AMD/ATI Video Drivers: Unsafe At Any Speed

← Back to Stories (view on slashdot.org)

AMD/ATI Video Drivers: Unsafe At Any Speed

Posted by timothy on Thursday June 7, 2012 @04:53AM from the hey-man-we've-all-got-problems dept.

An anonymous reader writes "CERT/CC has called out AMD for having insecure video drivers. AMD/ATI video drivers are incompatible with system-wide ASLR. 'Always On' DEP combined with 'Always On' ASLR are effective exploit mitigations. However, most people don't know about 'Always On' ASLR since Microsoft had to hide it from EMET with an 'EnableUnsafeSettings' registry key — because AMD/ATI video drivers will cause a BSOD on boot if 'Always On' ASLR is enabled."

27 of 261 comments (clear)

Min score:

Reason:

Sort:

Crappy AMD drivers?! by LingNoi · 2012-06-07 04:57 · Score: 4, Insightful

This isn't very surprising AMD/ATI have always had crappy drivers. I wish their fan base would stop apologising for them and demand AMD put more effort into their products.
1. Re:Crappy AMD drivers?! by h4rr4r · 2012-06-07 05:01 · Score: 3, Insightful
  
  You think their windows drivers suck?
  Check out the linux ones one time. A whole other world of suck!
2. Re:Crappy AMD drivers?! by Anonymous Coward · 2012-06-07 05:21 · Score: 5, Funny
  
  You're absolutely right; AMD's drivers rarely allow you to play games.
3. Re:Crappy AMD drivers?! by LingNoi · 2012-06-07 05:22 · Score: 3, Insightful
  
  What has Nvidia got to do with it? Why do you mention the failings of another company to cover for AMD?
4. Re:Crappy AMD drivers?! by LingNoi · 2012-06-07 05:23 · Score: 5, Insightful
  
  I never mentioned Nvidia, it's also completely irrelevant as AMD drivers will suck regardless of what Nvidia does.
5. Re:Crappy AMD drivers?! by Mitchell314 · 2012-06-07 05:37 · Score: 4, Insightful
  
  Linux sucks, it just happens that everything else is even worse. :D
  
  --
  I read TFA and all I got was this lousy cookie
6. Re:Crappy AMD drivers?! by jedidiah · 2012-06-07 05:44 · Score: 3, Insightful
  
  Nope, just ATI drivers.
  Nvidia drivers on Linux seem to even be better than the ATI ones for Windows.
  
  --
  A Pirate and a Puritan look the same on a balance sheet.
7. Re:Crappy AMD drivers?! by Bengie · 2012-06-07 05:50 · Score: 4, Funny
  
  More stable than water anyway.
8. Re:Crappy AMD drivers?! by Skarecrow77 · 2012-06-07 05:54 · Score: 4, Insightful
  
  crying about fanboys while running around fanboying. typical.
  all fanboys suck. end of story. mint vs ubuntu, google vs apple, nintendo vs sega, fuckin coke vs pepsi... if you're on one side of an arguement, and you can't see the cons of your own side as well as the pros of the other side, you don't really understand the arguement and you shouldn't be speaking.
9. Re:Crappy AMD drivers?! by Skarecrow77 · 2012-06-07 05:55 · Score: 4, Funny
  
  wow. somehow click on the wrong reply button and reply to myself. so i look like an idiot. bah, i'm going to lunch.
10. Re:Crappy AMD drivers?! by citylivin · 2012-06-07 06:35 · Score: 3, Interesting
  
  HAHAHA! I have had so many piss poor nvidia cards in the last few years that I switched to AMD now and havent looked back. IMHO the last good card that nvidia made was the 8800. I have a pile of broken 2xx cards in my desk that I am looking at right now. They seem to last a few months to a year. RMA'd cards from MSI and asus always come back and work for a few more months before failing to POST or creating graphics errors.
  Things change people. ATI drivers are not even that bad anymore. Sure they update a bit much and nag you to update, however they are stable and I have had less problems with my current 6850 then any nvidia card since 8800 was popular. I think the reason was poor solder, or too heavy heatsyncs warping the cards or something on the 2xx series. Perhaps they have fixed it now with there newest cards but fuck if I am switching back till ati lets me down!
  This is how the video card game always plays. Someone starts slipping and someone else takes the lead. For me, reliability is the best benchmark. Nvidia as I said has been shit so they lost me (and everyone i recommend cards to) as a customer. My 6850 has been rock solid since i purchased it. Not even any driver crashes! And yes I am aware that for the last 10 years ATI had crap drivers. This has been mostly fixed with their windows 7 drivers, so thats a few years ago now.
  
