This is not discredited. An independent researcher confirmed all the hacks work. Also for all the people saying that "having root is being hacked already" this is a deeper level.

It's back to the old virus in BIOS cases, but EVEN WORSE. Once you get rooted and hacked you can never be sure if you're infected in hardware (CPU). Only real fix is a hw swap. Wow.

Hate to say it but I told you so. PSP has to go.

Which independent researcher would that be, the one mentioned in the Anandtech article, who has a mutual friend with the CTS Labs people? Please. Also, they openly said they *got paid* by CTS Labs. That's very far from what I'd call "independent".

Well, ok, but how is this different from Intel ME? Or just plain UEFI firmware? If you're root, you can replace anything with a malicious version.

The researcher mentioned in the Ars Technica article, not sure if same as you mention tho. Regardless of his affiliations if the hacks are doable this is a big issue, especially how they got around the firmware signature (which is the lamest security protection known to mankind but every big company seems to think they're good custodians for some reason).

It's not different from intel ME. Somewhat different from UEFI but almost same yes. So what's the point? They do it too so it's ok if we make these gaping holes as well? Interesting security perspective.

These kind of exploits are quite useful, they mean you need to only "root" for a short time and you can insert your virus in the undetectable PSP and done. Remove your trace from the "upper layer" and nobody will ever detect you. Best part is PSP can access everything and anything at any time.

Encrypted disk? No problem. It can churn away while people are running their own things on the machine and it's completely undetectable. MUCH better than just a rootkit with detectable usage patterns. Just get all the data you need slowly and send it out, possibly even with user-initiated traffic!

It basically means that as soon as anyone gets hacked, even if they detect it, they need to consider their HW compromised and need to replace or firmware wipe (if possible).

This seems very much like a company pleading to get sued out of existence. wtf?

This is probably nothing more than a gut-clearing, cramp diarrhea level poop and scoop aimed at AMD's stock, even if the exploits are real. It has always been a rule that "posession=root," but these days we see things like Intel IME, AMD PSP, and the latest round of "porn filter" bills all seeking to deny end users root on their own hardware. Look at phones, where if you want root access to your own hardware you need to run a local exploit. In this case, no exploits available means no root access to your OWN hardware. Remote-capable exploits are quite another matter.

Now let's look at the claim that having been rooted by a 3ed party makes the hardware untrusted. Well, it certainly makes the entire BIOS/UEFI untrusted with or without these exploits to find an FBI or MSS agent in your hotel room while you are out, or find a "janitor" moonlighting in hacking in the server room. On any machine where a reflash over the network or from the firmware of an attached DMA device (e.g. a compromised network card acting as a hardware flasher) is possible, any 3ed party rooting by unknown means or that did unknown things makes the firmware untrusted. That could be from one of these exploits, a network card on DMA with an exploit or a whole lot of other things.

At that point, an external flashing tool can save your hardware, as anything that can be done by changing the contents of any flash on the board can be undone from a hardware flasher.

The point is that these _aren't_ some gaping holes in AMD hardware, but a consequence of how modern hardware (and not just AMD's hardware) is built. Pretending that AMD is somehow special in this matter, that's the issue. Yelling "AMD should fix this" is missing the bigger point that the yelling should instead be "modern hardware is too much of a black box, we must pressure *all* vendors to change their tune". It's also missing the point that this is a directed smear campaign instead of an actual security advisory, the "research papers" are so devoid of detail, that I'm still not convinced there's actually something real here (besides the obvious "root can do anything, but this isn't limited to AMD" thing).

Well the article is about a specific PSP fail on AMD not Intel. Intel is already busted more than Swiss cheese. I don't understand why all the AMD fanboys here first try to find why a security report should be false before considering the implications. Even if they did it to make money, as long as those vulnerabilities are there it's a huge deal.

And I'm writing this from an AMD only machine. I'm a "fanboy" by wallet, but I refuse to close my eyes to these issues just coz I invested in the hardware. Also, saying "it's industry standard" does not apply to gaping security holes (or is that intentional backdoors by 3 letter agencies maybe?)

What "specific" fail? There are no specifics *anywhere* that someone actually independent could confirm.

Damage was done by the fud, what else could they do?