Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
MSI Clutch GM31 Lightweight​ (+Wireless) mice review
AMD Ryzen 9 7900 processor review
AMD Ryzen 7 7700 processor review
AMD Ryzen 5 7600 processor review

New Downloads
CPU-Z download v2.04
Intel ARC graphics Driver Download Version: 31.0.101.4090
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download
HWiNFO Download v7.36
MSI Afterburner 4.6.5 (Beta 4) Download


New Forum Topics
Monitor turns black and windows disable my GPU driver Amernime Zone AMD Software: Adrenalin / Pro Driver - Release Discovery 22.12.2 WHQL AMD Software: Adrenalin Edition 23.1.2 for AMD Radeon™ RX 7900 Series NVIDIA GeForce 528.24 WHQL driver download & Discussion 7-Zip decompression speed test, the Intel Core i9-13900K is 60% faster than the i9-12900K. Forspoken implements Microsoft's DirectStorage API, faster load times; lowers FPS; raises FPS? 4th proprietary graphics driver is now available exclusively for AMD Radeon RX 7900 XTX and XT Intel Shares Fourth-Quarter and Full-Year 2022 Financial Results AMD Software: Adrenalin Edition 22.11.2 - Driver download and discussion Corsair 10GB/s MP700 PCIe Gen5 SSD got unveiled, but quickly gets hidden




Guru3D.com » News » AMD Security Vulnerability – The Day After - Seems Financially Motivated

AMD Security Vulnerability – The Day After - Seems Financially Motivated

by Hilbert Hagedoorn on: 03/14/2018 06:20 PM | source: | 114 comment(s)
AMD Security Vulnerability – The Day After - Seems Financially Motivated

It has been a day after the news broke on the claimed AMD Security Vulnerabilities. In this news item, I wanted to recap and report on the current status and overview, as well as sharing my view on things.

Yesterday on the 13th, my phone started to make more noises than usual, the news broke that AMD processors based on Zen would potentially have 13 security flaws. After some quick checks, a self-proclaimed company called CTS Labs posted a paper disclosing as what we now know as Masterkey, Ryzenfall, Fallout and Chimera attack vectors and vulnerabilities, potentially in the Zen architecture.

When the news arrived I started an initial news item, and then started further checking up the validity of the information. Press-releases from CTS Labs where posted by a PR agency on the big media PR outlets like Businesswire. The security firm has a professional looking website, and the website AMDFlaws was filled with information. Thus far all seemed legit. After an hour or so more background checks that we performed indicated weird stuff. Everything seems and felt ‘too convenient’, smooth produced videos with what look like actors, Israel based, coincidentally Intel has a big presence and fab there, which instantly will raise suspicion. It all felt like this information was designed in an effort to inflict damage of some kind. A security research firm would want to deal with their finding carefully, protecting the company and its end-users.

The white paper published by the firm reads nicely but lacks factual technical info. At that time I was thinking this might be a hoax, or an information release to inflict damage. In my responses in the forums I called this news-release a payload, a means to an end to inflict some sort of damage by way of a viral.

Further checking raised more red flags, some media had been pre-briefed or informed by the security firm. Some of them confirmed the flaws reported. However, all flaws require elevated privileges, e.g. there are still design flaws but you need to hand out the keys to your PC (admin level) or be compromised in some sort for these flaws to be exploitable. So if the flaws exist, these are a category 2 vulnerability, certainly not the level of Meltdown and Spectre. Somebody needs access to the PC/Server through administrator rights and access. Now if you give somebody admin level account access, you’re exposed anyway and you can probably think of 100 more,  if not thousands of things you can exploit.

Further checking on AMDFlaws and the CTS Labs website lead to curiosities.

