possible future spyware on the new Ryzen cpu,s?.

Questions about the project and the distribution - obviously no support questions here please
Madmogone
Level 2
Level 2
Posts: 59
Joined: Sat Jun 14, 2014 7:28 am

possible future spyware on the new Ryzen cpu,s?.

Postby Madmogone » Wed Apr 26, 2017 6:56 am

Hi all, An old wrinkly newbie with a question.I have been building my own computers for 3 to 4 years, having built around 6 units of varying types but all fairly low powered units, ranging from old phenom 64 quad cores to the amd am1 quad core units I am now running at present, and for everyday computing needs are perfect in that running two at full pelt probably uses less juice than the old phenom did just ticking over.I have another unit I built using a dual core 1.6GHz cpu that I use just for playing music on.( cannot beat a good bit of headbanging to some rock music), and another 1.6GHz dual core unit I am using to run and evaluate discreete linux beta on.But on to my question, I now find that I need a more powerfull machine and was waiting to see what the new AMD chipsets would be like, but have just read an article that made me wonder about the new chipsets, in that they are following Intel in using (PSP- platform security processor) like intels rival (IME-Intel management engine), using ARM processors to read what the chips are doing and could then "possibly phone home" with details of what you are doing, this sounds like built in spyware to me. I would appreciate some thoughts on this as to what to do ?.Or I might be worrying over nothing.Eager to hear any and all replies. Cheers.

User avatar
coffee412
Level 5
Level 5
Posts: 725
Joined: Mon Nov 12, 2012 7:38 pm
Location: Indiana, USA
Contact:

Re: possible future spyware on the new Ryzen cpu,s?.

Postby coffee412 » Wed Apr 26, 2017 7:14 am

I had read an article on this a while ago. Sadly, I do not remember where. But I heard that there is a petition going around to have AMD opensource the spy chip.

Im curious as to how they would gain access to this chip or if the chip phones home - what ports does it use? UDP TCP? wonder if it could be blocked somehow??

I would love to hear more too.
Ryzen x1800 Asus Prime x370-Pro 32 gigs Ram RX480 graphics
IceWarp * Samba AD * Mint 18.1 * RAID 1/5 * OpenVPN * Linux since kernel 2.0.36

Madmogone
Level 2
Level 2
Posts: 59
Joined: Sat Jun 14, 2014 7:28 am

Re: possible future spyware on the new Ryzen cpu,s?.

Postby Madmogone » Wed Apr 26, 2017 7:56 am

Thanks for answering, It seems that the (The Free Software Foundation) is very concerned by what AMD are doing and are hoping that AMD will release the appropriate code to overcome this.Further info can be gained by going to Libreboot,s call to AMD at - https://libreboot.org/amd-libre. One can only wonder what the outcome will be, but at the end of the day, theres not a lot we can do about it. I may decide to use older chips for my new build to be on the safe side. I dont know what they use for "phone home" the article just states that the, - ARM procecessors that initialise the 86x cores and potentially has transparent access to anything that system is doing henceforth, so who knows ?. Anyhow cheers all and happy computing.

BeHarley
Level 1
Level 1
Posts: 32
Joined: Wed Feb 15, 2017 6:57 am

Re: possible future spyware on the new Ryzen cpu,s?.

Postby BeHarley » Wed Apr 26, 2017 9:45 am

I, on the other hand, haven't heard anything about it. Probably a conspiracy started by rivals to mock Ryzen. Coz its more powerful than Intel. :D

dark
Level 2
Level 2
Posts: 87
Joined: Wed Feb 22, 2017 3:02 pm

Re: possible future spyware on the new Ryzen cpu,s?.

Postby dark » Wed Apr 26, 2017 10:29 am

If there's really spyware/backdoors in AMD or Intel CPU's, we would need open source bios/uefi to counter that.

Madmogone
Level 2
Level 2
Posts: 59
Joined: Sat Jun 14, 2014 7:28 am

Re: possible future spyware on the new Ryzen cpu,s?.

