• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CTS Labs Sent AMD and Other Companies a Research Package with Proof-of-Concept Code

Low quality post by Bones
Joined
Dec 14, 2013
Messages
2,734 (0.68/day)
Location
Alabama
Processor Ryzen 2600
Motherboard X470 Tachi Ultimate
Cooling AM3+ Wraith CPU cooler
Memory C.R.S.
Video Card(s) GTX 970
Software Linux Peppermint 10
Benchmark Scores Never high enough
Is it racist to say that political moves by Israel are questionable? :D

Can we just stop with the anti-semitic crap already?
Ain't helping.
 

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,800 (1.64/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Thermalright Phantom Spirit SE
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage Nextorage NE1N 2TB ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard SteelSeries Apex 7
Software Windows 11 +startisallback
this whole thing is barely deserving of a 'several bugs found in amd chipset firmware'
and honestly my opinion is if these clowns can find it then its probably already been in the wild for awhile

these guys are security researchers like 12 year olds, on a gokart at the daytona 500 pretending are racecar drivers
 
Last edited:

the54thvoid

Super Intoxicated Moderator
Staff member
Joined
Dec 14, 2009
Messages
13,120 (2.39/day)
Location
Glasgow - home of formal profanity
Processor Ryzen 7800X3D
Motherboard MSI MAG Mortar B650 (wifi)
Cooling be quiet! Dark Rock Pro 4
Memory 32GB Kingston Fury
Video Card(s) Gainward RTX4070ti
Storage Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s) LG 32" 165Hz 1440p GSYNC
Case Asus Prime AP201
Audio Device(s) On Board
Power Supply be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software W10
Not sure what you are talking about, but are you saying they claim that you can execute attacks against the AMD Secure Processor on systems that don't have an AMD Secure Processor?

I think the inference is more along the line that to be open to attack, you need to have gained those admin rights. Point being, any malware that has admin rights can pretty much ruin your system. The fact AMD has the Secure Processor flaws according to CTS Labs, is redundant when you need to first exploit the PC in the first place. That exploit, in itself means the PC has been severely compromised. From that point of view, with admin rights, I can flash a bios anyway. I can wipe data, format drives etc etc etc. These AMD specific security flaws require you to 'hand the keys over' to the initial exploit. Therefore, the attack vector required to initiate these flaws is the problem, not the flaws.
I think ANY CPU is vulnerbale to a host of problems once admin right is exploited and those exploits precede the CTS-Lab claims.
 
Joined
Jan 8, 2017
Messages
9,505 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
I am starting to question whether several tech sites that are so eagerly promoting these stories received any incentives for doing so. This is beyond just click bait titles.

Oh come on , don't look so surprised. Everyone will write about every single turd they'll find that has anything to do with something popular. Not that I blame them , that's their job.
 
Joined
Dec 22, 2011
Messages
289 (0.06/day)
Processor Ryzen 7 5800X3D
Motherboard Asus Prime X570 Pro
Cooling Deepcool LS-720
Memory 32 GB (4x 8GB) DDR4-3600 CL16
Video Card(s) PowerColor Radeon RX 7900 XTX Red Devil
Storage Samsung PM9A1 (980 Pro OEM) + 960 Evo NVMe SSD + 830 SATA SSD + Toshiba & WD HDD's
Display(s) Samsung C32HG70
Case Lian Li O11D Evo
Audio Device(s) Sound Blaster Zx
Power Supply Seasonic 750W Focus+ Platinum
Mouse Logitech G703 Lightspeed
Keyboard SteelSeries Apex Pro
Software Windows 11 Pro
Not sure what you are talking about, but are you saying they claim that you can execute attacks against the AMD Secure Processor on systems that don't have an AMD Secure Processor?
I think he's saying that when you have admin privileges on a system it doesn't matter what CPU or whatever is inside, you have pretty much free hands to do anything regardless, be it AMD Secure Processor, Intel ME or whatever. When someone gets root access, you're already compromised.
 
Joined
Dec 31, 2009
Messages
19,371 (3.54/day)
Benchmark Scores Faster than yours... I'd bet on it. :)
This was mentioned in the first article already, their sending them the code...

