[Tom's Hardware] AMD Secure Technology PSP Firmware Now Explorable, Thanks to Researcher's Tool - Page 2 - Overclock.net - An Overclocking Community

Forum Jump: 

[Tom's Hardware] AMD Secure Technology PSP Firmware Now Explorable, Thanks to Researcher's Tool

Reply
 
Thread Tools
post #11 of 20 (permalink) Old 06-25-2019, 01:46 PM
New to Overclock.net
 
Melcar's Avatar
 
Join Date: Sep 2005
Location: Merida
Posts: 8,294
Rep: 636 (Unique: 438)
Linux based OS's have GUIs too, so I don't get you point. Linux is niche for many reasons. The major one is that it has no giant company behind it pumping millions in marketing for the sole purpose of desktop PC dominance.


But this thread is about AMD's PSP and how it is now possible to look inside. From a personal perspective, I bought the hardware so I have the right to decide what runs on it. Many people, not just FOSS purists and nutjobs, have concerns about running these kind of encrypted firmware on their machines. People started raising alarms back when AMD first announced PSP, so the issue is not new.

Magicbox
(18 items)
CPU
Ryzen 7 1700
Motherboard
GA-AX370-Gaming K7
GPU
RX 480 Nitro+
RAM
Corsair Vengeance
Hard Drive
Samsung EVO 850
Hard Drive
HyperX 3K
Hard Drive
Seagate Barracuda
Power Supply
EVGA G2
Cooling
Noctua NH-D15
Cooling
Morpheus II
Case
Phanteks Enthoo Pro
Operating System
Kubuntu 18.04
Operating System
Windows 10 Pro
Monitor
Dell U2515H
Keyboard
CM Storm QuickFire TK
Mouse
G502
Mousepad
G440
Audio
Xonar DX
▲ hide details ▲
Melcar is offline  
Sponsored Links
Advertisement
 
post #12 of 20 (permalink) Old 06-25-2019, 02:06 PM
New to Overclock.net
 
Imouto's Avatar
 
Join Date: Mar 2012
Posts: 1,872
Rep: 213 (Unique: 98)
Quote: Originally Posted by dj_tokyu View Post
And the reason that linux is used servers and super computers is because admins don't require GUIs. Stripped down to a command line interface nets you performance. When you add in the GUI, you sacrifice performance. Unfortunately, most end users aren't code literate and therefore prefer an OS like windows or OSX.
No. Linux performs way better than Windows even with an effect heavy GUI. I'm sitting on a Plasma 5 KDE desktop with all the bells and whistles and the RAM usage is 500 MB. You didn't see that on Windows since Windows ME.

And you don't need to be code literate to use a Linux desktop. It is far easier to install most of the popular Linux distributions than Windows. You don't need to enter a key. You don't need to worry about privacy. You don't need to worry about updates shutting down your machine. You don't need to worry about your hardware being too old. You don't need to worry about crappy drivers.

If people prefer Windows or OSX is because it is what they've been doing their whole lives. Linux is far superior for the average user and things are getting better all the time.

Quote: Originally Posted by dj_tokyu View Post
If we're talking about what the majority of end users are using (desktop, laptop) you'll see that linux accounts for less than 1.5% of total users. If that isn't niche, I don't know what is.
So what? Being honest here. I don't know what's the point of this. Something being niche is a bad thing?

Quote: Originally Posted by dj_tokyu View Post
Your personal attacks do NOTHING to aid in the conversation, and I don't understand why you feel they're necessary.
What doesn't add anything to the conversation is some random guy being an antivaxx mom equivalent on these forums.

What are your thoughts about vaccines anyway?

#EnthusiastLivesMatter
Imouto is offline  
post #13 of 20 (permalink) Old 06-25-2019, 03:08 PM
Overclocker
 
JackCY's Avatar
 
Join Date: Jun 2014
Posts: 9,540
Rep: 319 (Unique: 231)
Quote: Originally Posted by Questors View Post
Wouldn't making something like this open source also allow those with malicious intent an open look into the code, therefore allowing them to more easily create exploits? Also couldn't it be possible that open source additions could also create problems of their own?
OSS and malicious intent... so by your logic all the Linux ecosystem is by now one whole infested nest? Is it?
Any properly secure app can be entirely open souce and well known to everyone yet still be secure and do it's function.

