A raft of flaws in AMD chips makes bad hacks much, much worse
AMD says its Secure Processor is impenetrable. Instead, it can harbor malware.
Take care to read the whole article, reference following: There are open questions.
Source: URL: Ars Technica Dan Goodin - 3/13/2018, 5:07 PM
IMPORTANT:
Excerpt:
The advisory came with its own disclaimer that CTS—the Israeli research organization that published the report—"may have, either directly or indirectly, an economic interest in the performance" of the stock of AMD or other companies. It also discloses that its contents were all statements of opinion and "not statements of fact." Critics have said the disclaimers, which are highly unusual in security reports, are signs that the report is exaggerating the severity of the vulnerabilities in a blatant attempt to influence the stock price of AMD and possibly other companies. Critics also faulted the researchers for giving AMD just 24 hours to review the report before it went public and using a dedicated-website to bring attention to the flaws.
Excerpt
The flaws—in AMD's EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors—require attackers to first gain administrative rights on a targeted network or computer, which is a hurdle that's difficult but by no means impossible to clear. From there, attackers can exploit the vulnerabilities to achieve a variety of extraordinary feats that would be catastrophic for the owners' long-term security. Among other things, the feats include:
Running persistent malware inside the AMD Secure Processor that's impossible—or nearly impossible—to detect
Bypassing advanced protections such as AMD's Secure Encrypted Virtualization, Firmware Trusted Platform Module, and other security features, which are intended to secure systems and sensitive data in the event that malware infects a computer's operating system
Stealing credentials a vulnerable computer uses to access networks
Physically destroying hardware by attackers in hardware-based "ransomware" scenarios
I have carefully used ONLY AMD chips in both purchased machines and in my own builds for a good many years. I see these faults as just teething troubles. I was thinking of starting to roll out RYZEN chips sometime in 2019 -- hopefully with Debian 10. However it may take a year for AMD to clean up the RYZEN design.
Clearly we'll be keeping a close eye on this. I hope it doesn't wipe out AMD.
Hopefully the follow is good info:
...require attackers to first gain administrative rights on a targeted network or computer, which is a hurdle that's difficult but by no means impossible to clear.
( emphasis added )
If that's true the chip problems may be un-important: If I get Admin rights on any box I can do serious mischief and I don't need a chip error to do it. The chip error is just another place to hide my work -- like the old un-used sector space in windows malware