Uncorrectable freedom and security issues on x86 platforms

mail.fsfeurope.org/pipermail/discussion/2016-April/010912.html

tl;dr: Intel ME and AMD PSP have fucked us so lets all move to ARM or something i dunno

Other urls found in this thread:

libreboot.org/faq/
raptorengineeringinc.com/TALOS/prerelease.php
libreboot.org/faq/#intel
openpowerfoundation.org/
raptorengineeringinc.com/TALOS/prerelease.php
stackoverflow.com/questions/12334069/handling-arm-trustzones
stackoverflow.com/questions/7955982/arm-trustzone-development
infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html
classic.regonline.com/custImages/360000/369552/TCC PPTs/TCC2013_VanDoorn.pdf
rhombus-tech.net/community_ideas/laptop_15in/news/
rhombus-tech.net/ingenic/jz4775/
fosdem.org/2016/schedule/event/microkernels_genode_usb_armory/
viatech.com/en/silicon/processors/

AMD Vishera is still clean and pretty good. Gets you enough time to wait for lowrisc or something similar.

Get AMD processors, anything 15h is good. Some 16h too

And when he says "all post-2013 AMD" he's wrong. There are some post 2013 AMD processors without the PSP, including in the FX series.

Except most ARM chips have Trust Zone, which is what AMD PSP is. They just slapped some ARM on there and Trust Zone was a "feature."

However, not ALL AMD processors are affected. The AM1 line is free from PSP as well as a few other chips, but the majority are indeed compromised.

stupid question, but is it possible to reverse-engineer these firmware blobs?

If you do, you still can't replace them.

Without a full spec, writing firmware for a device is fucking hard. So yes, anything is possible, but unlikely to happen.

ARM is Windows 8/10 locked because of secure boot as well

We've lost boys

This is very well written and interesting as fuck
libreboot.org/faq/

Vishera is great. I have an 8350 and it simply blazes. Future proof for a good while. By then, hopefully there will be a good alternative.

Can I just install Linux on an MSP430?

We should make a complete list of O.K. AMD hardware.

Here is Talos Secure Workstation:
raptorengineeringinc.com/TALOS/prerelease.php
It will be interesting to see how they handle the graphics problem.

This needs to be exploited by a nasty worm that destroys half the global computers so people will learn never to do this kind of shit again.

I think he's talking about decompiling it to see how it ticks not necessarily to replace it.

But yeah they could still be using undocumented instructions which would be a bitch to reverse engineer.

I have that CPU too. I can't imagine ever needing anything more. What do you do for cooling? I don't have enough money or experience for liquid cooling, so I'm using the stock cooler, and it sounds like a jet engine.

Now would be the PERFECT time for such a stunt to be pulled off, what with the high profile Apple/FBI backdoor media fest we just got done having. It would communicate exactly the kind of message that it needs to: that backdoored hardware and software is inherently dangerous.

Liquid cooling won't make it any quieter unless you have HUGE radiators, and most liquid cooled systems still require fans on the radiators anyways.

The solution is to use a regular air cooler that isn't made with shit-ass super loud fans. Also check your PSU efficiency rating. It has nothing to do with your CPU cooling but my PSU's were always big culprits for making tons of fan noise until I got a really nice 80+ Gold certified PSU that's so efficient it's fan never even needs to turn on.

It's definitely the fan on the CPU heatsink that's loud. I've never had such a powerful CPU before, so I'm not sure what to do about it. Cooling has never been a problem for me.

I'll just ask in the sticky when I'm ready though.

This. Normies won't understand this until their computers burn down houses.
Then they are going to ask:

Heh, I'd like to see that upfront.

I'm pretty sure that ARM asm is proprietary.

When the fuck are people going to start selling RISC V processors?

Is there a way that we could mitigate against an attack based on these backdoors? Maybe some kind of secure virtualiztion?

POWER is pretty expensive but I still want me some. Thanks for that Talos link.

How about the Solaris arch? I'm not sure about the new stuff, but oldschool Solaris boxes use openboot and come with memory hardening built in.

Are the AMD Vishera APUs blobbed?

riscv is an important project but I'm not going to seriously use one until it's actually in good shape

What is a good option for a laptop? Workstations and servers are great but I actually leave my house. I've had bad experiences with a lot of ARM mobile devices and I'm not willing to buy a leemote.

