a machine and not allowing them to spread around," Luk-Zilberman said. "The attack makes spreading through the network much easier."

-Fallout
Like Ryzenfall, Fallout also allows attackers to access protected data sections, including Credential Guard. But this vulnerability only affects devices using AMD's EPYC secure processor. In December, Microsoft announced a partnership with for its Azure Cloud servers using AMD's EPYC processor.

"Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible. Our standard policy is to provide solutions via our current Update Tuesday schedule," a Microsoft spokesperson said.

These chips are used for data centers and cloud servers, connecting computers used by industries around the world. If an attacker used the vulnerabilities described in Fallout, they could use it to steal all the credentials stored and spread across the network.

"These network credentials are stored in a segregated virtual machine where it can't be accessed by standard hacking tools," said CTS-Labs CEO Ido Li On. "What happens with Fallout, is that this segregation between virtual machines are broken."

Segregated virtual machines are portions of your computer's memory split off from the rest of the device. Researchers use it to test out malware without infecting the rest of their computer. Think of it like a virtual computer inside your computer.

On Credential Guard, the sensitive data is stored there, and protected so that if your computer were infected by normal malware, it wouldn't be able to access it.

-Chimmera
Chimera comes from two different vulnerabilities, one in its firmware and one in its hardware.

The Ryzen chipset itself allow for malware to run on it. Because WiFi, network and Bluetooth traffic flows through the chipset, an attacker could use that to infect your device, the researchers said. In a proof-of-concept demonstration, the researchers said it was possible to install a keylogger through the chipset. Keyloggers would allow an attacker to see everything typed on an infected computer.

The chipset's firmware issues means that an attack can install malware onto the processor itself.

"What we discovered is what we believe are very basic mistakes in the code," Uri Farkas, CTS-Labs's vice president of research and design said.
Intel i5-3570k @4.7GHz|MSI GTX 970 4G|MSI Z77 MPower|
G. Skill 8 GB 1600MHz|Corsair AX750|Seagate Barracuda 2TB|NZXT Gamma|
  • spremenil: Xserces ()

pegasus ::

Zeh. Oglasi se, ko bodo pogruntali, kako krast AES ključe za SME.

Dr_M ::

Small and Medium Enterprises? Significant Military Equipment?
The reason why most of society hates conservatives and
loves liberals is because conservatives hurt you with
the truth and liberals comfort you with lies.

pegasus ::

Secure Memory Encryption. Naj pokažejo, koliko in če sploh je res secure.

filip007 ::

Najbolj varni so Ryzen prenosniki, samo PSP je treba izklopiti v BIOSu.
Cepljen z J&J + Pfizer.

jukoz ::

filip007 je izjavil:

Najbolj varni so Ryzen prenosniki, samo PSP je treba izklopiti v BIOSu.


Je kaj novega o izklapljanju PSP. Pred novim letom se je govorilo da se ga da izklopiti na nekaterih Asrock(?) platah. Obstajajo kakšne bolj zanesljive informacije?

FireSnake ::

V oči bode to, da so dali AMDju 24 ur časa.
Google je dal intelu 6 mesecev časa.

Še tole:

Based on the latest available information, wccftech.com now believes that the publication of this whitepaper may have been financially motivated and in fact used as a tool for stock price manipulation.


Vir.


Smrdi mi pa tole:

Can It Be Fixed?

CTS Labs claims that Ryzenfall, Masterkey and Fallout can be fixed via firmware updates, but could take several months for those fixes to be delivered. Chimera on the other hand reportedly can't be fixed directly because it's a hardware issue but can be addressed with a workaround. Although, CTS Labs alleges this may produce side affects and could prove difficult to achieve.


Kako oni TOČNO vedo, kaj se da popraviti, in kaj ne?
Arhitekture nihče ne pozna tako podrobno.
Intel je imel 6 mesecev časa, pa se še zdaj lovijo. Google o popravkih ni vedel ničesar.

Tole bo imelo še zanimiv razplet.
Poglej in se nasmej: www.vicmaher.si

Zgodovina sprememb…

  • spremenilo: FireSnake ()

FireSnake ::

The Low-down On Bizarre AMD Security Exploit Saga - You Will Want To Read This

Članek se bo še dopolnjeval.

