AMD chip security
Posted by Mr magoo on 15 August 2004 - 17:27 · 26 comments & 1691 views
About the Author
Full name: Unknown
Forum name:
Mr magoo
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name:
Mr magooContact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(1 reply)
#1 Posted by slang123 on 15 Aug 2004 - 17:37
- Yea the feature could be abused, but its not that big a deal. In future use authentication technology, lesson learnt.
-
#1.1 Posted by rogerroger on 16 Aug 2004 - 04:41
- The possibility of this happening is so remote, why even bother with posting this as news. You could probably have better odds of being struck by lightning twice!
-
#2 Posted by figgy on 15 Aug 2004 - 17:43
- What is converning there is already a exploit which allows usermode program to run in Kernel space.
-
(1 reply)
#3 Posted by Tiburon on 15 Aug 2004 - 17:52
- Whats the big deal, if its updateable, couldn't they just release an update that provides the needed security?
-
#3.1 Posted by ArtOf_War on 15 Aug 2004 - 20:15
QUOTE Whats the big deal, if its updateable, couldn't they just release an update that provides the needed security?
my thoughts exactly, they release a new microcode that updates the microcode uppdater to require digital signing before anyone exploits it
-
(4 replies)
#4 Posted by kitchenutensils on 15 Aug 2004 - 18:28
- i have asus update... is this what its talking about?
-
#4.1 Posted by DELTA75329 on 15 Aug 2004 - 19:18
- Write this down: "NO."
-
#4.2 Posted by uber-pea on 15 Aug 2004 - 20:10
- Write this down: "There is no harm in being polite and answering a question properly."
-
#5 Posted by SentientPC on 15 Aug 2004 - 18:29
- The code in the linked article has been reworked by a Slashdot reader and posted to http://dev.gentoo.org/~kugelfang/k8-ucode/.
This *might* have some interesting implications when we see K8-derived, 64-bit 'neutered' Semprons out and about, ala http://www.anandtech.com/cpuchipsets/showd...aspx?i=2139&p=3. Of course, it will obviously depend on the specific method AMD used to neuter them.
Last edited by 35397 on 16 Aug 2004 - 04:28
-
#6 Posted by DELTA75329 on 15 Aug 2004 - 19:21
- I think AMD should respond to this. Perhaps they should explain the other side of the story and mention that it is perhaps diffult to push that kind of compromising update to the chip?? If true, that would explain that the problem is essentially hypothetical, at least for now.
Either way, if Intel is validating microcode, it sounds like AMD should be doing the same.
-
#7 Posted by Q25 on 15 Aug 2004 - 20:19
QUOTE If one is able to get root access on a machine
oh well.. so many other things could happen then..
-
#8 Posted by SimplyPotatoes on 15 Aug 2004 - 20:43
- this seems retarded, i can think of better thing to do with root. sure there is a security flaw, but its much too hyped.
-
#9 Posted by Emon on 15 Aug 2004 - 21:01
- "If one is able to get root access on a machine"
if someone gets root access then why bother messing with microcode ...
just run rm -r /
-
(6 replies)
#10 Posted by NinjaOfLove on 15 Aug 2004 - 21:17
- If this story was about Intel all the fanboys would be out.
-
#10.1 Posted by Zombie9920 on 15 Aug 2004 - 22:17
- Word
-
#10.2 Posted by stezo2k on 15 Aug 2004 - 22:40
- to be honest, i'm suprised i havent seen any bad intel favoritised comments yet
-
#10.3 Posted by Radium on 16 Aug 2004 - 00:18
- It proves something... and you all know what I mean and you boys and girls know if I am referring to you or not. (with some exceptions)
If this were about Intel, there would be 1000 comments saying that Intel sucks in one way or another.
Anyway. At least AMD is trying and is doing pretty good so far. Giving Intel a big leason.
Isn't competition sweet?
-
#10.4 Posted by Zombie9920 on 16 Aug 2004 - 00:42
- Maybe there aren't a crapload of AMD sucks comments because most of the Intel fans are more mature than to go around posting AMD sucks, AMD sucks(Which can't be said about the other side of the fence).
-
#10.5 Posted by stezo2k on 16 Aug 2004 - 09:10
- Well to be honest, I prefer AMD over Intel, though I might sound like a fanboy, I recon AMDs cpus deserve to be recodnised, especially here in the UK when people new to PCs only know of intel
-
(1 reply)
#11 Posted by BoondockSaint on 15 Aug 2004 - 23:23
- That's assuming someone can get physical access to the server. All our servers are kept under lock and key with only 3 people who have access to the room....
Physical security is just as important as electronic security.
-
(1 reply)
#12 Posted by Unwonted on 16 Aug 2004 - 00:56
- I think if someone gets root access to your computer, which this exploit requires, you have plenty to worry about no matter what processor you use.
Essentially, the problem lies in the K8 line of chips, which includes the much celebrated 64 bit Athlon and the Opteron chip, and the way they update themselves. A Microcode (or bios updates) update allows chip makers to change code on the chip where it is faulty, saving the hassle of an expensive product recall. Using this technique, AMD patched up a problem discovered recently. A useful feature, one might think. However, AMD chips that do this (K7's don't/didn't after they discovered a problem with it!) don't appear to have any security or validation checks on Microcode updates. As such...
"If one is able to get root access on a machine even once, it is hypothetically possible to install a microcode update specifically to help compromise security from userspace at a later time. Such an update could be flashed into the BIOS to make it persistent across reboots."
Intel has had a problem with this (Microcode validation), but have got around it via implementing encryption and authentication technology; AMD have yet to do this. Real World Tech, the discovers of this issue, also speculate that, in a hypothetical situation, it might be possible also to do serious physical damage to a AMD K8 chip.
All in all, a rather depressing report for users that have shelled out big bucks for these new chips. Certainly not the kind of performance one would expect from AMD, a company that needs a tip top reputation to maintain it's level of high regard from the IT professional community to successfully compete with chip giant Intel.
Note: Please refrain from posting links to Playboy's website or any source other than news-related websites. Thank you.