Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday August 20 2017, @12:07PM   Printer-friendly
from the TLA-Approved? dept.

Submitted via IRC for TheMightyBuzzard

Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.

Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.

Bit late to the reporting but we haven't covered it yet, so here it is. And I was so looking forward to a new desktop too. Guess this one will have to stay alive until ARM becomes a viable replacement.

Source: https://www.techpowerup.com/235313/amd-confirms-its-platform-security-processor-code-will-remain-closed-source

Previous:
The Intel Management Engine, and How it Stops Screenshots
Intel x86 Considered Harmful
Of Intel's Hardware Rootkit
Intel Management Engine Partially Defeated
EFF: Intel's Management Engine is a Security Hazard
Malware uses Intel AMT feature to steal data, avoid firewalls


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by vux984 on Sunday August 20 2017, @12:42PM (2 children)

    by vux984 (5045) on Sunday August 20 2017, @12:42PM (#556661)

    Really? I read the newer threadripper cpus didn't have issue.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by jasassin on Sunday August 20 2017, @01:11PM (1 child)

    by jasassin (3566) <jasassin@gmail.com> on Sunday August 20 2017, @01:11PM (#556664) Homepage Journal

    Really? I read the newer threadripper cpus didn't have issue.

    Time will tell. I wouldn't spend $999 to find out. Someone will. If Ryzen is still busted, why would you buy threadripper?

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
    • (Score: 2) by vux984 on Sunday August 20 2017, @07:31PM

      by vux984 (5045) on Sunday August 20 2017, @07:31PM (#556762)

      Time will tell. I wouldn't spend $999 to find out. Someone will.

      I think that's the point - they already did. all the various hardware forums and testing sites that I have seen that have tested it, have found that it doesn't seg fault under high thread load etc.

      If Ryzen is still busted, why would you buy threadripper?

      Why would I buy a product that is not busted?? The answer is in the question.