Stories
Slash Boxes
Comments

SoylentNews is people

Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online

posted by takyon on Sunday January 07 2018, @06:36PM   Printer-friendly
from the end-of-trusted-computing dept.

"MrPlow" writes:

Submitted via IRC for TheMightyBuzzard

AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor.

[...] Cfir Cohen, a security researcher with the Google Cloud Security Team, says he discovered a vulnerability in the Trusted Platform Module (TPM) of the AMD Secure Processor. The TPM is a component to store critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores.

"Through manual static analysis, we've found a stack-based overflow in the function EkCheckCurrentCert," Cohen says. The researcher claims that an attacker could use specially-crafted EK certificates to get remote code execution rights on the AMD Secure Processor, allowing him to compromise its security.

Cohen said that some basic mitigation techniques such as "stack cookies, NX stack, ASLR" were not implemented in AMD's Secure Processor, making exploitation trivial.

takyon: This bug is unrelated to Meltdown and Spectre. And you might be interested in this:

Coincidentally, on Reddit [1, 2], some users reported seeing a new option to disable AMD PSP support, but it's unclear if this new option is related to the patches AMD was preparing to roll out for Cohen's findings.

Source: Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online

Original Submission

 
This discussion has been archived. No new comments can be posted.
Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by takyon on Sunday January 07 2018, @07:19PM (6 children)

    by takyon (881) <takyonNO@SPAMsoylentnews.org> on Sunday January 07 2018, @07:19PM (#619245) Journal

    The solution is simple. Don't build networking into your driverless car. No V2V [wikipedia.org]. No OTA updates. Shit, if the software needs an update, it should be able to drive itself to the dealership and back. It can use stored maps + GPS. Discrepancies can be mitigated using autonomy features that determine whether the path being taken is accurate in real time. Update the maps by plugging in a USB or your phone (pwning the car instantly).

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Informative=2, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 4, Insightful) by Arik on Sunday January 07 2018, @07:33PM

    by Arik (4543) on Sunday January 07 2018, @07:33PM (#619252) Journal
    It's simple at a technical level.

    At a social level? They make more money making insecure crap, as long as people buy it.

    It doesn't even really matter how many people it kills. As long as their insanely sloppy process 'complies with industry standards' they won't be held responsible. It will be written off as an inexplicable, unavoidable tragedy. "All software has bugs" they will say.

    I'm thinking they learned that from the same guy that told us "there are no right or wrong answers in mathematics."

    --
    If laughter is the best medicine, who are the best doctors?

  • (Score: 2) by zocalo on Sunday January 07 2018, @07:38PM

    by zocalo (302) on Sunday January 07 2018, @07:38PM (#619255)
    You could also just make the updates downloadable over the Internet as a signed binary blob. Download to USB stick, plug the stick into the vehicle, and wait for it to be verified and applied - pretty much the same process used by most cameras these days. If the user doesn't want to apply the updates themselves, I'm sure there are plenty of mechanics willing to do it for a fee/for free (my current car gets a firmware check and any updates applied for free as an line-item on a dealer service), and if they don't want to apply a given update at all I'm sure there are plenty of mechanics that will honour that request too.
    --
    UNIX? They're not even circumcised! Savages!

  • (Score: 4, Insightful) by Justin Case on Sunday January 07 2018, @07:49PM (1 child)

    by Justin Case (4239) on Sunday January 07 2018, @07:49PM (#619261) Journal

    Your suggestions make a lot of sense, which is will they will be energetically opposed.

    Don't build networking into your driverless car.

    But then, how can we show you relevant ads that tell you where to go? "Just fail to say No loudly enough, and the car will automatically drive you to our store! For your convenience of course!"

    No OTA updates.

    Be reasonable. Surely you don't think we're going to let it be your car? You merely get to pay for it.

  • (Score: 0) by Anonymous Coward on Tuesday January 09 2018, @07:18PM (1 child)

    by Anonymous Coward on Tuesday January 09 2018, @07:18PM (#620160)

    the opposite will happen. eventually all decisions of all vehicles (many times in concert with one another) will be recorded in real time on the blockchain.