* Posts by Czernobyl

1 post • joined 16 Nov 2010

'Super-secret' debugger discovered in AMD CPUs

Czernobyl
Linux

Righto! Let's debunk a couple myths

Hi! Matsp you're perfectly right on every count.. Thank you, mat !

As the guy who found and publicised that little trick of AMD's trade, I must add I'm mildly amused, and amazed too, at all the nonsense spread by other commentors all over the net. I'll take the opportunity here for debunking a couple of nonsense statements, after presenting excuses for the poor level of my English writing.

Nonsense #1 debunked : No, this feature is not some backdoor for debugging the chip at the factory. Its natural use is for programmers like you and me "debugging" their own programmes (or maybe hacking others' , where and when allowed). It is therefore unfortunate that AMD chose to keep it secret for their own reasons - whatever those reasons were.

Nonsense #2 debunked: No, this feature will not create new security problems (at least as far as I've uncovered it). It is a set of extensions to the usual debugging features of Intel's architecture introduced in the mid-eighties (80386). Instantiating the features correctly requires the processor to be in the most privileged "ring zero" of protection. More scrutiny may be wanted, but at first sight it doesn't look like expanded debug capability will increase the "attack" potential against OSes or Virtual Machines even though those OSes or VMs were unaware of the existence of the features.

Regards

--

Czernobyl (me AT czerno.tk)

7
0

Forums

Biting the hand that feeds IT © 1998–2018