AMD's Future Chips & SoC's: News, Info & Rumours.

[juanrga]

CTS-LABS RESPONSE TO AMD’S INITIAL ASSESSMENT OF VULNERABILITIES

Resume:

* We believe AMD is attempting to downplay the significance of the vulnerabilities
* Our view is AMD’s suggested timeline for its patches roll out is drastically optimistic –we believe a number of the fixes are likely to take months, not weeks
* We believe the AMD flaws have potential to turn a local problem into a network-wide problem
* Notably, AMD did not provide a time estimate for patching CHIMERA

https://safefirmware.com/CTS+comments+on+AMD+response+to+vulnerabilities.pdf

Juanrga, when do scientist use terms like we believe without showing proof of work? It's like going to a used car lot, and having the sales man tell you we believe this is the best deal we could get you! <smile; wink; handshake> Sorry, real or not the threats are over hyped joke requiring administrative access to implement.

AMD has been using "believe" a lot of, like when Mark Papermaster said "we believe that AMD's processor architectures make it difficult...", "We believe AMD processors are not susceptible due to...", "we believe there is a near zero risk to AMD processors..." when talking about Spectre and Meltdown. Can AMD believe but CTS-labs cannot?

Since first minute we know that administrative access is a requirement for the exploits. AMD hardware/software has several security layers to prevent access to sensitive data from even an administrator or root, and the discovered flaws allow attackers to bypass those security layers, as if they didn't exist. AMD’s own Security Architect David Kaplan explained in his 2016 lecture at the Linux Security Summit, a feature of the Secure Processor called Secure Encrypted Virtualization was specifically designed to prevent rogue cloud administrators, obviously in possession of administrative privileges, from being able to access customer data.

One of the flaws discovered allows attackers to "Bypass Secure Encrypted Virtualization (SEV)". The PSP is broken and AMD needs to fix it.

 

[juanrga]

AMD renaming the top model of their Zen+ line with 2700x can also be a marketing move. In fact if you call your top model of your latest line 2700x people may think it as a successor to previous gen 1700x. and compare the clock speed of both CPU's. However you need to compare the top line CPU's of both generation. Right now 1800x vs 2700x. So we have a CPU of 3,6 GHz base clock vs a CPU with base clock of 3,7 Ghz. So literally the increase in clock speed is around 2,8%.

In fact I was expecting a clock speed increase around 8%-10% which means 3.9~4.0Ghz base clock. And boost speed increased to 4.5 Ghz. Right now there is nothing about Ryzen 2800x and this naming may be a marketing move. And I do not like this kind of politicial decisions. If your process is not as good as you initially think you should say it directly.

Howevever if the performance difference between a 1800x and 2700x is around %8 to %10 this means this CPU is still a good one.

Whereas AMD is comparing the 2700x to the 1800X, sites as Forges are just doing what you claim: "AMD Ryzen 7 2700X Benchmark Review Leaked: Much Faster Than 1700X".

Besides comparing the wrong chips, he forgets to mention one is a 95W chip and the other is 105W. Of course their enthusiasm is broken when one compares for instance the 2600X to the 1600X.

1600X: 3.6/4.0GHz
2600X: 3.6/4.25GHz

 

[goldstone77]

Juanrga, when do scientist use terms like we believe without showing proof of work? It's like going to a used car lot, and having the sales man tell you we believe this is the best deal we could get you! <smile; wink; handshake> Sorry, real or not the threats are over hyped joke requiring administrative access to implement.

AMD has been using "believe" a lot of, like when Mark Papermaster said "we believe that AMD's processor architectures make it difficult...", "We believe AMD processors are not susceptible due to...", "we believe there is a near zero risk to AMD processors..." when talking about Spectre and Meltdown. Can AMD believe but CTS-labs cannot?

Since first minute we know that administrative access is a requirement for the exploits. Both CTS-labs and external security experts like Alex Ionescu have mentioned why this doesn't dismiss the seriousness of the flaws:

Admin-level access and persistance are legitimate threats in multi-tenant IaaS and even things such as VTL0/1 (Credential Guard) when firmware and chipset trust boundaries are broken.