...curious why that tidbit made another news post personally.


I am starting to question whether several tech sites that are so eagerly promoting these stories received any incentives for doing so. This is beyond just click bait titles. TPU's Facebook account is even worse. Paid to promote agenda?

Come on, deliberately ignoring their white paper said they have potential "financial interest in said company" Also ignoring that multiple users, as well as some other tech news such as GamerNexus point out those so called security claims can be executed to ANY machine.

My BS meter is ticking to the max.
I think a fundamental lack of knowledge is the biggest issue with tech sites, and especially members (me included). I mean I see people here and everywhere who can't troubleshoot their way out of a wet paper bag suddenly has all the answers here??? LULZ.

Also, delivery of the message on several tech sites was abhorrent. Many sites would rather get clicks than to take a bit of time and investigate. I don't think anyone was paid to do so. But it is a bit telling that the amdflaws website has listed several tech sites and each and every one, was direct about the issue being real not once questioning the validity of it. In the other shitstorm thread, I linked a more sourced and measured take in hopes to bring reason to the insanity that set in.

Oh come on , don't look so surprised. Everyone will write about every single turd they'll find that has anything to do with something popular. Not that I blame them , that's their job.
There is something, scratch that, A LOT to be said for journalistic integrity...
 
Last edited:

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,800 (1.64/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Thermalright Phantom Spirit SE
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage Nextorage NE1N 2TB ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard SteelSeries Apex 7
Software Windows 11 +startisallback
I am out can we stop giving this train wreck anymore coverage now
 

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,107 (1.26/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
Intel Bean Counter Office Meeting
1st Bean Counter " Hey I Have an Idea on Making some Money"
Rest of Team " tell us then"
1st Bean Counter " We Get our People in an Associated security Company to Release a Story about a bunch of AMD CPU Vulnerability's and watch their Stock Price Drop like a stone when its low we buy and then sell when it recovers as we know it will.
Rest of team shout "Great plan lets do it "
then a lone Voice Squeeks from the Back of the room

"Is that not Insider Trading ???"

"Definitely Not says" 1st Bean Counter
"Its Not our Stock and so its not Insider trading" >>>>>:):):)
 
Joined
Jul 18, 2017
Messages
575 (0.21/day)
I am out can we stop giving this train wreck anymore coverage now
The AMD defense force doesn’t have a single evidence to debunk their findings. It may be fake it may be real. But let’s hide this because it hurts mah favorite brand.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,473 (4.08/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Yes, but you still need to get that admin access to do the BIOS update/modification and at that point your system is already compromised, no matter whose CPU or chipset or whatever is in there. Also, since they blame it on American Megatrends making things easy, it should apply to any system with their BIOS?

Yes, you are currently screwed if you get the point that the hackers have admin access. However, normally a drive wipe and re-install will unscrew you, but not anymore. See the big problem?
 
Joined
Mar 10, 2014
Messages
1,793 (0.45/day)
Can we just stop with the anti-semitic crap already?
Ain't helping.

CTS couple of former IDF unit 8200 workers, AMD makes their chips on GF subsidiary owned by Arabs. Not saying these are really relative or Israel have anything to do with this. But you can't blame anyone to start conspiracy theories within such connections.
 
Joined
Oct 27, 2009
Messages
1,190 (0.21/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
Joined
Jan 8, 2017
Messages
9,505 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
doesn’t have a single evidence to debunk their findings.

There isn't yet any evidence that those finding are true. But there are certainly details which make them seem not to be , such as :

- unknown security firm founded in 2017 finds out a massive amount of security flaws in record time likely requiring detailed inside information from AMD themselves about their chips
- "whitepaper" which contains close to zero technical information
- a site which looks like a joke full of FUD
- cringy buzzfeed type videos "explaining" the issues
- another individual which seems related to all this crap made another shady looking paper the very same day mentioning these findings and talking in detail about stock prices , market share and such

But , I know , none of these spark even a trace of doubt.
 
Last edited:
Joined
Sep 2, 2014
Messages
61 (0.02/day)
While everyone is speculating on this "revelation",
did we notice who did not get the package???

