Page 3 of 7 FirstFirst 123456 ... LastLast
Results 33 to 48 of 101

Thread: AMD processors impacted by 13 serious flaws, says CTS Labs

  1. #33
    Member
    Join Date
    Apr 2016
    Location
    UK
    Posts
    184
    Thanks
    57
    Thanked
    29 times in 19 posts
    • chinf's system
      • Motherboard:
      • 1: Asus M5A97 R2.0; 2: Asus M5A97 LE R2.0
      • CPU:
      • 1: AMD FX-8320E, Coolermaster Seidon V120 V2; 2: AMD PhenomII X3 710, Corsair H45
      • Memory:
      • 1: 16GB ECC DDR3L-1600; 2: 16GB ECC DDR3L-1600
      • Storage:
      • 1: Sandisk SSD, 4 WD, 1 Seagate, 1 HGST, 2 Toshiba HDDs; 2: Crucial SSD, 4 Samsung HDDs
      • Graphics card(s):
      • 1: HIS Radeon HD6850, Corsair H55 & NZXT G10; 2: MSI Radeon RX 480 8GB
      • PSU:
      • 1: be quiet! Straight Power 10 400W; 2: Antec EA500D
      • Case:
      • 1: Antec P182; 2: Antec Sonata
      • Operating System:
      • 1: Ubuntu 15.10 & 16.04; 2: Ubuntu 16.04 & Win10
      • Monitor(s):
      • Dell 24" @1920x1080, Iiyama 18" CRT

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Tunnah View Post
    If I had to guess, he's for the firm involved. Most companies now are using actors to chime in on online discussions to try to sway it (really says a lot about how gullible we are).

    I can't remember who further up said it, but the news has no inclination in reporting the facts or waiting for them; they report the most sensational item, and do it first, to get those juicy juicy clicks. Anything past that is pointless, as it's not a money maker. And definitely not making corrections as they have to come from second hand information that they got wrong, nobody cares about that. The current state of the news is atrocious.
    I absolutely agree with this. And sadly Hexus is now doing the work of these scammers.

  2. #34
    rainman
    Guest

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    OMG the AMD fanbois are seriously out in force, blindly rallying around the wagon train like their lives depend on it. Yes, this report does look very odd but to not focus on whether the threats are real or not regardless of who wrote it and what their motives are is a mistake of massive proportions. Lets have some clarity shall we?

    Firstly, some seem to be conveniently ignoring the message that "some of alleged vulns require console access" and replacing it with "all alleged vulns need console access". This simply is not the case if you just read the descriptions instead of just copy'n'pasting the previous posters distorted and selective regurgitation of the suspect report. Since when has Reddit been the bastion of factual reporting? As you read down this page it's the best version of "Chinese whispers" that I've read in a long time. lol

    Secondly, I'm VERY surprised at how many posters seem to believe that needing admin rights to exploit any vuln is somehow an insurmountable challenge to anyone in the business of writing malware whilst employing the very convincing social engineering tricks that the less technically savvy have to contend with on a day to day basis. It's 2018 and ensuring a piece of code gets elevated perms is still too easy. Just because you think you're clever because you know how to use separate accounts with JEP for different uses (but in reality you probably don't) do not assume that 99% of the rest of the global user base does too, because they don't, period.

    Thirdly, everyone seems to have totally lost sight of the fact that we're still talking about software allegedly being able to compromise hardware - which should NEVER be possible, even with root privileges. For example, as an administrator I should NEVER be able to exploit hardware flaws to expose data such as a users credentials. Even if the vectors to exploit these alleged flaws require elevated permissions, they are still flaws!

    Ignore the financial BS and forget about who said what and who's paying them, because none of that really matters. The only thing that REALLY matters is if these alleged vulns are really vulns, and if you don't think that this is the REALLY important thing to focus on then you just have your head up your own butt. Merely discrediting the source does not make the problem go away if it turns out that even a portion of it is correct. Get objective because people playing games on wallstreet doesn't mean jack if it turns out that you REALLY do have a problem, and man you're going to look really stupid if only 10% of what is reported turns out to be even slightly correct.