What could you do on any computer with Admin/Root access Juanrga? Anything you want? Now, let's think about the persistence aspect of this exploit in comparison to Spectre. Spectre allows 99% of all computers in the last 20 years to have privileged data read, admin passwords, without any evidence of the hack being left behind. I will give that a 10/10 on security threat scale. Requiring admin access to exploit a computer is about a 1/10. Don't take my word for it. Take the words of the company who CTS labs paid $16,000 to evaluate these vulnerabilities:

TrailofBits, which performed a third-party analysis and verification of the bugs CTS located, writes:

There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers…

These types of vulnerabilities should not surprise any security researchers; similar flaws have been found in other embedded systems that have attempted to implement security features. They are the result of simple programming flaws, unclear security boundaries, and insufficient security testing.

The flaws are real, require updates, and need to be dealt with — but they do not represent a cataclysmic security failure.

These types of vulnerabilities should not surprise any security researchers

Maybe they say this because of the sheer volume of malware created daily:

More than 317 million new pieces of malware -- computer viruses or other malicious software -- were created last year. That means nearly one million new threats were released each day.

Regardless, AMD has already released a statement saying they can fix all of these issues in a few weeks... CTS labs said they thought it would take AMD months...
The interesting part about this whole spectacle over a hand full of hard to implement exploits is that my ASUS Intel motherboard uses an ASMedia controller, CTS labs never mentions Intel by name, but they do admit it works on any machine with an ASMedia chipset!

https://youtu.be/GNPcxXZ2ki8?t=1540

 

[juanrga]

What could you do on any computer with Admin/Root access Juanrga? Anything you want?

I answered that in an edit of my former post.

Regardless, AMD has already released a statement saying they can fix all of these issues in a few weeks... CTS labs said they thought it would take AMD months...

The interesting part about this whole spectacle over a hand full of hard to implement exploits is that my ASUS Intel motherboard uses an ASMedia controller, CTS labs never mentions Intel by name, but they do admit it works on any machine with an ASMedia chipset!

Asus mobos with affected ASmedia chipsets could suffer CHIMERA-like attacks, but Ryzenfall, Masterkey,... are exclusive to AMD and the 'secure' processor built into Zen products. CTS-labs mentioned Intel a couple of times, including how they checked several Intel-based systems and found no CHIMERA flaw. If Asus is including Chimera-affected chips in its own mobos it is a failure of Asus not of Intel. If AMD includes affected chipsets in their own Promontory chipsets and PSPs then is a failure of AMD not of Intel.

Yes CTS-labs said months. AMD says weeks and in a response CTS-labs says months again.

 

[Gon Freecss]

Besides comparing the wrong chips, he forgets to mention one is a 95W chip and the other is 105W. Of course their enthusiasm is broken when one compares for instance the 2600X to the 1600X.

1600X: 3.6/4.0GHz
2600X: 3.6/4.25GHz

Is that the max boost or the XFR?

XFR and XFR 2 are weird. They do not always boost to that speed. Max boost is, well, the max confirmed boost. It's honestly a disappointment they're trying to push every last clock out for that extra 0.05GHz. A 200MHz boost is nothing to brag about. Even Kaby Lake was a higher improvement.

8600K will still wreck the 2600X in every task but the most throughput reliant ones, or tasks that leverage the AMD architecture.

 

[-Fran-]

This is something that every security expert knows already: anyone with hardware access and elevated privileges can steal whatever they want. Even "hardcoding" keys behind a "security by hiding" paradigm, into your secure co-processors does not break that statement. That is the sole reason why CTS-Labs statements are bogus and borderline dumb.

On the other side, even is the data is encrypted (VM images included), we all know it's a matter of time to get them decrypted. Much like with real-life security; whoever wants to steal from you, will do it. It might take more time for them to do it, but they will anyway.

That is why you guys should just drop the CTS-Labs discussion. AMD already said what they'll do, now you just need to sit and wait for the patches and the re-test.

As for the 1700X and 2700X. That is an interesting angle that I didn't thought of and it does sound like it might play on AMDs favor.

Cheers!

 

[juanrga]

Besides comparing the wrong chips, he forgets to mention one is a 95W chip and the other is 105W. Of course their enthusiasm is broken when one compares for instance the 2600X to the 1600X.

1600X: 3.6/4.0GHz
2600X: 3.6/4.25GHz

Is that the max boost or the XFR?

XFR and XFR 2 are weird. They do not always boost to that speed. Max boost is, well, the max confirmed boost. It's honestly a disappointment they're trying to push every last clock out for that extra 0.05GHz. A 200MHz boost is nothing to brag about. Even Kaby Lake was a higher improvement.

8600K will still wreck the 2600X in every task but the most throughput reliant ones, or tasks that leverage the AMD architecture.

