Submitted via IRC for TheMightyBuzzard
Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.
Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.
Bit late to the reporting but we haven't covered it yet, so here it is. And I was so looking forward to a new desktop too. Guess this one will have to stay alive until ARM becomes a viable replacement.
Previous:
The Intel Management Engine, and How it Stops Screenshots
Intel x86 Considered Harmful
Of Intel's Hardware Rootkit
Intel Management Engine Partially Defeated
EFF: Intel's Management Engine is a Security Hazard
Malware uses Intel AMT feature to steal data, avoid firewalls
(Score: 0) by Anonymous Coward on Sunday August 20 2017, @04:57PM
You could buy a *LOT* of LGA775/AM3/AM3+/G34 systems, including in fact Raptor Engineering's own ported libreboot bios for the ASUS Dual G34 board.
And as a point defeating the purchase of their Talos board (which I will note is pretty nice since it supports dual Power9 gpus, DDR4, and PCIe4 (the latter needed to take full advantage of current gen GPGPUs (AMD/Nvidia or Intel's Xeon Phi PCIe Boards) with 64 bit BAR and IOMMU)) the Talos board contains DUAL BROADCOM ETHERNET ADAPTERS. The Broadcom notorious for their NDAs, and hardware with sufficient cpu resources in it to be backdoored with network accessible rootkits without ever hitting the system proper. Like that wifi exploit that was just discovered in one of the b43xx(x) chipsets...
There were a few other similarly concerning pieces of hardware in there, excluding one's trust/distrust of IBM built processors.