Rather telling don't you think?

Why didn't the Linux foundation receive it?
They're usually the first to come out with
corrective code. If we're doing a "public service"
why not give it to the parties most likely to
correct the problem first? Oh... it becomes
open source and everyone gets to see what
it is... or isn't... anyone ever try to get root
access on a Linux box lately?
 
Joined
Dec 31, 2009
Messages
19,371 (3.54/day)
Benchmark Scores Faster than yours... I'd bet on it. :)
We'll see the CVE's come out for these soon enough. ;)

Once the dust settles, it will be fun to see who's left standing in the circle with their pud in hand. :)
 

Tumbler1987

New Member
Joined
Jan 17, 2018
Messages
6 (0.00/day)
Processor Intel i7 8700K 5GHz
Motherboard Asus Z370 Prime
Cooling Swiftech H220X
Memory G.Skill Trident Z 32GB DDR4 3000
Video Card(s) Asus Strix GTX 1080 Ti
Storage Samsung 850 Pro
Display(s) Sony Bravia 75" 75X900 4K HDR
Case Corsair Graphite 760T
Power Supply EVGA 1300W
Software Windows 10 64bit Pro
I would recommend waiting for an official response from AMD before calling shenanigans on these vulnerabilities, the extent of potential damage that can be caused by exploiting said vulnerabilities isn't known or corroborated by the actual manufacturer of the affected products, so I'm holding on passing any judgement for the time being.

I appreciate W1zzard's input on the matter, as he is well capable of making an educated guess on whether this is a real issue or not.

As far as all the conspiracy theories already being proposed, everyone has a right to express their opinion, but let's keep the facts in check, these news were only published less than a day ago, and some of the accusations and finger pointing are already getting out of hand.

Yes, we do live in an era when estate sponsored high level manipulation of public opinion is a real thing, but I'm sure in the days to come we'll get a more clear understanding of the motives behind the unorthodox way these vulnerabilities were revealed.

In the meantime, all we can do is hope no one can take advantage of the weaknesses exposed, that's the last thing we need now, as AMD is barely again becoming a force to be reckoned with in the CPU space, and the real consequences of whether their latest products can be easily hacked or not, will have a definite effect on everyone involved in this industry, AMD, ARM and even on how Intel can potentially play this in their favor and we would return to an age of progress staganation in CPU development, that's the last thing we all need.
 
Last edited:
Joined
Jul 18, 2016
Messages
354 (0.11/day)
Location
Indonesia
System Name Nero Mini
Processor AMD Ryzen 7 5800X 4.7GHz-4.9GHz
Motherboard Gigabyte X570i Aorus Pro Wifi
Cooling Noctua NH-D15S+3x Noctua IPPC 3K
Memory Team Dark 3800MHz CL16 2x16GB 55ns
Video Card(s) Palit RTX 2060 Super JS Shunt Mod 2130MHz/1925MHz + 2x Noctua 120mm IPPC 3K
Storage Adata XPG Gammix S50 1TB
Display(s) LG 27UD68W
Case Lian-Li TU-150
Power Supply Corsair SF750 Platinum
Software Windows 10 Pro
It looks sufficiently credible to me to not ignore it, which is why we are reporting on this at TPU. You are right of course that more evidence is needed, which doesn't seem that far away, days at max, probably hours.

I feel I have an excellent understanding of what they described and am trying to provide insights, and help clear up misunderstandings.

Yes we definitely need more clarification before believing anything. So everyone should take it with a grain of salt.
 
Joined
Jan 8, 2017
Messages
9,505 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
We'll see the CVE's come out for these soon enough. ;)

Or not , that's another thing about it. Meltdown had a CVE entry a year before all of it became widely known , yet another reason not to take this too seriously.
 
Joined
May 11, 2016
Messages
261 (0.08/day)
I wonder what would happen to a company if it ended up coming out that this was paid for/sponsored by a direct competitor to harm AMD. I can't imagine what the FCC penalties would be or the size of the lawsuits.

