AMD Has No Plans To Release PSP Code (twitch.tv) 125
AMD has faced calls from Edward Snowden, Libreboot and the Reddit community to release the source code to the AMD Secure Processor (PSP), a network-capable co-processor which some believe has the capacity to act as a backdoor. But despite some signs earlier that it might consider opening the PSP code at some point, the chip-maker has now confirmed that there hasn't been a change of heart yet. "We have no plans on releasing it to the public," the company executives said in a tech talk (video).
Lisa Su is BAE (Score:5, Informative)
PSP stands for Platform Security Processor, a secure enclave in the processor and AMD's version of the Intel Management Engine.
Quoting from Libreboot:
As such, it has the ability to hide its own program code, scratch RAM, and any data it may have taken and stored from the lesser-privileged x86 system RAM (kernel encryption keys, login data, browsing history, keystrokes, who knows!). To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM “features” to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.
AMD is no doubt being bitten on the sack for using third parts code and we again see why everything should be open sources.
Re:Lisa Su is BAE (Score:5, Insightful)
Seems odd that anybody would go down the route of obscurity, given the recent exposure of Intel AMT, and the problems it is causing.
it would seem to be required to allow the DRM “features” to work as intended
Odd to "protect" the use of DRM, given the track record of successful hacks against DRM. Even worse to compromise the security of the entire system for its sake.
I see nothing that could possibly go wrong...
Re:Lisa Su is BAE (Score:4, Insightful)
1. They don't want to make it any easier than necessary for hackers to find a way to exploit this
2. They don't want the general public to know exactly how much any system using this hardware compromises their privacy and personal security
As-is, I'd say that any computer using this technology is about as compromised as it can get, nothing you'd ever do on it would even be remotely secure, not unless it was never, ever connected to any network that has any route to the public Internet. The only way they could make something like this worse would be to somehow prevent any OS other than Windows to run on it, ensuring that you never, ever have any control over anything that isn't trivial.
In the past I've said "computers aren't fun anymore", but when I said that previously I meant it in a totally different way than I do when I say it now; between hardware manufacturers, designing in hardware that allows for outside surveillance and control of a computer you ostensibly own, and shithead companies like Microsoft, who produce entire operating systems with surveillance-and-control completely integrated into every piece of code, computers are now worse than "no fun anymore", they're spiritually cancerous. As if that isn't all bad enough, now Microsoft is attempting to annex and subvert Linux, too, trying to bring it's further development under their control, and running half-assed versions of it under Windows, effectively removing all the advantages, security, and privacy.
If I even cared anymore I guess I'd go play with microcontrollers. Until, that is, they manage to ruin that for everyone, too.
Re:Lisa Su is BAE (Score:4, Interesting)
3. They're using proprietary code from a third-party that they're not allowed to disclose.
Re: (Score:2)
Intel. Or more likely whoever owns the IP for the management processor.
Re: (Score:2)
It's ARM.
Re: (Score:3)
4. There is zero commercial advantage in releasing the source.
Re: (Score:2)
Re:Lisa Su is BAE (Score:5, Insightful)
4. There is zero commercial advantage in releasing the source.
I'm not so sure about that. I think with proper marketing AMD could turn it into a major commercial advantage. Imagine the ad campaign...
AMD chips don't spy on you, and we can prove it.
Intel is hiding behind lawyers and refusing to come clean.
Which one do you want inside your computer?
(Unfortunately, "proper marketing" and "AMD" are rarely used in the same sentence.)
Re: (Score:2)
You mean just like Linux crushed Windows and macOS on the desktop when they did the same? Oh, wait...
Re:Lisa Su is BAE (Score:5, Informative)
5. There really is a backdoor.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Huh? What's wrong with you, are you an icky weirdo or something? I bet you don't have a facebook either or watch television at least 20 hours per week. That's sooooo creepy.
Re: (Score:2)
You know, that's argument ad hominem. It really doesn't matter *who* makes the argument; what matters is the merit of the argument. The argument is that security through obscurity isn't any good. It's an argument every security expert will agree with. In this case it's been already proven to be a vulnerability, in case of Intel. There's no valid defense AMD can use to defend their approach. ...so, for lack of valid defenses, let's use ad hominem...
Re: (Score:2)
Yes it is.
But in the eyes of the company, those groups are considered fringe groups, people who have wider agendas.
Re: (Score:2)
Well, I'm going to express my vote through my wallet. I'm not a fringe group - I'm a potential customer. A potential customer they have lost.
The distrust only grows from here (Score:4, Interesting)
Closed source, out of band co-processors on every motherboard currently in production with no oversight or accountability? I'm surprised we don't have a third party stepping up here, like Samsung or Qualcomm, ready to take a crack at the CPU market with this kind of an opportunity.
Re: The distrust only grows from here (Score:4, Insightful)
You are kidding right? The base band chip in mobile phones would make intel and amd look like amateurs with what samsung and qualcomm can do.