Obscurity in security is simply hiding holes you don't want exposed, nothing more.
JackCY is offline  
Sponsored Links
Advertisement
 
post #14 of 20 (permalink) Old 06-25-2019, 03:34 PM
Watercooler
 
Join Date: Jun 2013
Location: North Carolina
Posts: 512
Rep: 34 (Unique: 28)
Quote: Originally Posted by JackCY View Post
OSS and malicious intent... so by your logic all the Linux ecosystem is by now one whole infested nest? Is it?
Any properly secure app can be entirely open souce and well known to everyone yet still be secure and do it's function.

Obscurity in security is simply hiding holes you don't want exposed, nothing more.
I wasn't being logical or illogical. I was not making statements. I was asking questions because I don't know.

Quote: Originally Posted by Imouto View Post
So what? Being honest here. I don't know what's the point of this. Something being niche is a bad thing?
Niche doesn't indicate quality. The point could be that Linux isn't a major force on desktops, therefore it isn't mainstream enough in that environment for those with nefarious goals to bother attacking. It appears "safer" due to this. Should it become a large part of the market share, it is possible to find it full of holes. Based on what I know, probably not, but we won't know until that scenario arises.

Expansionist
(17 items)
CPU
Intel Core i7 5930K
Motherboard
EVGA X99 FTW K
GPU
NVIDIA GeForce GTX 980 K|NGP|N
GPU
NVIDIA GeForce GTX 980 K|NGP|N
RAM
G.Skill Trident Z
Hard Drive
Western Digital Black 4TB
Hard Drive
Samsung 950 Pro NVMe SSD
Optical Drive
Pioneer BDXL Blu-Ray
Power Supply
Seasonic X1250W
Cooling
Custom Liquid Cooling System
Case
CaseLabs Merlin ST10
Operating System
Windows 10 Pro
Monitor
Dell S2716DG
Keyboard
Azio - Armato
Mouse
Mionix Castor
Mouse
EVGA
Audio
Creative Labs Blaster ZX
▲ hide details ▲

Last edited by Questors; 07-02-2019 at 11:59 AM.
Questors is offline  
post #15 of 20 (permalink) Old 06-25-2019, 07:26 PM
Hey I get one of these!
 
KyadCK's Avatar
 
Join Date: Aug 2011
Location: Chicago
Posts: 7,244
Rep: 304 (Unique: 214)
Quote: Originally Posted by Imouto View Post
No. Linux performs way better than Windows even with an effect heavy GUI. I'm sitting on a Plasma 5 KDE desktop with all the bells and whistles and the RAM usage is 500 MB. You didn't see that on Windows since Windows ME.

And you don't need to be code literate to use a Linux desktop. It is far easier to install most of the popular Linux distributions than Windows. You don't need to enter a key. You don't need to worry about privacy. You don't need to worry about updates shutting down your machine. You don't need to worry about your hardware being too old. You don't need to worry about crappy drivers.

If people prefer Windows or OSX is because it is what they've been doing their whole lives. Linux is far superior for the average user and things are getting better all the time.



So what? Being honest here. I don't know what's the point of this. Something being niche is a bad thing?



What doesn't add anything to the conversation is some random guy being an antivaxx mom equivalent on these forums.

What are your thoughts about vaccines anyway?
What good is unused RAM? Uncached data is data that takes longer to get to the CPU. Do you only have 1GB and need the other half for the AAA games you can't play or something?

I would love to hear your logic, but unfortunately even you know that is not true. Linux has more options, and is thus more complicated and harder, even if all you do is click next on both sides.

A web browser is a web browser. It being on Linux does not make it better. Repos and management there in are a bane on all existence and should be burned. Play/Apple stores or the Windows way are beyond superior for the average user. The lack of anything at all but some text, check boxes, and a horrible search bar secure it as the worst way for a normal person to find anything, which is why it is not used on any popular platform. God forbid they need to add a repo, the user is screwed.

To be honest, yes. At least if you consider it a race to be won. Every server in the world could run Linux and they would still be outnumbered by PCs. Though, in this context, all the people who do not know how security works are on one dominant platform. It is easier to get $100 from a million people than it is to get $100 million from one company, and thus the non-niche is targeted. Or do you think Android does not get viruses and malware because it is Linux?