    If only the same amount of the apparent effort to discredit the report in this thread could be put to practical use to disprove the alleged vulns. We'd all be in a much better place.

  3. #35
    Senior Member
    Join Date
    May 2014
    Posts
    641
    Thanks
    42
    Thanked
    77 times in 47 posts

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by rainman View Post
    OMG the AMD fanbois are seriously out in force, blindly rallying around the wagon train like their lives depend on it. Yes, this report does look very odd but to not focus on whether the threats are real or not regardless of who wrote it and what their motives are is a mistake of massive proportions. Lets have some clarity shall we?

    Firstly, some seem to be conveniently ignoring the message that "some of alleged vulns require console access" and replacing it with "all alleged vulns need console access". This simply is not the case if you just read the descriptions instead of just copy'n'pasting the previous posters distorted and selective regurgitation of the suspect report. Since when has Reddit been the bastion of factual reporting? As you read down this page it's the best version of "Chinese whispers" that I've read in a long time. lol

    Secondly, I'm VERY surprised at how many posters seem to believe that needing admin rights to exploit any vuln is somehow an insurmountable challenge to anyone in the business of writing malware whilst employing the very convincing social engineering tricks that the less technically savvy have to contend with on a day to day basis. It's 2018 and ensuring a piece of code gets elevated perms is still too easy. Just because you think you're clever because you know how to use separate accounts with JEP for different uses (but in reality you probably don't) do not assume that 99% of the rest of the global user base does too, because they don't, period.

    Thirdly, everyone seems to have totally lost sight of the fact that we're still talking about software allegedly being able to compromise hardware - which should NEVER be possible, even with root privileges. For example, as an administrator I should NEVER be able to exploit hardware flaws to expose data such as a users credentials. Even if the vectors to exploit these alleged flaws require elevated permissions, they are still flaws!

    Ignore the financial BS and forget about who said what and who's paying them, because none of that really matters. The only thing that REALLY matters is if these alleged vulns are really vulns, and if you don't think that this is the REALLY important thing to focus on then you just have your head up your own butt. Merely discrediting the source does not make the problem go away if it turns out that even a portion of it is correct. Get objective because people playing games on wallstreet doesn't mean jack if it turns out that you REALLY do have a problem, and man you're going to look really stupid if only 10% of what is reported turns out to be even slightly correct.

    If only the same amount of the apparent effort to discredit the report in this thread could be put to practical use to disprove the alleged vulns. We'd all be in a much better place.
    Actually very few people are discrediting the vulnerabilities, they are discrediting the ease of them being utilised. Lets boil it down to basics which are similar for each of the reported vulnerabilities:

    -Requires Administrative Access - There are multiple high profile cases where having admin access allows you to do much more than what is described here on any processor on any operating system. It's literally like saying "I have the keys to the house but instead of stealing all the contents I'm going to go in and unlock a window on the other side of the house to use later". Plus most anti-exploit systems on the market have very clever anti cred protection

    -Deployment of a malicious digitally signed Driver - This requires the aforementioned administrative rights but regardless. To get one of these AMD signed drivers you would either have to a) bully/pay an AMD employee to sneak a malicious driver signature under AMDs internal security radar or b) compromise AMD and steal their signing ceritficate and private key. Both are insurmountably difficult to perform and this vulnerability is not specific to AMD, it affects every piece of technology on the planet. If I were to be able to get something malicious signed by a trusted public authority, I could literally take over the vast majority of whatever the f I wanted.

    -Deployment of a maliciously encoded BIOS - Basically the same as the driver and would require physical access to the machine and administrative rights. Additionally it would be pretty hard to get a malicious BIOS by under the radar considering most systems in business lock down the ability to modify the BIOS. But regardless this is still a vulnerability in the commercial market where people don't lock down the BIOS. But again, to do this would be the same analogy as the requiring of administrative access and doing this would be quite low on a malicious entities list. Again, this vulnerability is not local to AMD, it affects anything that uses a hardware abstraction layer and software to manage it

    However, this does not dispute that these vulnerabilities exist, they do exist but CTS have focused on this being AMD only and have used, essentially, sensationalist propaganda to smear AMD in an effort to weaken them.