  • The 24-hour disclosure opposed to the industry standard 90/180 day is just wrong, completely unprofessional.
  • 13 flaws announced on the 13th of March?
  • Domain records for "amdflaws.com" has been created on Feb, 22, 2018.
  • Company is listed only since 2017, linked-in shows very poor company info.
  • Domain registered not directly but through "domainsbyproxy.com".
  • Domain is registered at GoDaddy, privately. No contact information of the domain is public.
  • Their official Youtube Channel with that video, was created March this year. That would be the official company YT channel.
  • Video looks marketed, too well produced.
  • Names like Ryzenfall sounds like somebody from marketing made that up?
  • Precisely 13 flaws? An unlucky number?
  • Whitepaper shows no specific technical detail.
  • Earlier today when the news broke and info was released I did some Google searches on CTS-Labs, it revealed very little, for a proclaimed established security agency.
  • Parts of www.cts-labs.com website are copied from public PDF documents
  • As a security firm, cts-labs website does not even have an SSL certificate active? Thus no https available as an option?
  • cts-labs does not disclose address on website.

Let me ask you, if you would own a security firm with 16 years of expertise, would your website not have SSL (HTTPS) protection?  Click here to see what happens? Also, parts of their website on their business offering, have been copied from public accessible PDF documents.

There’s more though, within two hours of the news release, a short seller by the name of Viceroy Research published a claim that the 'revelations' would be the death blow for AMD. The timing of this is weird, hours after the info got out they already have a 32-page document ready on this. Can you fabricate such a paper in an hour or two? From the looks of this was produced beforehand. Could this be a purpose-built stock shorting scheme trying to devaluate AMD?

In the end, most of the news-release nearly looks to be a hoax or plot to damage AMD or for self-benefit (manipulating stock exchange), and as more time passes it seems to be the case that all this is just that. All this raises suspicion of the highest grounds, that by itself, however, doesn’t mean the vulnerabilities aren’t there, some parties have confirmed some of the flaws. If so, how did a non-security agency get access to that info and was able to produce it as such? Yeah, everything about this information release seems, feels and looks wrong. It seems to have been designed as a viral payload to inflict damage, and I feel the statements greatly exaggerate the impact of the vulnerabilities, perhaps even up-to-the level where I'd need to call it BS, the findings, however, are for AMD to answer.

We expect more info from AMD soon enough as they are the ones to either confirm and/or deny things, we’ll see what they have to say.







« Shortage Now Also Pushes Wafer Prices Upwards · AMD Security Vulnerability – The Day After - Seems Financially Motivated · ECS and Quividi Partner to Provide Quividi-Compatible Digital Signage Hardware »

23 pages 1 2 3 4 > »


Kaleid
Senior Member



Posts: 2749
Joined: 2004-02-02

#5528039 Posted on: 03/14/2018 09:22 AM
inside intel? ;)

AsiJu
Senior Member



Posts: 8233
Joined: 2010-10-16

#5528040 Posted on: 03/14/2018 09:26 AM
Excellent investigative journalism Hilbert! Goes to show how a little checking-up can make all the difference...

fantaskarsef
Senior Member



Posts: 14124
Joined: 2014-07-21

#5528041 Posted on: 03/14/2018 09:27 AM
We expect more info from AMD soon enough as they are the ones to either confirm and/or deny things, we’ll see what they have to say.


THIS is what it's really up to, what AMD has to say to this after they investigated.

AsiJu
Senior Member



Posts: 8233
Joined: 2010-10-16

#5528043 Posted on: 03/14/2018 09:33 AM
Yeh interesting to see how they respond.

Regardless, and I've said this before, seems every week some, or maybe thirteen, critical exploits are found. Now. All of a sudden.
To the point I don't even read about them anymore. I keep my PC as safe as possible and use it as smartly as possible. Has been enough for 20+ years to avoid exploits.

At least that I know of....

Spider4423
Member



Posts: 77
Joined: 2008-01-30

#5528045 Posted on: 03/14/2018 09:55 AM
This is jut a ruse to put AMD in a bad spot.
Its all too convenient specially with the release of Zen+.
There are market players that do not want Intel and AMD to get competitive again. Might drive the prices down and God forbid innovation.

23 pages 1 2 3 4 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023