Max Boost

 

[8350rocks]

This is something that every security expert knows already: anyone with hardware access and elevated privileges can steal whatever they want. Even "hardcoding" keys behind a "security by hiding" paradigm, into your secure co-processors does not break that statement. That is the sole reason why CTS-Labs statements are bogus and borderline dumb.

On the other side, even is the data is encrypted (VM images included), we all know it's a matter of time to get them decrypted. Much like with real-life security; whoever wants to steal from you, will do it. It might take more time for them to do it, but they will anyway.

That is why you guys should just drop the CTS-Labs discussion. AMD already said what they'll do, now you just need to sit and wait for the patches and the re-test.

As for the 1700X and 2700X. That is an interesting angle that I didn't thought of and it does sound like it might play on AMDs favor.

Cheers!

Consider that the 1800X was originally played very closely to the chest, and only revealed at launch. If AMD continues that trend, expect to see the 2800X numbers at the launch reveal.

 

[CountMike]

Bad experience with Bulldozer, was taunted as next best thing to sliced bread for long time but came out as pretty much of a dud. Now they are waiting for a good production run to release it.

 

[juanrga]

This is something that every security expert knows already: anyone with hardware access and elevated privileges can steal whatever they want. Even "hardcoding" keys behind a "security by hiding" paradigm, into your secure co-processors does not break that statement. That is the sole reason why CTS-Labs statements are bogus and borderline dumb.

On the other side, even is the data is encrypted (VM images included), we all know it's a matter of time to get them decrypted. Much like with real-life security; whoever wants to steal from you, will do it. It might take more time for them to do it, but they will anyway.

That is why you guys should just drop the CTS-Labs discussion. AMD already said what they'll do, now you just need to sit and wait for the patches and the re-test.

As for the 1700X and 2700X. That is an interesting angle that I didn't thought of and it does sound like it might play on AMDs favor.

Cheers!

Consider that the 1800X was originally played very closely to the chest, and only revealed at launch. If AMD continues that trend, expect to see the 2800X numbers at the launch reveal.

Not even close. We knew the 1800X much before, when it was only a qualification sample: : ZD3601BAM88F4_40/36_Y

 

[-Fran-]

This is something that every security expert knows already: anyone with hardware access and elevated privileges can steal whatever they want. Even "hardcoding" keys behind a "security by hiding" paradigm, into your secure co-processors does not break that statement. That is the sole reason why CTS-Labs statements are bogus and borderline dumb.

On the other side, even is the data is encrypted (VM images included), we all know it's a matter of time to get them decrypted. Much like with real-life security; whoever wants to steal from you, will do it. It might take more time for them to do it, but they will anyway.

That is why you guys should just drop the CTS-Labs discussion. AMD already said what they'll do, now you just need to sit and wait for the patches and the re-test.

As for the 1700X and 2700X. That is an interesting angle that I didn't thought of and it does sound like it might play on AMDs favor.

Cheers!

Consider that the 1800X was originally played very closely to the chest, and only revealed at launch. If AMD continues that trend, expect to see the 2800X numbers at the launch reveal.

Not even close. We knew the 1800X much before, when it was only a qualification sample: : ZD3601BAM88F4_40/36_Y

I do recall seeing the 1800X in slides, but how the hell do you link the 1800X (model) to the sample ID? XD

I'm really curious about that one.

 

[goldstone77]

I will say one thing that is objective on the topic of the 2800X. There hasn't been any information released about a 2800X. Now, my opinion considering the frequency of the 2700X is 4.35GHz built on 12nm(7.5T libraries) we will not see much change in frequency. The 7.5T transistors are shorter than the previous 10T. We can expect a lower power draw, and maybe a slight tweak(~100MHz) in frequency from better IP + IPC from core advances. I would love to see a magical 2800X@4.5GHz being kept secret, but we will have to wait and see, because it's all just conjecture right now.

 

[jdwii]

We all wanted at least 4.4ghz anything less then that is simply sad. Well we will see if Amd really thinks they can compete with the 8700K with a 2800X at the same price when one can OC to 4.7Ghz and has higher IPC while the other can what OC to 4.2ghz?

Starting to agree that 12nm is nothing more then 14nm+

 

[Gon Freecss]

We all wanted at least 4.4ghz anything less then that is simply sad. Well we will see if Amd really thinks they can compete with the 8700K with a 2800X at the same price when one can OC to 4.7Ghz and has higher IPC while the other can what OC to 4.2ghz?