Meant: have a front seat.

just google whatever layout your fan needs and buy the most expensive you can afford, basically

Have mine OC'ed to 4.7 on a Corsair HG80iGT and have it stay around 51 C when on idle in a warm room.

I'll probably buy a second one or a 9570 when they drop in price.

I was always kinda interested by OpenSPARC. GPL3'd design? Openboot by default? Cool name? Cheap as chips? I'd totally use one with OpenBSD if it were in any way feasible.
Librebooted Thinkpad is probably your best option.

THIS

I look forward to this. Also include that intel >=2009 are literal botnets.

Right? It's quite a powerhouse for the price. Emulation, heavy compilation, all smooth.
I have an H100. Got it for dirt cheap and it keeps it fairly cool and fairly quiet, even under heavy load.


I've gotten mine to 5ghz but it's incredibly unstable. I keep it around 4.8ghz, idles around 40-45c and peaks at 70 with load.

They'll just post more FUD like they did the email in the OP to scare people into buying those boards anyway :^)

Get a chromebook faggot's. New hardware with open bios.

Stand alone pc

instalulz, just add exploit


'secure virtualization' sounds like an oxymoron. there's a huge attack surface, no matter what you use. the result of a successful attack would be just as bad as a hardware backdoor, and equally difficult to spot.

adding additional software layers for security is asking for trouble. your best bet is to use hardware that doesn't have this shit in it, even if it isn't the most cutting edge out there, with an OS with proper security features set up correctly.

ASLR, ACL, *basic* sandboxing, overflow protections and other preemptive kernel exploit protections, a properly configured kernel, using only the minimal amount of services you need, configured correctly, with a properly configured firewall, on a trusted network using proper disk encryption, featuring a keyfile on some sort of removable storage, secured with a proper passphrase... any or all of these can help tremendously

libreboot.org/faq/#intel

the processor has its' own proprietary real time OS running outside of your gentoo. it's got network and direct memory access so even something like qubes would fall down here (the AMT vuln they talk about is actually by the qubes dev)

lowRISC is gonna be ARM or MIPS-tier.

were I rich I would buy one of these TALOS Power8 workstations for serious work and use lowRISC for everything else, at least until fast RISC-V CPUs are made.


openSPARC and openRISC are really good freedom-wise, but unlike RISC-V they are old, rotting designs and there isn't as much momentum behind them as with RISC-V. I genuinely believe RISC-V actually stands a chance of seing ASICs being produced at mass

chromebook is fine to travel with but what do i use on the server for anything cpu intensive?

openpowerfoundation.org/

It's right fucking here, completely open blobless firmware stack and a massively powerful CPU with GPU support.

Tell Raptor Engineering you want them to make their ATX board.

raptorengineeringinc.com/TALOS/prerelease.php

How fucking gullible are you people, seriously?


SHILL

Drum up some ideas to RE these things, Holla Forums. Certainly learning the "speedy" hardware algos they use to decrypt/encrypt communication could be useful and open sauced. Any anons heard of a published decapping of one of Intel's ICH?

...

AMD offers custom chips don't they. What's the minimum order for a custom design?
We could have a crowd funding to make 100k or what ever the min numbers of zen core cpus for AM4 with the Platform Security Processor stripped out and include libreboot support.

Does that means not even single board computers are safe?

stackoverflow.com/questions/12334069/handling-arm-trustzones
and the ARM1176JZF-S in the raspberry pi too.

stackoverflow.com/questions/7955982/arm-trustzone-development
though someone else says

if you want to read more about trustzone itself
infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html

So when encryption is finally outlawed, is this how they are going to enforce it?

Even our OTPs won't be safe

In these businesses, I doubt they would even care enough to reply to an email if you only want 100k of custom chips.

TFW running off of a 2008 core2duo e8400...

I was just starting to look into building a new rig in case 1st gen VR wasn't stillborn and had a 2nd gen worth buying. Glad I saw this before I plunked down on the latest Intel chipset.

So, is the AMD 9570 the last of the AMD CPU's not to have PSP? What's the most recent/powerful CPU you can set up that doesn't have this ridiculousness aside from the POWER8?

Holy fuck first attempt at a post went right through without a hitch. Is this real life?

Before AMD went to ARM for this crap, I read that they were also using 8051's or some other microcontroller to implement similar functions.

