News AMD's 'Sinclose' vulnerability affects hundreds of millions of processors, enables data theft — AMD begins patching issue in critical chip lines, m...

Status
Not open for further replies.
They suggest that advanced state-sponsored hackers likely already have the tools to exploit these kinds of vulnerabilities.
How about the states themselves? Some states do not even need to sponsor any hackers as they already have implemented backdoors inside ALL AMD and Intel CPUs since 2006. Intel Management Engine and AMD Secure Technology are both backdoors in complete NSA control (see here). And BTW, these operate completely independent of the OS and all they require is an internet connection. (See for example NotebookCheck, me_cleaner, even US controlled wikipedia)

As Intel has confirmed[84] the ME contains a switch to enable government authorities such as the NSA to make the ME go into High-Assurance Platform (HAP) mode after boot. This mode disables most of ME's functions,[76][85] and was intended to be available only in machines produced for specific purchasers like the US government

So spare me this BS fearmongering. Suddenly ppl are worried about data theft.
 
Yes, hackers can do bad things after they already have complete control of your computer.
Persistent rootkits (as this enables) are far more insidious. Format the drive, reinstall the OS, even swap to a brand new drive? the malware install persists. Pop the CPU out of an infected system and install it in a new system? The new system is infected.
A single threat actor adding a rootkit to CPUs before reselling on eBay (or any other supply chain vulnerable to 3rd party insertion, such as Amazon fulfilment) could gain root access to as many boxes as they can ship CPUs, with no trivial way for end users to identify the infection, let alone remove it.

Management-engine persistent malware is particularly nasty to deal with.

Plus, AMD have decided to straight up NO FIX PLANNED the Ryzen 3000 series, so if you own one then no fix for you.
 
“Plus, AMD have decided to straight up NO FIX PLANNED the Ryzen 3000 series, so if you own one then no fix for you.”

Not a justification, the 3000 series chips are 5 years old, 2 full generations. Chips to replace them from the 5000 series are inexpensive.
My guess is that AMD reckon that there aren’t enough 3000 series chips in use now and it’s a potential way to sell some more 5000 parts.
 
Last edited:
AMD likens the Sinkhole technique to gaining access to a bank's safe deposit boxes after already getting past its alarms, guards, and vault door.
No, it's worse than that. It's like getting past all those things and allowing the installation of a secret door to the vault so that even if the bank kicks the thief out of the building, gets more guards, and upgrades the alarms, the thief can let themselves right back in directly to the vault, past the guards, without triggering any of the alarms.
 
Persistent rootkits (as this enables) are far more insidious. Format the drive, reinstall the OS, even swap to a brand new drive? the malware install persists. Pop the CPU out of an infected system and install it in a new system? The new system is infected.
A single threat actor adding a rootkit to CPUs before reselling on eBay (or any other supply chain vulnerable to 3rd party insertion, such as Amazon fulfilment) could gain root access to as many boxes as they can ship CPUs, with no trivial way for end users to identify the infection, let alone remove it.

Management-engine persistent malware is particularly nasty to deal with.

Plus, AMD have decided to straight up NO FIX PLANNED the Ryzen 3000 series, so if you own one then no fix for you.
I was thinking the same thing about inexpensive no name pcs from places like AliExpress. And maybe Lenovo.
 
Persistent rootkits (as this enables) are far more insidious. Format the drive, reinstall the OS, even swap to a brand new drive? the malware install persists. Pop the CPU out of an infected system and install it in a new system? The new system is infected.
A single threat actor adding a rootkit to CPUs before reselling on eBay (or any other supply chain vulnerable to 3rd party insertion, such as Amazon fulfilment) could gain root access to as many boxes as they can ship CPUs, with no trivial way for end users to identify the infection, let alone remove it.

Management-engine persistent malware is particularly nasty to deal with.

Plus, AMD have decided to straight up NO FIX PLANNED the Ryzen 3000 series, so if you own one then no fix for you.

<<Pop the CPU out of an infected system and install it in a new system? The new system is infected.>>

Root kits are installed in the BIOS chip, other devices with RW firmware, disk MBR etc, but not the CPU itself.
 
Last edited:
"To exploit this flaw, attackers must first gain access to a system's kernel, which isn't easy, but it is possible. However, the system must already have been compromised by some other attack. "

So in other words, a nothing burger.

Did you just stop reading there?

Nissim and Okupski point out that although exploiting Sinkclose requires kernel-level access, vulnerabilities at this level are frequently discovered in Windows and Linux systems. They suggest that advanced state-sponsored hackers likely already have the tools to exploit these kinds of vulnerabilities. According to researchers, kernel exploits are readily available, making Sinkclose the next step for attackers.
 
  • Like
Reactions: RolandOlifant
<<Pop the CPU out of an infected system and install it in a new system? The new system is infected.>>

Root kits are installed in the BIOS chip, other devices with RW firmware, disk MBR etc, but not the CPU itself.
Yep. Nothing can be stored in a CPU, the only long-term storage on them is read only. It will always be in the same state as it was when it was manufactured.

Even microcode updates (CPU patches) are stored in the BIOS or hard drive and are applied during every boot by the BIOS or OS respectively.
 
<<Pop the CPU out of an infected system and install it in a new system? The new system is infected.>>

Root kits are installed in the BIOS chip, other devices with RW firmware, disk MBR etc, but not the CPU itself.
Thank you. I've been wondering what they're talking about.
But I thought there might be some other chip, that perhaps used to be on the motherboard but might have gotten packaged in with the CPU while I wasn't paying attention, wasn't there some Chinese chip accused of some such hackery?
 
Status
Not open for further replies.