    What does have credibility is that this highlights that the secure processor may allow these things to occur. This also brings up the discussion that AMD processors/boards can be compromised in transit to their target destination. Tbh, if you think that it is only AMD boards that can be compromised in transit to destination then you are a fool.

    Do you know what else is a security flaw, I could torture you to get your administrative password for your computer. You should try and disprove that vulnerability to me.

  4. Received thanks from:

    afiretruck (14-03-2018),CAT-THE-FIFTH (14-03-2018),chinf (15-03-2018),Jonj1611 (14-03-2018),mercyground (14-03-2018),MLyons (14-03-2018),peterb (14-03-2018),philehidiot (14-03-2018),Pleiades (15-03-2018),satrow (14-03-2018)

  5. #36
    Registered+
    Join Date
    Jun 2013
    Posts
    38
    Thanks
    2
    Thanked
    1 time in 1 post
    • LtSkitzo's system
      • Motherboard:
      • Asus Gryphon Z97 Armored Edition
      • CPU:
      • Intel i7 4790k
      • Memory:
      • 8GB Corsair Vengance 1600Mhz
      • Storage:
      • Sandisk 128 SSD + 2TB WD 7200RPM Blue Raid 0
      • Graphics card(s):
      • Saphire Tri-X Fury OC Edition
      • PSU:
      • Corsair RM850i
      • Case:
      • Fractal Design Arc Midi R2
      • Operating System:
      • Windows 10
      • Monitor(s):
      • ASUS MG279Q - 27", IPS, 144hz
      • Internet:
      • 40Mbs Talk talk

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    "CTS" have been outed as a malicious company with financial interest in seeing AMD fail... https://www.gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs

  6. Received thanks from:

    Pleiades (15-03-2018)

  7. #37
    Comrade Moose CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Moosetopia
    Posts
    27,588
    Thanks
    3,016
    Thanked
    4,229 times in 3,277 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Hans de Vries has been doing some digging(has been around for 20 years and does CPU analysis):

    https://forums.anandtech.com/threads...#post-39344315

    https://www.google.nl/maps/@32.0763....7i13312!8i6656

    Their webside from the 17-01-2018 in the way back machine, see the contact link.
    https://web.archive.org/web/20180117.../cts-labs.com/

    They even changed their company logo a few weeks ago to make a look more like a security company.

    Apparently Yaron Luk Zilberman had a Form D filing just last week for his (one-man?)
    Hedge Fund just last week:

    http://www.formds.com/issuers/ninewe...al-partners-lp
    https://www.sec.gov/Archives/edgar/d...rimary_doc.xml
    The CTO just started a hedge fund last week.

    https://forums.anandtech.com/threads...2540299/page-6

    CTS-Labs is "Catenoid Security" which was formally Flexagrid Systems Inc

    A company that produced the Computer Hijacking "CrowdCores"

    See for instance: "How to remove CrowdCores from your computer"

    From their old website dated 17-01-2018:
    This hijacker was used to run BitCoin mining software on the hijacked computers to make money at the expense of unsuspecting PC owners.

    https://web.archive.org/web/20170130...s.com/FAQ.html

    From the wayback machine because access to http://www.crowdcores.com/ is now blocked.
    Yep,they used to make malware,ie,Bitcoin malware.


    Those despicable Elk,stealing the pond weed!

  8. #38
    rainman
    Guest

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Tabbykatze View Post
    Actually very few people are discrediting the vulnerabilities, they are discrediting the ease of them being utilised. Lets boil it down to basics which are similar for each of the reported vulnerabilities:

    -Requires Administrative Access - There are multiple high profile cases where having admin access allows you to do much more than what is described here on any processor on any operating system. It's literally like saying "I have the keys to the house but instead of stealing all the contents I'm going to go in and unlock a window on the other side of the house to use later". Plus most anti-exploit systems on the market have very clever anti cred protection
    Forget BIOS updates, etc, as that is indeed pretty contrived, you're over thinking the issue and it is potentially right under your nose and nowhere near as difficult to exploit as some are sadly and grossly mistaken.