  --
  As a potential lottery winner, I totally support tax cuts for the wealthy
11. Re:Crappy AMD drivers?! by Skarecrow77 · 2012-06-07 09:03 · Score: 4, Insightful
  
  depends on your definition of failure.
  if gnu/linux was aiming to become the predominant desktop OS, displacing microsoft, then it certainly has failed
  if gnu/linux was aiming to beocme a major player in the arena, maybe not the overall leader but boasting enough of a market percentage that it couldn't be successfully ignored or neglected by software devlopers and hardware OEMs, then yeah... it's probably failing at that too.
  if gnu/linux was aiming to become a viable alternative to the market leaders for people who care about free software and people who care about being in full control of their own OS, well it has become a rousing success at that.
12. Re:Crappy AMD drivers?! by Bert64 · 2012-06-07 09:17 · Score: 3, Insightful
  
  Windows succeeded in a very different market to what Linux now competes in...
  Dos came bundled, and windows was pushed as the natural progression from dos. It had very few competitors, most of which were considerably more expensive both for the software and the hardware required to run it on.
  Linux on the other hand came much later, and is faced with a market already dominated by an incumbent player who has no interest in promoting linux as the natural progression away from their existing product.
  If both windows and linux were introduced new to the market today, i think the story would be very different... Alternative OSs to the incumbents have a very rough time of it, commercial ones outright fail due to not being able to build marketshare fast enough to fund development (look at beos etc), desktop linux would have been considered a commercial failure and dropped years ago if it was a commercial product, only due to being open source and thus not dependent on revenue has it been able to build a user base slowly and steadily.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
AOD by Kjella · 2012-06-07 04:57 · Score: 5, Insightful

Acronym Overload Detected. A summary is supposed to summarize but I couldn't tell what this story is about unless I already know.

--
Live today, because you never know what tomorrow brings
1. Re:AOD by Obfuscant · 2012-06-07 05:23 · Score: 5, Insightful
  
  Notice that the first reference to ASLR in the summary is actually a link to Wikipedia.
  And the reference to EMET is a link to a microsoft page that has at the top this warning:
  
  This article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.
  
  I'm reading this on a linux system, but I manage several windows boxes. It's very useful for microsoft to refuse to diplay content it decides I don't need to see. Thank you.
2. Re:AOD by hawguy · 2012-06-07 05:33 · Score: 3, Insightful
  
  Unfortunately expanding-out the acronyms doesn't make the summary any clearer:
  "CERT/CC has called out AMD for having insecure video drivers. AMD/ATI video drivers are incompatible with system-wide Address space layout randomization (ASLR).
  'Always On' Data Execution Prevention (DEP) combined with 'Always On' ASLR are effective exploit mitigations. However, most people don't know about 'Always On' ASLR since Microsoft had to hide it from the Enhanced Mitigation Experience Toolkit with an 'EnableUnsafeSettings' registry key â" because AMD/ATI video drivers will cause a Blue Screen Of Death on boot if 'Always On' ASLR is enabled."
  What?
  Actually that helps. I didn't recognize the ASLR and DEP acronyms since there wasn't enough context to know what they were talking about, I didn't immediately recognize the term "Address Space Layout Randomization", but when I saw "Data Execution Prevention" it became much more clear what they were talking about.
  But a little explanation would have been nice. Something like "DEP and ASLR are security mechanisms used to make it more difficult for malware to execute code or to predict memory addresses where programs and their data are located"
3. Re:AOD by noh8rz3 · 2012-06-07 05:39 · Score: 5, Informative
  