Starting to agree that 12nm is nothing more then 14nm+

4.4GHz should be doable only on the best bins.

Also, the 8700K is capable of 5.4GHz on the golden bins. That's a huge difference.

 

[juanrga]

This is something that every security expert knows already: anyone with hardware access and elevated privileges can steal whatever they want. Even "hardcoding" keys behind a "security by hiding" paradigm, into your secure co-processors does not break that statement. That is the sole reason why CTS-Labs statements are bogus and borderline dumb.

On the other side, even is the data is encrypted (VM images included), we all know it's a matter of time to get them decrypted. Much like with real-life security; whoever wants to steal from you, will do it. It might take more time for them to do it, but they will anyway.

That is why you guys should just drop the CTS-Labs discussion. AMD already said what they'll do, now you just need to sit and wait for the patches and the re-test.

As for the 1700X and 2700X. That is an interesting angle that I didn't thought of and it does sound like it might play on AMDs favor.

Cheers!

Consider that the 1800X was originally played very closely to the chest, and only revealed at launch. If AMD continues that trend, expect to see the 2800X numbers at the launch reveal.

Not even close. We knew the 1800X much before, when it was only a qualification sample: : ZD3601BAM88F4_40/36_Y

I do recall seeing the 1800X in slides, but how the hell do you link the 1800X (model) to the sample ID? XD

I'm really curious about that one.

Z = Qualification Sample
D = Desktop
360 = Base frequency
1 = Model revision number
BA = 95W TDP
M = AM4 socket
8 = 8 cores
8 = 4MB+16MB cache
F4 = Grade B silicon
40 = boost freq.
36 = base freq.
Y = No graphics

 

[juanrga]

The 7.5T transistors are shorter than the previous 10T. We can expect a lower power draw, and maybe a slight tweak(~100MHz) in frequency.

Or maybe it consumes more power to get 100MHz extra frequency...

 

[goldstone77]

The 7.5T transistors are shorter than the previous 10T. We can expect a lower power draw, and maybe a slight tweak(~100MHz) in frequency.

Or maybe it consumes more power to get 100MHz extra frequency...

Smaller transistors might allow for more power consumption and higher frequency core wide. The TDP is 105W for the 2700X. Zen core does have thermal design barriers, and using smaller transistors might let them push higher frequencies. But I think it would allow for better low power frequencies as well.

 

[juanrga]

The TDP is 105W for the 2700X

The real TDP is higher than that.

 

[-Fran-]

Z = Qualification Sample
D = Desktop
360 = Base frequency
1 = Model revision number
BA = 95W TDP
M = AM4 socket
8 = 8 cores
8 = 4MB+16MB cache
F4 = Grade B silicon
40 = boost freq.
36 = base freq.
Y = No graphics

Er... I know what the individual characters mean, but my question was not "how do you read the id?". I asked, implicitly, how you made the link between the model number given in marketing slides and the sample id you posted. It's fine to say "highest known sample id at the time and known model", but that would still be conjecture and not fact (at the time).

The real TDP is higher than that.

TDP is not power consumption. Are we going to have pages and pages of that non-discussion again? ~_____~

 

[jdwii]

Z = Qualification Sample
D = Desktop
360 = Base frequency
1 = Model revision number
BA = 95W TDP
M = AM4 socket
8 = 8 cores
8 = 4MB+16MB cache
F4 = Grade B silicon
40 = boost freq.
36 = base freq.
Y = No graphics

Er... I know what the individual characters mean, but my question was not "how do you read the id?". I asked, implicitly, how you made the link between the model number given in marketing slides and the sample id you posted. It's fine to say "highest known sample id at the time and known model", but that would still be conjecture and not fact (at the time).

The real TDP is higher than that.

TDP is not power consumption. Are we going to have pages and pages of that non-discussion again? ~_____~

Even if TDP is not power consumption and its not it's still sad to see the part use more power for what 150mhz?

I have to wonder is it Zen itself that can't reach higher frequency's? Or is this global foundries fault which is what i would aim towards.

If Amd could use Intel fabs i bet they would be way better off or even TSMC.

 

[goldstone77]

Samsungs 14LPP was designed for cell phone processors that operate around 3GHz. If they used the same IP that Intel uses sure they would be able to hit the same frequencies as Intel chips. Samsungs 14nm transistors look more like 22nm transistors compared to Intel's 14nm. So, the IP for each foundry and process does make a difference. Global Foundries lisenced 14nm LPP vs. their own 7nm. You can easily see the 7nm transistor design will be a massive improvement over current 14nm LPP.

