For those who don’t know, DEF CON is one of (if not the biggest) Hacker/Security Conventions in the world.
Not uncommon to have presenters show multiple Security Flaws there.
Let’s see what this AMD one is…
SpaceSolid8571
Yay! Three cheers for having an entire market of bad options to choose from.
SuperbQuiet2509
>Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or servers
As always, the headline is a lot more bombastic than reality.
Donglemaetsro
I told people AMD would be next and was called an Intel fan boy. They’re all bad, best you can do is go for who doesn’t look as bad at the time of purchase lol.
[deleted]
[deleted]
filipinoRedditor25
>In a background statement to WIRED, AMD emphasized the difficulty of exploiting Sinkclose: To take advantage of the vulnerability, a hacker has to already possess access to a computer’s kernel, the core of its operating system. AMD compares the Sinkhole technique to a method for accessing a bank’s safe-deposit boxes after already bypassing its alarms, the guards, and vault door.
I mean if the hacker already has access to those types of things, might as well let them exploit the bug?
gracklewolf
I see you Intel…
sicKlown
As the old saying goes, Intel, AMD, ARM, and Windows have to be correct all the time while exploiters only need to be once. As much as the constant drip of exploits sucks, given the sheer complexity of these systems it’s unavoidable that holes will be found. We can only hope research let’s and vendors keep up the vigilant lookout to hopefully beat bad faith actors to the punch
WolfVidya
Does the Intel 700k bet guy work at Wired? Shameful journalism.
Donglemaetsro
Also gonna take this opportunity to point out that almost all if not all cheat programs in games require kernel level access to try to get by cheat detection.
Exploiting this requires that level of access and if you think people finding this flaw wouldn’t flock to create very easy to create “trusted” cheat programs you’re naive at best. Then you get a near undetectable virus that’s only removable with a physical tool. One that has access to everything on your pc.
Also knew a guy that created cheat programs back in the day that was considered trusted. Most his money came from paid to deploy x copies of someone’s virus with his cheat tool so there were plenty of clean versions and then some not. If anyone ever caught on (no one did BTW) people would have dogpiled on the one that caught him claiming theirs are clean and the one that caught it must have done something else, got it from the wrong source etc. people are dumb.
TL;DR Stop cheating in video games dumbasses.
Mister_Shrimp_The2nd
Preparing for the fanboys to somehow make this be about Intel
ContactIcy3963
Intel is that you?
marksteele6
The biggest issue here is, if exploited, it can apparently persist even after a clean windows install. So yes, while the infection scenario is rare, with the attacker already having kernel level access, the bigger problem is if you do get infected, you basically have to throw away your computer.
That being said, this isn’t really targeted at your average end-user. This is more at the level of “state sponsored hacker targeting a person” as it requires a personal level of attention to pull off such a deep level exploit.
Larry_The_Red
can’t wait to never hear about this again, just like the “pkfail” exploit last month
00pflaume
While this exploit requires the hacker to already have kernel level access, it is still pretty bad. Some people don’t seem to realize what this exploit could cause.
The exploit is permanent and pretty much undetectable. It can only be removed by replacing your CPU.
If you buy a used CPU, you cannot be sure that the previous user did not have a virus previously, which used this exploit and infected the CPU. Meaning if this exploit should ever become widely used by a virus used AMD CPUs become a huge security risk.
If you get a virus, you normally could just reinstall Windows to fix everything, but now you would have to throw away your CPU.
Another danger of this exploit is that viruses running in the kernel can be detected by kernel level antivirus software, but usually it takes some amount of time until the antivirus finds the virus in the kernel. So with this exploit a virus with kernel level access has to only be in the kernel for a very short period of time, infect the CPU and then delete itself to become completely undetectable.
If you are a bigger company like a bank or server companies, you also run the risk of supply chain attacks. Hacking the CPU permanently before the CPU is ever deployed within the company is probably easier than after the fact. The hacker needs to have access to the complete PC, they only need access once to the CPU and the infection would be undetectable.
15 Comments
For those who don’t know, DEF CON is one of (if not the biggest) Hacker/Security Conventions in the world.
Not uncommon to have presenters show multiple Security Flaws there.
Let’s see what this AMD one is…
Yay! Three cheers for having an entire market of bad options to choose from.
>Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or servers
As always, the headline is a lot more bombastic than reality.
I told people AMD would be next and was called an Intel fan boy. They’re all bad, best you can do is go for who doesn’t look as bad at the time of purchase lol.
[deleted]
>In a background statement to WIRED, AMD emphasized the difficulty of exploiting Sinkclose: To take advantage of the vulnerability, a hacker has to already possess access to a computer’s kernel, the core of its operating system. AMD compares the Sinkhole technique to a method for accessing a bank’s safe-deposit boxes after already bypassing its alarms, the guards, and vault door.
I mean if the hacker already has access to those types of things, might as well let them exploit the bug?
I see you Intel…
As the old saying goes, Intel, AMD, ARM, and Windows have to be correct all the time while exploiters only need to be once. As much as the constant drip of exploits sucks, given the sheer complexity of these systems it’s unavoidable that holes will be found. We can only hope research let’s and vendors keep up the vigilant lookout to hopefully beat bad faith actors to the punch
Does the Intel 700k bet guy work at Wired? Shameful journalism.
Also gonna take this opportunity to point out that almost all if not all cheat programs in games require kernel level access to try to get by cheat detection.
Exploiting this requires that level of access and if you think people finding this flaw wouldn’t flock to create very easy to create “trusted” cheat programs you’re naive at best. Then you get a near undetectable virus that’s only removable with a physical tool. One that has access to everything on your pc.
Also knew a guy that created cheat programs back in the day that was considered trusted. Most his money came from paid to deploy x copies of someone’s virus with his cheat tool so there were plenty of clean versions and then some not. If anyone ever caught on (no one did BTW) people would have dogpiled on the one that caught him claiming theirs are clean and the one that caught it must have done something else, got it from the wrong source etc. people are dumb.
TL;DR Stop cheating in video games dumbasses.
Preparing for the fanboys to somehow make this be about Intel
Intel is that you?
The biggest issue here is, if exploited, it can apparently persist even after a clean windows install. So yes, while the infection scenario is rare, with the attacker already having kernel level access, the bigger problem is if you do get infected, you basically have to throw away your computer.
That being said, this isn’t really targeted at your average end-user. This is more at the level of “state sponsored hacker targeting a person” as it requires a personal level of attention to pull off such a deep level exploit.
can’t wait to never hear about this again, just like the “pkfail” exploit last month
While this exploit requires the hacker to already have kernel level access, it is still pretty bad. Some people don’t seem to realize what this exploit could cause.
The exploit is permanent and pretty much undetectable. It can only be removed by replacing your CPU.
If you buy a used CPU, you cannot be sure that the previous user did not have a virus previously, which used this exploit and infected the CPU. Meaning if this exploit should ever become widely used by a virus used AMD CPUs become a huge security risk.
If you get a virus, you normally could just reinstall Windows to fix everything, but now you would have to throw away your CPU.
Another danger of this exploit is that viruses running in the kernel can be detected by kernel level antivirus software, but usually it takes some amount of time until the antivirus finds the virus in the kernel. So with this exploit a virus with kernel level access has to only be in the kernel for a very short period of time, infect the CPU and then delete itself to become completely undetectable.
If you are a bigger company like a bank or server companies, you also run the risk of supply chain attacks. Hacking the CPU permanently before the CPU is ever deployed within the company is probably easier than after the fact. The hacker needs to have access to the complete PC, they only need access once to the CPU and the infection would be undetectable.