AMD平台安全处理器

AMD平台安全处理器(英語:AMD Platform Security Processor),公司称其为AMD安全技术(英語:AMD Secure Technology),作为可信执行环境子系统自2013年起引入AMD处理器中[1]。AMD开发人员手册称该系统“能够创建、监测和维持安全环境”和“涵盖了管理启动过程,初始化各种与安全相关的机制、监测系统中的任何可疑活动或事件并妥善处理等功能”[2]。有评论担忧该技术可能暗藏后门并带来安全隐患[3][4][5]。AMD回绝了开源PSP所运行代码的要求[1]

PSP类似英特尔管理引擎[1]

细节

PSP实际是一个处理器内部的ARM处理器[6]

安全记录

谷歌安全研究人员 Cfir Cohen于2017年9月报告了一个PSP带来的AMD产品漏洞,攻击者能借此获取密码、证书和其他敏感信息;据说有关厂商于2017年12月收到了补丁[7][8]

2018年3月,一家以色列安全技术公司宣称发现了数个在AMD Zen架构处理器上(EPYCRyzen、Ryzen Pro与Ryzen Mobile)由PSP引起、会导致间谍软件运行并获取权限访问敏感信息的严重漏洞[9]。AMD后来发布了修复漏洞的固件更新[10][11]。 虽然有人认为这些漏洞是为了操纵股票披露的[12][13],CTS实验室所声称的风险仍有争议,但独立安全专家证实了漏洞的存在[14]

参考文献

  1. ^ 1.0 1.1 1.2 Williams, Rob. AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code. 2017-07-19 [2020-01-23]. (原始内容存档于2019-06-03). This chip is found on most AMD platforms from 2013 on, and behaves much like Intel's Management Engine does [...] The rather blunt realization that PSP wasn't being open sourced came out during a discussion with AMD top brass about EPYC. 
  2. ^ BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors (PDF). AMD: 156. 2016 [2020-01-23]. (原始内容存档 (PDF)于2018-06-16). 
  3. ^ Martin, Ryan. Expert Says NSA Have Backdoors Built Into Intel And AMD Processors. eteknix.com. July 2013 [2018-01-19]. (原始内容存档于2018-01-19). 
  4. ^ Claburn, Thomas, Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches, The Register, 2018-01-06 [2020-01-23], (原始内容存档于2020-05-19) 
  5. ^ Larabel, Michael. AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA. 2017-12-07 [2020-01-23]. (原始内容存档于2009-09-21). This built-in AMD Secure Processor has been criticized by some as another possible attack vector... 
  6. ^ Libreboot FAQ. [2020-01-23]. (原始内容存档于2021-01-21). The PSP is an ARM core with TrustZone technology, built onto the main CPU die. 
  7. ^ Millman, Rene. Security issue found in AMD's Platform Security Processor. 2018-01-08 [2020-01-23]. (原始内容存档于2018-01-26). 
  8. ^ Cimpanu, Catalin. Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online. 2018-01-06 [2020-01-23]. (原始内容存档于2020-11-09). 
  9. ^ Goodin, Dan. A raft of flaws in AMD chips makes bad hacks much, much worse. Ars Technica. 2018-03-13 [2020-01-23]. (原始内容存档于2020-11-25). 
  10. ^ Bright, Peter. AMD promises firmware fixes for security processor bugs All bugs require administrative access to exploit. Ars Technica. 2018-03-20 [2020-01-23]. (原始内容存档于2020-12-10). 
  11. ^ Papermaster, Mark. Initial AMD Technical Assessment of CTS Labs Research. AMD Community. 2018-03-21 [2020-01-23]. (原始内容存档于2020-11-09). 
  12. ^ Burke, Steve. Assassination Attempt on AMD by Viceroy Research & CTS Labs, AMD "Should Be $0". GamersNexus. [2020-01-23]. (原始内容存档于2019-12-20). 
  13. ^ Zynath Investment. AMD And CTS Labs: A Story Of Failed Stock Manipulation. Seeking Alpha. [2020-01-23]. (原始内容存档于2018-03-19). 
  14. ^ Guido, Dan. "AMD Flaws" Technical Summary. [2020-01-23]. (原始内容存档于2021-01-24). 

外部链接

 

Index: pl ar de en es fr it arz nl ja pt ceb sv uk vi war zh ru af ast az bg zh-min-nan bn be ca cs cy da et el eo eu fa gl ko hi hr id he ka la lv lt hu mk ms min no nn ce uz kk ro simple sk sl sr sh fi ta tt th tg azb tr ur zh-yue hy my ace als am an hyw ban bjn map-bms ba be-tarask bcl bpy bar bs br cv nv eml hif fo fy ga gd gu hak ha hsb io ig ilo ia ie os is jv kn ht ku ckb ky mrj lb lij li lmo mai mg ml zh-classical mr xmf mzn cdo mn nap new ne frr oc mhr or as pa pnb ps pms nds crh qu sa sah sco sq scn si sd szl su sw tl shn te bug vec vo wa wuu yi yo diq bat-smg zu lad kbd ang smn ab roa-rup frp arc gn av ay bh bi bo bxr cbk-zam co za dag ary se pdc dv dsb myv ext fur gv gag inh ki glk gan guw xal haw rw kbp pam csb kw km kv koi kg gom ks gcr lo lbe ltg lez nia ln jbo lg mt mi tw mwl mdf mnw nqo fj nah na nds-nl nrm nov om pi pag pap pfl pcd krc kaa ksh rm rue sm sat sc trv stq nso sn cu so srn kab roa-tara tet tpi to chr tum tk tyv udm ug vep fiu-vro vls wo xh zea ty ak bm ch ny ee ff got iu ik kl mad cr pih ami pwn pnt dz rmy rn sg st tn ss ti din chy ts kcg ve
Prefix: a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9

Portal di Ensiklopedia Dunia

Portal : Agama
Agama
Portal : Bahasa
Bahasa
Portal : Biografi
Biografi
Portal : Budaya
Budaya
Portal : Ekonomi
Ekonomi
Portal : Elektronika
Elektronika
Portal : Film
Film
Portal : Filsafat
Filsafat
Portal : Geografi
Geografi
Portal : Indonesia
Indonesia
Portal : Ilmu
Ilmu
Portal : Lingkungan
Lingkungan
Portal : Masyarakat
Masyarakat
Portal : Matematika
Matematika
Portal : Militer
Militer
Portal : Mitologi
Mitologi
Portal : Musik
Musik
Portal : Olahraga
Olahraga
Portal : Pendidikan
Pendidikan
Portal : Politik
Politik
Portal : Sastra
Sastra
Portal : Sejarah
Sejarah
Portal : Seni
Seni
Portal : Teknologi
Teknologi