LinkBack URL
About LinkBacksI absolutely agree with this. And sadly Hexus is now doing the work of these scammers.Originally Posted by Tunnah
I absolutely agree with this. And sadly Hexus is now doing the work of these scammers.
OMG the AMD fanbois are seriously out in force, blindly rallying around the wagon train like their lives depend on it. Yes, this report does look very odd but to not focus on whether the threats are real or not regardless of who wrote it and what their motives are is a mistake of massive proportions. Lets have some clarity shall we?
Firstly, some seem to be conveniently ignoring the message that "some of alleged vulns require console access" and replacing it with "all alleged vulns need console access". This simply is not the case if you just read the descriptions instead of just copy'n'pasting the previous posters distorted and selective regurgitation of the suspect report. Since when has Reddit been the bastion of factual reporting? As you read down this page it's the best version of "Chinese whispers" that I've read in a long time. lol
Secondly, I'm VERY surprised at how many posters seem to believe that needing admin rights to exploit any vuln is somehow an insurmountable challenge to anyone in the business of writing malware whilst employing the very convincing social engineering tricks that the less technically savvy have to contend with on a day to day basis. It's 2018 and ensuring a piece of code gets elevated perms is still too easy. Just because you think you're clever because you know how to use separate accounts with JEP for different uses (but in reality you probably don't) do not assume that 99% of the rest of the global user base does too, because they don't, period.
Thirdly, everyone seems to have totally lost sight of the fact that we're still talking about software allegedly being able to compromise hardware - which should NEVER be possible, even with root privileges. For example, as an administrator I should NEVER be able to exploit hardware flaws to expose data such as a users credentials. Even if the vectors to exploit these alleged flaws require elevated permissions, they are still flaws!
Ignore the financial BS and forget about who said what and who's paying them, because none of that really matters. The only thing that REALLY matters is if these alleged vulns are really vulns, and if you don't think that this is the REALLY important thing to focus on then you just have your head up your own butt. Merely discrediting the source does not make the problem go away if it turns out that even a portion of it is correct. Get objective because people playing games on wallstreet doesn't mean jack if it turns out that you REALLY do have a problem, and man you're going to look really stupid if only 10% of what is reported turns out to be even slightly correct.
If only the same amount of the apparent effort to discredit the report in this thread could be put to practical use to disprove the alleged vulns. We'd all be in a much better place.
Actually very few people are discrediting the vulnerabilities, they are discrediting the ease of them being utilised. Lets boil it down to basics which are similar for each of the reported vulnerabilities:
-Requires Administrative Access - There are multiple high profile cases where having admin access allows you to do much more than what is described here on any processor on any operating system. It's literally like saying "I have the keys to the house but instead of stealing all the contents I'm going to go in and unlock a window on the other side of the house to use later". Plus most anti-exploit systems on the market have very clever anti cred protection
-Deployment of a malicious digitally signed Driver - This requires the aforementioned administrative rights but regardless. To get one of these AMD signed drivers you would either have to a) bully/pay an AMD employee to sneak a malicious driver signature under AMDs internal security radar or b) compromise AMD and steal their signing ceritficate and private key. Both are insurmountably difficult to perform and this vulnerability is not specific to AMD, it affects every piece of technology on the planet. If I were to be able to get something malicious signed by a trusted public authority, I could literally take over the vast majority of whatever the f I wanted.
-Deployment of a maliciously encoded BIOS - Basically the same as the driver and would require physical access to the machine and administrative rights. Additionally it would be pretty hard to get a malicious BIOS by under the radar considering most systems in business lock down the ability to modify the BIOS. But regardless this is still a vulnerability in the commercial market where people don't lock down the BIOS. But again, to do this would be the same analogy as the requiring of administrative access and doing this would be quite low on a malicious entities list. Again, this vulnerability is not local to AMD, it affects anything that uses a hardware abstraction layer and software to manage it
However, this does not dispute that these vulnerabilities exist, they do exist but CTS have focused on this being AMD only and have used, essentially, sensationalist propaganda to smear AMD in an effort to weaken them.
What does have credibility is that this highlights that the secure processor may allow these things to occur. This also brings up the discussion that AMD processors/boards can be compromised in transit to their target destination. Tbh, if you think that it is only AMD boards that can be compromised in transit to destination then you are a fool.
Do you know what else is a security flaw, I could torture you to get your administrative password for your computer. You should try and disprove that vulnerability to me.
afiretruck (14-03-2018),CAT-THE-FIFTH (14-03-2018),chinf (15-03-2018),Jonj1611 (14-03-2018),mercyground (14-03-2018),MLyons (14-03-2018),peterb (14-03-2018),philehidiot (14-03-2018),Pleiades (15-03-2018),satrow (14-03-2018)
"CTS" have been outed as a malicious company with financial interest in seeing AMD fail... https://www.gamersnexus.net/industry/3260-assassination-attempt-on-amd-by-viceroy-research-cts-labs
Pleiades (15-03-2018)
Hans de Vries has been doing some digging(has been around for 20 years and does CPU analysis):
https://forums.anandtech.com/threads...#post-39344315
The CTO just started a hedge fund last week.https://www.google.nl/maps/@32.0763....7i13312!8i6656
Their webside from the 17-01-2018 in the way back machine, see the contact link.
https://web.archive.org/web/20180117.../cts-labs.com/
They even changed their company logo a few weeks ago to make a look more like a security company.
