View Single Post
  #3  
Old June 6th 18, 07:00 PM posted to alt.comp.hardware.pc-homebuilt
Flasherly[_2_]
external usenet poster
 
Posts: 2,407
Default Concesus of AMD PSP security issue?

On Wed, 6 Jun 2018 00:55:00 -0400, xJumper
wrote:

There's been a lot of talk lately about CPU vulnerabilities ala Meltown
but what is the general consensus with the obvious built in back doors
being put into CPU's at the OEM level.


AMD Platform Security Processor/Trust Zone Secure Technology which is
AMD's version of Intel AMT/Intel Management Engine/vPro

The processor within a processor with it's own unknown closed source OS
that has access to literally all functions of the system. I don't think
AMD currently has an equivalent to Intels vPro which is the 3G chips in
the CPU that can receive secret forced updates, access to the TCP/IP
stack even before the OS is booted, etc...

In any case there was a lot of talk surrounding this as this is ripe for
potential exploits/vulnerabilities/back doors and there's almost nothing
we can do to prevent them/stop them nor do we even really understand the
full ramifications.

I recall seeing some attempts at getting AMD to release the code open
source, there was various petitions, etc, and then everything died out.

So what's been the consensus on this issue? Has there been any
advancements in getting the code open sourced or at the very least being
able to disable it? I gather I heard a few mobo makers added the option
to disable AMD PSP in BIOS updates, I don't think it's come to mine yet
nor does it seem to be something widespread.



Cache coherence, both across and between individual cores, is the
protocol given Spectre/Meltdown[PrimeVariants], which by intent is to
modify speculative execution, through an artificially induced buffer
of shared instances, otherwise limited to an invalidity factor, that
software traditionally would not address.

And so it appears that Princeton university computer research
facilities, along with Nvidia, subsequently have examined industry
microprocessor implementation of cache reserves directly for and in
further light of addressing its implementation.

We have developed a tool for automatically synthesizing
microarchitecture-aware assembly language programs given two inputs:
(i) a formal description of a microarchitecture in a domain-specific
language [...], and (ii) a formal description of a microarchitectural
execution pattern of interest. This tool is consequently capable of
synthesizing implementation-aware programs that can induce any
user-specified threat pattern representative of a class of security
exploits.

https://www.tomshardware.com/news/ne...red,36533.html

About time. It's been awhile since I bought one MEG of ram in 128K
banks of 9-chipped "critters" to an array. I recall paying $300/US.
Extra memory of course, along with a couple early EMS(2.0) expansion
boards, for caching on varied programs and applicable focus,
efficiency and speed. At some later point, I forget when, memory
eventually became relatively as cheap as dirt. Looks like someone
decided to speculatively expand upon a similar precept and into the a
principle reserve left to computer design. At least since running
into a brick-wall a decade ago, the hard physics and a pathway
constraint pragmatically limited to such as processing cores, mine,
each are throttled to a present maximum capacity of about 4GHz. Nor
further across AMD's Bulldozer speculative cache implementation for
eight cores, as the inroads, possibly excepting an hint of a few
games, are not, really, of a speculative nature to programming
multiples of core arrays in a predicative sense of syllogistic
cybernetics. But then Intel has overall invalidated AMD, perhaps less
so from a Ryzen platform, for cache-coherency protocols.