JemmyAlmost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips
return2ozmaarstechnica.com/security/2024/08/almost-unfixab…
16 Comments
Comments from other communities
AmbiguousPropsIt should be noted that if a hacker is able to exploit this, they'd need a lot of access and you'd already be boned. This is no where as bad as what Intel is going through right now.
Saying that you have to "basically throw away your computer" is very misleading to say especially in a subtitle, when that exact thing is actually what is happening with Intel CPUs.
Lucy :3They say it's "Platform secure boot" *by AMD*. They refuse to elaborate further though, and no one knows wth that is. Except AMD themselves ofc: https://www.amd.com/en/products/processors/technologies/pro-technologies.html
Platform secure boot is designed to provide protection in response to growing firmware-level remote attacks being seen across the industry. AMD Secure Boot helps continue the chain of trust from the system BIOS to the OS Bootloader.
Ah fuck it, here's the security researchers explanation: https://labs.ioactive.com/2024/02/exploring-amd-platform-secure-boot.html?m=1
It's an exploit path to a UEFI bootkit, so at the very least you'd have to throw your motherboard away or find someone that can physically overwrite it through an external flash programmer or something. And the patch should be delivered through a UEFI firmware update, so if your motherboard is no longer supported you would have to buy a new one. And for laptops and embedded devices having everything soldered in, the motherboard is basically the whole computer, so I don't think it's that much of an exaggeration.
I guess it's true that if you have ring 0 access you're boned, bug if your ring 0 access gets upgraded into ring -2 access you are even more boned. They put those security boundaries in place for a reason after all.
Assholes, they won't fix Ryzen 3000s even if they still sell them - just bought a brand new boxed 3400g
ScrubblesMan Intel really is paying off a lot of journalists to smear AMD while they are dealing with their rotting chips right now
تحريرها كلها ممكنWhy is this downvoted? Isn't ArsTechnica a trusted tech news site? It is not controversial even if it has a neolib/neocon leaning -I can never tell the two apart-.
I can never understand why people would downvote someone sharing a news story.
After reading that whole article I feel no more enlightened.
They mentioned secure boot, is secure boot part of the exploit or does the exploit invalidate secure boot?
Because if I understood it right, it will be presented at DEFCON tomorrow, this news are just hyping it.
We don't know what is the install vector, it might be a non issue (for regular people) where you need a custom chip programmer and hands on the hardware
As pointed out elsewhere, the attack requires kernel-level access, and anyone with that access can do a lot of damage anyway.
And the flaw can be fixed (there's a fix out), it's just that there's no remediation once the flaw has been exploited.
It also means no AMD server could be resold because there is no way to know if it was previously infected
One of these things is not like the other.
Yeah, turning an exploit into one that survives a fresh install is a big deal.
It's always been a thing that the only way to completely be safe after malware is yeeting the old system and getting a new one...
And even then there have been actively exploited issues where the system gets re-infected when reloading the data from a backup. (My memory is a bit rusty on that one, but it was just data being restored, nothing that should install anything)
There has been a small element of risk, but it's low enough that this meaningfully increases it.
They're intrinsically linked, in fact. If you have kernel access, you can do any number of things, including but not limited to persistent rootkits. I agree that this bug is one step further, since it affects the processor itself, but if somebody has ring 0 access that shouldn't, you already have problems.
Read it again, in context. What they said is perfectly valid.
No, it is misleading. An exploit with no remediation is not remotely comparable to a normal root exploit, which can be fixed with a simple OS reinstall.
Edit: And their follow-up comment, "if somebody has ring 0 access that shouldn’t, you already have problems," is dangerously misleading. While technically true that you would have a problem in both scenarios, presenting it that way is like telling someone not to worry about losing a leg because their sprained ankle is already a problem.
I wish CPUs would all have a fuse bit to permanently disable those "security co-processors". They are running who knows what and don't do the average user any good.
The headline is misleading: the bug is just as fixable as any, and firmware updates are expected to fix it. AMD do not have a "near-unfixable" processor vulnerability.
What's "near-unfixable" is a deeply embedded bootkit dropped through the successful exploitation of this bug, since it can make itself invisible to the OS and anti malware tools, and could survive a reinstallation of the OS.
at this point all major chipmakers have proven that innovation is dead, nobody cares about "boring" fratures. We can finally take a step back and reflect on why did we end up here
What are you talking about?
AMD brought high core counts mainstream with infinity fabric connecting multiple chiplets 7 years ago, and their x3D is basically still brand new. Those are both massive innovations.
Jus talking bout fratures
Capitalism
He says, from his iPhone.