"amdflaws.com" - What is this?

[Charlie22911]

Makes me wonder what new terrifying exploits we could find in other vendors systems that are dependent on administrative access.

This is all pretty shady though, I’m tempted to dawn the trusty ole tin based PPE for this.

 

[DaveSimmons]

In case it wasn't posted earlier, Dan Guido was paid by this "security company" to have his second opinion ready in time for the short sales scam press release:

https://twitter.com/dguido/status/973629551606681600

The AnandTech article should be updated to point out he is not really independent since they're paying him.

 

[USER8000]

This is getting even more dodgier:

https://www.cnbc.com/2018/03/13/reu...israeli-firm-says-it-finds-amd-chip-flaw.html

"New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS, which paid $16,000 for a review of the AMD vulnerabilities.

A Trail of Bits analyst spent a week reviewing detailed technical reports from CTS, along with "proof of concept" code that could be used to launch attacks on computers running vulnerable AMD chips, Trail of Bits Chief Executive Dan Guido told Reuters.

"These are real security issues in AMD code and processors" that hackers could exploit to manipulate or steal secure data, he said.

For the attacks to work, an attacker must first obtain administrator access to a targeted network, Guido said. ( Reporting by Jim Finkle in Toronto, Arjun Panchadar; Additional reporting by Noel Randewich in New York, Saqib Ahmed in New York and Shariq Khan in Bengalure; Editing by Susan Thomas and Grant McCool)"

In case it wasn't posted earlier, Dan Guido was paid by this "security company" to have his second opinion ready in time for the short sales scam press release:

https://twitter.com/dguido/status/973629551606681600

The AnandTech article should be updated to point out he is not really independent since they're paying him.

Look at one of my posts on the previous page - it was already mentioned by CNBC they were paid for their work.

 

[Malogeek]

The fact that this crap is still up in the front page is disturbing.

https://twitter.com/IanCutress/status/973598276925689856

Now he decides that there's something fishy after already posting the article? How long did it take people here and other places to do the ground work, a couple of hours?

 

[Phynaz]

Am I reading this right? AMD allows unsigned code to execute in the Secure Enclave?

That's a king sized f-up.

 

[xblax]

Am I reading this right? AMD allows unsigned code to execute in the Secure Enclave?

That's a king sized f-up.

If this turns out to be true, than yes. But would still need root/admin rights and a "vendor provided signed driver". Something similar also happened to Intels management engine recently: https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/
Sadly, these kind of security breaches happened on a regular basis over the last years.

But the details of "amdflaws" are still unknown. Even if the vulnerabilities are real, ARM Trust Zone might also be involved, because the Platform Security Processor is based on that. We'll see, but at least it should be patchable with bios updates.

Another thing is the alleged backdoor in ASMedia USB Chips / AMD Chipsets. That would apply to all mainboards with ASMedia USB3 controllers and would need separate firmware updates (if possible).

 

[Phynaz]

If this turns out to be true, than yes..

Ars has a source saying the vulnerabilities are real.

Dan Guido, a chip security expert and the CEO of security firm Trail of Bits, told Ars that whatever ulterior motives it may have, the paper accurately describes a real threat. After spending much of last week testing the proof-of-concept exploits discussed in the paper, he said, he has determined that the vulnerabilities they exploit are real.

"All the exploits work as described," he said. "The package that was shared with me had well-documented, well-described write-ups for each individual bug. They're not fake. All these things are real. I'm trying to be a measured voice. I'm not hyping them. I'm not dismissing them."

https://arstechnica.com/information...-in-amd-chips-make-bad-hacks-much-much-worse/

Persistent, undetectable.

 

[Hitman928]

Ars has a source saying the vulnerabilities are real.



https://arstechnica.com/information...-in-amd-chips-make-bad-hacks-much-much-worse/

Persistent, undetectable.

In case it wasn't posted earlier, Dan Guido was paid by this "security company" to have his second opinion ready in time for the short sales scam press release:

https://twitter.com/dguido/status/973629551606681600

The AnandTech article should be updated to point out he is not really independent since they're paying him.

You must have missed the post a few above yours. Their source was paid by CTS to review their findings. That doesn't make their statement false, but it does make it a non-independent review and therefore we are still awaiting confirmation by AMD / an independent third party.

I think the vulnerabilities are probably mostly true but are no where near what they were trying to be made out to be and most likely something AMD can patch out when given time. Time will tell.

 

[zinfamous]

Ars has a source saying the vulnerabilities are real.



https://arstechnica.com/information...-in-amd-chips-make-bad-hacks-much-much-worse/

Persistent, undetectable.

you're about a whole day late in learning about the persistent scam that this whole "event" has been. including this..."source."

 

[dark zero]

https://www.cnet.com/news/amd-has-a-spectre-meltdown-like-security-flaw-of-its-own/

I'll wait for third party confirmation of the issues before panicking. If it's legit, then it's very bad for AMD- but these guys seem more than a little shady.

Sounds like Intel's PR attack... is too weird that the attacks requieres Admin tier permissions.

 

[aigomorla]

The white paper ends by saying all of these vulnerabilities require admin-level privileges.

how is this even a exploit then.

Anyone with Admin level privileges wouldn't even need to exploit anything.

Once ur given Root / Admin privs, you can basically do anything you want without having to sort to any attack period.