    You're making my point quite well though because you're making an assumption on your OS being bullet proof. Forget about social engineering as that's just one vector to getting elevated perms. You are aware that just prior to Pwn2Own (which is imminent) Microsoft have released patches for 75 vulns, some of which allow elevated permissions and remote code execution? Assuming there is some element of truth within the alleged vulns, you could employ all the best practice there is but string those vulnerabilities together and you're bang in trouble. Guaranteed, Pwn2own will reveal a load more as it often does and kind of the whole point of it.

    The holes in your OS exist, like it or not. Also, everyone seems to be ignoring the message that extended details have been provided to AMD and withheld from the report, so would it be stretching it to suggest the detailed information on the exploit might contain any of the known CVE's which are currently being patched, or indeed the zero-days we're yet to learn of?

    Just remind me, how long did the NSA sit on stuff like Eternalblue before the rest of the world even knew about it?

  9. #39
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,151
    Thanks
    237
    Thanked
    240 times in 171 posts

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by rainman View Post
    OMG the AMD fanbois are seriously out in force, blindly rallying around the wagon train like their lives depend on it. Yes, this report does look very odd but to not focus on whether the threats are real or not regardless of who wrote it and what their motives are is a mistake of massive proportions. Lets have some clarity shall we?
    The problem is we can't focus on the threats being real or not because they redacted all of the methods used to exploit them so it's impossible for their work to be peer reviewed, now we could say they only did this so the vulnerabilities can't be exploited, however that's why most reputable security researchers follow strict guidelines when it comes to divulgence.

    At best we can say they made a mistake or didn't know the importance of peer review, at worst we can say they released this information for ulterior motives, either way it makes their claim less credible.
    Last edited by Corky34; 14-03-2018 at 11:11 AM.

  10. Received thanks from:

    chinf (15-03-2018),Pleiades (15-03-2018)

  11. #40
    Comrade Moose CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Moosetopia
    Posts
    27,588
    Thanks
    3,016
    Thanked
    4,229 times in 3,277 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Tunnah View Post
    If I had to guess, he's for the firm involved. Most companies now are using actors to chime in on online discussions to try to sway it (really says a lot about how gullible we are).

    I can't remember who further up said it, but the news has no inclination in reporting the facts or waiting for them; they report the most sensational item, and do it first, to get those juicy juicy clicks. Anything past that is pointless, as it's not a money maker. And definitely not making corrections as they have to come from second hand information that they got wrong, nobody cares about that. The current state of the news is atrocious.
    Yep,look at the marketing company they used:

    We specialize in a variety of communications areas. Our team of influencers will help you develop a customized communications plan that is uniquely designed to drive success for your business.
    We are known for our extensive media relationships and network. Let us connect you with the right reporters, bloggers, analysts and influencers who will understand your business and share your perspective with the markets.
    Why would a security firm need influencers.

    Its also telling when some people on forums,seem to not question why Intel was given six months before Spectre/Meltdown was told to the public,but AMD was given less than 24 hours to do so(and then start attacking everyone who questions this due to E-PEEN).

    It seems the media and Viceroy research founder said the following:

    Viceroy founder Fraser Perring told Reuters that somebody anonymously emailed him a draft of the report at about 4 p.m. on Monday.
    According to Ian Cutress of AT the tech press was contacted before AMD.

    Then they paid a firm $16000:

    New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS, which paid $16,000 for a review of the AMD vulnerabilities.
    Then the CEO of that firm goes on twitter starts defending it but initially said nothing about the fact they were paid for their work,a week before CTS-Labs told the press.

    Quote Originally Posted by Corky34 View Post
    The problem is we can't focus on the threats being real or not because they redacted all of the methods used to exploit them so it's impossible for their work to be peer reviewed, now we could say they only did this so the vulnerabilities can't be exploited, however that's why most reputable security researchers follow strict guidelines when it comes to divulgence.

