Linus Torvalds Slams CTS Labs Over AMD Vulnerability Report (zdnet.com) 115
Earlier this week, CTS Labs, a Tel Aviv-based cybersecurity startup claimed it has discovered critical security flaws in AMD chips that could allow attackers to access sensitive data from highly guarded processors across millions of devices. Linus Torvalds, Linux's creator doesn't buy it. ZDNet reports: Torvalds, in a Google+ discussion, wrote: "When was the last time you saw a security advisory that was basically 'if you replace the BIOS or the CPU microcode with an evil version, you might have a security problem?' Yeah." Or, as a commenter put it on the same thread, "I just found a flaw in all of the hardware space. No device is secure: if you have physical access to a device, you can just pick it up and walk away. Am I a security expert yet?" CTS Labs claimed in an interview they gave AMD less than a day because they didn't think AMD could fix the problem for "many, many months, or even a year" anyway. Why would they possibly do this? For Torvalds: "It looks more like stock manipulation than a security advisory to me."
These are real bugs though. Dan Guido, CEO of Trail of Bits, a security company with a proven track-record, tweeted: "Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works." But, Guido also admitted, "Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality." It's that last part that ticks Torvalds off. The Linux creator agrees these are bugs, but all the hype annoys the heck out of him. Are there bugs? Yes. Do they matter in the real world? No. They require a system administrator to be almost criminally negligent to work. To Torvalds, inflammatory security reports are annoying distractions from getting real work done.
These are real bugs though. Dan Guido, CEO of Trail of Bits, a security company with a proven track-record, tweeted: "Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works." But, Guido also admitted, "Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality." It's that last part that ticks Torvalds off. The Linux creator agrees these are bugs, but all the hype annoys the heck out of him. Are there bugs? Yes. Do they matter in the real world? No. They require a system administrator to be almost criminally negligent to work. To Torvalds, inflammatory security reports are annoying distractions from getting real work done.
Linus Torvalds be like: Fuck you CTS Labs (Score:1, Insightful)
Linus Torvalds be like: Fuck you CTS Labs and Fuck you Nvidia.
Re: (Score:1)
I've never seen an SJW slap him/her-self in the face with their own dick before.
Don't hold back, now (Score:2)
But let this other famous guy say it:
https://www.youtube.com/watch?v=27eADk7wh2Y
Don't need exploit if you have admin (Score:5, Insightful)
whats the point of some exploit if you already have admin? You can do anything you want already
Re: (Score:2, Interesting)
Modern CPUs have an area that you aren't allowed to touch. That is where they implement TPM, store DRM keys among other things. It looks like some of the flaws may give you a chance at looking at that area; i.e. they allow you to actually control the hardware that you paid for.
So no, you cannot do anything you want already, even with root access.
Re: (Score:3, Insightful)
In other words, the "victims" of these "exploits" are not you but the "business partners" of AMD....
Re: Don't need exploit if you have admin (Score:1)
Sometimes security of the secure enclaves is in my (the end user) interedt. E.g. Signal uses secure enclaves (and remote attestation) to do contact discovery in a way that helps protect my privacy even in the event of a Signal server compromise.
Re: (Score:3)
You pretty much can do anything that matters to an attacker. It may just get a bit more complicated for some of those things.
Re: (Score:2, Insightful)
whats the point of some exploit if you already have admin? You can do anything you want already
Perhaps we should stop taking the rather ignorant approach that even admins should have access to *everything*. Fuck that. It's called need to know.
The military understood this concept with compartmentalization of data decades ago. Perhaps it's about damn time we pay attention to the value of that.
And yeah, I DO realize that means questioning the trust of your own SysAdmins. How many times does industry need to repeat the words "Insider Threat" for people to pay attention? SysAdmins aren't magically i
Re:Don't need exploit if you have admin (Score:5, Insightful)
Since I'm my own systems administrator, I *do* want to have total control, even though I sure don't want to have to use it.
Your argument seems to boil down to "Even though you 'bought' the device you don't own it.".
Re: (Score:2, Flamebait)
Re: (Score:2)
Do you want someone with 5 minutes of physical access to the machine (e.g. the minimum wage cleaners provided by an agency) to be able to install malware that the OS can't see, which survives complete reinstalls or even physically replacing the disk, and which can intercept everything that the OS does? If so, I really hope you don't work for a company with any confidential data.
Since my complete controls is as complete as theirs, it is not persistent as I can fix it.