Apparently Yaron Luk Zilberman had a Form D filing just last week for his (one-man?)
Hedge Fund just last week:
http://www.formds.com/issuers/ninewe...al-partners-lp
https://www.sec.gov/Archives/edgar/d...rimary_doc.xml
https://forums.anandtech.com/threads...2540299/page-6
CTS-Labs is "Catenoid Security" which was formally Flexagrid Systems Inc
A company that produced the Computer Hijacking "CrowdCores"
See for instance: "How to remove CrowdCores from your computer"
From their old website dated 17-01-2018:Yep,they used to make malware,ie,Bitcoin malware.This hijacker was used to run BitCoin mining software on the hijacked computers to make money at the expense of unsuspecting PC owners.
https://web.archive.org/web/20170130...s.com/FAQ.html
From the wayback machine because access to http://www.crowdcores.com/ is now blocked.
Forget BIOS updates, etc, as that is indeed pretty contrived, you're over thinking the issue and it is potentially right under your nose and nowhere near as difficult to exploit as some are sadly and grossly mistaken.
You're making my point quite well though because you're making an assumption on your OS being bullet proof. Forget about social engineering as that's just one vector to getting elevated perms. You are aware that just prior to Pwn2Own (which is imminent) Microsoft have released patches for 75 vulns, some of which allow elevated permissions and remote code execution? Assuming there is some element of truth within the alleged vulns, you could employ all the best practice there is but string those vulnerabilities together and you're bang in trouble. Guaranteed, Pwn2own will reveal a load more as it often does and kind of the whole point of it.
The holes in your OS exist, like it or not. Also, everyone seems to be ignoring the message that extended details have been provided to AMD and withheld from the report, so would it be stretching it to suggest the detailed information on the exploit might contain any of the known CVE's which are currently being patched, or indeed the zero-days we're yet to learn of?
Just remind me, how long did the NSA sit on stuff like Eternalblue before the rest of the world even knew about it?
The problem is we can't focus on the threats being real or not because they redacted all of the methods used to exploit them so it's impossible for their work to be peer reviewed, now we could say they only did this so the vulnerabilities can't be exploited, however that's why most reputable security researchers follow strict guidelines when it comes to divulgence.
At best we can say they made a mistake or didn't know the importance of peer review, at worst we can say they released this information for ulterior motives, either way it makes their claim less credible.
Last edited by Corky34; 14-03-2018 at 11:11 AM.
Yep,look at the marketing company they used:
We specialize in a variety of communications areas. Our team of influencers will help you develop a customized communications plan that is uniquely designed to drive success for your business.Why would a security firm need influencers.We are known for our extensive media relationships and network. Let us connect you with the right reporters, bloggers, analysts and influencers who will understand your business and share your perspective with the markets.
Its also telling when some people on forums,seem to not question why Intel was given six months before Spectre/Meltdown was told to the public,but AMD was given less than 24 hours to do so(and then start attacking everyone who questions this due to E-PEEN).
It seems the media and Viceroy research founder said the following:
According to Ian Cutress of AT the tech press was contacted before AMD.Viceroy founder Fraser Perring told Reuters that somebody anonymously emailed him a draft of the report at about 4 p.m. on Monday.
Then they paid a firm $16000:
Then the CEO of that firm goes on twitter starts defending it but initially said nothing about the fact they were paid for their work,a week before CTS-Labs told the press.New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS, which paid $16,000 for a review of the AMD vulnerabilities.
Look at his posting history(remember gun talk against pro-gun people). Even on very Intel biased forums,most people are just aghast at this tactic. You don't just blindside companies like this - how many similar things would have happened to Intel,but they were given a few months to try and investigate things.
Spectre/Meltdown was known for at least a year,and the people who discovered took a few months to verify stuff and told Intel/AMD/ARM from June 2017 onwards.
Intel,etc only told consumers this year.
Last edited by CAT-THE-FIFTH; 14-03-2018 at 11:21 AM.
Looks like AMD investors have just "shrugged" the report off anyway:
https://www.benzinga.com/analyst-rat...tive-headlines
It also looks like Viceroy really do have an axe to grind with AMD:
The last sentence is probably the most telling..Nail In The Coffin?
Viceroy Research said Tuesday there may be no coming back from the new batch of vulnerabilities, some of which the firm says will be difficult or impossible for AMD to fix. In its report, Viceroy said the vulnerabilities likely came as a result of AMD rushing products to market to avoid falling further behind its peers. After consulting experts, Viceroy said the AMD vulnerabilities could be very dangerous on an international level and could do irreparable damage to AMD on a commercial level.
