News New AMD Side Channel Attacks Discovered, Impacts Zen Architecture

[wownwow]

For those of you who thought Intel was the only line vulnerable...

Intel 245 but AMD less than 20, Intel won!

Not just the vulnerabilities but a lot more important is the design integrity without the cheap shortcut; Intel used partial addresses but AMD didn't!

About using partial addresses, a cheap design shortcut:
People who live on a street with 4-digit addresses can get in each other's houses as long as having addresses with the same last three digits, paying more for "Partial Addresses Inside", amazing!

 

[joeblowsmynose]

Sure, there's plenty of motivation: "We'll make some very large contributions to your . . ahem . . campaign . . and if you make sure certain large sums come to us, we will make it very worth your while in further . . ahem . . contributions."

Hehe ... sounds about right ... but don't all party donations have to be disclosed? I'm sure they do in Canada ... not that there's not ways around it, mind you. Of course there is ... never mind.

 

[King_V]

Well, we in the US do have the joke about "the best government money can buy" for a reason...

Ok, ok, I'll stop now - I'm rapidly digressing from topic!

 

[LordVile]

Why are people mischaracterizing these attacks as needing physical access? They don't. Nowhere in the article, or -- more importantly -- the research paper does it say that physical access is required. So where are people getting this from?

And no, the attacks aren't "lab tests." They are very much exploitable.

Because most of these CPU level attacks require physical access, the intel one fro a couple f weeks ago could be done over a LAN but the "unpatchable" element was with physical access.

All of these attacks aren't much for us, normal people with normal PCs, these attacks are an issue for servers etc where people want the data on them, the most someone will want from you is a credit card number which can be attained with easier methods.

Or if you really wanna be safe get a Mac that T2 chip life.

 

[InvalidError]

Because most of these CPU level attacks require physical access, the intel one fro a couple f weeks ago could be done over a LAN but the "unpatchable" element was with physical access.

No, you DO NOT need PHYSICAL access, you need LOCAL access which range from tricking the user into running an executable to buffer overflows that allow arbitrary remote (relative to the attacker, which would be local relative to the target) code execution.

 

[LordVile]

No, you DO NOT need PHYSICAL access, you need LOCAL access which range from tricking the user into running an executable to buffer overflows that allow arbitrary remote (relative to the attacker, which would be local relative to the target) code execution.

Wasn’t the intel vulnerability on doable on boot? So GL with that method.

The “unpatchable” part of the attack is only doable with physical access.

 

[zx128k]

Wasn’t the intel vulnerability on doable on boot? So GL with that method.

The “unpatchable” part of the attack is only doable with physical access.

https://www.fierceelectronics.com/electronics/intel-chip-flaw-may-allow-hackers-to-bypass-encryption

 

[InvalidError]

Wasn’t the intel vulnerability on doable on boot? So GL with that method.

The “unpatchable” part of the attack is only doable with physical access.

This is the AMD exploit thread and the side-channel exploits for both AMD and Intel require some form of local code execution to work. For the Intel boot-time thing, there isn't much that can be done about security once you are at the point where hands-on access to the hardware within the first seconds of power-up is required.

 

[LordVile]

This is the AMD exploit thread and the side-channel exploits for both AMD and Intel require some form of local code execution to work. For the Intel boot-time thing, there isn't much that can be done about security once you are at the point where hands-on access to the hardware within the first seconds of power-up is required.

I know I was just referencing the intel one as an example that most of these vulnerabilities aren't threatening to the majority of people here, they're a danger for people who run servers etc as most of the data people want from regular PCs are things like card numbers which can be attained in an easier manner.

https://www.fierceelectronics.com/electronics/intel-chip-flaw-may-allow-hackers-to-bypass-encryption

"To take advantage of the vulnerability, a hacker must gain physical access to a machine or network, according to security analysts and Intel. Those factors limit its potential to cause harm, analysts said."

 

[TJ Hooker]

this is a specter style attack, which means it requires physical access to the computer, adjustments to the bios and administrative passwords to work.

I don't see anything about this exploit requiring any of those things. I don't remember Spectre requiring any of those things either. All that is required from what I can tell is being able to execute code on the target machine, E.g. through malicious code on a website that is visited, or from within a VM on a cloud hosting server.

They did have to modify the kernel to pull this off. So sure its a vulnerability but in the real world has virtually no application.

Where do you see any mention of them modifying the kernel? And even if they did, what about someone attacking a cloud hosting server by renting a VM and running whatever they want (possibly including a custom kernel) on it?

 

[zx128k]

Is this vulnerability as severe as Meltdown or Zombieload?

https://twitter.com/x/status/1236218121704239104

View: https://twitter.com/lavados/status/1236218121704239104?s=20

Certainly not. The attacks leak a few bit of meta-data. Meltdown and Zombieload leak tons of actual data.