Re: (Score:2)
Re: (Score:3)
The military has pressures and responsibilities that, ideally, should not exist elsewhere. In fact, the reason to have a military is so that the rest of us aren't burdened with those concerns. The militarisation of other areas of society is worrying, dangerous and to an extent diminishes the sacrifice that those who serve have and continue to make.
The military understood this concept with compartmentalization of data decades ago. Perhaps it's about damn time we pay attention to the value of that.
Maybe you should consider the cost benefit ratio of that decision and ask whether that is the same for all cases.
And yeah, I DO realize that means questioning the trust of your own SysAdmins
This adversarial employer/employee relationship t
Re: (Score:2)
You're changing the goalposts.
As others point out, they _can_ know that information. You're advocating a once-size-fits-all compartmentalisation of information because it works for the military.
It achieves certain goals (or tries to) that the military consider worth the cost. That's not an evaluation that suits all situations, or even many situations.
Some sysadmins abuse the trust they are given. Some are exemplars of professionalism and ethical behaviour. Most fall somewhere in between. Treating trustworth
Re: (Score:2)
Yes, we do need to know so we can make informed decisions on what to eat or avoid. Some of us have allergies to certain things, and eating them would make us sick.
Re: (Score:3)
Or at least know what the hell you're talking about before you dole out what some might construe as medical advice.
Re: (Score:3)
You seem to be unaware that there may be problems that need to be fixed _now_ in a running business. That is what you have the sysadmin for. Sure, you do "break glass" procedures for critical system, i.e. said sysadmin has to ask for access and justify it, but preventing the sysadmin from accessing everything is suicidal.
Re: Don't need exploit if you have admin (Score:4, Funny)
Before you go rouge, you need to apply a proper foundation. Or so I have gathered from the TV commercials.
Re: (Score:2)
The problem is that people take such systems on face value and assume they cant be defeated... There are many movies with this premise too.
Those keys will be wired in somehow, for a simple attack you could extend the wiring to move the keys. You could also bypass parts of the system and trigger a detonation directly.
Re: (Score:2)
And who operates the system that hands out access?
And what happens if you need to do some urgent work but the system to hand out access is not working correctly?
All of these systems are flawed in various ways, and often create new problems.
Re:Don't need exploit if you have admin (Score:4)
The kernel has been redying for that for a long time. Root is nod divided into capabilities and cgroups and namespaces can limit the ability to see across compartments.
But ultimately, someone will have the ability to upgrade the BIOS, and that person will have a great deal of ability to violate security.
Re: (Score:2)
Perhaps we should stop taking the rather ignorant approach that even admins should have access to *everything*. Fuck that. It's called need to know.
Except the computer has no mind of its own, it needs some kind of root trust. It can be software (root), hardware (signed boot), a remote computer (domain controller) or whatever but there must be something that starts with all the rights and can fundamentally alter the software and what everyone else's rights should be. The problem is not the scope of the power, it's that computers are made for solitary administration. Compare it to say an accounting system, there's usually tons of restrictions of what acc
Re: (Score:2)
Perhaps we should stop taking the rather ignorant approach that even admins should have access to *everything*. Fuck that. It's called need to know.
Actually, we call it the Principle of Least Privilege and it's been a core idea in computer security for decades.
Re: (Score:2)
A guy I work with was telling me that his last company just added the "domain user" account to the local admin account on all their win
DRM (Score:2)
You know who actually cares about, and values, TPM chips? Developers who need it for DRM.
Outside of the realm of DRM, this stuff isn't really useful (*). When non-Hollywood types talk about securing things, we accept "if they got physical access and also admin rights, then it's theirs now." Do you really care that your bootloader is signed? Fuck no, because you don't let just anyone write to your bootloader, and if you did, then you'd expect to lose.
But Hollywood wants "even if they have physical access and
Re: (Score:2)
You know who actually cares about, and values, TPM chips?
Users of Windows who use it to handle full-disk encryption in such a way that the OS (and therefore, importantly, malware that compromises the OS) can't exfiltrate the keys and it's impossible (or, at least, infeasibly expensive) for anyone to access them if they steal the machine? Cloud users who rely on the TPM for remote attestation that the hypervisor hasn't been compromised?
Re: (Score:2)
Not just Windows. [puri.sm]
Re: (Score:2)
I mostly agree with you, but I'm not clear on the persistence of these attacks.