Postby Madmogone » Wed Apr 26, 2017 10:50 am

Sent a reply but it looks like it did not reach the forum, the article was in the LINUX FORMAT May 2017 edition and the bios/uefi code is what the (The Free Software Foundation) is wanting, to counter this.

Citizen229
Level 5
Level 5
Posts: 674
Joined: Fri Nov 04, 2016 12:09 pm
Location: NW Ohio

Re: possible future spyware on the new Ryzen cpu,s?.

Postby Citizen229 » Wed Apr 26, 2017 5:46 pm

Is it out of the realm of possibilities to have an open source bios? One that a user could flash brandX bios and replace completely the manufacturers bios?
Folding@home Project
Team Linux Mint-76140
PM for info on how you can help. Or visit https://forums.linuxmint.com/viewtopic.php?f=58&t=243792
More GPU's needed!

Madmogone
Level 2
Level 2
Posts: 59
Joined: Sat Jun 14, 2014 7:28 am

Re: possible future spyware on the new Ryzen cpu,s?.

Postby Madmogone » Thu Apr 27, 2017 6:26 am

One could probably have an open source bios, but it may only be a basic one as different manufacturers have different features on their boards even within their own ranges, and it would be difficult to cover all aspects. What is needed is as the Free Software Foundation is asking the producers of the chips is the source code to negate this problem.So I suppose we will just have to wait and see what the outcome will be.In the meantime I will do some more digging for info before I commit to a new chip set.But at the end of the day there may be no way around this. Cheers all.

User avatar
jimallyn
Level 16
Level 16
Posts: 6971
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: possible future spyware on the new Ryzen cpu,s?.

Postby jimallyn » Thu Apr 27, 2017 4:19 pm

Citizen229 wrote:Is it out of the realm of possibilities to have an open source bios? One that a user could flash brandX bios and replace completely the manufacturers bios?

No, it is not out of the realm of possibilities. In fact, you have a choice of several:

https://libreboot.org/

https://www.coreboot.org/

https://www.openfirmware.info/Welcome_to_OpenBIOS

Do your research before jumping in.
Image

“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan

viper37
Level 3
Level 3
Posts: 103
Joined: Wed Aug 15, 2012 10:04 am
Location: Quebec

Re: possible future spyware on the new Ryzen cpu,s?.

Postby viper37 » Fri Apr 28, 2017 9:15 pm

Madmogone wrote:But on to my question, I now find that I need a more powerfull machine and was waiting to see what the new AMD chipsets would be like, but have just read an article that made me wonder about the new chipsets, in that they are following Intel in using (PSP- platform security processor) like intels rival (IME-Intel management engine), using ARM processors to read what the chips are doing and could then "possibly phone home" with details of what you are doing, this sounds like built in spyware to me. I would appreciate some thoughts on this as to what to do ?.Or I might be worrying over nothing.Eager to hear any and all replies. Cheers.


There were similar controversies for Windows Secure Boot and Red Hat. Nothing bad happened since Windows 8. Well, I mean, in terms of hacking/spyware/viruses. Windows 8 itself was bad, but that's another topic :P

Sometimes, people in the open-source community tend to demonstrate a little too much orthodoxy toward open-source. What's important for an end-user like me is this:
- does it work as it should?
- is it secure?
- if not secure, can it be easily made secure?

the answer to Intel, AMD and Microsoft new security schemes is yes on all count.

Now, if you are an expert, like many fine people on this board, you know the Unix commands like a Jesuit knows his bible verse and you like building everything you need (computer wise) from scratch, than yeah, the issue i mentioned earlier aren't that important. You're looking at customization more than ease of use, you want freedom to rewrite your BIOS every week-end and change your desktop environment every second Tuesday of the month, than yeah, again, official BIOS aren't for you and PSP and Secure boot are just gimmicks for naive consumers.

