Intel vs AMD (Ryzen) hardware and firmware security


#1

The latest Intel security bug that went public recently is not like the out-of-band remote management firmware bug from a couple months ago. This is a hardware bug that’s in all Intel processors produced in the last ten-or-so years. AMD microarchitecture does not have the bug.

In light of that, Purism might want to consider switching to AMD Ryzen for the next generation. I suspect the biggest issue would be the proprietary code running on the little ARM processor that provides TrustZone based security for AMD processors, but there may be open source alternatives.

Worth some investigation, I’d say.


#2

Well after all the work on the Intel processors I’m not sure if they want to do that.

Further, there’s been talk that maybe ARM processors themselves are getting good enough for Purism to start considering using them as a CPU. That seems to be a bit of a sentiment among the community that some people are bringing up from time-to-time right now. Think we’d like to see a switch to ARM rather than AMD.

Plus I’m not sure what Purism might’ve learned from the end-of-year meetings they attended. I’ve been kinda watching to see if they make some new blog posts with some big news soon or something. They might’ve learned a few things that’ll shape the next batch of Librems or something.

Just wait and see I figure. I’m sure they’re aware and working on it.


#3

I have been suggesting Ryzens since they hit the market for Librem. The price, performance are a great fit. Yes, there is AMD’s TrustZone, and Purism invested a lot of work into IME neutering, but in the analysis I got to read, TZ is not nearly as bad as IME, plus there is a chance to run an OSS system on the TZ ring.
I really wish they ditched Intel for AMD, or provided both.


#4

ARM also has this bug.

About Intel processors: whether Purism plan to update Intel processors in notebooks if Intel fixes this hardware bug?


#5

Think AMD processors too hot for such notebooks, no?


#6

no, there is/will be ultrabook version of Ryzen, called Raven Ridge, which will work fine


#7

And here are some more details about the bugs:


https://spectreattack.com/

It’s quite a sad read, if you imagine all this, and IME, coulld (have been?) exploited for years so far…? The concept of privacy when using a computer is really weak!
I hope this stresses the need for open-source FW and ideally HW, like Librem is aiming


#8

Well I just hope it all factors in the next revisions of the Librems. I feel like I made the right call holding my money until Librem 15v4 comes around. Just felt like the current Librems are good but not yet complete and there’s big improvements just on the horizon and it looks like I was right.

I saw their latest blog and like their goals for 2018. Nothing to do but be patient and wait now.

I mean really I just wanted a higher-performing option as well, I need at least a quad-core processor I think and it was really the dual-core that kept me from buying a while. But I’m glad I held on because I wouldn’t be able to get TPM or any of this other nice stuff that’s coming in the next revisions if I didn’t.


#9

I’d personally hold off on proclaiming Ryzen any better than Intel’s stuff. I don’t know of anybody who’s looked into exactly what the PSP does and what it can access in the AMD parts which have it. All I do know is that it checks a signature on the PSP’s firmware code and if that check fails, it will not allow the main CPU to come out of reset (http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf, https://libreboot.org/faq.html#amd).

The problem is, of course, a lack of information. I’d dearly love to replace the FX-8350 in my games computer with something faster, but I know that it’s probably the fastest CPU I have access to which absolutely does not have some kind of hidden overlord processor. Depending on how Ryzen works, it might not have such a thing, but I don’t really have the money or time to get a new CPU, motherboard and RAM, learn how to reverse-engineer ARM code and then attempt to gut my system from the inside.


#10

Well by that logic I’d say just stick to Intel because we KNOW what’s in the Intel chips already and have successfully neutralized+disabled the ME and will probably soon know how to get rid of it entirely.

I’m not really on the AMD ship. I say if ditching Intel is gonna happen it should be for ARM.

Otherwise just stay on Intel because so much progress has been made on it already and I’d imagine it probably performs the best and stays cooler as well - though I dislike starting an Intel vs AMD battle.

All in all though I’m not really sure how I feel. I mean, I wanted to see quad-core Intel chips in the Librem 15. ARM would probably be a good step for security but a bad one for performance and compatibility.

I think in the end I may be for just sticking with Intel because of all the hard work that’s already been done on it. Be kind-of a slap in the face to abandon all of that now, and the Librems would probably lose power too.


#11

Good to read here about Purism team plans regarding this Intel security bug, not user guesses. :slight_smile: Protected processor mode bug is very serious and fundamental thing, don’t think it was made accidentally. What are you plans: just patched kernel or processor replacement when new version appear?