 

[captaincharisma]

so much for AMD's new archetecture being better then intel's when it comes to security

once intel matches the rediculous core ounts of AMD's consumer CPU's it'll beome a level playing field again

 

[InvalidError]

so much for AMD's new archetecture being better then intel's when it comes to security

once intel matches the rediculous core ounts of AMD's consumer CPU's it'll beome a level playing field again

AMD is still better since most of its flaws are less severe than Intel's and patches aren't as bad performance-wise either. So, not only does Intel have catch-up to do on core count and power-efficiency, it also has more catching-up to do on hardware fixes and mitigation.

Intel is only back-porting fixes for the most serious flaws into 14nm refreshes. For the rest, mainstream will have to wait for 7nm chips in late 2021. Intel won't be catching up any time soon.

 

[zx128k]

so much for AMD's new archetecture being better then intel's when it comes to security

once intel matches the rediculous core ounts of AMD's consumer CPU's it'll beome a level playing field again

AMD's new architecture is different but more secure atm than Intel. Daniel Gruss quote above spells out the difference between AMD and Intel cpu's. Almost every aspect of an Intel cpu has been compromised in some way to create a new attack. AMD and ARM cpu's are affected by some attacks but Intel cpu's are just completely broken. It's so bad on Intel cpu's, that the patches that fix the old attacks make new ones easier.

AMD and Intel are NOT equivalent when it comes to poor security. This is not to imply that there could not be a security issue to be found on AMD cpu's in future. Atm AMD are way ahead when it comes to security. Also patching the issues on Intel cpu's are slowly robing them of performance advantages. Only overclocking and gaming remain.

 

[mchldpy]

For those of you who thought Intel was the only line vulnerable...

Those that thought Intel was the only line vulnerable are the same nut jobs that believe Star Trek was filmed "On Location".

 

[mchldpy]

This could be 1 source of the "Physical access needed" misinformation, from Engadget.com quoting info on T.H., in the comments section 3 days ago by laguna_b

It should be pointed out that side channel attacks require physical access to the computer and are state level technology not usually accessible by the common hacker.
[END QUOTE]
Article at Engadget.com

 

[Makaveli]

Focus on better security just like Intel.

That is the funniest thing I've seen posted this week no further comment needed.

The fanboying going on in this thread is hilarious.

 

[King_V]

That is the funniest thing I've seen posted this week no further comment needed.

The fanboying going on in this thread is hilarious.

Despite owning a Ryzen, the particular user's posts are predominantly pro-Intel and AMD-bashing. Would I say 100% so? Probably not. But, consistent enough to be extremely predictable.

 

[gdmaclew]

Google/MS/Amazon/FB/Apple knows more about you than you do.

Please explain.

 

[mchldpy]

Google/MS/Amazon/FB/Apple knows more about you than you do.

Nope, they don't know nothing about me.
You want my data, you gotta deal with PORNHUB.

 

[Makaveli]

Please explain.

I think he is referring to all the data collection those companies do.

However the data they collect is only as good as the data you put up online. So to say they know more about you than yourself is kinda silly.

 

[InvalidError]

Please explain.

Install NoScript or similar, then look at how much stuff from other domains the pages you are regularly going to are loading. Every single one of those may have some degree of access to what you are currently doing, be it from being an active element on the page you are viewing or receiving metadata telling it what you are doing from the page. That's how searching for one thing on one site may "mysteriously" get reflected in ads you see on a seemingly unrelated site.

 

[mchldpy]

I remember FB having the "Like" buttons on websites for people to click on saying they liked this topic or website and then hearing that you didn't even have to click the button, it monitored your presence whether a FB member or not and sold your browsing habit data even with your browser set to be indistinguishable as possible. So I can see them knowing more about my browsing habits than I can remember.

 

[TJ Hooker]

I think it's becoming more and more common for browsers to block 3rd party cookies (and plenty of addons will if your browser doesn't), which I think in theory should cut down a bit on having ad/behavior profiles that can follow you from one site to another. I.e. prevent the facebook/google/whatever tracking cookie from loading on sites that aren't part of facebook et al's domains.

I remember trying NoScript a while back, but I found that it just broke every site I visited to the point where I was just enabling it everywhere I went, which seems to defeat the purpose. I just block 3d party cookies (and sometimes browser fingerprinting) and hope for the best.

 

[deksman]

AMD is less affected by Intel bugs because they are two different solutions to the same problem. It also means that AMD has different vulnerabilities compared to Intel and given the focus on Intel products now, it is no wonder they find more Intel vulnerabilities.
Give time to AMD to become more popular and you'll see how full of holes they are also.

Oh its possible that Zen uArch has (at least as of yet) unknown security vulnerabilities... however, as of right now, we have no way of knowing how many of such hypothetical vulnerabilities are, and for now this remains in the speculative area (at least until they are discovered - otherwise, anyone can claim that AMD has unknown security vulnerabilities without proof to back it up)... also, Zen 2 is already quite popular, and AMD was quite adamant about beefing up security/encryption in that uArch and going forward.

Fact remains that most security exploits discovered to date won't even execute on Zen uArch (but they do on Intel).