Now, is this BIOS spying on you? Very easy to see using any kind of software that monitors your internet traffic. So far no one has found proof Intel or AMD are doing that.
Does it have a backdoor? Actually, all modern boards have a huge backdoor that allow you to bypass any BIOS password. It's called shorting the jumper to reset the BIOS.

Aside that, if you're concerned about security on your computer, you should run it with encrypted drives, with an open-source software like veracrypt.

The most important aspect of the new Ryzen CPUs isn't that the security, it's that they're still extremely buggy.
game performance is below expected values and they still need to work it out with BIOS updates, chipset and gpu driver updates as well as some more work on DX12 and Vulkan API. Also, some chipset like the B350 are just pure crap at this point. The computer takes 10 second to post and there's no coming back from a simple nap, a cold, hard reboot is necessary. Memory speeds aren't guaranteed beyond 3200mhz and they're increasingly unstable above 2400mhz, and really, the chipset does not automatically recognize anything above 2133mhz.

So, if you want to build a new Ryzen computer, don't worry about security, but worry about stability of the platform. And it ain't there yet, at least for the B350. And stay away from MSI motherboard. They make great video cards, but I'll never again be caught at buying one of their boards, even if it means waiting 3 months to get an Asus.
Linux Mint 18.1 Cinnamon
Intel Pentium G3240 3.1ghz dual-core
H81I-PLUS/CSM
256gb ADATA SSD (Ext4, OS drive)
WD Red 6TB (x2) (BTRFS, data drives)
16gb RAM

viper37
Level 3
Level 3
Posts: 103
Joined: Wed Aug 15, 2012 10:04 am
Location: Quebec

Re: possible future spyware on the new Ryzen cpu,s?.

Postby viper37 » Fri Apr 28, 2017 9:21 pm

jimallyn wrote:
Citizen229 wrote:Is it out of the realm of possibilities to have an open source bios? One that a user could flash brandX bios and replace completely the manufacturers bios?

No, it is not out of the realm of possibilities. In fact, you have a choice of several:

https://libreboot.org/

https://www.coreboot.org/

https://www.openfirmware.info/Welcome_to_OpenBIOS

Do your research before jumping in.

well, looking at it... Openfirmware hasn't been updated since 2013, so we just have to forget it.
The other 2 look promising, but the list of supported hardware is very small. I'm guessing it's not as easy as making a router firmware.

So, no real alternative for most people, sadly, unlike routers and wireless drivers where there has been great work done. Besides, I'm pretty sure the majority of computer owner never flash their bios...
Linux Mint 18.1 Cinnamon
Intel Pentium G3240 3.1ghz dual-core
H81I-PLUS/CSM
256gb ADATA SSD (Ext4, OS drive)
WD Red 6TB (x2) (BTRFS, data drives)
16gb RAM

Madmogone
Level 2
Level 2
Posts: 59
Joined: Sat Jun 14, 2014 7:28 am

Re: possible future spyware on the new Ryzen cpu,s?.

Postby Madmogone » Sat Apr 29, 2017 5:51 am

Thanks for all the replies, in my last reply I should have been more clearer than I was then I would not have been put down for not doing my research correctly. I did read all of the various sites with the relative info and all I meant was that if you did manage to reflash your bios would it interfere with the board manufacturers own features especially on some of the gaming mobos which have some really impressive functions and would you lose them, so would end up with a basic bios rather than the original bios. Any how thanks for the incite other people have given, I was intending to wait a while before building my system to enable debugging by both the chip and mainboard manufacturers and for the prices to drop (hopefully). I agree also that flashing the bios is not an easy thing for a lot of people even if their equipment enables it as they will be worried about bricking it and making the board unusable. Like I said in one of my earlier replies , if the chip manufacturers wont release the code then there is not a lot we can do about it. To finish on a note libreboot and others are asking for joe publics help by lobbying the manufacturers to release the code, could this be done from the mint forum or is it not allowed. Just a thought , it might help.Once again thanks and cheers to all.


Return to “Non-technical Questions”