Intel 14nm vs Global Foundries 7nm.

 

[juanrga]

Z = Qualification Sample
D = Desktop
360 = Base frequency
1 = Model revision number
BA = 95W TDP
M = AM4 socket
8 = 8 cores
8 = 4MB+16MB cache
F4 = Grade B silicon
40 = boost freq.
36 = base freq.
Y = No graphics

Er... I know what the individual characters mean, but my question was not "how do you read the id?". I asked, implicitly, how you made the link between the model number given in marketing slides and the sample id you posted. It's fine to say "highest known sample id at the time and known model", but that would still be conjecture and not fact (at the time).

Before launch we knew the existence of a 8C 95W 3.6/4.0GHz 4MB+16MB chip for the AM4 socket. The chip: ZD3601BAM88F4_40/36_Y, which was in the hands of motherboard companies for testing purposes. We didn't know if the commercial name would be 1800X, 1750X, 1831X or whatever, but we knew it was the higher clocked chip for the socket. It was only latter knew that the commercial model was 1800X.

Same happened now. We have knew for a while the higher-clocked 2000-series chip for the AM4 socket is a 8C 105W 3.7/4.35GHz 4MB+16MB chip. And latter leaks claim the commercial name is 2700X. There is no known higher-clocked chip for the socket.

So my point is that then we knew the top 1000-series chip for AM4 was a 8C 3.6/4.0GHz, and now we know the top 2000-series chip is a 8C 3.7/4.35GHz.

In fact AMD last roadmaps show the 2700X as the replacement for the 1800X in 2H18, which seems to confirm there is no 2800X model.

The real TDP is higher than that.

TDP is not power consumption. Are we going to have pages and pages of that non-discussion again? ~_____~

TDP is the "sustained power consumption" as stated by Hennessy and Patterson in their well-known book

The '95W' 1800X is a 128W chip and the new '105W' 2700X seems to be a 140W chip.

Overclockingmadeinfrance got a copy of the CPC magazine and confirms that efficiency is not improving in the '12nm' process:

Spoiler

La gravure « 12 nm » (notez les guillemets) ne fait donc pas de miracles non plus : le ratio perf/conso n’évolue pas, pire il diminue presque. Il était déjà plutôt bon

The '12 nm' lithography (note the quotation marks) does not make miracles either: the ratio perf / consumption does not evolve, worse it almost decreases.

 

[-Fran-]

Overclockingmadeinfrance got a copy of the CPC magazine and confirms that efficiency is not improving in the '12nm' process:

Spoiler

La gravure « 12 nm » (notez les guillemets) ne fait donc pas de miracles non plus : le ratio perf/conso n’évolue pas, pire il diminue presque. Il était déjà plutôt bon

The '12 nm' lithography (note the quotation marks) does not make miracles either: the ratio perf / consumption does not evolve, worse it almost decreases.

That would be sad, but not surprising.

Let's see when more sites/magazines get to review Zen v1.5. I think there's a bit more to that than a single statement. I would imagine, from the top of my head, that they increased the top power consumption to bump all-core speeds to show improvements. I haven't seen any power figures from the samples out there either, so I'm in the dark in terms of power characteristics of them. Since the multi-core parts are not the same beasts as the previous CPUs, there's way more to the story of power consumption when the power management capabilities are so complex nowadays.

 

[jdwii]

SO no one posted this yet?

http://www.guru3d.com/news-story/cpc-hardware-amd-ryzen-7-2700x-print-review-is-online-incl-benchmarks.html

Edit so this is just the beginning now i wonder if 3600mhz memory works with this batch also i'm still wondering on overclocking

 

[-Fran-]

SO no one posted this yet?

http://www.guru3d.com/news-story/cpc-hardware-amd-ryzen-7-2700x-print-review-is-online-incl-benchmarks.html

Edit so this is just the beginning now i wonder if 3600mhz memory works with this batch also i'm still wondering on overclocking

Oh, looks like I was spot on the speed management shenanigans explaining the power consumption.

So, even with the memory latency improvements, most of the higher numbers will be due to raw speed bumps across the board (cores load). That would effectively give a slight penalty to efficiency, but giving out better performance. Higher speeds across the board are also nice, but that begs the question around OC. Looks like 12nm is flat out 14nm, just a tad denser, but otherwise equals. Although they did get better turbo speeds with more cores loaded... Uhm...

Cheers!