Bump for more processor recommendations

Buying AMD's superclocked 8350/20s is retarded.

and here I was, looking forward to AMD Zen...guess I can wait a bit longer till lowrisc or openrisc cpu's are out

the cpu market really does need competition, at the moment the desktop cpu market is a duopoly

If the PSP was defective at manufacturing they could set it aside and sell it as a feature.

People want defective chips not custom made ones. Getting 100k people paying for them in advance would be the real problem though as most people are fine with their older chips.

Can anybody tell me the last FM2/FM2+ processor to be affected by this? I need it for a nas build.

So would you just go with an 8350 and see how much voltage you can push before it gets unstable?

Why not use an AM1 board? They're kinda free (some support coreboot) and use less power.
If you want FM2, I think you'll have to go with Richland (i.e. A10-6800K )

mostly because because i wanted to have it fit into a itx case and have 6 sata port but i could not find one with a AM1 socket

Also thanks

I did some digging around...

classic.regonline.com/custImages/360000/369552/TCC PPTs/TCC2013_VanDoorn.pdf

is a slide that seems to explain what PSP really is, a custom arm chip embedded in a cpu?
wtf

also,why did it have to be dutchfag that implemented this evil on the amd chips

woop

If they only realise there's a market for PSP-less chips.

How could you verify that it's disabled, power analysis? What about the idea that the PSP could be on a larger process than the main chip, and therefore the machines can do (let's say) 60nm litho process better than 32nm or whatever they're on now for the main die sections? That could lead to absolutely no binning based on coprocessor disfunction.

So, basically, don't get a Raspberry Pi that was designed by SJWs to get more niggers and wymyn into STEM, but get instead a BeagleBone that was actually designed by an electronics manufacturer for embedded development?

What's really annoying is that this die space could have been used for extra memory or even more cores.

I understand that their bigger clients are the ones that demand this be included but I simply can't support this. I was looking forwards to the Zen CPUs but not anymore. Describing their 'certified secure' OS/kernel as being in the 'TrustZone®' is when I lose any interest in using it.

beaglebones also use cortex a with trustzone so i don't see why you brought it up. they're pretty nice boards but they're no different in this regard

Current AMD CPUs are pretty weak. An 8350 can barely do Arma 2/3 at 20 to 30 fps or run PCSX2 very well.

They just don't have the processing power that would make them worth buying in 2016. They suck. This is coming from someone who is a happy 8350 owner who wishes they had a bit more power for when I needed it.

Regardless Zen coming later this year is supposed to be so amazing and it better be or AMD is going to have to leave the desktop CPU market I would reckon.

You could always keep your current system and build one explicitly for video games and other dumb non work shit. If your buying a current AMD CPU for future gaming and CPU heavy workload you are making a mistake.

...

the fx series is a '13 design, so a technicality

are we posting that now?
wew lad.
shit is getting too hot if i overclock more

Buying a CPU just to get possibly good performance if you get lucky and get a good over clock is probably a dumb decision for most.

Even then alot of games and shit still only use 2 to 4 cores aside from a few super optimized titles that aren't worth playing.

If you want to do a lot of compression and rendering and shit where the more threads matter, then maybe AMD is worth going with, mostly because I don't know much about the Intel selection.

But the reality is a Pentium has better performance per thread than the 8350 and probably most if not all of AMDs lineup. Depending on what the user wants to do, this might be a huge handicap.

Majority of the time I find that it dousn't matter considering theres very little software out there thats really demanding anymore and shit posting on Holla Forums isn't one of them.

All that said prices will probably go down when Zen comes out or you will find a used market pops up for the old FX chips being replaced if users decide to upgrade.

...

FUD

on an intel board the chip can access the network card oob so there's room there for a backdoor to your processor. i don't see how trustzone is the same thing

rhombus-tech.net/community_ideas/laptop_15in/news/

If anyone's looking to do this, try flashrom.org:
flashrom -r
Then disassemble it with gdb or something idk

rhombus-tech.net/ingenic/jz4775/

FSF endorseable SoC

While TrustZone can implement DRM, it is not a closed management engine. If you control the board, you can load your own OS there (but, conversely, if you cannot load your own OS there, you do not control the board).
There was a talk at FOSDEM this year about using TrustZone to run a small hypervisor:

fosdem.org/2016/schedule/event/microkernels_genode_usb_armory/

What about VIA x86 CPUs?
viatech.com/en/silicon/processors/

the current fastest AMD proc is FX-9590, does not seem to have PSP, released in june 1013.

So they weren't joking when they say AMD is ancient.