    At best we can say they made a mistake or didn't know the importance of peer review, at worst we can say they released this information for ulterior motives, either way it makes their claim less credible.
    Look at his posting history(remember gun talk against pro-gun people). Even on very Intel biased forums,most people are just aghast at this tactic. You don't just blindside companies like this - how many similar things would have happened to Intel,but they were given a few months to try and investigate things.

    Spectre/Meltdown was known for at least a year,and the people who discovered took a few months to verify stuff and told Intel/AMD/ARM from June 2017 onwards.

    Intel,etc only told consumers this year.
    Last edited by CAT-THE-FIFTH; 14-03-2018 at 11:21 AM.


    Those despicable Elk,stealing the pond weed!

  12. #41
    Orbiting The Hand's Avatar
    Join Date
    Mar 2004
    Location
    Lincoln, UK
    Posts
    1,385
    Thanks
    134
    Thanked
    74 times in 58 posts
    • The Hand's system
      • Motherboard:
      • Gigabyte AB350 Gaming-3
      • CPU:
      • Ryzen 5 2400G
      • Memory:
      • 16GB Patriot Viper DDR4 3200mhz (8GBx2)
      • Storage:
      • 1TB Toshiba SSHD
      • Graphics card(s):
      • Vega 11 (APU)
      • PSU:
      • Corsair Modular 520w
      • Case:
      • Coolermaster Praetorian
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Sony 32 inch HD TV
      • Internet:
      • 20Mbps Fibre

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Looks like AMD investors have just "shrugged" the report off anyway:

    https://www.benzinga.com/analyst-rat...tive-headlines

    It also looks like Viceroy really do have an axe to grind with AMD:

    Nail In The Coffin?

    Viceroy Research said Tuesday there may be no coming back from the new batch of vulnerabilities, some of which the firm says will be difficult or impossible for AMD to fix. In its report, Viceroy said the vulnerabilities likely came as a result of AMD rushing products to market to avoid falling further behind its peers. After consulting experts, Viceroy said the AMD vulnerabilities could be very dangerous on an international level and could do irreparable damage to AMD on a commercial level.

    “In light of CTS’s discoveries, the meteoric rise of AMD’s stock price now appears to be totally unjustified and entirely unsustainable. We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries,” Viceroy said.

    CNBC had originally planned to discuss Viceroy's report on “Halftime Report” show but later canceled the segment, leading some to question its validity.
    The last sentence is probably the most telling..

  13. Received thanks from:

    Pleiades (15-03-2018)

  14. #42
    rainman
    Guest

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Tabbykatze View Post

    -Deployment of a malicious digitally signed Driver - This requires the aforementioned administrative rights but regardless. To get one of these AMD signed drivers you would either have to a) bully/pay an AMD employee to sneak a malicious driver signature under AMDs internal security radar or b) compromise AMD and steal their signing ceritficate and private key. Both are insurmountably difficult to perform and this vulnerability is not specific to AMD, it affects every piece of technology on the planet. If I were to be able to get something malicious signed by a trusted public authority, I could literally take over the vast majority of whatever the f I wanted.
    Hilarious. I don't suppose you've ever heard of Symantec or the reasons why they were going to loose their CA status? They had their certs compromised. How many stories of unprotected S3 buckets containing a cert that some retarded developer threw in there by mistake would you like me to link?

    There is a world of difference between what we're told is impossible and what actually happens to completely shaft the good efforts. To not grasp the nettle of possibilities in compromising software is massively stupid, and to not understand that regardless of that software must NEVER pwn hardware even with admin rights means you need to just back away from the keyboard.

