AMD Has No Plans To Release PSP Code

AMD has faced calls from Edward Snowden, Libreboot and the Reddit community to release the source code to the AMD Secure Processor (PSP), a network-capable co-processor which some believe has the capacity to act as a backdoor. But despite some signs earlier that it might consider opening the PSP code at some point, the chip-maker has now confirmed that there hasn't been a change of heart yet. "We have no plans on releasing it to the public," the company executives said in a tech talk (video).

Lisa Su is BAE

PSP stands for Platform Security Processor, a secure enclave in the processor and AMD's version of the Intel Management Engine.

Quoting from Libreboot:

As such, it has the ability to hide its own program code, scratch RAM, and any data it may have taken and stored from the lesser-privileged x86 system RAM (kernel encryption keys, login data, browsing history, keystrokes, who knows!). To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM “features” to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.

AMD is no doubt being bitten on the sack for using third parts code and we again see why everything should be open sources.

Re:Lisa Su is BAE

[sl3xd]

Seems odd that anybody would go down the route of obscurity, given the recent exposure of Intel AMT, and the problems it is causing.

it would seem to be required to allow the DRM “features” to work as intended

Odd to "protect" the use of DRM, given the track record of successful hacks against DRM. Even worse to compromise the security of the entire system for its sake.

I see nothing that could possibly go wrong...

Re:Lisa Su is BAE

[Rick+Schumann]

There's two reasons I can think of offhand why they wouldn't want to release the sourcecode:

1. They don't want to make it any easier than necessary for hackers to find a way to exploit this
2. They don't want the general public to know exactly how much any system using this hardware compromises their privacy and personal security

As-is, I'd say that any computer using this technology is about as compromised as it can get, nothing you'd ever do on it would even be remotely secure, not unless it was never, ever connected to any network that has any route to the public Internet. The only way they could make something like this worse would be to somehow prevent any OS other than Windows to run on it, ensuring that you never, ever have any control over anything that isn't trivial.

In the past I've said "computers aren't fun anymore", but when I said that previously I meant it in a totally different way than I do when I say it now; between hardware manufacturers, designing in hardware that allows for outside surveillance and control of a computer you ostensibly own, and shithead companies like Microsoft, who produce entire operating systems with surveillance-and-control completely integrated into every piece of code, computers are now worse than "no fun anymore", they're spiritually cancerous. As if that isn't all bad enough, now Microsoft is attempting to annex and subvert Linux, too, trying to bring it's further development under their control, and running half-assed versions of it under Windows, effectively removing all the advantages, security, and privacy.

If I even cared anymore I guess I'd go play with microcontrollers. Until, that is, they manage to ruin that for everyone, too.

Re:Lisa Su is BAE

[Fwipp]

3. They're using proprietary code from a third-party that they're not allowed to disclose.

Re:Lisa Su is BAE

[smallfries]

4. There is zero commercial advantage in releasing the source.

Re:Lisa Su is BAE

[Anon+E.+Muss]

4. There is zero commercial advantage in releasing the source.

I'm not so sure about that. I think with proper marketing AMD could turn it into a major commercial advantage. Imagine the ad campaign...

AMD chips don't spy on you, and we can prove it.
Intel is hiding behind lawyers and refusing to come clean.
Which one do you want inside your computer?

(Unfortunately, "proper marketing" and "AMD" are rarely used in the same sentence.)

Re:Lisa Su is BAE

[ShanghaiBill]

5. There really is a backdoor.

The distrust only grows from here

Closed source, out of band co-processors on every motherboard currently in production with no oversight or accountability? I'm surprised we don't have a third party stepping up here, like Samsung or Qualcomm, ready to take a crack at the CPU market with this kind of an opportunity.

Re: The distrust only grows from here

You are kidding right? The base band chip in mobile phones would make intel and amd look like amateurs with what samsung and qualcomm can do.

Re:The distrust only grows from here

[iCEBaLM]

Where do you think they get the co-processors from? AMD's PSP is some ARM variant, could be qualcomm for all we know.

Ok, next!

[Opportunist]

Another chip manufacturer that cannot be used for trustworthy IT infrastructure. Who's next on the chopping block?

Re:Ok, next!

[TFlan91]

What chip manufacturer is trustworthy?

Re:Ok, next!

[grumpy-cowboy]

Lay's, Humpty Dumpty, Yum Yum,...

