back to article Epyc crypto flaw? AMD emits firmware fix for server processors after Googler smashes RAM encryption algorithms

Microchip slinger AMD has issued a firmware patch to fix the encryption in its Secure Encrypted Virtualization technology (SEV), used to defend the memory of Linux KVM virtual machines running on its Epyc processors. "Through ongoing collaboration with industry researchers AMD became aware that, if using the user-selectable …

  1. Paratrooping Parrot
    Thumb Up

    This is how you do it Intel

    Accept the flaw and fix it. Don't go round trying to diss those who found the flaw.

  2. Danny Boyd
    Holmes

    Chinese Remainder Theorem? Hmm... Huawei again?

    1. Andy The Hat Silver badge

      Is Chinese Remainder Theorem on the banned list yet?

      Are Google banned for using Chinese technology to break USofA hardware?

      I sense the stirrings of an Orange twit sorry, tweet ...

    2. MiguelC Silver badge

      I hurt my brain after following the link on the Chinese Remainder Theorem

    3. Blazde Silver badge
      Thumb Up

      Plausible. NSA thought they were so clever backdooring Dual_EC_DRBG but the Tang dynasty undermined them centuries earlier by backdooring the Chinese Remainder Theorem.

      A recent xkcd comes to mind: Stack https://xkcd.com/2166/

  3. Anonymous Coward
    Anonymous Coward

    hmm

    If you don't directly control the hardware and what software is running on it you are lying to yourself it is secure.

    1. Fading
      Windows

      Re: hmm

      Though this may still be more secure than actually controlling it yourself......

    2. phuzz Silver badge
      Thumb Up

      Re: hmm

      "If you don't directly control the hardware and what software is running on it you are lying to yourself it is secure."

      And that's why I only use CPUs that I've hand whittled myself from a single crystal of silicon. Of course, adding each of the transistors requires a steady hand, but it's a small price to pay to be 'secure'.

    3. Anonymous Coward
      Anonymous Coward

      Re: hmm

      If you don't directly control the hardware and what software is running on it you are lying to yourself it is secure.

      You forgot the troll icon. As anybody haunting Reg for any length of time is well aware, there is no such thing as "secure". Rather, there is a whole spectrum of being more or less trouble (ie money, skill, and risk to life and limb) to breach your security. On that spectrum, guest memory encryption with cryptographically-sound key management is a very useful point. It won't stand up to a determined and resourceful state-level attacker - nothing would - but it does protect you from an electronic equivalent of a casual smash'n'grab, while still allowing you to rent somebody else's hardware.

      For many uses, that's plenty secure enough.

      1. Anonymous Coward
        Anonymous Coward

        Re: hmm

        As OP totally agree with this ^.

  4. MrKrotos
    Mushroom

    Hosting fix on Wordpress?

    So the fix is at https://developer.amd.com/wp-content/resources/amd_sev_fam17h_model0xh_0.17b22.zip

    Because Wordpress is so secure...

    1. Anonymous Coward
      Anonymous Coward

      Re: Hosting fix on Wordpress?

      >Because Wordpress is so secure...

      I'm having my fix delivered by armoured car with lotsa of guards carrying lotsa guuuuuunns, I don't trust this internet thingy.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hosting fix on Wordpress?

        "I'm having my fix delivered by armoured car with lotsa of guards carrying lotsa guuuuuunns, I don't trust this internet thingy."

        I require all my updates to be verified by the manufacturer, written onto RO media by trusted employees of the manufacturer that I have personally met and then delivered by FedEx to my research lab encased in a volcano. Admittedly it's a little slower than the Internet, but the warm feeling of that extra care really makes a difference to my IT minions.

        What could possibly go wrong with my plans for world domination?

        And why do all my deliveries appear to go from the US to Japan to China to the UK and then finally to my secret island?

        1. Anonymous Coward
          Anonymous Coward

          Re: Hosting fix on Wordpress?

          "What could possibly go wrong with my plans for world domination?"

          One of the "trusted" links in your chain gets doubled and now allows for the item to be surreptitiously altered in transit. Now what?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like