this post was submitted on 10 Aug 2024
211 points (83.3% liked)

Technology

59207 readers
2934 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
211
Researchers discover potentially catastrophic exploit present in AMD chips for decades (www.engadget.com)
submitted 3 months ago by some_guy@lemmy.sdf.org to c/technology@lemmy.world
56 comments fedilink hide all child comments
 

Intel breathes a sigh of relief as the spotlight moves off of them for a beat.

you are viewing a single comment's thread
view the rest of the comments
[–] db2@lemmy.world 6 points 3 months ago (12 children)

It does mean that any secondhand computer or CPU (or even CPU from a sketchy source) could be compromised prior to being physically sold.

It's worse than that, any AMD chip from any source except maybe AMD directly is suspect. Mine is a few years old from Amazon supposedly new, for all I know it came compromised and is sitting there doing what I tell it to until it triggers and I won't even know when or if it happens.

[–] rhombus@sh.itjust.works 1 points 2 months ago (4 children)

If I understand it correctly, the chip has the vulnerability, but the malware would be installed on the motherboard in the form of a bootkit. So getting a used CPU is not a threat, but getting a used motherboard is (and kind of always has been) a risk.

[–] db2@lemmy.world 2 points 2 months ago (3 children)

It allows for adulteration of firmware, the CPU has firmware. 🤷

[–] rhombus@sh.itjust.works 2 points 2 months ago (1 children)

CPU firmware exploits are incredibly rare, if there even are any that exist beyond proof-of-concept. The chances of getting an infected CPU from this is so unlikely it’s practically impossible.

[–] db2@lemmy.world 1 points 2 months ago (1 children)

You forget that the CPU has a nanny CPU built in these days.

[–] rhombus@sh.itjust.works 1 points 2 months ago

Which, again, is an incredibly unlikely attack vector unless you have some government secrets on your computer. And chances are that any attack through the IME or PSP is trying to do an implant into the UEFI/BIOS and not the processor itself.

load more comments (1 replies)
load more comments (1 replies)
load more comments (8 replies)