Researchers Find Critical Security Flaws in AMD Chips

security week ^ | 3/13/2018 | AFP

[bitt]

Security researchers said Tuesday they discovered flaws in chips made by Advanced Micro Devices that could allow hackers to take over computers and networks.

Israeli-based security firm CTS Labs published its research showing "multiple critical security vulnerabilities and exploitable manufacturer backdoors" in AMD chips.

CTS itemized 13 flaws, saying they "have the potential to put organizations at significantly increased risk of cyberattacks."

The report comes weeks after Intel disclosed similar hardware-based flaws dubbed Meltdown and Spectre, sparking widespread computer security concerns and a congressional inquiry.

CTS said the newly discovered flaws could compromise AMD's new chips that handle applications in the enterprise, industrial and aerospace sectors, as well as consumer products.

In a 20-page white paper, the researchers said the AMD Secure Processor, the gatekeeper responsible for the security of AMD processors, contains "critical vulnerabilities" that "could allow malicious actors to permanently install malicious code inside the Secure Processor itself."

"These vulnerabilities could expose AMD customers to industrial espionage that is virtually undetectable by most security solutions," the researchers said.

CTS said AMD's Ryzen chipset, which AMD outsourced to a Taiwanese chip manufacturer, ASMedia, "is currently being shipped with exploitable manufacturer backdoors inside."

This could allow attackers "to inject malicious code into the chip" and create "an ideal target" for hackers, the researchers said.

"CTS believes that networks that contain AMD computers are at a considerable risk," the report said.

"The vulnerabilities we have discovered allow bad actors who infiltrated the network to persist in it, surviving computer reboots and reinstallations of the operating system.

[fwdude]

Darn. AMD was my go-to for a MicroLeftist alternative.

[bitt]

PING

[null and void]

China and Taiwan have a very cozy business relationship.

I rather doubt all these back doors are accidental.

Make no mistake, this is an act of war.

[tomkat]

As with most things computer-related, as a home/small business user I try to stay a couple steps behind the bleeding edge.

Might be a few nanoseconds pokier than the whiz bang kids, but stability is more important to me these days than bragging rights.

[edh]

“I rather doubt all these back doors are accidental.”

That is certainly true, and, to some extent, I agree (big brother needs to know everything about everyone).

However, processors are ridiculously complex these days (well, they were always ridiculous complex compared to the previous generation ... but I think you know what I mean) ... and they’re microcoded to allow field upgrades to fix bugs & performance issues. I’m sure they overlooked things be it on purpose or “for real” :-).

[fwdude]

Same here.

[Red Badger]

AMD Ping!...................

[Red Badger]

Once is an accident.
Twice is a coincidence.
Three times is an act of war...............

[VanShuyten]

This is about the Ryzen chip so far, so my old AMD will probably be OK.

[DannyTN]

If we had high enough import tariffs, AMD wouldn’t be offshoring the production of these chips.

[PAR35]

So the Chinese added a back door into the chip? Shocking.

If Trump cared about national security, he’d put a tariff on foreign chips, not moving to protect the self serving management at Qualcomm at the expense of shareholders.

[Rashputin]

". . .I rather doubt all these back doors are accidental."

From the article :
". . . manufacturer backdoors"

Right there at least some of them are fingered as having been left deliberately by AMD themselves. The question is, were incentives or threats used by US Intelligence to put those back doors in and if it's 'neither', then why did AMD put them into the design.

[DoughtyOne]

Thanks so much for your support to this point... I personally apprecaite it...
FReepers, it's far beyond time to wrap up this FReep-a-thon.  Lets do it today.  Please chip in.

President Donald J. Trump and the Free Republic of the United States of America
President Donald J. Trump's address to the United Nations on 09/19/2017.

Ramirez political cartoon:  Trade War LARGE VERSION 03/12/2018: LINK  LINK to regular sized versions of his political cartoons (archive).
Garrison political cartoon:  Gun Control Supporters LARGE VERSION 03/13/2018: LINK  LINK (scroll down) to regular sized versions of his political cartoons (archive).

FReepers, 87.788% of the Third Quarter FReep-a-thon goal has been met.  Click above and pencil in your donation now.  Please folks, lets end this FReepathon.  Thank you!
...this is a general all-purpose message, and should not be seen as targeting any individual I am responding to...

Just $187.00 dollars to 88.00%

[palmer]

The question is, were incentives or threats used by US Intelligence to put those back doors in and if it's 'neither', then why did AMD put them into the design.

Neither since it is easy to insert a human asset into the design team. The real question is whether the US and Chinese intelligence cooperated on the back door so they could both use it, or whether one or the other did it alone.

[fella]

Didn’t AMD move its production to some communist run country?

[taxcontrol]

The white paper presents 4 attack vectors:

MasterKey
RyzenFall
Fallout
Chimera

MasterKey requires the ability to alter the BIOS

The other three require administrator privileges to exploit.

Chimera is the most dangerous in my mind as it is a chip / asic level error.

All four will require significant rework of the product line to fix.

Kind of crappy that CTS did not allow AMD the normal courtesy of 90 days notice before releasing the white paper.

[bitt]

“CTS said AMD’s Ryzen chipset, which AMD outsourced to a Taiwanese chip manufacturer, ASMedia, “is currently being shipped with exploitable manufacturer backdoors inside.””

wonder if my old pc chip is ok...

[dayglored]

AMD flaws, maybe ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to bitt for the ping!

---

Frankly, color me somewhat skeptical of this report.

https://amdflaws.com/disclaimer.html:

"The report and all statements contained herein are opinions of CTS and are not statements of fact... You are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports..."

AND

A comment from Reddit's /r/netsec:

"...Looking closer a PR firm CEO is directly handling media for this small, recently formed Israeli company. The Israeli company CEO has experience selling off sec-tech firms to others. The PR firm put out a press release/article last year (when they themselves were founded from past careers in NYC venture/hedge funds) about how they understand how venture capital uses big data to identify opportunities and they connect those opportunities to capital. Could be Intel...but I'm thinking its just as likely this is a PR based pump-n-dump play in a hot sector."

Add to that the fact that they didn't give the usual 90 days advance warning...

Color me VERY skeptical.

[dayglored]

> Kind of crappy that CTS did not allow AMD the normal courtesy of 90 days notice before releasing the white paper.

VERY crappy. I suspect this could be BS meant to affect stock prices, little or nothing more.