Re: (Score:2)
I'm rooting for you guys, though. Is there a place I can go to donate some money?
Re: (Score:1)
>I'm surprised we don't have a third party stepping up here, like Samsung or Qualcomm
If both Intel and AMD have this sort of thing baked into their hardware then I'd guess that either A) there's some sort of business/financial incentive for them to do so, or B) there's a lot of pressure from certain TLAs to do so. Either way, I can't see why the same pressure(s) wouldn't drive a third party to do the exact same thing, and that's before you ask yourself how sure you are that they aren't doing it already
Re: (Score:1)
"oh sure i dont care i will just switch it off"
"wait, i need it on to watch hbo go?"
"ok here take all my privacy i just want to watch game of thrones"
Re: (Score:3)
Where do you think they get the co-processors from? AMD's PSP is some ARM variant, could be qualcomm for all we know.
Re: (Score:3)
The only real way out of this is either a new startup company catering to exactly 'our' crowd, or crowdfunding a desktop RISCV/J[2,4,6]/OpenSparc motherboard and processor combo (SOCKETED, not solder down. Lose a few watts, leave open future upgrades/replacements.)
The only way you'd be able to do that successfully would be to have your own nuclear-capable nation-state, and even then it would be dicey at best. All the 'Five-Eyes' nations and most of the rest of the West would be out to destroy such a project and those behind it. The governments of the West seem determined to weaken global network/computer security in order to be able to spy on anyone at any time for any reason, and damn the consequences.
Thank goodness my plans for the impending overthrow of Western ci
Re: (Score:2)
I'm surprised we don't have a third party stepping up here
We did. For years 3rd parties made lots of money selling these as extras on every server or high end workstation. Now that everyone gets it for "free" people are upset.
Re: (Score:2)
I'm surprised we don't have a third party stepping up here, like Samsung or Qualcomm, ready to take a crack at the CPU market with this kind of an opportunity.
They'd do better... especially Qualcomm?
No PSP code (Score:1)
But DS code is allowed
Proof (Score:1)
Proof that it is a backdoor and that the crucial support of their business is a contract from the plutocracy, meaning that if they stop playing ball, they go out of business.
Re: (Score:2)
Except that's conspiracy-theory reasoning. They might just figure that not enough people care to bother.
Re:Proof (Score:5, Informative)
Except that's conspiracy-theory reasoning.
If we've learned anything in the last five years or so, it's that's yesterday's wacko conspiracy theory is today's jaw-dropping, fact-checked revelation.
Re: (Score:2)
No, don't be absurd.
The 9/11 truthers? Just as stupid today as they were yesterday.
Re: (Score:2)
they could get an edge over intel if they would open source theirs when intel never would
But like I said, very few people really seem to care. You explanation isn't proof, it's one possible explanation.
PS you're fucking stupid
What a compelling argument!
Re: (Score:2)
they don't care about their secrets?
Well apparently not, no. Slashdot might care about this stuff (myself included), but as far as I can tell no-one else really does.
Alternative architectures like ARM exist, and projects like RISC-V exist, and I think they're great, but I don't see them having a big impact on the CPUs that real people buy for day-to-day workstations and servers. Maybe that's cynical, but here we are.
seriously, you are stupid
Try arguing like an adult, rather than a petulant toddler.
Ok, next! (Score:4, Insightful)
Another chip manufacturer that cannot be used for trustworthy IT infrastructure. Who's next on the chopping block?
Re:Ok, next! (Score:5, Insightful)
What chip manufacturer is trustworthy?
Re:Ok, next! (Score:5, Funny)
Lay's, Humpty Dumpty, Yum Yum,...
Re: (Score:3)
QC, Canada
Re: (Score:3)
The POWER8 and POWER9 by IBM are completely open. See also: https://www.raptorcs.com/TALOS... [raptorcs.com]
Re: (Score:2)
Re: (Score:2)
I suppose you could also set up your firewalls to prevent any 'phone home' from occurring, but like Windows 10, it might have so many different ways to do that, that you'd be playing an endless game of Whack-a-Mole trying to lock it out.
Re: Ok, next! (Score:1)
There aren't really open source development tools for "expensive fpgas". That is a fairly closed world.
Re:Ok, next! (Score:5, Informative)
Better get rid of ARM, too, since ARM has the same thing.
In fact, I believe AMD licensed ARM's technology for it - it's called TrustZone, and it separates out threads of execution into "secure" and "open" modes. Your regular OS runs in the "open" mode, and makes calls into the secure OS, which can be used to keep stuff like encryption keys away from the main OS. (You can use it for disk encryption - get the secure OS to generate a key, save it, and load the encryption key into the onboard encryption hardware, so none of the user software touches it. If you rip out the disk, it's useless because the key is locked away).
Several DRM schemes also use it, including Google's Widevine DRM (requires it in order to work).
And yes, the secure OS has full access to the main OS and all the peripherals.