  15. #43
    Senior Member
    Join Date
    Dec 2013
    Posts
    2,151
    Thanks
    237
    Thanked
    240 times in 171 posts

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs


  16. Received thanks from:

    aidanjt (14-03-2018),chinf (15-03-2018),Pleiades (15-03-2018)

  17. #44
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    10,745
    Thanks
    934
    Thanked
    909 times in 675 posts
    • aidanjt's system
      • Motherboard:
      • Asus Maximus VII Gene
      • CPU:
      • Intel i7-4771
      • Memory:
      • 2x8GB Corsiar LP 1866MHz C10
      • Storage:
      • 250GB Samsung 850 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • Corsair RM550
      • Case:
      • Fractal Design Define Mini
      • Operating System:
      • Windows 7 x64
      • Monitor(s):
      • Asus MK241
      • Internet:
      • 240mbps UPC Cable

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Corky34 View Post
    <video>
    Came here to post just that. The whole thing looks like a hatchet job alright.
    Quote Originally Posted by Agent View Post
    ...every time Creative bring out a new card range their advertising makes it sound like they have discovered a way to insert a thousand Chuck Norris super dwarfs in your ears...

  18. #45
    Comrade Moose CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Moosetopia
    Posts
    27,588
    Thanks
    3,016
    Thanked
    4,229 times in 3,277 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by aidanjt View Post
    Came here to post just that. The whole thing looks like a hatchet job alright.
    Agreed - it makes me wonder,how many similar Intel vulnerabilities,Intel might not patched quietly if given less than 24 hours before the disclosure. I can't believe there are a tiny fraction of people who seem to be supporting the way this was all done,especially from a company which did its best to hide the fact it literally wrote malware.

    All they are doing is setting a precedence for other "security researchers" to go and do the same - give companies no leeway to look at any potential issues,and then blindside them to try and cause problems and short companies stock.

    This is what Linus Torvald was hinting at:

    It looks like the IT security world has hit a new low.

    If you work in security, and think you have some morals, I think you might want to add the tag-line

    "No, really, I'm not a whore. Pinky promise"

    to your business card. Because I thought the whole industry was corrupt before, but it's getting ridiculous.
    Last edited by CAT-THE-FIFTH; 14-03-2018 at 12:12 PM.


    Those despicable Elk,stealing the pond weed!

  19. #46
    rainman
    Guest

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by Corky34 View Post
    The problem is we can't focus on the threats being real or not because they redacted all of the methods used to exploit them so it's impossible for their work to be peer reviewed, now we could say they only did this so the vulnerabilities can't be exploited, however that's why most reputable security researchers follow strict guidelines when it comes to divulgence.

    At best we can say they made a mistake or didn't know the importance of peer review, at worst we can say they released this information for ulterior motives, either way it makes their claim less credible.
    They say they have redacted the public version of the report - the un-redacted version being with AMD. So until AMD confirm it or not then you're not in much of a different position if they'd told they had exploits or not ... other than to feed your paranoia and/or manipulate the market.

    I'm certain that there is blatant manipulation of the market going on here, but I'm a long way from doubting that the threats actually exist. To suggest that they don't just because the shady organisation isn't throwing straight dice (as various posters in this thread appear to be suggesting) is folly, of epic proportions.

  20. #47
    Senior Member
    Join Date
    May 2014
    Posts
    641
    Thanks
    42
    Thanked
    77 times in 47 posts

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by rainman View Post
    Forget BIOS updates, etc, as that is indeed pretty contrived, you're over thinking the issue and it is potentially right under your nose and nowhere near as difficult to exploit as some are sadly and grossly mistaken.

    You're making my point quite well though because you're making an assumption on your OS being bullet proof. Forget about social engineering as that's just one vector to getting elevated perms. You are aware that just prior to Pwn2Own (which is imminent) Microsoft have released patches for 75 vulns, some of which allow elevated permissions and remote code execution? Assuming there is some element of truth within the alleged vulns, you could employ all the best practice there is but string those vulnerabilities together and you're bang in trouble. Guaranteed, Pwn2own will reveal a load more as it often does and kind of the whole point of it.

    The holes in your OS exist, like it or not. Also, everyone seems to be ignoring the message that extended details have been provided to AMD and withheld from the report, so would it be stretching it to suggest the detailed information on the exploit might contain any of the known CVE's which are currently being patched, or indeed the zero-days we're yet to learn of?