If it is actually installing nearly undetectable malware within the processor itself then just about anyone could set up shop and sell you an infected CPU or intercept and infect your hardware before it gets to you. That's always been a somewhat theoretical attack that sophisticated intelligence agencies might be able to pull off, but it sounds like this *might* make that very easy for anyone of moderate technical skills to pull
yep and? (Score:4, Interesting)
Re:yep and? (Score:5, Interesting)
The difference this time is that it was published by a company that was only founded a couple months ago, only allowed for ~24 hours for "reasonable disclosure" (not even enough time to verify the claims, let alone issue patches), and openly admits they most likely have a financial stake in the AMD stock values. This all points directly to stock manipulation, not an actual major exploit (minor at best)
Re:yep and? (Score:5, Interesting)
Stock manipulation, or Intel trying to stem the bleeding. I hear that a lot of big customers are switching to AMD now, especially cloud/datacentre people.
Meltdown's security ramifications were bad enough, the 60%+ performance hit was even worse. But AMD has been putting out some really innovative kit for server use too. Encrypted RAM, with a different key for each VM and only 2-3% performance loss. Much cheaper parts with many more PCIe lanes and better support for IOMMU pass-through. ECC support even on the consumer stuff. Sockets that last for many years.
Intel must be very happy about this, even if they are not involved somehow.
Re: (Score:1)
"you don't know anything."
This is /. in 2018, no one here knows anything.
Re: (Score:1)
Yeah. He's probably a 400 pound hacker sitting on his mother's bed.
Re:yep and? (Score:4, Interesting)
Re: (Score:2, Informative)
It needs local admin priviledges FFS, the big prize for all hacks, root admin, is a pre-requisite for even starting this attack.
Not necessarily. Imagine this scenario: You have a secured machine, it is using SecureBoot to verify the bootloader and kernel image, signed using your org's keys. When it boots, the user must enter a pass phrase, which is used to decrypt the keys stored in the TPM to decrypt the hard disk. Without the correct pass phrase, entered into the verified boot loads, you have no way of accessing any of the confidential data on the disk. I'm pretty sure Windows supports this configuration out of the box and I b
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It looks like Intel has hired some PR mitigation experts. They've come up with this bogus attack vector*, and we see stories of how this claimed vector could be used to attack stock markets etc.
It all smells of a stinky 800lb Gorilla.
Yeh, this looks like it's all about Intel's Meltdown problem. I don't need to upgrade right now, but I suddenly feel like I want to go upgrade to a thread ripper box.
* It needs local admin priviledges FFS, the big prize for all hacks, root admin, is a pre-requisite for even starting this attack.
Yeah, this company was formed just shortly after Intel was informed of their own security holes 6 months ago, before they even started dumbing their own stocks.
Re:yep and? (Score:5, Insightful)
If the changes are persistent, as at least some of the sources have indicated, then this *is* a serious problem, but probably only for people targeted by state actors. (OTOH, sometimes those "state actors" have a pretty loose focus to their targeting, and it's not unknown for their code to have bugs.)
This, of course, doesn't excuse their mode of announcing this, but it suggests that some group may have caused those "bugs" to be present intentionally...and that they may have been known (by some) for quite awhile.
OTOH, if it's not persistent, then it's not clear to me what is gained by anyone except Intel and stock market manipulators. So I suspect Intel of managing the process of revelation, possibly in a criminal way. And I suspect someone of (attempted?) stock market manipulation. I have no proof of either, and one doesn't exclude the other.
Flashing BIOS (Score:2)
If the changes are persistent, as at least some of the sources have indicated, then this *is* a serious problem,
It's a serious problem that require flashing the UEFI/BIOS firmware.
If you have the capacity to flash firmware, you *already at that point* have the capability to do a ton of awful and persisting damages.
The fact that these peculiar variants happen to attack the AMD PSP is just a small foot note detail.
To put it into perspective, this has nothing to do with the numerous bugs and exploit that have plagued IntelAMT and IPMI (those were more of the type "the lights-out remote management system is so buggy and
Re: (Score:3)
But look at their nice offices [imgur.com], they couldn't have been founded a couple months ago.
Re: yep and? (Score:2, Insightful)
Because this one is obviously part of a stock manipulation scam and was far more overly reported than others. It's more fake news, this time being spread for financial gains. And as usual news sites don't give a fuck because it gives them ad money.
In not even a word (Score:1)
https://regmedia.co.uk/2015/07... [regmedia.co.uk]
WORD--;
Linus smacking up ... (Score:3, Interesting)
... some blowhard douche. Nice. Like it. ...
Sadly the fight is so short there's no point in getting popcorn.
Ok, so it *was* some kretin looking for attention. I have that suspicion when I saw the report on some tech blog yesterday.
No shit shirlock (Score:1)
If you replace the BIOS or microcode with something not expected it wont work as expected.
This doesn't seem any more malicious then issuing a command like
dd if=/dev/random of=/dev/bios count=1024 bs=1024 to overwrite the BIOS with garbage and brick the machine on next boot
Maybe we need to go back to the days of removable BIOS chips where on the cheap end one could snip the write enable pin on the BIOS chip or on the slightly more expensive end there were devices that could sit between the BIOS chip and the
FTFY (Score:1)
"To everyone who does patch management, inflammatory security reports are annoying distractions from getting real work done."
Torvalds was not the only person this irritated. I was irritated too. Where's my Slashdot post?
Re:FTFY (Score:5, Insightful)
Torvalds was not the only person this irritated. I was irritated too. Where's my Slashdot post?
Right next to the kernel you developed.
Lots of trolls on this story (Score:2, Insightful)
My word, but there are a lot of trolls posting on this story. I do wonder how many are being paid to do so...and who would fund an astroturf campaign, though they don't all seem to have the same playbook.
So... (Score:5, Funny)
They require a system administrator to be almost criminally negligent to work.
You might want to sit down for this....
Re: (Score:2)
Beyond the hype (Score:5, Insightful)
I have read through the documents (for work). Once stripped of the hype, I would not be surprised if these "vulnerabilities" are literally correct as described. There is a whole lot of hedging going on down in the details, which gut the document of any really critical vulnerabilities. It would have been so easy to leave out a sentence to make any one of those bugs earth-shaking, but no. This makes me think that the document is carefully written to be as alarming, as scare-mongering, as possible, while not actually giving in to blatant lies that could land someone in prison.
*If* the vulnerabilities are as described, then the real-world impact is that you will no longer be able to really trust a pre-owned computer. Governments and security-conscious companies will no longer be able to take any computer (new or pre-owned), format or replace the disks, and declare the computer secure. Those "bugs" will need to be taken into account. Same thing for computer forensics.
Of course, this was already somewhat the case. You should already reflash the BIOS, and some hard disks and ethernet cards have flashable firmware, but it would seem that the impact of these bugs are that the manufacturer's manual for cleaning the system, more or less unchanged for decades, now has a few holes in it.
To sum it up, I suspect we paranoid people will need a much more hard-core procedure to sanitize hardware. A format/reinstall isn't going to cut it any more.
Re:Beyond the hype (Score:5, Informative)
Slammin (Score:1)
He then suplexed Fox news for disingenuous reporting and triple axle-kicked the those who think 'slams' isn't the most goddamn overused headline verb.
"It rather involved being on the other side of... (Score:3)
...this airtight hatchway."
"Yes, all the flaws require admin [privileges] but all are flaws, not expected functionality."
Relevant: https://www.google.com/search?q=site%3Ablogs.msdn.com%2Fb%2Foldnewthing%2F+%22airtight+hatchway%22 [google.com]
If there is no privilege escalation, they are not security flaws, just boring ol' bugs.
INTEL CPUS HAVE HUGE SECURITY FLAWS!!! (Score:5, Funny)
The following will cause an Intel CPU to fail catastrophically:
* pouring petrol on the Intel CPU and then igniting it.
* smashing the Intel CPU with a hammer
* dousing the Intel CPU in highly concentrated sulphuric acid
* urinating on the motherboard containing the Intel CPU
* increasing the voltage supplied to the Intel CPU to 100 volts.
* installing a computer with an Intel CPU in a cage with an angry Tyrannosaurus Rex
* targetting the Intel CPU with a nuclear bomb
These flaws are so severe that Intel should withdraw all of their CPUs from the market and file for bankruptcy immediately. Nobody should ever use an Intel CPU for anything.
I am releasing this vital information now without prior notice to Intel because I believe that they have no hope of fixing this flaw in any reasonable time frame.
Disclaimer (hidden deep within the near-impenetrable legalese on an obscure URL of my web site, just like CTS's disclaimer): the reader should assume that I may have a position on the stocks of any company mentioned in this press release.
This isn't news (Score:1)
The only thing that would make this news is if it read:
"Linus reacts proportionally to something he doesn't like and actually has something new and insightful to contribute."
I'm sick of hearing tech news about this idiot whinging about stuff. Linus, act like a normal person mate.
Re: (Score:3)
I've made a living finding privilege escalations in *his* goddamn operating system.
I've never before been able to say, with this root escalation, I can now render this machine forever owned. Now I can.
I just really hope it drives home the silliness of allowing any kind of code to run on the goddamn chipsets, and special security domains running at ring -1.
Re: (Score:2)