Re:Ok, next!

[tlhIngan]

Another chip manufacturer that cannot be used for trustworthy IT infrastructure. Who's next on the chopping block?

Better get rid of ARM, too, since ARM has the same thing.

In fact, I believe AMD licensed ARM's technology for it - it's called TrustZone, and it separates out threads of execution into "secure" and "open" modes. Your regular OS runs in the "open" mode, and makes calls into the secure OS, which can be used to keep stuff like encryption keys away from the main OS. (You can use it for disk encryption - get the secure OS to generate a key, save it, and load the encryption key into the onboard encryption hardware, so none of the user software touches it. If you rip out the disk, it's useless because the key is locked away).

Several DRM schemes also use it, including Google's Widevine DRM (requires it in order to work).

And yes, the secure OS has full access to the main OS and all the peripherals.

The boot chain must be strictly controlled - you have to start with a onboard ROM monitor that verifies the images as they load before transferring control the open world OS. Otherwise you can load any code you want. I'm not sure how AMD processors boot, but all ARM processors using TrustZone have a boot ROM that verifies the next stage bootloaders (and secure OS) before loading them into memory.

Re:Ok, next!

[grumpy-cowboy]

QC, Canada

Re:Ok, next!

[Gravis+Zero]

The POWER8 and POWER9 by IBM are completely open. See also: https://www.raptorcs.com/TALOS...

Leaks are Worse, Fellas

[bill_mcgonigle]

Go ahead, try to keep this stuff secret. There will be leakers and if you will be embarrassed by the leaks, it's better to come clean now than to be the center of market turmoil when the vulnerabilities are disclosed.

Re:Proof

[StormReaver]

Except that's conspiracy-theory reasoning.

If we've learned anything in the last five years or so, it's that's yesterday's wacko conspiracy theory is today's jaw-dropping, fact-checked revelation.

So I have no plan to use AMD processors

[grumpy-cowboy]

Period.

Re:So I have no plan to use AMD processors

[OrangeTide]

POWER9 is open. Not free in the sense of RISC-V or SPARC, but at least it's not based on mysterious binary blobs and undocumented coprocessors like the options from RPi/Broadcom, Intel and AMD.

Can this be contained or rendered inert?

[Zombie+Ryushu]

With the Intel AMT Platform, it is possible to render it "inert" such that yes its there, yes its running, but it won't accept any connections from the outside world. There is a Linux utility for checking if AMT is working or not. But Linux can't turn it on.

The problem is if you have Windows installed, Windows CAN re-activate it, and remotely. Can the AMD PSP be rendered harmless by containment, to where when Running Linux, it is non-functional because Windows utilities aren't there to re-activate it?

Re:In theory, yes. In practice, no.

[TheSunborn]

Funny but no. With https you can still see the target, so it would be easy to detect if someone opened a https connection to a server which the user newer visited.

But the danger is not that Intel/AMD is going to spy on anyone, because neither company is THAT stupid. The danger is if there is a bug which allow third party code running on the computer, to interfere with the code running on the PSP.

Re:Dude *(BOTH) TRUSTZONE* *Samsung KNOX*

[BlueStrat]

The only real way out of this is either a new startup company catering to exactly 'our' crowd, or crowdfunding a desktop RISCV/J[2,4,6]/OpenSparc motherboard and processor combo (SOCKETED, not solder down. Lose a few watts, leave open future upgrades/replacements.)

The only way you'd be able to do that successfully would be to have your own nuclear-capable nation-state, and even then it would be dicey at best. All the 'Five-Eyes' nations and most of the rest of the West would be out to destroy such a project and those behind it. The governments of the West seem determined to weaken global network/computer security in order to be able to spy on anyone at any time for any reason, and damn the consequences.

Thank goodness my plans for the impending overthrow of Western civilization do not require secure networks or hardware.

Strat

Closed source means likely backdoored

[gweihir]

That really is the only sane conclusion.

Talos II is coming

[jbn-o]

According to https://www.raptorcs.com/TALOS... Raptor Engineering is working on Talos II. They claim it "Libre-friendly, powerful, and competitively priced the new, POWER9-based Talos II takes flight in early August 2017!" so not long to wait before we can evaluate the specs and price. Debian GNU/Linux has a POWER9 port which I'd expect would run on such hardware.