“In light of CTS’s discoveries, the meteoric rise of AMD’s stock price now appears to be totally unjustified and entirely unsustainable. We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries,” Viceroy said.
CNBC had originally planned to discuss Viceroy's report on “Halftime Report” show but later canceled the segment, leading some to question its validity.
Pleiades (15-03-2018)
Hilarious. I don't suppose you've ever heard of Symantec or the reasons why they were going to loose their CA status? They had their certs compromised. How many stories of unprotected S3 buckets containing a cert that some retarded developer threw in there by mistake would you like me to link?
There is a world of difference between what we're told is impossible and what actually happens to completely shaft the good efforts. To not grasp the nettle of possibilities in compromising software is massively stupid, and to not understand that regardless of that software must NEVER pwn hardware even with admin rights means you need to just back away from the keyboard.
Came here to post just that. The whole thing looks like a hatchet job alright.
Agreed - it makes me wonder,how many similar Intel vulnerabilities,Intel might not patched quietly if given less than 24 hours before the disclosure. I can't believe there are a tiny fraction of people who seem to be supporting the way this was all done,especially from a company which did its best to hide the fact it literally wrote malware.
All they are doing is setting a precedence for other "security researchers" to go and do the same - give companies no leeway to look at any potential issues,and then blindside them to try and cause problems and short companies stock.
This is what Linus Torvald was hinting at:
It looks like the IT security world has hit a new low.
If you work in security, and think you have some morals, I think you might want to add the tag-line
"No, really, I'm not a whore. Pinky promise"
to your business card. Because I thought the whole industry was corrupt before, but it's getting ridiculous.
Last edited by CAT-THE-FIFTH; 14-03-2018 at 12:12 PM.
They say they have redacted the public version of the report - the un-redacted version being with AMD. So until AMD confirm it or not then you're not in much of a different position if they'd told they had exploits or not ... other than to feed your paranoia and/or manipulate the market.
I'm certain that there is blatant manipulation of the market going on here, but I'm a long way from doubting that the threats actually exist. To suggest that they don't just because the shady organisation isn't throwing straight dice (as various posters in this thread appear to be suggesting) is folly, of epic proportions.
I never made the assumption that an OS is bulletproof nor do I believe I am overlooking or overthinking the issue. I believe you are wanting everyone to believe, with your lack of information, that these actions described in CTS' "AMD Security Whitepaper" are actually easy to perform or even in the best interests of malware writers/hackers to commit to. Think of virus writing/hacking as a business, if you can create a virus that takes you a short amount of time to create that leverages vulnerabilities that get you access to data or keylogging via "standard" means then why would they go through all the effort (and danger) of trying to write a virus or commit to overwriting the BIOS or deploying a malicious driver. I mean, seriously, do you actually know the resources involved and how difficult it would be to push that under the radar. You want a virus to be as undetectable for as long as possible to maximise the ROI of it.
There are far more exploitable holes in Windows that allow you to do things without administrative access and I deal with protecting Enterprise systems against these on a day by day basis. Using the NSA as an example to relate to what CTS has done is laughable at best.
Actually I do and have directly dealt with emergency extractions of all Symantec products from a Customer environment because of this. On top of that, I trust Comodo about as far as I can throw them because they've been compromised at least twice and had vast amounts of their certs invalidated because some idiot leaked one of the verification and one of the root CAs.
What you are confused about is the difference between "impossible" and "not worth the effing effort". Regardless, I never said they weren't impossible but according to the Verizon breach report, the vast majority of viruses/hacks are financially driven. So therefore they're focusing on what is the fastest route to their success and frankly, these vulnerabilties won't be top of their charts.
I think you need to back away from the keyboard, take a deep breath and calm the hell down. What you're doing is assuming everyone in here is complete moron and that we're all AMD bootlickers and that we can't possibly conceive the notion that these vulnerabilities or hacks exist. You are also mistakenly identifying my devils advocacy with incompetence and stupidity. I would be insulted but I've dealt with far more powerful idiots than yourself.
CAT-THE-FIFTH (14-03-2018),chinf (15-03-2018),Pleiades (15-03-2018),satrow (14-03-2018)
Oh what a tangled web we weave when we practice to deceive.
Q. Whats the difference between a white hat and a black hat?
A. One files annual tax returns and the other doesn't.
We're led to believe that the guy that saved the planet from Wannacry also wrote malware, so whats your point? A black hat one day wakes up with a conscience, or is it a white hat decides he's not earning enough doing the right thing? They both have the same capabilities and present the same threats to global populace. They're both mercenaries, just that one decides to work for their own good and the other is drinking someone elses coolaid.
Like it or not, the good guys and the bad guys are the same people. It just depends on what side of the bed they got out of on a particular day. A bi-polar hacker - now that's a scary thought. Just saying.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote