News New AMD Side Channel Attacks Discovered, Impacts Zen Architecture

[Mo3ulla]

.... and another Intel vulnerability announced: https://www.engadget.com/2020/03/06/intel-chips-unpatchable-security-flaw/

for the last 12 years of market .. ME had even worse bugs than that one . that bug is not even in top5 for intel ME for time on market..

particularry that bug was fixed in september ME updates for ME11 and ME12 . probably you are running already fixed version

 

[Mo3ulla]

Just to make it clear, this vulnerability was demonstrated to expose META-DATA and allow for 'covert' communication between two processes (that would need to work together). The real world utilization or impact of these discoveries is trivial, and is not even remotely on par with the Intel vulnerabilities that were discovered in Meltdown and Zombieload. In the discovered Intel vulnerabilities, the Intel processor flaws were leaking actual system memory/data.

Don't take my word for it though, here is a twitter response from one of the research paper's authors:

https://twitter.com/i/web/status/1236178639483527168

View: https://mobile.twitter.com/gnyueh/status/1236178639483527168


li baao - "Thanks a lot for your work! I find it hard to read a paper which is irrelevant to my profession. Is this vulnerability as severe as Meltdown or Zombieload? "

Daniel Gruss- "Certainly not. The attacks leak a few bit of meta-data. Meltdown and Zombieload leak tons of actual data. "



All the best...

zombieload and mds type attacks as well leaked only metadata .. but still lead to fixes with performance impact . particular problem may as well lead to opening pandoras box .. since all intel designs .. was already tested versus that type of attacks . current case opend interesting fun .... why not pop amd cpus while have money from intel ? xD

 

[hotaru251]

nobody thoguth amd was safe.

issue with intel is...they are left and right and a new 1 every month.

and the fixes to them on intel were more impactful on ur performance.


ANYONE should know everythign will have flaws.
humans are not perfect. nothing we make WILL be perfect.

AMD is less efefcted by many of the flaws a(or not even due to how different they are) but doesnt mean there wont be amd specific flaws.

and as of the known stuff today amd is still safer bet.

and this is coming from me who has never owned an amd cpu (and last gpu of theres i owned was a x1300 back in later end of the 2007 (i think was when it was))


AMD and Intel cpu's are fundamentally designed differently.

we have no idea how or what impact fixes will cause.

 

[Mo3ulla]

AMD is less efefcted by many of the flaws a(or not even due to how different they are) but doesnt mean there wont be amd specific flaws.

and as of the known stuff today amd is still safer bet.

spectre releasers said clearly - they tested their exploit only on intel coz they had zero amd cpu on hands . if cpu have less market share . it does not make it more safer

 

[Joe15555]

The latest AMD response, https://www.amd.com/en/corporate/product-security


Take A Way

3/7/20


We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.


AMD continues to recommend the following best practices to help mitigate against side-channel issues:

• Keeping your operating system up-to-date by operating at the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities
• Following secure coding methodologies
• Implementing the latest patched versions of critical libraries, including those susceptible to side channel attacks
• Utilizing safe computer practices and running antivirus software

 

[Mo3ulla]

lol .. amd support in all its glory .they had 8 months of preparation. and they did absolutely nothing .. for current time they does not have a fixes ready .. they may be realeased some time later .........

 

[alextheblue]

"this discovery was paid by Intel"

I agree with you, it was paid for by Intel. That doesn't mean it doesn't exist, the flaw is ultimately in AMD's design - but it WAS Intel-funded. Thank you for pointing that out, Vale! I wouldn't have noticed if it wasn't for you.

 

[PaulAlcorn]

We spend tons of time covering Intel security vulnerabilities as well, we've got a library of articles. Here's an overview, though:

https://www.tomshardware.com/features/intel-amd-most-secure-processors

Just skip to the table at the bottom of the article if you need an overview of what it says.

 

[Mo3ulla]

Here we go, Paul Alcorn giving is two cents... just to let you know, that story was on the sub-news for the last 24 hours... now it is in the first headline...

Just buy it!

However, Paul, you didn't talk about this huh...?!

https://www.techspot.com/news/84282...lity-allows-hackers-break-encryption-drm.html

that unfixable bug - was fixed in september .. not the first .. not the last and definitely - not the worst bug in ME . nobody cared about that since EACH ME REALEASE have fixes for loads of such bugs without any extra notice

 

[PaulAlcorn]

The latest AMD response, https://www.amd.com/en/corporate/product-security


Take A Way

3/7/20


We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.


AMD continues to recommend the following best practices to help mitigate against side-channel issues:

• Keeping your operating system up-to-date by operating at the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities
• Following secure coding methodologies
• Implementing the latest patched versions of critical libraries, including those susceptible to side channel attacks
• Utilizing safe computer practices and running antivirus software

Noticed this went up. I'm asking AMD a few clarifying questions here, as it doesn't say that there is a fix for these vulnerabilities anywhere in there. Also, the word "believes" is a lot different than just saying "they aren't." In either case, the question is this: Are there publicly available firmware patches for the two Take A Way variants, specifically. This doesn't state that.

 

[redgarl]

that unfixable bug - was fixed in september .. not the first .. not the last and definitely - not the worst bug in ME

Fixed in November, news released on the 5th of march...

 

[Mo3ulla]

Fixed in November, news released on the 5th of march...

CVE about that problem created in august 2019.... for apple systems .. closed in september with response from intel for ME12 ( i have q370 board with already patched ME12 with december 2019 rom ) .. and in november for ME11

 

[Mo3ulla]

"Security researchers have discovered that a new vulnerability present in Intel chips that have been released over the last five years is unfixable outside of replacing the hardware that's currently being used in millions of commercial and enterprise systems. "

unfixable is opininon of dudes who found that problem . not indystry wide agreement or so.and NOT the manufacturer statement . every time when Positive Technologies find something .they open histerya and bunch of hype.. facts is .in terms of security itsef

1. ME DOES NOT HAVE ANY CHIP to replace . its generic x86 quark core . and image of MINIX OS . you can rewhite ANY part of that image without affect on system .
2. you need certain modifications in ME itself . main os ( hardware ) admin rights

and then MAYBE you will see keys storage ..and thats pretty much ALL . all OSes keep certificate storage in open files . how many of then was owned ?

 

[valeman2012]

Still valid...

https://hardforum.com/data/attachment-files/2019/09/238926_fail.png

As expected those AMD individuals change subject Intel small security issues when this about 2 major AMD security issues,,
So what...those 2 were too simple to exploited ..it only takes few steps...just get access major part of your system...this upsetting...AMD does not provide best security for the users as they said they would during Intel security issues discoveries...Only care about getting people excited especially people who bought to "try" it out.

 

[spongiemaster]

Still valid...

https://hardforum.com/data/attachment-files/2019/09/238926_fail.png

Maybe valid, but not relevant. That's not how security works. If you leave your front door unlocked, does it matter how many windows you leave open? All it takes is one entry point. Either you're vulnerable, or you're not, and as should be a surprise to no one, everyone has vulnerabilities.

 

[sykozis]

As expected those AMD individuals change subject Intel small security issues when this about 2 major AMD security issues,,
So what...those 2 were too simple to exploited ..it only takes few steps...just get access major part of your system...this upsetting...AMD does not provide best security for the users as they said they would during Intel security issues discoveries...Only care about getting people excited especially people who bought to "try" it out.

Where exactly are these "major" security issues? Even one of the researchers involved doesn't seem to think this is "major"..... In fact, he even goes so far as to say that it's not "major" and "leaks a few bits of meta-data" compared to Meltdown leaking actual, usable data. Meta-data, for the most part, is useless to attackers. The actual data, as made available by Meltdown, is vastly more important and useful.

Each of these 2 flaws, requires multiple exploits......so, not "simple to exploit".... Unlike Meltdown, that accomplishes more, with less and is much easier to execute. If you read the paper, there are a total of 4 exploits discussed. For a "few bits of meta-data", you have to execute 2 different exploits. This isn't something an attacker is going to do for "a few bits of meta-data"......

 

[Mo3ulla]

Where exactly are these "major" security issues? Even one of the researchers involved doesn't seem to think this is "major"..... In fact, he even goes so far as to say that it's not "major" and "leaks a few bits of meta-data" compared to Meltdown leaking actual, usable data. Meta-data, for the most part, is useless to attackers. The actual data, as made available by Meltdown, is vastly more important and useful.

Each of these 2 flaws, requires multiple exploits......so, not "simple to exploit".... Unlike Meltdown, that accomplishes more, with less and is much easier to execute. If you read the paper, there are a total of 4 exploits discussed. For a "few bits of meta-data", you have to execute 2 different exploits. This isn't something an attacker is going to do for "a few bits of meta-data"......

first of all - melthdown despite of severity was fully patched IN FIRST DAY OF DISKLOSURE . amd- does not patched that at all . and does not even said - we are working on fix .

as themselfs bugs have low severity .. BUT if look on bugs as whole . those bugs kills one of the most vital kernel security border . protection of kernel address space . ASLR .. without it - kernel will be with pants down against attacker . yes its not as severe as melthdown . but scores like family of - MDS family type attacks on amd is more then enough

 

[valeman2012]

Where exactly are these "major" security issues? Even one of the researchers involved doesn't seem to think this is "major"..... In fact, he even goes so far as to say that it's not "major" and "leaks a few bits of meta-data" compared to Meltdown leaking actual, usable data. Meta-data, for the most part, is useless to attackers. The actual data, as made available by Meltdown, is vastly more important and useful.

