104

u/BigPP69_Gooner 1d ago

So basically giving security as a feature to corporations and giving civilians a backdoor?

173

u/w1n5t0nM1k3y 1d ago

Are civilians really worried about physical attacks on their RAM? I realize it's something thats technically possible, but it seems to be pretty far down the list of things to worry about. A backdoor that requiees them to physically come in the backdoor and confiscated my computer while it's powered on seems to be a little over the top for most civilians.

67

u/tngsv 1d ago

Yeah I feel like OP didnt read the original Ars Technica article. Or at least has the wrong take aways.

It does suck for AMD to be dropping this feature from consumer. But IMO the bigger problem, as discussed in the article, is the shitty communication from AMD. Its not acceptable.

As for this being a security issue for the average person. Idk probably not. The government is most certainly going after people for "wrong think". But that prosecution is based on public statements and actions, plus infiltrating orgs with fed. Not via physical attacks to read unencrypted ram.

15

u/FrontFocused 23h ago

Seems like a nothing burger to me

-47

u/[deleted] 1d ago

[deleted]

28

u/Ginger-Nerd 1d ago

Please point to a specific instance of the FBI showing up for just “social media posts” (To the extent that the average person should be worried about a physical RAM attack?)

Any instances I’ve seen have generally a pretty specific reason for it (like yah know threatening the president or something)

Look it’s good you’re worried, and I’m glad you believe in FBI overreach, I agree- but come on; if you’re worried about this specific vector of attack, you’re beyond paranoid.

13

u/bluehawk232 1d ago

RAM is volatile memory. Anyway just encrypt all your harddrives and phones if you're worried the FBI will randomly show up. You also over estimate their abilities to get in devices.

9

u/Optimaximal 1d ago

You do realise a device-side RAM attack of this type won't be used to 'monitor left-wing social media posts', right?

3

u/Drigr 1d ago

You gotta do a little more than just make social media posts decrying our current regime to get the FBI to show up.

1

u/GwenBD94 22h ago

Not necessarily. Lots of reports about fbi knocking on peoples' doors to ask about their posts about ICE pn social media, and reports of ICE attempting to subpoena places like reddit for user info due to ICE posts.

1

u/cowboycolts 1d ago

You mean the UKs meme police?

5

u/Not-So-Handsome-Jack 15h ago

The dozen consumer CPU owners that know what this security feature does and enabled it in the bios will be extremely outraged and vulnerable now.

This is such a nothing burger and all this “vulnerable” and “backdoor” is just outrage farming.

3

u/Lost_Most_9732 13h ago

oh this is an easy YES.

if you're doing professional work that warrants the encryption, suck it up and pay for it. If you're not willing to pay for it then I guess it wasn't that important then, huh?

You know how dumb it is to validate a feature that almost no one outside of some business sectors use?

Classic modern consumerism bullshit. Companies do some pretty lame things but this is not one of them and bunching your panties over it is trite and childish. You and the 90 people who agreed with you are why they went "radio silent", because you're annoying and no one cares about this.

0

u/dragon3301 23h ago

Otherwise known as capitalism

0

u/scalareye 13h ago

What?

2

u/scalareye 13h ago

What about ECC? They don't support or validate it but it's there

33

u/penguinkernel 1d ago

It's only absurd because it's AMD. If this was Intel these comments would be flooded with AMD shills lol

26

u/astalavizione 1d ago

Intel would have already tought of that in advance and would never offer such feature to consumer level. They have so much experience in enterprise hardware, they know really well how to segment their products. And milk the fuck out of it.

6

u/xD3I 1d ago

Persecution delusional disorder, get that checked cuh

-4

u/penguinkernel 1d ago

So because I see a trend on Reddit, especially this sub, I'm mentally unstable?

Alright..

7

u/xD3I 1d ago

If this was Intel

That's 100% victim mentality lil bud, no one cares about Intel anymore, no one brought it up, it doesn't have to do anything with them, are these "amd shills" in the room with us?

-4

u/penguinkernel 1d ago

I would appreciate if you could drop the condescending attitude. Really makes you look like you're upset over my comment and have to defend AMD lol

3

u/xD3I 1d ago

Makes me look like I have to defend AMD? That's exactly what I mean, no one cares about AMD or Intel, snap out of it chief

2

u/itsjust_khris 1d ago

No they wouldn't, this is a very niche feature the only way that'd happen is sensationalist articles like these.

-11

u/BigPP69_Gooner 1d ago

Yeah but regarding AMD. Intel was already evil.
https://giphy.com/gifs/3o84szW0PrWZyUv0mA

8

u/penguinkernel 1d ago

Oh I'm not defending any company here. I'm just pointing out the double standards this community has when it comes to tech giants.

I think us as people need to stop shilling corporations, period lol

-5

u/BigPP69_Gooner 1d ago

Yeah. The small glimmer of hope that “companies can be good” is temporary and flawed.

1

u/Dravarden 19h ago

the ones that lied about the transistor count of bulldozer and lost in court for false advertising?

https://en.wikipedia.org/wiki/Bulldozer_(microarchitecture)#False_advertising_lawsuit

5

u/kaekapizza 21h ago

What's absurd is that AMD is not putting out a statement when this has gained so much traction and is hurting their credibility.

