this post was submitted on 19 Sep 2023
269 points (98.2% liked)

World News

31895 readers
464 users here now

News from around the world!

Rules:

founded 4 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
269
New revelations from the Snowden archive surface (www.computerweekly.com)
submitted 11 months ago by [email protected] to c/[email protected]
31 comments fedilink hide all child comments
 

A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1 percent of the documents have been published, but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 14 points 11 months ago (1 children)

The Cavium stuff mentioning RNGs being compromised reminded me about this recent headline about fTPM RNG being wonky on some AMD motherboards.

https://www.theregister.com/2023/07/31/linus_torvalds_ftpm/

Probably not related, right? I wonder who the fTPM manufacture is for these boards.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

A discrete TPM has a separate manufacturer. The AMD fTPM is made by AMD, and they have already explained the issue.

[–] [email protected] 5 points 11 months ago (1 children)

https://en.m.wikipedia.org/wiki/AMD_Platform_Security_Processor

The PSP itself represents an ARM core (ARM Cortex A5[6][circular reference]) with the TrustZone extension which is inserted into the main CPU die as a coprocessor. The PSP contains on-chip firmware which is responsible for verifying the SPI ROM and loading off-chip firmware from it.

Critics worry it can be used as a backdoor and is a security concern.[3][4][5] AMD has denied requests to open source the code that runs on the PSP.

The PSP also provides a random number generator for the RDRAND instruction[10] and provides TPM services.

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago) (1 children)

Yes, exactly. It has similar concerns to Intel ME (and its fTPM). “I wonder who the fTPM manufacturer is” makes no sense.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

Then who makes the coprocessor that is inserted into the die?

Looking into more details of the boot process, it seems like the UEFI manufacturers such as AMI or Phoenix might be the best place to insert a pre-OS boot back door. The PSP (CCP) is just what is used to bootstrap before this step in the process.

https://www.igorslab.de/en/inside-amd-bios-what-is-really-hidden-behind-agesa-the-psp-platform-security-processor-and-the-numbers-of-combo-pi/

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago)

Then who makes the coprocessor that is inserted into the die?

AMD, obviously, they're not going to let anyone mess with their lithography masks. With IP bought from ARM, to wit: It's a Cortex A5, which is a bog-standard block of IP if you need something better than a microcontroller but not really beefy either. Or you could say that TSMC makes them, just as the rest of the silicon.

(AMD also has an ARM architecture license and thus the right to design its own ARM cores but a) those were designed to be in a completely different performance class (application server) and b) they never made it to market. They're now probably tinkering on RISC-V in the background in their eternal quest to not have Intel fused to their hip by x86).