If your given keys to a car, why do you need to hot start it by breaking the dash in?

 

[piesquared]

The reddit thread is pretty fun. I havnt had so much fun in a long time. Tears is running...

lol ahh so this is the IDF at work. Not all that surprising, and it all makes perfect sense now. The IDF is behind a ton of viral marketing, fake news, FUD and trolling. Likely having tantrums because of Abu Dabi's financial stake in AMD, which also explains the manipulation and continuous pressure on AMD's stock, given that the big financial institutions would be doing their work on behalf of the US government, as well as big lobby groups like AIPAC.

 

[tamz_msc]

Am I reading this right? AMD allows unsigned code to execute in the Secure Enclave?

That's a king sized f-up.

So you were completely surprised by the fact that once the murmurs regarding the PSP would finally be subject to independent audits, these issues wouldn't have been discovered?

 

[piesquared]

The fact that this garbage was posted in the way it was by Anandtech is disturbing. Looks like Ian Cutress had the information for awhile before it was made public. Did he even contact AMD himself or prefer to post a nice dramatic article for page hits?

It looks like a lot of people had it. It's as if an NDA lifted and all the publications had their stories ready to go.

 

[wahdangun]

Am I reading this right? AMD allows unsigned code to execute in the Secure Enclave?

That's a king sized f-up.

What the f....., It's need administrator privilege, install modified driver and custom bios to work, and by default you can't even run modified/unsigned driver.

Buat yeah if your line of thinking is like kiddie hax00R, then maybe it was "a king sized f-up"


So ridiculous if you think this was even an exploit.

 

[Hans de Vries]

What a joke...

CTS-Labs fake offices and server farm:

Real Office Centre (in the middle sandwiched between the Mizrahi Tefahot (םורת טפתות) bank branch and the Super Yuda...)

Catenoid Security (CTS-Labs)
Ben Yehuda St 32,
Tel Aviv-Yafo, Israel

https://www.google.nl/maps/@32.0763...4!1sKwqghLxbTtWvbLFlfySSTA!2e0!7i13312!8i6656

Their webside from the 17-01-2018 in the way back machine, see the contact link.
https://web.archive.org/web/20180117182145/http://cts-labs.com/

They even changed their company logo a few weeks ago to make a look more like a security company.

Apparently Yaron Luk Zilberman had a Form D filing just last week for his (one-man?)
Hedge Fund just last week:

http://www.formds.com/issuers/ninewells-capital-partners-lp
https://www.sec.gov/Archives/edgar/data/1517621/000151762118000001/xslFormDX01/primary_doc.xml

 

[CatMerc]

It says "Beit El Al" on the sign between Super Yuda and Mizrahi Tfahot. Beit roughly means "Home of", and ElAl is an Israeli Airliner.

Lol

 

[Hans de Vries]

CTS-Labs is "Catenoid Security" which was formally Flexagrid Systems Inc

A company that produced the Computer Hijacking "CrowdCores"

See for instance: "How to remove CrowdCores from your computer"

From their old website dated 17-01-2018:

From their modified website dated 13-03-2018:

This hijacker was used to run BitCoin mining software on the hijacked computers to make money at the expense of unsuspecting PC owners.

https://web.archive.org/web/20170130122013/http://www.crowdcores.com/FAQ.html

From the wayback machine because access to http://www.crowdcores.com/ is now blocked.

 

[Hans de Vries]

It says "Beit El Al" on the sign between Super Yuda and Mizrahi Tfahot. Beit roughly means "Home of", and ElAl is an Israeli Airliner.

Lol

Yeah the Google street view images are from 2016, don't know how it looks now.

 

[jml79]

A quick search of Flexagrid turns up a software certificate registered in 2013 with the same address. So...maybe upstairs? Either way it looks pretty fly by night and a whole lot of shady. First they make malware and now this.

http://www.herdprotect.com/signer-flexagrid-systems-ltd-00a18d390d5cac56416240e8000f697483.aspx

 

[jml79]

And that one solved. The picture is of the street level of a multi-story office building called the EL AL building.

https://www.emporis.com/buildings/154279/el-al-building-tel-aviv-yaffo-israel

 

[Mr Evil]

how is this even a exploit then...

I haven't bothered to read the white paper, but since this is supposed to be a flaw in the PSP, the risk would be if you have encrypted your drive using the TPM, then someone steals your whole PC. Normally they won't be able to decrypt the drive, but if they can pwn the PSP then they can.

It's not going to affect very many people, but it's still something that should be fixed. Note that both AMD and Intel have had similar flaws discovered in their CPUs before (which is one of the reasons people keep asking for the source code for the AMD PSP and Intel ME).

 

[ao_ika_red]

If these vulnerabilities revolve around AMD Trust Zone tech, why do they only mention Ryzen? Because I believe Trust Zone tech comes from ARM that also has been included in Carrizo APU.

 

[Peter Watts]

Maybe they are right and ya´ll are wrong... Then you need to put explosives on your 1000$ machines before it´s too late.

 

[airfathaaaaa]

well considering their previous attempts were on a drug company on south africa and a seed company on israel they thought "what can go wrong by attacking a tech giant"

did they seriously think that people wont investigate and go deep down on their throats?i mean how can you paint that something as an exploit if you need physical access admin rights and a freaking modifier driver by amd themselfs?