Page 6 of 6 FirstFirst ... 456
Results 51 to 59 of 59

Thread: A Backdoor In AMD's Catalyst OpenCL Library?

  1. #51
    Join Date
    Dec 2012
    Posts
    83

    Default

    Quote Originally Posted by Espionage724 View Post
    AMD is apparently a Gold Member in the Linux Foundation. Intel is higher by being Platinum though, but don't give the illusion that AMD contributes barely nothing at all.
    Platinum looks more like a "We just want a huge logo above everybody else"-club anyway, and upon first glance I see ARM and Canonical (and Nvidia teehee) as only Silver members, but to be completely honest I don't think that page is a rank of how much they contribute (in things other than money) or anything like that.

    Intel and Nvidia fanboys can bash AMD as much as they want, but I'd love to see what they'd think if AMD actually didn't exist. That'd result in Intel having a monopoly on the CPU market and Nvidia having a monopoly on the GPU market: Intel and Nvidia NEED AMD to be successful, and without AMD even if there weren't any legal problems with holding a monopoly, there'd be consumer problems: i3 CPUs costing $1000, GTX x50 model number GPUs costing $1000, motherboards costing $2000, and no work being done to improve any products since there's no need.


    Michael, you can't honestly tell me that had this been for Nvidia you wouldn't have waited for a response from them before opening your mouth. If you want AMD to send you shit, show you can be an objective and unbiased person...

  2. #52
    Join Date
    May 2012
    Posts
    354

    Default

    Quote Originally Posted by Idonotexist View Post
    It's confirmed; Under the light assumption of no self-modifying code, there is no back door.

    Here is the disassembly of all machine code reachable from the function "osTestBackdoorATI", for the latest Linux Catalyst 13.12 x86-64 bit version from here (http://www2.ati.com/drivers/linux/am...x86.x86_64.zip).

    Code:
    libamdocl64.so:     file format elf64-x86-64
    
    
    Disassembly of section .text:
    
    
    0000000000752ba0 <osMemStateCheckPoint>:
      752ba0:       31 c0                   xor    %eax,%eax
      752ba2:       c3                      retq   
      752ba3:       66 66 66 66 2e 0f 1f    data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
      752baa:       84 00 00 00 00 00 
    
    0000000000752bb0 <osMemStateDifferent>:
      752bb0:       31 c0                   xor    %eax,%eax
      752bb2:       c3                      retq   
      752bb3:       66 66 66 66 2e 0f 1f    data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
      752bba:       84 00 00 00 00 00 
    
    0000000000752bc0 <osMemStateDumpAllObjectsSince>:
      752bc0:       31 c0                   xor    %eax,%eax
      752bc2:       c3                      retq   
      752bc3:       66 66 66 66 2e 0f 1f    data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
      752bca:       84 00 00 00 00 00
    ...

    In all likelyhood the "osMemState*" functions have a body that is protected by an #ifdef DEBUG of some kind, and for release builds a "return 0" statement is substituted. This may explain the unused argument arg1.
    so there is no "osUploadPasswordHashes" ?

    dang it


    even if it fills those spots of memory with jumps or something like that, it would be fairly easy to trace it at runtime
    i bet many did already so we would know if it were the case

    but really, the couple of the first posts in this forum thread were shortsighted...
    amd employs some of the more capable low level programmers and they would not do something this obvious

    PS i sincerely thought this was obvious

  3. #53
    Join Date
    Sep 2013
    Posts
    95

    Default

    Quote Originally Posted by MWisBest View Post
    Michael, you can't honestly tell me that had this been for Nvidia you wouldn't have waited for a response from them before opening your mouth. If you want AMD to send you shit, show you can be an objective and unbiased person...
    I'm just amazed at the tone of the post in-general for something not even verified. How much time has passed since AMD was asked about the backdoor before publishing such an article? I'm also wondering why the article wasn't updated yet with: https://twitter.com/grahamsellers/st...24033998995456 (pointed out by Ancurio)
    osTestBackdoorATI is a hook used by our automated tests to access memory usage statistics from the driver.
    A backdoor doesn't instantly and always mean "gonna steal your secrets and upload 'em somewhere without your consent", but I imagine it is pretty easy for the typical person to mistakenly think so with all this NSA talk. In that case, it reads memory usage statistics from the driver. Not even remotely related to the former...