#12

Seems AMD has similar bug also: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html. AMD FX also affected however not crossing any privilege boundaries, so it is accepted to buy and use.


#13

They tested older AMD processors, not the latest.

AMD FX™-8320 Eight-Core Processor (called “AMD FX CPU” in the rest of this document)
AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G (called “AMD PRO CPU” in the rest of this document)

The FX-8320 was released in 2014. The A8-9600 R7 is newer but uses the Excavator core which is based on the old Bulldozer architecture. Neither has much market share.

The latest AMD processors, the Ryzen and EPYC families, are based on the new Zen core. These were not tested according to the googleprojectzero blog, and AFAIK they do not have a similar bug, per AMD’s announcement yesterday.

Link to AMD announcement: http://www.amd.com/en/corporate/speculative-execution


#14

Looks like somebody did indeed. http://seclists.org/fulldisclosure/2018/Jan/12 - this one is fixed before disclosure though.


#15

Yeah, it’s all fun and games until AMD also gets similarly severe flaws :wink: (allegedly).

Until AMD does a 180°, changes its organizational culture, goes for a fully open model and drops “features” like the AMD Platform Security Processor, it seems like we would have to uphold a similar fight on that front as what has been done so far on the dominant (Intel) platform…


#16

I think arm or risc v or power are the closest alternative to freedom


#17

I’ve already made a thread citing the importance of waiting for Intel Icelake.

After further investigation I see no reason to switch to AMD over Intel from a security perspective. Aside from that, I simply find Intel processors to work better and support more technologies, but I’m not about to open that can of worms between the fanboys of each company respectively in this discussion.

All-in-all, the only real alternatives are stuff like ARM, but their processors are bound to be far weaker in processing power and be compatible with less software. I’m not really big on that idea to be honest.

I think the best thing to do is to wait for Intel to release Meltdown/Spectre-fixed chips and continue negotiations with them to create a ME-less design in the meantime.

Purism has already come this far working on Intel chips anyway. To turn back on it now would make a lot of their past efforts seem like a waste of time. I think the point of their project has always been to make security available on modern, powerful hardware. Because up until now you could only get real security by using slow, archaic, ancient hardware. I think using weaker chips would kind-of go against their vision a bit.


#18

This report has been pretty soundly refuted. The so-called vulnerabilities require root privilege and/or physical access to the machine. If you have root privileges and physical access to the machine, security has already been compromised. Linus Torvalds said that this looked more like stock price manipulation than a security advisory.

CTS Labs gave AMD 24 hours notice before going public, but the usual practice is to give a company 90 days to fix a vulnerability before it is made public. There is much that is hinky about this whole episode, including the large volume of short sales of AMD stock in the days before the CTS report was publicized.

Within a few hours of the CTS report going public, a company called Viceroy Research released a 25 page document called, “AMD - The Obitutuary”. Hard to believe they could produce such an extensive document in just a few hours, so it seems likely that they had advance knowledge of the CTS report, maybe even funded it. Viceroy Research has done this sort of thing before, attacking the shares of a South African company.

A couple of searches on the interwebs will confirm everything I’ve written.

That said, AMD’s security processor is a black box, not open source, so I don’t see Purism using AMD processors as long as that is the case.


#19

Well the Intel ME is already a black box. I think the only difference is that Purism has already put lots of effort into dealing with Intel’s black box and as such it makes little sense to start-over with AMD for seemingly no great reason.

I have a preference for Intel over AMD anyway, performance-wise, so I kinda hope they stick with Intel.

The only real things to switch to are ARM and others, but they come with their own drawbacks.


#20

That whole drama has been repeatedly confirmed as failed stock manipulation.

It’s the advisory itself that is garbage, and the attention whoring about it. And how it’s lapped up. When was the last time you saw a security advisory that was basically “if you replace the BIOS or the CPU microcode with an evil version, you might have a security problem”? […] But yes, it looks more like stock manipulation than a security advisory to me.

-Linus Torvalds

also @Alex

Ryzen is currently at parity with coffee lake in performance.

From a performance standpoint they’re equal, from a vulnerability standpoint AMD is better-ish because of lack of meltdown and certain spectre variants, though hopefully meltdown and spectre will be behind us soon anyway with the next generation of chips. From the GPU and price perspectives AMD is usually better.

But (I think) the big AMD-killer as far as Purism goes is the time and money that’s already been invested in reverse-engineering Intel firmware. Although AMD, unlike Intel, does provide an option to deactivate the PSP through the BIOS, it’s still all closed-source and with the PSP they’ll be starting from scratch.

I’m continuing this train of thought here