These requiring admin access are the same reason Meltdown and Spectre have had very little impact so far. Some of those S/M vectors even required physical local access. An attacker needing either admin or physical access (and even both in some cases), it's hard to get too fired up about it. It's a bit like saying if you leave your car unlocked, doors open, and leave your keys in the ignition...your car has a security vulnerability to being stolen. Generally speaking all bets are off if you give someone admin access since they can do anything then. SE-enabled Linux limits things (and it would have stopped Snowden btw), but it takes something like that. With Windows, admins pretty much have the keys to the kingdom to do what they want on that system.
 
Joined
Dec 31, 2009
Messages
19,371 (3.54/day)
Benchmark Scores Faster than yours... I'd bet on it. :)
Or not , that's another thing about it. Meltdown had a CVE entry a year before all of it became widely known , yet another reason not to take this too seriously.
I know sites who talked with CTS. They are waiting on CVE numbers as they have not done a public disclosure of vulnerabilities before.

I'll post a link later tonight when it is published. ;)
 
Joined
Feb 14, 2012
Messages
2,356 (0.50/day)
System Name msdos
Processor 8086
Motherboard mainboard
Cooling passive
Memory 640KB + 384KB extended
Video Card(s) EGA
Storage 5.25"
Display(s) 80x25
Case plastic
Audio Device(s) modchip
Power Supply 45 watts
Mouse serial
Keyboard yes
Software disk commander
Benchmark Scores still running
I know sites who talked with CTS. They are waiting on CVE numbers as they have not done a public disclosure of vulnerabilities before.

But 16 years of security industry experience!
 
Joined
Oct 4, 2013
Messages
86 (0.02/day)
The AMD defense force doesn’t have a single evidence to debunk their findings. It may be fake it may be real. But let’s hide this because it hurts mah favorite brand.
There's nothing to defend here when there are zero evidence and obviously the whitepaper barely makes any sense. You need a signed bios in one attack to run the malicious code.
It's like saying that MS is potentially distributing malware, because they sign their and their partners' drivers with a key and if that key is available, then you could sign your malware and spread it as MS software.
This has happened before and the key was published by mistake by microsoft... that's how you get those rights to produce and run signed s/w.
Can we just stop with the anti-semitic crap already?
Ain't helping.
What has this become, the JIDF?
The guy said that Jew politics are shady, and reality shows that they claimed Palestine's land as theirs, they built a Wall to keep the natives away from their territory, they keep expanding their borders with various methods, including bombing and they kill on sight anyone who seems not to happy about those israeli soldiers who walk around with rifles.
You should not disagree with the jews, goy, that's antisemetic.:kookoo:

Malware, through same methods that infects thousands of PC each day.
You have 0, that's zero, idea what you are talking about. Malware is many things, it's adware, trojan, virus, rootkit. Most malware doesn't run with root priviledges in many systems, it just needs a certain type of privileges to do its work. Most malware doesn't get planted magically on a PC, and it is usually a user's fault.
I could go on and on, but it's a lost cause, with people who have already shaped opinions and specific dislikes, not even mentioning the theoretical background.
Anyhoo, here's a simple example about the "rm -rf /" malware.
System: Loonix distro w/ systemd.
Systemd mounts Bios partitions in /dev/ and some versions mount it with write privileges for the root user...
If you "run rm -rf /" , you delete parts of your memory mapped bios. what does this mean? It means for for the motherboard to get bricked.
2 bios chips? you have a great chance that you will get it to POST in the next reboot.
1 bios chip? either you have to bring your soldering iron, or try an SPI programmer and there might be a chance for that motherboard.
How does this example align with the current situation?
You could for example take that file pointer from /dev/ and fill it with your "crafted bios"
then from the paper:
>Exploiting MASTERKEYrequires an attacker to be able to reflash the BIOS with a specially crafted BIOS update
nice, and how do you do that
>we suspect an attacker couldoccasionally still succeed in reflashing the BIOS
"suspect"... so you are not very sure.
let's go forth
>This could be done by first exploiting RYZENFALL or FALLOUT
nice, so I have to read Ryzenfall (that's a big claim there on the name) first
let's go to Ryzenfall's technique.
>Accessing the Secure Processor is done through a vendor supplied driver that is digitally signed
What?
So you tell me that asrock, asus, asmedia, american bios, can haz malware with their AMD supplied key?
so, you get the sign, you sign your code and this means that you can have either some microcode running on the cpu in ring -X, or on the bios itself.
How do you obtain the key? well someone has to provide it to you.
So there's no flaw there, a CPU, a peripheral, an embedded system _must_ run digitally signed firmware.
Where's the flaw? I have no idea? MS mistakenly had debug symbols on one of their supplied drivers, they lost a key, they invalidated it and its past.... we had good laughs.