Iz vira:

Something incredibly peculiar has happened in the past few hours: we saw a report published, that on first glance claimed to reveal 13 spectre-level flaws and would have struck a massive blow to AMD; but as more information started surfacing it quickly became apparent that nothing is as it seems.
Poglej in se nasmej: www.vicmaher.si

FireSnake ::


So are those flaws real? Yes probably, but not as severe as CTSLabs/Viceroy Research would have you believe and certainly not on the same level as Spectre/Meltdown


Nadalje:

An additional data point which is material but was umm, skimmed over by the CTS-Labs team is that according to their own report - all exploits require admin rights to work. Which makes them a lot more tame then if it was something that could be done without. If a malicious agent had admin rights to your server, a backdoor would probably be the least of your concerns - everything on that server is already compromised. In other words, these exploits can only work on an already-compromised server.



Pod črto: zadeva je veliko prenapihnjena in ima finančno ozadje.
kar pa ne pomeni, da tega ni potrebno odpraviti.
Poglej in se nasmej: www.vicmaher.si

FireSnake ::

Poglej in se nasmej: www.vicmaher.si

Ahim ::

Vse zgoraj navedeno velja prakticno za vsak sistem, kjer je mogoce v sistem injicirati dodatno kodo (ki se izvede pred zagonom OS ali tece pod OS na nivoju, kjer ima dostop do "vsega", kot imajo npr. driverji). Povedano drugace, vse nasteto velja tudi za vse sisteme z Intelovimi procesorji za vseh ~30 let obstoja kombinacije procesorjev, ki poynajo "protected mode" ter OSov, ki tecejo v "protected mode". Za preostalih 10 let pred tem je pa seveda sploj neumesno debatirati, ker tako ali tako lahko katerakoli koda brez kakrsnihkoli ovir sari kjerkoli po naslovnem prostoru in pocne zlobe stvari.

V glavnem ... upam da short ellerji, ki so tole bedarijo objavili, pristanejo v arestu ali pa vsaj izgubijo toliko denarja, da ostanejo klosarji do konca svojih bednih zivljenj, saj so poskusali z manipulacijo ta denar iztisniti iz drugih vlagateljev.

FireSnake ::

Eni jih lepo analizirajo.

Hkrati pa ti pajaci priznavajo, da shortajo AMD delnice:



Če imaš dostop do računalnika in če imaš admin pravice in če falshas BIOS in če namestiš malware .... potem tele zadeve pridejo do izraza.

Vse skupaj je neslana šala.
Poglej in se nasmej: www.vicmaher.si

Zgodovina sprememb…

  • spremenilo: FireSnake ()

Ahim ::

FireSnake je izjavil:

Vse skupaj je neslana šala.

Za tiste, ki bodo izgubili denar zaradi tega, ne bo ravno šala ...

FireSnake ::

Verjamem.
To se bodo pa morali na sodišču zmenit :D
Poglej in se nasmej: www.vicmaher.si

FireSnake ::


AMD Confirms CTS-Labs Exploits: All To Be Patched In Weeks
.

Pomemben del, pa o tem smo že govorili:

It's important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings. Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research.


Celotna tabela. Vse se bo uredilo z novimi BIOSi

Če bi se držali okna 90 dni mi tele "novice" sploh ne bi brali.

Pod črto: ti kekci so tele "ranljivosti" prenapihnili.
Poglej in se nasmej: www.vicmaher.si

Zgodovina sprememb…

  • spremenilo: FireSnake ()

D3m ::

Okoristili drugače povedano.
|HP ProBook|R5 3500U|

FireSnake ::

Ni se jim ratalo okoristiti, ker so shortali delnice.
delnica pa ni padal toliko, kot so oni predvidevali :D

AMD bo pa zdaj podal zahtevo po reviziji manipulacije delnice :D

Čeprav: meni bi pasalo, da še malo pade, ker sem jih ob ceni 12,55 prodal.
Pa bi se rad spet založil (ob lokalnem minimumu).
Poglej in se nasmej: www.vicmaher.si

D3m ::

Trenutno so 11,11.
|HP ProBook|R5 3500U|

FireSnake ::

Ja, saj se bom začel počasi zalagat z njimi.
Nazadnje sem imel povprečni nakup 11.1.
Poglej in se nasmej: www.vicmaher.si

FlyingBee ::

https://hothardware.com/news/amd-warns-...

AMD Warns Of Potential Spectre-Style Zen 3 Processor Security Vulnerability
P200 MMX, 32mb ram, 2gb HDD, s3 virge 2mb, 14" CRT 640x480
New Sphincter Kvartet:
Roko Spestner, Namaž Zlevčar, Daje Heading, Maraje Spetan

Zgodovina sprememb…

šanji ::

eh, amdju se zgodi, intel namerno to dela

mtosev ::

AMD tudi dela napake oz ima njihov hw isto kakšne buge kot intel.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

Zgodovina sprememb…

  • spremenil: mtosev ()

FireSnake ::

šanji je izjavil:

eh, amdju se zgodi, intel namerno to dela


Vsakemu se lahko zgodi.
Razlika je v tem, da eni povedno, drugi pa poskušajo malo drugače.
Torej, kaj si želel povedati?

