Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.

What a shitty clickbait title.

virtually all AMD chips dating back to 2006, or possibly even earlier.

Title could be shorter and more precise while still having the same deeming message.

NaN
link
fedilink
English
66M

It’s not just the title that is poorly written. The entire thing is written like “the sky is falling because memory chips and big computer stuff has a broken”.

need boot capabilities in order to “exploit” this

only with broken Secure Boot implementations

already patched in EPYC microcode

a nothingburger released suspiciously a day after Intel breaks news of being sued by their own shareholders (https://www.techpowerup.com/325414/intel-faces-shareholder-lawsuit-amid-financial-turmoil-and-layoffs-company-misled-investors)

@[email protected]
link
fedilink
English
15
edit-2
3M

deleted by creator

mesamune
link
fedilink
English
7
edit-2
6M

Agreed. Im hoping to see more RISC-V processors make it to commercial hardware. We are starting to see it with some experimental single board computers and laptops, but they are still much too slow. But its getting there!

https://milkv.io/mars#buy might be a good place to start, although im looking for the spec sheet…

Ive been on the lookout for a “good enough” server with RISC-V. Would love to play around with it.

"GhostWrite is the result of an architectural flaw, a hardware bug in the XuanTie C910 and C920 CPU. These are only two of many RISC-V CPUs, but they are widely used for a variety of applications. According to the research team, vulnerable devices include:

Scaleway Elastic Metal RV1, bare-metal C910 cloud instances

  • Milk-V Pioneer, 64-core desktop/server
  • Lichee Cluster 4A, compute cluster
  • Lichee Book 4A, laptop
  • Lichee Console 4A, tiny laptop
  • Lichee Pocket 4A, gaming console
  • Sipeed Lichee Pi 4A, single-board computer (SBC)
  • Milk-V Meles, SBC
  • BeagleV-Ahead, SBC"

https://www.tomshardware.com/pc-components/cpus/ghostwrite-vulnerability-exploits-architectural-bug-in-risc-v-cpu-to-gain-root-access

Vik
link
fedilink
English
9
edit-2
6M

RISC-V ISA isn’t magically exempt from vulnerabilities. You can still be hit at a microcode level.

https://www.phoronix.com/news/GhostWrite-Vulnerability-RISC-V

For AMD, I’m wondering if OpenSIL can help prevent similar, deep system firmware vulnerabilities from lingering cross numerous product generations.

mesamune
link
fedilink
English
1
edit-2
6M

It would improve the number of eyes if you had full specs. You can arguably identify exploits and bugs much faster.

I also just want RISC-V :)

Vik
link
fedilink
English
1
edit-2
6M

I also want to see RV develop to a point where it can compete with incumbents but sinkclose isn’t a hardware vulnerability. The issue here lies with AGESA, AMD will be moving to OpenSIL hopefully around 2026.

Furthermore, RISC-V is an Open ISA but that doesn’t necessarily mean products based on this remain open.

Vik
link
fedilink
English
26M

Isn’t this specific to AGESA rather than the hardware itself?

That’s a tall order when a fab costs tens of billions of dollars to operate. Somebody needs to make a lot of dough out of the process.

they would still be vulnerable. if you only care about security, you would be running a FPGA because anything fully secure would be slow, because speculative execution is inherently full of security flaws, and also the major reason why CPUs have any semblance of performance.

I don’t think that’s the issue. As said in the article, the researchers found the flaw by reading the architecture documentation. So the flaw is in the design of the API the operating system uses to configure the CPU and related resources. This API is public (though not open source) as to allow operating system vendors to do their job. It usually comes with examples and pseudo code on how some operations work. Here is an example (PDF).

Knowing how this feature is actually implemented in hardware (if the hardware was open source) would not have helped much. I would argue you are one level too low to properly understand the consequences of the implementation.

By the vague description in the article it actually looks like a meltdown or specter like issue where some code gets executed with the inappropriate privileges. Such issues are inherent to complex designs and no amount of open-source will save you there. We need a cultural and maybe a paradigm shift on how we design CPU to fully address those issues.

you make excellent points, but not sure i can agree with your conclusion

if we had full source a variety of automated analysis and hardening tooling could be applied which is much much more efficient compared to parsing the arch docs.

Create a post

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

  • 1 user online
  • 80 users / day
  • 165 users / week
  • 456 users / month
  • 2.28K users / 6 months
  • 1 subscriber
  • 3.07K Posts
  • 43.9K Comments
  • Modlog