Each of these 2 flaws, requires multiple exploits......so, not "simple to exploit".... Unlike Meltdown, that accomplishes more, with less and is much easier to execute. If you read the paper, there are a total of 4 exploits discussed. For a "few bits of meta-data", you have to execute 2 different exploits. This isn't something an attacker is going to do for "a few bits of meta-data"......

Now AMD indivudal are saying the AMD 2 security flaw are useless to attackers. What is next?

 

[svan71]

For those of you who thought Intel was the only line vulnerable...

Yes but just yesterday intel had its latest in the news, everywhere but toms, they got the AMD memo though.


New Intel Vulnerability found, Converged Security and Management Engine exploitable

 

[riesengebirge]

AMD's response:

"We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks. "

https://www.amd.com/en/corporate/product-security

 

[svan71]

AMD or intel does not matter much both are US companies. and USA wants to "spy" on the WORLD.

I find it funny that most of the bugs are found by Europe. and I find it funny that they dont hire european scientist to monitor the designs of the CPU ...

I have a relative professor in Germany , in Computer engineering , and he told me , "these bugs can be avoided easily from early stages of design , but they put it there and turn a blind eye on them , and all what you read in the news is to fool the people, as a Scientist I am telling you it is avoidable from the beginning."

Just the USA wants to spy?

 

[GetSmart]

Sounds like AMD ain't taking any action at all, or just turning a blind eye and simply label this as an already known issue that was already mitigated. Strangely in those months, seems like AMD hasn't even posted any advisories nor alert browser developers of the problem. If this vulnerability can still be exploited thru a browser with all the current mitigations in place then that is rather concerning.

And let's not forget the people discovered most of those Intel vulnerabilities (such as Meltdown). One of them was Daniel Gruss!

 

[genz]

AMD or intel does not matter much both are US companies. and USA wants to "spy" on the WORLD.

I find it funny that most of the bugs are found by Europe. and I find it funny that they dont hire european scientist to monitor the designs of the CPU ...

I have a relative professor in Germany , in Computer engineering , and he told me , "these bugs can be avoided easily from early stages of design , but they put it there and turn a blind eye on them , and all what you read in the news is to fool the people, as a Scientist I am telling you it is avoidable from the beginning."

Intels largest R+D base is in Israel. It's manufacturing has aways been US (apart from one fab in Ireland and the XPoint stuff in China), but then Apples fabbing was always in China and it was always regarded as a US company because R+D so I see the angle. See: https://www.intel.com/content/www/us/en/corporate-responsibility/intel-in-israel.html

My 2c on the original post is it was long overdue. Intel could buy AMD its so much richer... so why not pay for a bunch of R+D into Zen vulnerabilities to offset the performance advantages it has with fixes. It's not like they didn't have MCM 8 core i7s before AMD did. I honestly wouldn't have put it past AMD to have been the masterminds behind Spectre Meltdown discovery... The timing couldn't have been better for them.

Zen is built and tweaked for yield 'like Lego' using lots of CAD instead of human labour, and I doubt that that AI is particularly astute at spotting side channel attacks by itself (seeing as they are a literally brand new attack vector that was discovered after the release of Zen and therefore after the creation of the software that made Zen).

This will be a blow for existing EPYC chip sales only, but that's exactly what Intel wants.

 

[redgarl]

Update 4/8/2020 8:10am PT:

ROFL... man, you guys are a joke... where is that supposed journalism integrity of the SK Hynix rumor? Also, are you time travelers? You must be related to that other hitpiece this morning...

AMD Continues To Be Worryingly Overvalued (85%!) Despite Management Optimism Reveals Analysis

Chip designer Advanced Micro Devices, Inc () held its Financial Analyst Day this week, after a three-year hiatus. The event is generally preceded by a certain degree of anticipation, as folks other than analysts tune in to determine what the company has in store for them for the future. AMD...

wccftech.com

 

[PaulAlcorn]

Update 4/8/2020 8:10am PT:

ROFL... man, you guys are a joke... where is that supposed journalism integrity of the SK Hynix rumor? Also, are you time travelers? You must be related to that other hitpiece this morning...

AMD Continues To Be Worryingly Overvalued (85%!) Despite Management Optimism Reveals Analysis

Chip designer Advanced Micro Devices, Inc () held its Financial Analyst Day this week, after a three-year hiatus. The event is generally preceded by a certain degree of anticipation, as folks other than analysts tune in to determine what the company has in store for them for the future. AMD...

wccftech.com

Thank you for pointing out the entry with the wrong month. I will fix that.

We did not cover the SK Hynix rumor prior to SK Hynix itself saying it wasn't real. I assume that is what you are referring to.

https://www.tomshardware.com/news/amd-big-navi-gpus-are-fake-sk-hynik-refutes-2tbps-hbm2e-claims

We have no direct or indirect involvement in anything published at WCCFtech, ever. Period.