Zanimivo bo videti kakšna bo rešitev.

mtosev je izjavil:

AMD tudi dela napake oz ima njihov hw isto kakšne buge kot intel.

Res je:
- 16 za AMD
- 247 za Intel
malo razlike pa je.
Poglej in se nasmej: www.vicmaher.si

Zgodovina sprememb…

mtosev ::

Za intel lahko povem, da za 6500U cpu še vedno dobivam bios update. Proc bo letos star 6let.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

mtosev ::

Sem včeraj mislil pa pozabil napisati, da ima intel dosti širši spekter izdelkov kot amd in to seveda pomeni, da se najde več lukenj kot pri proizvajalcu, ki ima manj izdelkov. intel dela še wifi/lan kartice, tudi ssdje in matične plošče so izdelovali in še dosti drugega.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

D3m ::

A AMD pa ne? :)
|HP ProBook|R5 3500U|

hojnikb ::

mtosev je izjavil:

Sem včeraj mislil pa pozabil napisati, da ima intel dosti širši spekter izdelkov kot amd in to seveda pomeni, da se najde več lukenj kot pri proizvajalcu, ki ima manj izdelkov. intel dela še wifi/lan kartice, tudi ssdje in matične plošče so izdelovali in še dosti drugega.

to nima nobene veze z ničemer. Procesorskih jedr, na katere se nanašajo te ranljivosti, ni ravno velik. Ti lahko maš 50 različnih artiklov "izrezanih" iz iste rezine silicija.

En mobilni i5 se lahko kamot skriva tudi na desktopu pod drugim imenom in tdpjem.
#https://bit.ly/3dFRi5L Treasure Cloud +10GB za oba
MediaBox: AMD R5 1600 AF, 16GB DDR4, 256GB SSD, B450M-DS3H, W10
PiNAS: RPI4 4GB, 20TB HDD

Zgodovina sprememb…

  • spremenil: hojnikb ()

mtosev ::

Pravim, da snakov post s cve exploiti vsebuje vse izdelke in ni omejen samo na cpuje in podobno. Seveda, da je več exploitov najdenih, ker imajo več izdelkov in tudi več vendorjev/poizvajalcev vgrajuje njihove izdelke.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

hojnikb ::

tudi če se omejimo samo na cpuje, ima intel precej več exploitov, čeprav nimajo 10x več arhitektur kot amd
#https://bit.ly/3dFRi5L Treasure Cloud +10GB za oba
MediaBox: AMD R5 1600 AF, 16GB DDR4, 256GB SSD, B450M-DS3H, W10
PiNAS: RPI4 4GB, 20TB HDD

mtosev ::

Ko primerjaš cpu vs je vsaj poštena primerjava. Pred ryzenom pa skoraj nikjer nisi vido amdjeve cpuje. Kolk laptopov nad 500e si pred parimi leti vido z amdjevim cpujem.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

FlyingBee ::

Tole na linku ja samo za zen3, torej 5000 serija.
P200 MMX, 32mb ram, 2gb HDD, s3 virge 2mb, 14" CRT 640x480
New Sphincter Kvartet:
Roko Spestner, Namaž Zlevčar, Daje Heading, Maraje Spetan

Zgodovina sprememb…

  • predlagalo izbris: FireSnake ()

hojnikb ::

mtosev je izjavil:

Ko primerjaš cpu vs je vsaj poštena primerjava. Pred ryzenom pa skoraj nikjer nisi vido amdjeve cpuje. Kolk laptopov nad 500e si pred parimi leti vido z amdjevim cpujem.

Sj obstaja še kaj druga kot laptopi. AMD je res mel slabo ponudbo laptopov pred ryzenom (oz proizvoajalci, ki so bli podkupljeni s strani intela, da ne prodajajo amd).

Tukaj se pač vidijo bližnjice, ki jih intel ubira, da pridobi na performancu in krajšemu razvojnemu ciklu.
In še enkrat, nima veze, ali intel prodaja 100 različnih skujev ali enga, če je arhitekturni zajeb (kar običajno je) potem bo affected vse.
#https://bit.ly/3dFRi5L Treasure Cloud +10GB za oba
MediaBox: AMD R5 1600 AF, 16GB DDR4, 256GB SSD, B450M-DS3H, W10
PiNAS: RPI4 4GB, 20TB HDD

Zgodovina sprememb…

  • spremenil: hojnikb ()

mtosev ::

Saj tudi amdjevi desktop cpuji niso bili skoraj nikjer pred ryzenom. Praviš, da so bili podkupljeni s strani intela, da not ni bilo amdjev. Maybe pa bili pre-ryzen tak slabi, da jih niso hoteli. Tak kak so trenutno amdjevi cpuji popularni v notesnikih, ker so dobri.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

Dr_M ::

Razlika je v tem, da eni povedno, drugi pa poskušajo malo drugače.