Quote: Originally Posted by Questors View Post
I wasn't being logical or illogical. I was not making statements. I was asking questions because I don't know.



Niche is doesn't indicate quality. The point could be that Linux isn't a major force on desktops, therefore it isn't mainstream enough in that environment for those with nefarious goals to bother attacking. It appears "safer" due to this. Should it become a large part of the market share, it is possible to find it full of holes. Based on what I know, probably not, but we won't know until that scenario arises.
The answer is yes, it does make things easier for people with less than moral goals in mind.

The issue is though, that security by obscurity only works until one person makes it not so obscure. You have a few dozen programmers trying their best to keep it hidden against every hacker, be it Black Hat, White Hat, or Grey, wanting in for their own reasons, even if that reason is "for fun". If a Black Hat were to break it, and share, no one can defend and worse yet, no one would know until after something happens.

When you open source an application, you change the dynamic; Black Hats still want to break it, but now White Hats want to keep it locked down, and they can help do so. Your "team" grows in size massively.

You can fight the horde by pretending to be a tree, or you can fight them with your own horde. Only one needs to notice that you look pretty sketchy for a tree. Which sounds safer?

Quote: Originally Posted by thagabe View Post
@ThrashZone

Are you for-real? Linux has more users than any other OS if you count server and iot.... linux's open nature is it's power because anyone can extend or fix issues in the source code that can be dimmeminated to everyone since all code 'distributed' has to be released publicly meaning good patches make their way upstream so everyone benefits from everyone else's efforts. HEck! even the NSA uses linux and created Security Enhanced Linux which is a protocol to restrict access to certain parts of the system through mandatory access controls that must be set at boot so no changing this on the fly! Linux is a solid block of cheese compared to the Swiss cheese that windows is.
Yes, IoT. Clearly the best example as a beacon of upheld security protocols and policies!

Oh wait.

No.

Not that.

It's not even in a block, it's just shredded, powdered, and served to the bad guy via confetti canon to get that fuel/air mixture just right for the resulting explosion.

Forge
(18 items)
Forge-LT
(7 items)
CPU
AMD Threadripper 1950X
Motherboard
Gigabyte X399 Designare
GPU
EVGA 1080ti SC2 Hybrid
GPU
EVGA 1080ti SC2 Hybrid
RAM
32GB G.Skill TridentZ RGB (4x8GB 3200Mhz 14-14-14)
Hard Drive
Intel 900P 480GB
Hard Drive
Samsung 950 Pro 512GB
Power Supply
Corsair AX1200
Cooling
EK Predator 240
Case
Corsair Graphite 780T
Operating System
Windows 10 Enterprise x64
Monitor
2x Acer XR341CK
Keyboard
Corsair Vengeance K70 RGB
Mouse
Corsair Vengeance M65 RGB
Audio
Sennheiser HD700
Audio
Sound Blaster AE-5
Audio
Audio Technica AT4040
Audio
30ART Mic Tube Amp
CPU
i7-4720HQ
Motherboard
UX501JW-UB71T
GPU
GTX 960m
RAM
16GB 1600 9-9-9-27
Hard Drive
512GB PCI-e SSD
Operating System
Windows 10 Pro
Monitor
4k IPS
▲ hide details ▲
KyadCK is offline  
post #16 of 20 (permalink) Old 06-25-2019, 11:40 PM
In VB's Basement
 
ENTERPRISE's Avatar
 
Join Date: Oct 2004
Location: England,UK
Posts: 63,969
Let's keep it civil please.


Need help with your account or something forum related ? Please use our Contact Us form



ENTERPRISE is offline  
post #17 of 20 (permalink) Old 06-26-2019, 12:50 AM
Old to Overclock.net
 
Join Date: Jan 2008
Posts: 2,018
Rep: 111 (Unique: 98)
Quote: Originally Posted by dj_tokyu View Post
And the reason that linux is used servers and super computers is because admins don't require GUIs. Stripped down to a command line interface nets you performance. When you add in the GUI, you sacrifice performance. Unfortunately, most end users aren't code literate and therefore prefer an OS like windows or OSX.
Literally not at all why servers use Linux, not even close. Here's one reason, hey lets try and setup a mail server or FTP server on Windows, uhhhh, where do you even start, uh now I need to buy a bunch of proprietary stuff, software, etc. Linux = su apt get <some popular ftp deamon>, installing... done. Edit some .conf files, copy paste your ssl certs/private keys, done. Fully running server.