  aslr = a way to secure your memory so it's harder for malware to run attacks.
  EMET = a bunch of tools that windows uses to secure the machine. aslr is one of these tools
  bsod = blue screen of death. your computer is frozen
  AMD = a company that was formerly known for making computer chips, but is now in the graphics card business
  ATI = a graphics card manufacturer that AMD bought.
  DEP = another tool in the EMET toolkit.
  cert/cc = an organization that is viewed as an authority on computer stuff.
  in short, AMD drivers suck so much that microsoft has to override its own computer protections to keep AMD from crashing your machine. so the drivers are not just unstable, they make your machine more vulnerable to malware. cert says, "epic fail".
4. Re:AOD by Mr+44 · 2012-06-07 09:17 · Score: 3, Informative
  
  Uhh, no. Windows DLLs have always been relatively addressed, and are capable of being loaded at different locations in the virtual address space (google "rebasing"). However, for performance reasons, most DLLs specify a preferred address the loader will attempt to slot them into. All system DLLs specify this, which results in their routines being loaded at predictable addresses (even across machines).
  ASLR means that, on boot, a different location is chosen in the virtual address space to load DLLs into, so that system routines are not always at the same location, making certain types of security exploitation significantly harder.
AMD's proprietary Linux driver is secure... by GerbilSoft · 2012-06-07 04:58 · Score: 3, Funny

...because it crashes before any malware can do any damage.
1. Re:AMD's proprietary Linux driver is secure... by TeknoHog · 2012-06-07 07:44 · Score: 4, Informative
  
  $ lsmod | grep fglrx; uptime fglrx 3029147 144 agpgart 26120 3 intel_gtt,intel_agp,fglrx 22:41:37 up 76 days, 4:30, 8 users, load average: 0.00, 0.01, 0.05
  
  --
  Escher was the first MC and Giger invented the HR department.
Re:There is nothing in this story connecting ATI/A by tlhIngan · 2012-06-07 05:18 · Score: 4, Informative

The story is about DEP and ASLR effectiveness at blocking exploits. IT has nothing to do with the title or the ATI/AMD aspect.
The CERT article mentions it, and it mentions it in that you cannot use the DEP/ASLR protections (in the kernel) because ATI/AMD make an incompatible driver. And since graphics drivers are kernel things, loading them means the kernel must disable DEP/ASLR, making your machine just that much less secure because of it.
ASLR by Jeremiah+Cornelius · 2012-06-07 05:51 · Score: 5, Insightful

Preventing yesterday's attacks, tomorrow.

--
"Flyin' in just a sweet place,
Never been known to fail..."
1. Re:ASLR by blackraven14250 · 2012-06-07 07:21 · Score: 5, Informative
  
  Better to prevent yesterday's attacks at all than to leave the hole open for all time...
2. Re:ASLR by osu-neko · 2012-06-07 08:22 · Score: 5, Insightful
  
  Given that "yesterday's attacks" compromise 99% of the attacks that occur every day, that seems wise.
  
  --
  "Convictions are more dangerous enemies of truth than lies."
MS should just deny them WHQL certification by PingXao · 2012-06-07 06:47 · Score: 4, Insightful

Microsoft is constantly telling people that they won't sign their drivers unless they pass strict quality and certification standards. MS should just deny that to drivers as buggy as these are reported to be.
Oh wait... that would mean MS Is actually committed to quality as opposed to just needing an excuse to deny the little guy who wants to write some driver-level code.
But it still showed you the article content! by Anonymous Coward · 2012-06-07 07:44 · Score: 4, Informative

... you failed to mention that. Oh, right. Your goal was to be sensational. Carry on.
1. Re:But it still showed you the article content! by drinkypoo · 2012-06-07 08:47 · Score: 4, Insightful
  
  1) Don't start your post in the subject line, that is fucking annoying. Are you new?
  2) What do you mean "the" article content? He doesn't know which content it showed him, and neither do you. But I notice you're anonymous and cowardly, so you're probably a shill as well.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"