The boot chain must be strictly controlled - you have to start with a onboard ROM monitor that verifies the images as they load before transferring control the open world OS. Otherwise you can load any code you want. I'm not sure how AMD processors boot, but all ARM processors using TrustZone have a boot ROM that verifies the next stage bootloaders (and secure OS) before loading them into memory.
Re: (Score:2)
That code is loadable, and depending on the boot chain you may or may not be able to replace it. And you do get the source -- at least to the reference version, your machine's vendor may load something else there.
Re: (Score:2)
used for trustworthy IT infrastructure
Infrastructure is exactly the kind of IT that has had these exact things for 2 decades. Just built into the motherboard instead of the CPU.
Re: Everytime this happens (Score:1)
> There is no security by obscurity by using hardware everyone has (and can cut open)
Er... considering that it took about 25 years for amateurs to reverse-engineer a 6502, and around 17 to successfully de-pot a Votrax SC-02 module... yeah, obscurity probably *will* buy them at least 3-5 years against determined & well-funded state espionage agencies, 10-25 years against organized crime, and 25-50 years against amateur hackers.
What AMD is counting on is keeping it secret long enough to discover their
Re: No Plans to buy their backdoored hardware then (Score:2)
Robust firmware-signing isn't the problem... robust firmware-signing that requires a key not under your own control is the problem.
That's my #1 beef with Android... Google is happy to bitch about my unlocked bootloader, but forces me to choose between leaving it unlocked, or locking it WITH THEIR FIRMWARE ONLY. I want to be able to flash my own firmware AND re-lock the bootloader with MY OWN key.
It's also why I don't particularly object to things like AACS implemented directly by a discrete codec chip, but
Leaks are Worse, Fellas (Score:5, Interesting)
Go ahead, try to keep this stuff secret. There will be leakers and if you will be embarrassed by the leaks, it's better to come clean now than to be the center of market turmoil when the vulnerabilities are disclosed.
Can't this stuff be sniffed out? (Score:1)
Just watch your network traffic, right? And those with really fancy tools can measure all the pin outs?
Re: (Score:3)
Funny but no. With https you can still see the target, so it would be easy to detect if someone opened a https connection to a server which the user newer visited.
But the danger is not that Intel/AMD is going to spy on anyone, because neither company is THAT stupid. The danger is if there is a bug which allow third party code running on the computer, to interfere with the code running on the PSP.
Re: (Score:2)
Seriously... (Score:1)
Re: (Score:2)
Sigh, switched to telling corny jokes to get some karma back I guess. Leave.
1) I don't need points for my Excellent Karma. 2) Have some Portuguese Spam [amzn.to].
Re: (Score:2)
Man, you eat that?
Nope. Someone was complaining about Spam and Spam comes in a lot of flavors.
Can I mail you some of these?>
Sure. I could always use an extra set of bed sheets.
Re: (Score:1)
Hey, you stole the lame joke I was planning to post.
Intel Management Engine (Score:2)
So I have no plan to use AMD processors (Score:3)
Period.
Re: (Score:2)
Alright, so whose processors are you using? Intel has the IME which is the exact same thing, and has already been compromised once.
Re: (Score:2)
So what's next for you? Waiting for the 8-core Raspberry Pi 5?
Re: (Score:2)
raspis don't function without blobs so that's no solution either...
Re: (Score:2)
Intel Core 2 Quad?
Re:So I have no plan to use AMD processors (Score:5, Interesting)
POWER9 is open. Not free in the sense of RISC-V or SPARC, but at least it's not based on mysterious binary blobs and undocumented coprocessors like the options from RPi/Broadcom, Intel and AMD.
Re: (Score:2)
Talos II is coming (Score:5, Informative)
According to https://www.raptorcs.com/TALOS... [raptorcs.com] Raptor Engineering is working on Talos II. They claim it "Libre-friendly, powerful, and competitively priced the new, POWER9-based Talos II takes flight in early August 2017!" so not long to wait before we can evaluate the specs and price. Debian GNU/Linux has a POWER9 port [debian.org] which I'd expect would run on such hardware.
Can this be contained or rendered inert? (Score:4, Interesting)
With the Intel AMT Platform, it is possible to render it "inert" such that yes its there, yes its running, but it won't accept any connections from the outside world. There is a Linux utility for checking if AMT is working or not. But Linux can't turn it on.
The problem is if you have Windows installed, Windows CAN re-activate it, and remotely. Can the AMD PSP be rendered harmless by containment, to where when Running Linux, it is non-functional because Windows utilities aren't there to re-activate it?
Took me a minute .... (Score:1)
I immediately interpreted PSP as Playstation Portable and wondered why AMD even held the source code for Sony's game system in the first place!
Closed source means likely backdoored (Score:3)
That really is the only sane conclusion.
Who cares about the code? (Score:2)
I don't care about the code. I just want to know how to turn it off.
Seriously, what's a decent bypass for this? Ignore the onboard LAN and use an oddball gigabit NIC for which the PSP couldn't possibly have a driver?