    Just remind me, how long did the NSA sit on stuff like Eternalblue before the rest of the world even knew about it?
    I never made the assumption that an OS is bulletproof nor do I believe I am overlooking or overthinking the issue. I believe you are wanting everyone to believe, with your lack of information, that these actions described in CTS' "AMD Security Whitepaper" are actually easy to perform or even in the best interests of malware writers/hackers to commit to. Think of virus writing/hacking as a business, if you can create a virus that takes you a short amount of time to create that leverages vulnerabilities that get you access to data or keylogging via "standard" means then why would they go through all the effort (and danger) of trying to write a virus or commit to overwriting the BIOS or deploying a malicious driver. I mean, seriously, do you actually know the resources involved and how difficult it would be to push that under the radar. You want a virus to be as undetectable for as long as possible to maximise the ROI of it.

    There are far more exploitable holes in Windows that allow you to do things without administrative access and I deal with protecting Enterprise systems against these on a day by day basis. Using the NSA as an example to relate to what CTS has done is laughable at best.

    Quote Originally Posted by rainman View Post
    Hilarious. I don't suppose you've ever heard of Symantec or the reasons why they were going to loose their CA status? They had their certs compromised. How many stories of unprotected S3 buckets containing a cert that some retarded developer threw in there by mistake would you like me to link?

    There is a world of difference between what we're told is impossible and what actually happens to completely shaft the good efforts. To not grasp the nettle of possibilities in compromising software is massively stupid, and to not understand that regardless of that software must NEVER pwn hardware even with admin rights means you need to just back away from the keyboard.
    Actually I do and have directly dealt with emergency extractions of all Symantec products from a Customer environment because of this. On top of that, I trust Comodo about as far as I can throw them because they've been compromised at least twice and had vast amounts of their certs invalidated because some idiot leaked one of the verification and one of the root CAs.

    What you are confused about is the difference between "impossible" and "not worth the effing effort". Regardless, I never said they weren't impossible but according to the Verizon breach report, the vast majority of viruses/hacks are financially driven. So therefore they're focusing on what is the fastest route to their success and frankly, these vulnerabilties won't be top of their charts.

    I think you need to back away from the keyboard, take a deep breath and calm the hell down. What you're doing is assuming everyone in here is complete moron and that we're all AMD bootlickers and that we can't possibly conceive the notion that these vulnerabilities or hacks exist. You are also mistakenly identifying my devils advocacy with incompetence and stupidity. I would be insulted but I've dealt with far more powerful idiots than yourself.

  21. Received thanks from:

    CAT-THE-FIFTH (14-03-2018),chinf (15-03-2018),Pleiades (15-03-2018),satrow (14-03-2018)

  22. #48
    rainman
    Guest

    Re: AMD processors impacted by 13 serious flaws, says CTS Labs

    Quote Originally Posted by CAT-THE-FIFTH View Post
    I can't believe there are a tiny fraction of people who seem to be supporting the way this was all done,especially from a company which did its best to hide the fact it literally wrote malware.

    All they are doing is setting a precidence for other "security researchers" to go and do the same - give companies no leeway to look at any potential issues,and then blindside them to try and cause problems and short companies stock.
    Oh what a tangled web we weave when we practice to deceive.

    Q. Whats the difference between a white hat and a black hat?
    A. One files annual tax returns and the other doesn't.

    We're led to believe that the guy that saved the planet from Wannacry also wrote malware, so whats your point? A black hat one day wakes up with a conscience, or is it a white hat decides he's not earning enough doing the right thing? They both have the same capabilities and present the same threats to global populace. They're both mercenaries, just that one decides to work for their own good and the other is drinking someone elses coolaid.

    Like it or not, the good guys and the bad guys are the same people. It just depends on what side of the bed they got out of on a particular day. A bi-polar hacker - now that's a scary thought. Just saying.

Page 3 of 7 FirstFirst 123456 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •