Discussione: Falle di sicurezza nelle CPU Intel Core, Xeon, Atom e Celeron (milioni di PC). Il tool di verifica
View Single Post
Old 22-11-2017, 10:28   #17
nitro89
Senior Member
 
L'Avatar di nitro89
 
Iscritto dal: Dec 2005
Messaggi: 2723
Quote:
Originariamente inviato da Mini4wdking Guarda i messaggi
Forza, fanboy Intel, continuatevi ad accanire sul segfault di alcuni Ryzen...

#intelnonsbagliamai
Amd ha probabilmente lo stesso problema con Trustzone.

AMD Platform Security Processor:
This is basically AMD's own version of the Intel Management Engine. It has all of the same basic security and freedom issues, although the implementation is wildly different.
The Platform Security Processor (PSP) is built in on all Family 16h + systems (basically anything post-2013), and controls the main x86 core startup. PSP firmware is cryptographically signed with a strong key similar to the Intel ME. If the PSP firmware is not present, or if the AMD signing key is not present, the x86 cores will not be released from reset, rendering the system inoperable.
The PSP is an ARM core with TrustZone technology, built onto the main CPU die. As such, it has the ability to hide its own program code, scratch RAM, and any data it may have taken and stored from the lesser-privileged x86 system RAM (kernel encryption keys, login data, browsing history, keystrokes, who knows!). To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM "features" to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.
In theory any malicious entity with access to the AMD signing key would be able to install persistent malware that could not be eradicated without an external flasher and a known good PSP image. Furthermore, multiple security vulnerabilities have been demonstrated in AMD firmware in the past, and there is every reason to assume one or more zero day vulnerabilities are lurking in the PSP firmware. Given the extreme privilege level (ring -2 or ring -3) of the PSP, said vulnerabilities would have the ability to remotely monitor and control any PSP enabled machine. completely outside of the user's knowledge.

Source: https://www.reddit.com/r/Amd/comment..._and_coreboot/
__________________
5800X3D & RX7900XT
nitro89 è offline   Rispondi citando il messaggio o parte di esso
 
1