Technology Researchers find 'critical' security flaws in AMD chips
Why so many diamonds are making science headlines this week
They’re windows into the heart of the Earth. A diamond found in South Africa's Cullinan Mine. Researchers found an inclusion in a diamond like this that contains evidence of activity in the heart of the planet. Diamonds have been in the news quite a lot this week, and not because of any celebrity engagement news. Instead, it’s what’s inside that counts.
Security researchers said Tuesday they discovered flaws in chips made by Advanced Micro Devices that could allow hackers to take over computers and networks.
Israeli-based security firm CTS Labs published its research showing "multiple critical security vulnerabilities and exploitable manufacturer backdoors" in AMD chips.
CTS itemized 13 flaws, saying they "have the potential to put organizations at significantly increased risk of cyberattacks."
MIT gadget puts multiple artificial organs into a paperback-sized connected system
If you want to see how a proposed drug affects human physiology, your options are limited — and usually you end up using mice, which are in many ways poor analogues. What's a pharmacologist to do? MIT researchers have a solution: a "body on a chip" thatAnyone can understand the problem, which is simply that mice aren't humans, and tests on them are necessarily limited. There exist quite a few "organ on a chip" platforms (more properly "microphysiological systems), and while they're useful, organs don't exist in isolation — they're part of complex systems that vary from person to person.
The report comes weeks after Intel disclosed similar hardware-based flaws dubbed Meltdown and Spectre, sparking widespread computer security concerns and a congressional inquiry.
CTS said the newly discovered flaws could compromise AMD's new chips that handle applications in the enterprise, industrial and aerospace sectors, as well as consumer products.
In a 20-page white paper, the researchers said the AMD Secure Processor, the gatekeeper responsible for the security of AMD processors, contains "critical vulnerabilities" that "could allow malicious actors to permanently install malicious code inside the Secure Processor itself."
"These vulnerabilities could expose AMD customers to industrial espionage that is virtually undetectable by most security solutions," the researchers said.
Google: Android is just as secure as the other guys
After years of big security gaps, Google says the phones it powers are now as hard to hack as iPhones. It wants to make sure you know that.In 2015, we learned that Google's operating system for phones was vulnerable to the StageFright bug, which hackers could exploit just by sending a text message. In 2016, security researchers revealed that millions of Android phones were infected with malicious software called HummingBad, which hackers used to generate bogus ad revenue. In 2017, documents revealed by Wikileaks showed that the CIA had developed malicious software for Android phones.
CTS said AMD's Ryzen chipset, which AMD outsourced to a Taiwanese chip manufacturer, ASMedia, "is currently being shipped with exploitable manufacturer backdoors inside."
This could allow attackers "to inject malicious code into the chip" and create "an ideal target" for hackers, the researchers said.
"CTS believes that networks that contain AMD computers are at a considerable risk," the report said.
"The vulnerabilities we have discovered allow bad actors who infiltrated the network to persist in it, surviving computer reboots and reinstallations of the operating system.
"This allows attackers to engage in persistent, virtually undetectable espionage, buried deep in the system."
AMD, one of the largest semiconductor firms specializing in processors for PCs and servers, said it was studying the latest report.
"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise," the California-based company said in a statement.
"We are investigating this report, which we just received, to understand the methodology and merit of the findings."
Analysts at the security firm enSilo said the AMD flaws could be worse than those affecting Intel chips.
"The impact of these vulnerabilities is more severe than Meltdown/Spectre as it allows an attacker to execute highly privileged code and persist on the victim machine," enSilo said in a blog post.
Additionally, some of the flaws may be nearly impossible to patch.
"We estimate that without patches from AMD, protection against the vulnerabilities can be limited at best," enSilo researchers said. "The best protection is to block malware that attempts to leverage these vulnerabilities."
AMD vows to fix newly-disclosed processor vulnerabilities .
Semiconductor company AMD has finally acknowledged there's a problem with its Platform Security Processor. The announcement comes against a wider backdrop of controversy involving responsible disclosure. When researchers find vulnerabilities in products they typically give companies 90 days to respond -- sometimes even longer, depending on the seriousness of the flaw in question. Google gave Intel around 200 days to fix Meltdown and Spectre before revealing them to the public, for example. The idea, of course, is to give companies an opportunity to get a fix out there before nefarious individuals find a way to capitalize on the vulnerability themselves.
Intel Acknowledges Vulnerabilities in its Management Engine
Support my work on Patreon: http://ow.ly/3ymWFu PayPal Donations Welcome. Click here: http://goo.gl/NSdOvK Sources: https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/ https://ho...
Intel Kernel Security Flaw: You might lose up to 30% performance
Support this channel on Patreon https://www.patreon.com/SomeGadgetGuy A terrible start for 2018 and Intel. A security flaw was discovered in Intel hardware, and the fix could be VERY costly....
Thursday, 22 march 2018
Patrons of the social network are deleting their profiles in protest over reports that the company allowed a political data firm to harvest private information.Debates over privacy have plagued Facebook for […]
Friday, 23 february 2018
<p>Japanese engineering researchers say they have created a tiny electronic light the size of a firefly which rides waves of ultrasound, and could eventually figure in applications ranging from moving displays to projection mapping.</p>Named Luciola for its resemblance to the […]
Saturday, 24 march 2018
And we're not just talking about a one-off prototype here either, as next year is when this world-first is actually set to go into production. The car is a Smart-sized model called the LSEV that's made almost entirely using 3D-printing technology, and the makers are […]
Monday, 12 march 2018
Technology is getting more advanced by the day, and this scary discovery shows you don’t really know how much information you’re carrying in your pocket. Did you know smartphone cameras carry so much information, digital forensic teams are able to detect child exploitation material, […]
Friday, 23 february 2018
A red hand stencil. A series of lines that look like a ladder. A collection of red dots. These images, painted in ocher on the walls of three separate caves in Spain, are the oldest-known examples of cave art ever found. These images, painted in ocher on the walls of three […]
Wednesday, 21 march 2018
Apple is working on a secret display technology that will soon be used in its products, including the iPhone. But Apple appears to be very aggressive about defending its innovations in a field that’s dominated by its […]
Tuesday, 06 march 2018
When Albert Salvador, Cupertino’s building official, visited Apple’s new spaceship building last year, he worried that people would walk into the cafeteria’s glass walls because they couldn’t distinguish them from the equally clear automatic doors. After he brought up the issue, […]
Tuesday, 06 march 2018
<p>Ball lightning (those bright spheres of light during some thunderstorms) remains mysterious despite decades of study.</p>It sounds complex (and it is), but it leads to one clear advantage: you can take snapshots of the gas and examine the inner workings of its structure. This […]