But how come the almighty hack4z0rd W2zzard come up with "malware?
let's see the paper: a 20 page whitepaper that has zero facts, many mistakes, some ridiculous assumptions and some repetitive charts has 32 occurrences of the word "malware".
They are talking about the Arm Trustzone security "flaws", which ofc you have to exploit(if any) in order to gain access to the AMD PSP processor and there's hardly any mention of "Arm flaw".
There's some claim on twitter by one of the CTS guys, that ASMedia has an open windows on their firmware and there's no "ASMedia flaw" (they even say that asmedia's flaw exists because a few years ago asmedia lost a key :facepalm: )

conclusion:
there are some people out there, like w2zzard, who feel that it is their duty to bash some companies... and this has an impact on their sites. I found this thread because w2zzard wrote what he thinks is plausible, backlinks to amdflaws.com, then amdflaws.com backlinks here to say that this is a credible source(someone's opinion) so go read the "article on tpu or vice( :puke: ) or other yellow sites.
If there's some PoC that does this, e.g. they get the key from a signed f/w with debug symbols still on the binary( doubt it coz of many embedded system reasons), then you just gain the ability to talk to the cpu. the Arm trustzone and the AMD PSP is well documented on some extend, therefore there's no "security by obscurity" as e.g. in the Intel ME where they didn't even said to the people that they ran on minix.
Unlike the PSP, ME has security flaws, that's why they found many parts of that system, that's how they found the OS it's running, the TCP/IP stack and so forth... that's how the documentation for the ME was written.
Arm trustzone IPs and f/w is available for purchase via Arm holdings. There's nothing to hide, the system has perfect documentation and there's a sh-tload of companies using it and debugging it. You set your own key and the system is secured.
That's a totally different approach and to be quite honest security by obscurity was a method they used in the 50s and 60s.

bonus:
the fail overflow team managed to get priviledges on the ps4 to run linux. how did they did it? there's a video on yt about this. The most interesting thing is that they had physical access to the board, a soldering iron, cables, programmers and a southbridge that was not made by AMD and had privileges to do IOMMU/DMA with the cpu.
They could easily claim "amdead" "ambankrupt" "$0 stock value" and what not, but they are professionals, first, and foremost they are people who have the background to do such exploits.
They knew it's not a Jaguar flaw when your southbridge rights on the memory of the system which is supposed to alter.

grats TPU, you gained, for another time, a few cheap Clicks.
clap();
wait(2000);
clap();
wait(2000);
clap();
return;

P.S.: I might be a Jew, you don't know. Disagreeing with me makes you an potential anti-semite. How does that make you feel? How are you going to sleep tonight?
P.S.: I wonder if there's an occurrence of code running so close to the metal and called malware. If my memory serves me right, this term is not used in bare metal situations and requires an OS and a security flaw to be called malware by researchers (those who submit papers, not those with a credit card and internet access to namecheap for a domain), but I am not sure. Food for thought anyways. See ya in several years again when another bubble hits the market.
 