I actually frequently admin my Linux servers with a GUI, mail and FTP. I installed the graphical environment because I'm too lazy to use ls, cp, mv, rmr...

It's astonishing to me that in today's world that's every so reliant on computers and where kids grow up glued to various ones, they don't understand the basics of how computers work and would flip out at a CLI only terminal. The concept of directories, files, copy, delete, move. That's it, that's all there is too it, there's no code, everything is a file or a directory with a bunch of files. That was like day one stuff in 80's computer class.

Quote: Originally Posted by KyadCK View Post
Repos and management there in are a bane on all existence and should be burned.
I do it Windows style and just install everything from .debs, no different than running run next, next wizards.

Quote: Originally Posted by KyadCK View Post
What good is unused RAM? Uncached data is data that takes longer to get to the CPU. Do you only have 1GB and need the other half for the AAA games you can't play or something?

362436
(15 items)
CPU
AMD Ryzen 5 1600
Motherboard
Asus Prime X370-A AMD Ryzen AM4 DDR4
GPU
Gigabyte GeForce GTX 950
RAM
2x Corsair Valueselect 8GB 288 Pin DDR4 SDRAM DDR4 @ 2133
Hard Drive
Corsair Force LS 2.5" 120GB SATA III MLC SSD
Optical Drive
Lite-On 24X SATA DVD/RW Optical Drive
Power Supply
Corsair RM550x 550W 80 Plus Gold
Cooling
Noctua NH-L9A-AM4 Low-Profile
Case
Antec NSK4100 Steel ATX Mid Tower
Operating System
Mint 18.2 x64
Monitor
HP 24" LCD/LED 1920x1080
Keyboard
IBM PC-AT
Mouse
Logitech G5
Audio
Sennheiser HD650
Audio
Asus Essence STX II
▲ hide details ▲



Last edited by xJumper; 06-26-2019 at 12:59 AM.
xJumper is offline  
post #18 of 20 (permalink) Old 06-26-2019, 04:00 AM
Top kek
 
Join Date: Oct 2013
Location: Bulgaria , Sofia
Posts: 3,388
Rep: 110 (Unique: 65)
Gotta say, if you learn bash, and then you try to use Powershell, you will slit your wrists.

Also, Windows, as an OS, does not allow so much freedom with the underlying hardware, compared to Linux.

Previous Hardware:
Spoiler!
Desktop PC
(19 items)
CPU
AMD FX-8320
Motherboard
ASRock Fatal1ty 990FX Killer
GPU
Sapphire Nitro+ RX480
GPU
XFX RX470 Singlefan
GPU
MSI RX580 GamingX 4GB
RAM
Mushkin Redline 996996 2x4GB 2133Mhz
Hard Drive
Western Digital 160GB 7200RPM 8MB
Hard Drive
Maxtor 250GB 7200RPM 8MB
Hard Drive
Corsair Force LS
Hard Drive
WesternDigital Blue 500GB 7200RPM 16MB
Power Supply
Corsair TX850M
Cooling
ThermalTake Frio Silent 14
Case
ThermalTake View 27
Operating System
Windows 10 Enterprise 1607
Operating System
Linux Mint 17.3 Rosa
Monitor
AOC i2267FWH
Keyboard
Logitech K120
Mouse
Bloody V5
Audio
Corsair HS30 Raptor
▲ hide details ▲
ku4eto is offline  
post #19 of 20 (permalink) Old 06-26-2019, 04:07 AM
New to Overclock.net
 
ibb27's Avatar
 
Join Date: Oct 2016
Posts: 233
Rep: 14 (Unique: 11)
Vulnerability in AMD’s Secure Encrypted Virtualization for EPYC: Update Now to Build 22

https://www.anandtech.com/show/14587...ow-to-build-22

https://seclists.org/fulldisclosure/2019/Jun/46
ibb27 is offline  
post #20 of 20 (permalink) Old 06-26-2019, 06:23 AM
Hey I get one of these!
 
