First read of the AMDFLAWS whitepaper (no real technical details given) is: “over-hyped beyond belief”.
This is a whitepaper worthy of an ICO.
And yes, that is meant to be an insult.
This is a whitepaper worthy of an ICO.
And yes, that is meant to be an insult.
It begins with a statement which is clearly set up for financial readers as they quote the FTC and by page 2 it is a flurry of mediabites (“bad actors”, “espionage”, “disregard for fundamental security principles”).
The actual footnote about the “FTC audit” is about Asus insecure home routers… Not that anyone reads beyond “FTC!! ZOMG!1!!1!”
The sentence “This raises concerning questions regarding security practices, auditing, and quality controls at AMD” is classic financial auditor talk…
The sentence “This raises concerning questions regarding security practices, auditing, and quality controls at AMD” is classic financial auditor talk…
Page 3 plays *up* the value of AMD’s Zen architecture (“In the meantime, the Zen architecture is a tremendous success”) because you need to show “big company” but AMD’s market share is measly compared to Intel… Then claim AMD EPYC / Ryzen are “sold as high-security solutions”...
But the footnote? Ha, it is a link to AMD’s very own “Aerospace and Defense Applicaiton Brief”, i.e. a *marketing document*. There is zero chance that they are already installed anywhere, the dev cycle is decades-long. They then throw self-driving cars into the mix except they...
link to a Forbes article saying how *nVidia* has the advantage in self-driving cars (translated: AMD is in the self-driving car business, who wouldn’t be?)
Now, finally, having hooked the idiots we get to the Table of Contents on page 4…
Nobody reads past page 4 (nor footnotes)
Now, finally, having hooked the idiots we get to the Table of Contents on page 4…
Nobody reads past page 4 (nor footnotes)
Now onto the “vulnerabilities”:
1) MASTERKEY: if you allow unauthorised BIOS updates you are screwed.
Threat level: No shit, Sherlock!
2) RYZENFALL: again, loading unauthorised code on the Secure Processor as admin.
Threat level: No shit, Sherlock!
1) MASTERKEY: if you allow unauthorised BIOS updates you are screwed.
Threat level: No shit, Sherlock!
2) RYZENFALL: again, loading unauthorised code on the Secure Processor as admin.
Threat level: No shit, Sherlock!
3) FALLOUT: vendor-supplied *signed* driver allows access to Secure Processor.
Threat level: No shit, Sherlock!
4) CHIMERA¹: outsourced chipset has an internal ucontroller which can be 0wned via digitally signed driver.
__
¹ read about my Chimaera Processor: far sexier stuff.
Threat level: No shit, Sherlock!
4) CHIMERA¹: outsourced chipset has an internal ucontroller which can be 0wned via digitally signed driver.
__
¹ read about my Chimaera Processor: far sexier stuff.
Conclusion, re-written: “we wrote an amazing media-whoring whitepaper and website about stuff which is barely beyond obvious so that we can short AMD stock because suckers and TVs will listen to us”.
They hope the security community takes note of these findings. Right.
They hope the security community takes note of these findings. Right.
Free threat analysis: the only one which I’d be worried about if you are a government agency is the chipset vulnerability.
Having said this when was the last time you audited your Intel chipset?
Having said this when was the last time you audited your Intel chipset?
Before you short $AMD and make Viceroy Research rich (and CTS Security ‘cos they are profit-sharing for sure) please read this thread.