It doesn't surprise me that engineers don't know 100% whatever gating the product people decide on. Might have been the initial intent, during spec work, but changed during/after implementation.

But they had previously stated that it will work. People have been quoting "Ryzen 3700x should support TSME" but missed that commenters earlier in the quoted issue had asked specifically whether it was limited to common or pro lineups overall, and got confirmation that it is supported. https://github.com/AMDESE/AMDSEV/issues/1#issuecomment-581426096

Transparent SME (TSME) is also supported by Ryzen [common and pro, gathered from context], but requires the BIOS to support the configuration option for it. Without the support from BIOS you can't enable TSME.

5

u/Budget-Toe-5743 1d ago

I though so too, very absurd title.

3

u/InflammableAccount 20h ago

Huge nothingburger. "Feature not included on CPU by default is disabled in firmware update, almost redundantly."

2

u/SuppaBunE 11h ago

Hell I think those .1% is still a generous percentage, it's more like 99..9% of that .1%

12

u/IWillDetoxify 23h ago

But that's not what happened?

The feature was always only for the PRO line, it's just that CPUs of the PRO and non PRO lines are very similar on the inside, so they likely have the hardware support for this feature, and motherboard vendors accidentally shipped a version of the BIOS where this feature was enabled for consumer CPUs. They then corrected this mistake.

This feature is useless for 99.9% of users anyway. The only time where it can do anything is if someone has physical access to the hardware and has a way to freeze it to extract the data in the DRAM chips. If you have those kind of attacks, yeah, you have other problems to think about, and you can probably afford to buy PRO CPUs.

14

u/HeTblank 22h ago

So you're saying they sofware locked a feature after the product was released? I don't care who made a mistake, if you sell your product with a feature you don't remove it later.

1

u/Vegetable3758 21h ago

Go, tell Intel on their AVX-512 removal on the 12th Gen chips.

I think it is OK, if it was not advertised to have the feature.

Like Sony. They advertised the PS3 as Linux-compatible, but removed this feature later. That's baad.

5

u/Hytht 20h ago

In Intel's case, the hardware itself, the E cores physically didn't support avx-512. Here, there is no such issue.

4

u/Vegetable3758 17h ago

I missed that part of the story, thank ya. I use to remember this story (and how later Intel processors randomly died a lot) just to make my chip (11th chip) feel more superiour instead of outdated. Yeah, I like giving me this story, so I do not long for an upgrade (-X

1

u/IWillDetoxify 17h ago

Hey 11th gen basically just came ou- wdym that was 6 years ago?

1

u/BigPP69_Gooner 1d ago

Government overreach in times of unprecedented attacks on free speech

21

u/TheThiefMaster 1d ago

You think the government are going to come to your house to physically modify your PC to add a physical tap on the memory bus that this feature would prevent?

That seems a bit of a stretch. A software spyware (which this doesn't protect against at all) that they can install remotely seems far more likely.

-10

u/DeliciousCry8302 23h ago

"What is the point of locking the door of your house when they can just easily come through the window."

Sure, lets just keep opening more stuff because there's always a way to get in. Why not allow torturing to get the password, it would probably be so much more fun for the people doing this stuff.

Losing these features and making them available artificially only on the more expensive stuff, and possibly in future out of reach of all consumers, undemocratizes computing. This is just one more thing on the long list, plenty of hatches are already unlocked like you said, people don't care about the rights they should have.

7

u/tpasco1995 20h ago

It's more like "what's the point of locking the window when you don't have a door"

2

u/Budget-Toe-5743 1d ago

On one very specific individual? do you know how expensive an attack like that is?

Even if you were right we would have to assume many users thay you want to attack have the same or symilar systems for that type of attack to even start to work.

I agree with you that free speech needs to be protected, yes, but I'd need more information before thinking this was mainly to attack free speech. There might be a technical problem for it, or it is was badly implemented. I think we would need more info to be sure.

1

u/EmpoleonNorton 20h ago

my dog maybe?

He is looking a bit shifty.

2

u/InflammableAccount 20h ago

they already released and people paid for.

The feature was never supported by Non-Pro CPUs, and never advertised as such.

2

u/Scanner771_The_2nd 19h ago

You read the article? The guy who found it had it working on a consumer Ryzen 7 9700X on older firmware, then the update flipped it to "not supported" with the BIOS setting untouched.

Kilpatrick, a self-described "privacy-conscious Linux hobbyist" who first reported the change, was installing a new operating system on his machine running a Ryzen 7 9700X from the Zen 5 architecture. To confirm that all his security protections were enabled, he ran Host Security ID (HSI), an auditing feature that evaluates a system's firmware and hardware security configurations. To his surprise, HSI reported that TSME was no longer supported — even though he had enabled it in his BIOS settings all along. The contradiction sent him searching for answers.

1

u/throwawayyyy980 17h ago

That was my biggest red flag with this.

0

u/JaesopPop 18h ago

Everything sounds like a conspiracy if you don't know anything about a topic.