KyadCK's Avatar
 
Join Date: Aug 2011
Location: Chicago
Posts: 7,244
Rep: 304 (Unique: 214)
Quote: Originally Posted by xJumper View Post
Literally not at all why servers use Linux, not even close. Here's one reason, hey lets try and setup a mail server or FTP server on Windows, uhhhh, where do you even start, uh now I need to buy a bunch of proprietary stuff, software, etc. Linux = su apt get <some popular ftp deamon>, installing... done. Edit some .conf files, copy paste your ssl certs/private keys, done. Fully running server.

I actually frequently admin my Linux servers with a GUI, mail and FTP. I installed the graphical environment because I'm too lazy to use ls, cp, mv, rmr...

It's astonishing to me that in today's world that's every so reliant on computers and where kids grow up glued to various ones, they don't understand the basics of how computers work and would flip out at a CLI only terminal. The concept of directories, files, copy, delete, move. That's it, that's all there is too it, there's no code, everything is a file or a directory with a bunch of files. That was like day one stuff in 80's computer class.



I do it Windows style and just install everything from .debs, no different than running run next, next wizards.



https://www.youtube.com/watch?v=P4XdLoYRTMI
Can't watch the video at the moment, sorry, so I can't tell which side of the argument it falls on (IE, is the thumbnail sarcastic or not).

Mail and FTP... Why would you need expensive proprietary software? Ignoring that Exchange is just better than pretty much everything else if you need integration and that Outlook is king, you can just... go get a mail app or FTP app. Which any company would have in their code store and can automate into the image. On the other hand, if you are a large company, that proprietary software comes with support, which is why it cost more.

I run both server environments, and frankly it depends on the usage;
  • Linux has no equivalent to Domains or GPOs worth anything, but on the other side, Windows has trouble with Screen-like dutys.
  • SMB shares combined with a Domain and GPOs is an easier network storage solution (provided your PCs are Windows), but you can target non-Windows shares and specify credentials too with those same GPOs and linux has better file systems.
  • Management of the servers is certainly easier in Server Manager than it is to have a bunch of SSH sessions, but the counter is that unless you have a new version of Powershell, you don't have SSH-like anything at all.

So I run a blend.

-------------

A CLI only environment sucks if you do not know what you are doing. Can't look anything up without a second device, and if you are a normal user, that second device may be something it is frustrating to do real work on, like a phone. Googling for tarball extraction commands on a small touch screen sucks, and you don't get to copy/paste either.

-------------

Fair. I prefer OpenSuse's One-Click installers and their build suite, but the issue with these is that it isn't anywhere near as widespread as it is to just google for what you want.

It's about the presentation (screenshots, information, documentation, guides, all in one place on the web page) over all, or simply put; marketing/design. A few software developers like VLC will support both sides as equals, but most software for linux just redirects you to a repo or is on github with little in the way of presentation. Users don't want to be in a community that knows what's best for each situation, they just want the thing defined to them so they can say "ok, I'll use that" and go on with their lives.

Quote: Originally Posted by ku4eto View Post
Gotta say, if you learn bash, and then you try to use Powershell, you will slit your wrists.

Also, Windows, as an OS, does not allow so much freedom with the underlying hardware, compared to Linux.
I mean, if you learn Spanish and move to Japan, you're going to have a bad time, yes.

Forge
(18 items)
Forge-LT
(7 items)
CPU
AMD Threadripper 1950X
Motherboard
Gigabyte X399 Designare
GPU
EVGA 1080ti SC2 Hybrid
GPU
EVGA 1080ti SC2 Hybrid
RAM
32GB G.Skill TridentZ RGB (4x8GB 3200Mhz 14-14-14)
Hard Drive
Intel 900P 480GB
Hard Drive
Samsung 950 Pro 512GB
Power Supply
Corsair AX1200
Cooling
EK Predator 240
Case
Corsair Graphite 780T
Operating System
Windows 10 Enterprise x64
Monitor
2x Acer XR341CK
Keyboard
Corsair Vengeance K70 RGB
Mouse
Corsair Vengeance M65 RGB
Audio
Sennheiser HD700
Audio
Sound Blaster AE-5
Audio
Audio Technica AT4040
Audio
30ART Mic Tube Amp
CPU
i7-4720HQ
Motherboard
UX501JW-UB71T
GPU
GTX 960m
RAM
16GB 1600 9-9-9-27
Hard Drive
512GB PCI-e SSD
Operating System
Windows 10 Pro
Monitor
4k IPS
▲ hide details ▲
KyadCK is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off