Joined
Sep 6, 2013
Messages
3,392 (0.82/day)
Location
Athens, Greece
System Name 3 desktop systems: Gaming / Internet / HTPC
Processor Ryzen 5 7600 / Ryzen 5 4600G / Ryzen 5 5500
Motherboard X670E Gaming Plus WiFi / MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2)
Cooling Aigo ICE 400SE / Segotep T4 / Νoctua U12S
Memory Kingston FURY Beast 32GB DDR5 6000 / 16GB JUHOR / 32GB G.Skill RIPJAWS 3600 + Aegis 3200
Video Card(s) ASRock RX 6600 + GT 710 (PhysX) / Vega 7 integrated / Radeon RX 580
Storage NVMes, ONLY NVMes / NVMes, SATA Storage / NVMe, SATA, external storage
Display(s) Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) / 19'' HP monitor + BlitzWolf BW-V5
Case Sharkoon Rebel 12 / CoolerMaster Elite 361 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Keyboard CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Software Windows 10 / Windows 10&Windows 11 / Windows 10
CTS Labs says they didn't share technical information about how to take advantage of these vulnerabilities, so hackers don't use these vulnerabilities.

Considering how much they tried to make themselves known to about everyone, how hard they try to destroy AMD's image and the fact that Viceroy research had information in advance, I am fearing that all technical information needed to take advantage of those vulnerabilities are already at the hands of very nasty people who are going to start the second attack to AMD pretty soon. That would be probably an attack on a company or organization using AMD hardware (AMD themselves should take extra steps of securing themselves). I wouldn't be surprised if we learn soon about a security breach where Ryzen systems where compromised.
Just a thought.
 
Joined
Dec 22, 2011
Messages
289 (0.06/day)
Processor Ryzen 7 5800X3D
Motherboard Asus Prime X570 Pro
Cooling Deepcool LS-720
Memory 32 GB (4x 8GB) DDR4-3600 CL16
Video Card(s) PowerColor Radeon RX 7900 XTX Red Devil
Storage Samsung PM9A1 (980 Pro OEM) + 960 Evo NVMe SSD + 830 SATA SSD + Toshiba & WD HDD's
Display(s) Samsung C32HG70
Case Lian Li O11D Evo
Audio Device(s) Sound Blaster Zx
Power Supply Seasonic 750W Focus+ Platinum
Mouse Logitech G703 Lightspeed
Keyboard SteelSeries Apex Pro
Software Windows 11 Pro
CTS Labs says they didn't share technical information about how to take advantage of these vulnerabilities, so hackers don't use these vulnerabilities.

Considering how much they tried to make themselves known to about everyone, how hard they try to destroy AMD's image and the fact that Viceroy research had information in advance, I am fearing that all technical information needed to take advantage of those vulnerabilities are already at the hands of very nasty people who are going to start the second attack to AMD pretty soon. That would be probably an attack on a company or organization using AMD hardware (AMD themselves should take extra steps of securing themselves). I wouldn't be surprised if we learn soon about a security breach where Ryzen systems where compromised.
Just a thought.
First part yes, second part no. Their POC's will still require those admin accesses and signed malicious drivers or signed malicious BIOS - if those "nasty people" could use them, those systems would have been compromised beforehand and it doesn't matter if they had the POCs at hand or not, they would still do nasty stuff
 
Joined
Oct 4, 2013
Messages
86 (0.02/day)
CTS Labs says they didn't share technical information about how to take advantage of these vulnerabilities, so hackers don't use these vulnerabilities.

Considering how much they tried to make themselves known to about everyone, how hard they try to destroy AMD's image and the fact that Viceroy research had information in advance, I am fearing that all technical information needed to take advantage of those vulnerabilities are already at the hands of very nasty people who are going to start the second attack to AMD pretty soon. That would be probably an attack on a company or organization using AMD hardware (AMD themselves should take extra steps of securing themselves). I wouldn't be surprised if we learn soon about a security breach where Ryzen systems where compromised.
Just a thought.
I think this will help a lot of people

This is supposedly one guy who has seen some code that does the trick on the Zen cpus.
What he says here, is that we are looking at some s/w exploit, not even related to the Zen architecture.

First part yes, second part no. Their POC's will still require those admin accesses and signed malicious drivers or signed malicious BIOS - if those "nasty people" could use them, those systems would have been compromised beforehand and it doesn't matter if they had the POCs at hand or not, they would still do nasty stuff
the only way this can happen is one of the keys to be slipped outside of some OEM's sandbox(paid shills? corporate spies? id1ots?).
Don't forget that Arm trustzone and AMD PSP have no hardwired keys on their silicon.... unlike other approaches.
 
Top