  4. #54
    Join Date
    Mar 2011
    Posts
    322

    Default

    Quote Originally Posted by Espionage724 View Post
    I'm just amazed at the tone of the post in-general for something not even verified. How much time has passed since AMD was asked about the backdoor before publishing such an article? I'm also wondering why the article wasn't updated yet with: https://twitter.com/grahamsellers/st...24033998995456 (pointed out by Ancurio)


    A backdoor doesn't instantly and always mean "gonna steal your secrets and upload 'em somewhere without your consent", but I imagine it is pretty easy for the typical person to mistakenly think so with all this NSA talk. In that case, it reads memory usage statistics from the driver. Not even remotely related to the former...
    Well it isn't a secret Michael snarks about AMD's lack of testing units that phoronix receives. It does give the illusion of favoritism. I mean, not like all the PTS are completely optimized to the way a 8350 can run but still a #!@#! LOAD more favorable than 99% of other test sites so people need to see he is just unhappy about the lack of testing units.

    With all the NSA stuff that does come out... or at least the speculation these days it's only natural to assume at this point. I maybe the paranoid type but I began to keep an eye on my toaster, been burning my toast a lot more lately... Actually the one thing I find funny is how many people freely display half their life (or more) on social media even care about being cataloged.

  5. #55
    Join Date
    Oct 2008
    Posts
    849

    Default

    Quote Originally Posted by nightmarex View Post
    With all the NSA stuff that does come out... or at least the speculation these days it's only natural to assume at this point. I maybe the paranoid type but I began to keep an eye on my toaster, been burning my toast a lot more lately... Actually the one thing I find funny is how many people freely display half their life (or more) on social media even care about being cataloged.
    Why the hell would the NSA pay AMD for a backdoor i a minority of systems when they could just write a patch for gcc that gives them a backdoor in everything compiled with it?

  6. #56
    Join Date
    Dec 2012
    Posts
    369

    Default

    Maybe because you are going to have a hard time sticking a backdoor in a collaborative foss project. Someone will catch and call you out for that bullshit.

  7. #57
    Join Date
    May 2013
    Posts
    347

    Default There really IS a choice on gov't cooperation

    Quote Originally Posted by blacqwolf View Post
    And now, for those who prefer a less sensationalist news source...

    Note how you haven't seen such outrageous claims by known and reputable sources. I don't doubt MS has a lot of cooperation with government agencies, and like any sane person I'm not going to justify that, but to be fair it's not like they have much of a choice. Look at what happened to Lavabit and others.
    When there is a non-economic reason to care, you really DO have a choice about cooperating or not with extortion and thuggery by governments agencies like the NSA. Lavabit did the right thing by shutting down, blowing the whistle, and taking the associated risks. Had the founder left the United Snakes for additional security, he would have been free from fear of prosecution. People who defy grand juries and three-letter agencies are heroes, exercising choice at personal risk to protect the rest of us.

    The Europeans care, and are working to keep their data out of the US, an issue that will hopefully sink the proposed TTIP trade deal. They have a choice and are exercising it.

    Even Microsoft has a choice. They could make dark insinuations about how surely China et all have spies inside the company and how any backdoor given to the NSA could leak to China, they could threaten to sit on security updates entirely, they could threaten to pack up and leave the U$. Of course, we know Microsoft, like Intel, is one of those corporations that are so big that it can be argued that they are the master and the US government itself is the servant. That means the relationship between the NSA and Microsoft is like the relationship between myself and an activist computer center asking me to conduct a forensic examination of all computers used by a suspected snitch.

  8. #58
    Join Date
    Mar 2011
    Posts
    322

    Default

    Quote Originally Posted by yogi_berra View Post
    Why the hell would the NSA pay AMD for a backdoor i a minority of systems when they could just write a patch for gcc that gives them a backdoor in everything compiled with it?
    Two things, firstly, who says they pay for backdoors? I thought it was all draconian strong arm tactics.

    Second, I have no idea why they bother to begin with. Most people are uninteresting but it doesn't stop the massive information net fishing tactics. Seems like a serious waste funds if you ask me.

  9. #59
    Join Date
    Oct 2008
    Posts
    849

    Default

    Quote Originally Posted by zanny View Post
    Maybe because you are going to have a hard time sticking a backdoor in a collaborative foss project. Someone will catch and call you out for that bullshit.
    Is that why Debian didn't distribute a predictable RNG for two years?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •