Path: ...!local-2.nntp.ord.giganews.com!Xl.tags.giganews.com!local-1.nntp.ord.giganews.com!news.giganews.com.POSTED!not-for-mail NNTP-Posting-Date: Sun, 11 Aug 2024 16:11:19 +0000 From: Spalls Hurgenson Newsgroups: comp.sys.ibm.pc.games.action Subject: Intel's having a bad year... but it looks like it's going to be worse for AMD Date: Sun, 11 Aug 2024 12:11:19 -0400 Message-ID: X-Newsreader: Forte Agent 2.0/32.652 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Lines: 82 X-Usenet-Provider: http://www.giganews.com X-Trace: sv3-zUfqPO7BDSQzL662MgORAEhBVvKzk1/n3+A27QFahKYm86upLAtIekyPZ/fW5M4O2WYHUdWqFoKOS6F!oR1KfQA75Ne8jqyjOHnqSv+KreuVhRxtEKZ76NBEcWPs6h4SWNzcI6zfAYNsU/MkRQr3VCZv X-Complaints-To: abuse@giganews.com X-DMCA-Notifications: http://www.giganews.com/info/dmca.html X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.3.40 Bytes: 4782 The recent kerfuffle about Intel's 13xxxK /14xxxK processors isn't showing the company (or their products) in any good light, but at least the problem is only affecting a small percentage of its customers (albeit, possibly, its most loyal and evangelical users; the sort who pay through the nose for the most expensive high-end products). But it looks as if AMD is going to be having an even worse experience. Recent revelations about the "Sinkclose" bug could be devastating for the company, since not only is a serious issue, but it effects a much wider range of products. "Sinkclose" leverages the System Management Mode built into x86 processors since at least 2006, and allows hardware access even below 'ring zero' security levels (and any such access would generally be undetectable by the OS). Depending on the machine's hardware configuration, any hacks could also be irreversible, since they could infect core flash-ROMs. If this was the case, you couldn't even trust a machine if you manually re-flashed its ROMs*, since the exploit would load before the flashing software. Intel chips aren't immune to such shenanigans (in fact, a similar problem was found with SMM exploits in Intel chips back in 2015) but the AMD problem is even worse because it effects a much wider range of processors; potentially, /any/ AMD processor released since 2006. It also can't easily be patched away with new micro-code; while a fix could prevent the exploit from working in the future, if your machine is already compromised, any micro-code patch won't correct the problem. Like most exploits, it isn't something easily taken advantage of remotely (although it's not impossible). Generally it will require the end-user to download a program which will inject the code first. However, given the lax security of most users that's really not much of an obstacle. There aren't any KNOWN instances of malware using this exploit, although given its wide-ranging impact, it seems almost certain that its known at the nation-state level. But now that it's been publicly revealed, its quite possible that -even though specific code examples haven't been released- smaller actors will be figure out how to make use of the vulnerability. I mean, if you're of a criminal bent, who wouldn't want an undetectable, unremovable way to access a user's computer, allowing you to read their data and use their PC for whatever nefarious deeds you want? People have been bitching about the overarching and unconstrained power SMM allows since it was first introduced, and this is just another example of why its advantages in no way counterbalance its disadvantages. You have to wonder about the timing of the release of this news. Certainly it puts AMD in a bad light, just when Intel was suffering in the news. Obviously Intel had nothing to do with the underlying problem [Aside from, you know, foisting SMM on end-users in the first place, but AMD could have said 'no' and not included it in their own designs!] and I don't think they've been sitting on the issue waiting for /just/ the right moment to push it out as a distraction [As far as I am aware, the researchers who divulged this exploit have nothing to do with Intel] but I wouldn't be surprised if Intel helped amplify the message, which otherwise might slipped by unnoticed. A sort of, "Oh, you think _we're_ bad, did you read what's going on with AMD here?" sort of response. Still, it's better to know than not. Still, you gotta feel sorry for AMD right now. They were riding high on Intel's misfortune until now. ;-) * well, unless you did so outside the infected machine