Ja sej drugega ni preostalo, kot da priznajo. Bug z USB in PCIe so kar dolgo skrivali.
The reason why most of society hates conservatives and
loves liberals is because conservatives hurt you with
the truth and liberals comfort you with lies.

FireSnake ::

mtosev je izjavil:

Kolk laptopov nad 500e si pred parimi leti vido z amdjevim cpujem.


Kako se to poveže z našo rdečo nitjo?
Poglej in se nasmej: www.vicmaher.si

Dr_M ::

1. komentar pojasni marsikaj.

https://www.techpowerup.com/forums/thre...
The reason why most of society hates conservatives and
loves liberals is because conservatives hurt you with
the truth and liberals comfort you with lies.

FireSnake ::

Tudi tole pojasni marsikaj.

Plačuje, ja.
Poglej in se nasmej: www.vicmaher.si

floyd1 ::

mtosev je izjavil:

Saj tudi amdjevi desktop cpuji niso bili skoraj nikjer pred ryzenom. Praviš, da so bili podkupljeni s strani intela, da not ni bilo amdjev. Maybe pa bili pre-ryzen tak slabi, da jih niso hoteli. Tak kak so trenutno amdjevi cpuji popularni v notesnikih, ker so dobri.

Zgodovina uči, da nimaš prav.

In take zgodbe so pisali tudi drugi "taveliki", npr. asus itd. Intel je bil bad guy in verjetno še vedno je.

mtosev ::

Za to novico okoli raziskovalcev in poskusu bribe poznam. Zdaj vidim tole novico okoli della in intela. Ja to je iz leta 2010. Za podkupovanje zadnjih let pa bi rad vido kakšno novico. Seveda, da je mozno samo rabiš vsak tak primer potrditi.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

Zgodovina sprememb…

  • spremenil: mtosev ()

floyd1 ::

Takšnih novic več ne bo. So se vsi iz tega nekaj naučili. V smislu skrivanja dokaznega materiala 8-).

Izpostavil sem pa to zgodbo zato, ker je takrat AMD imel v vseh pogledih boljši produkt (athlon 64), a jih je Intel kako leto zelo uspešno onemogočal pri vseh svojih partnerjih.

Kako naj vemo, da se podobno ne dogaja danes? Nenazadnje se jim je takrat (kljub kazni) še vedno izplačalo. Zakaj bi spreminjali taktiko?

mtosev ::

Saj Microsoft je pred nekaj leti placal kr nekaj kazni v euju, pa zadnja leta vec nima takšnih tezav. Seveda, da lahko podjetja spremenijo svoje prakse/navade, ce jim je to v njihovem interesu in ce ugotovijo, da negativen PR in razne afere niso glih najboljša stvar za njih. Na zacetku sem izpostavil ms, sedaj ima Google probleme z anti trust preiskavami, fb z drugimi zadevami, Microsoftov ime pa se trenutno ne pojavlja v novicah o kakšnem anti trustu ali podobnih zadevah katere trenutno ocitajo drugim tech giantom kot so Google, fb, Amazon in mogoce še kdo.
Core i9 10900X, ASUS Prime X299 Edition 30, 32GB 3600mhz Gskill
ASUS ROG Strix RTX 2080 Super, Samsung 970 PRO, UP3017, Win 11
moj oče darko 1960-2016, moj labradorec max 2002-2013

Zgodovina sprememb…

  • spremenil: mtosev ()


Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Ranljivost v Intel procesorjih (strani: 1 2 3 4 5 6 7 8 )

Oddelek: Strojna oprema
35331296 (1625) Mr.B
»

Odkritih 13 kritičnih ranljivosti AMD Ryzen in EPYC procesorjev (strani: 1 2 3 )

Oddelek: Novice / Procesorji
10821867 (15196) rdecaluc
»

Zaradi hude ranljivosti bodo Intelovi procesorji do 50 odstotkov počasnejši (strani: 1 2 3 410 11 12 13 )

Oddelek: Novice / Procesorji
62085630 (55622) krneki0001
»

Vsak Intelov procesor ima še svoj operacijski sistem (strani: 1 2 )

Oddelek: Novice / Varnost
7518190 (10374) Ales

Več podobnih tem