
Initial AMD Technical Assessment of CTS Labs Research - jsheard
https://community.amd.com/community/amd-corporate/blog/2018/03/20/initial-amd-technical-assessment-of-cts-labs-research
======
an4rchy
This was great on AMD's part. They responded to all of the issues and also put
it into perspective.

Also, it looks like they are in-line with releasing fixes (in a couple of
weeks) way under the 90 day disclosure timeframe.

~~~
vatueil
Glad AMD plans to patch the exploits, not that I ever expected they would't.
And CTS Labs deserves all the blame they received.

But I hope this also puts to rest the claims that the vulnerabilities weren't
real or that Trail of Bits were paid to fake their results. AMD is confirming
that the PSP exploits could circumvent security and make persistent changes.
The fact that an attacker needs to acquire admin access first doesn't mean the
exploits aren't serious.

To reiterate, CTS Labs certainly over-hyped the impact, and it's
understandable why people reacted as they did. But if this were an Intel ME
bug (and such exploits have been found in the past), I doubt as many people
would have leaped to criticize an independent auditor or downplay the
vulnerability (more than it deserved, that is, since it was over-hyped
initially).

~~~
rphlx
I am frankly shocked at how many people wanted to nail CTS to a cross for the
_method_ of disclosure while granting something like an "it's cool bro" to
AMD. These are truly serious flaws that, IMO, greatly undermine the "third
party security audit" that AMD did in lieu of open-sourcing or publicly
documenting the PSP last year.

1\. Whichever third party security firm they hired should be discredited and
ashamed.

2\. AMD should work with its partners to provide a feature which _verifiably
and permanently halts_ the PSP CPU when the BIOS exits POST, for users who do
not need the TPM feature.

If they just minimally-patch these specific bugs, within a year some other
security company will probably find more. Or worse, next time, malicious
actors will find them instead.

Most users should not trust, and should not permit, these secondary "liability
cores" to continue to run alongside the x86_64 OS.

------
fulafel
This is a good opportunity to start a jailbreak PSP project to get open source
software on the PSP. Does anyone know if it's possible to downgrade the BIOS
and PSP firmware after this fix is applied?

