Veganism Social

Benjamin Carr, Ph.D. 👨🏻‍💻🧬World's first <a href="https://hachyderm.io/tags/CPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#CPU</a>-level <a href="https://hachyderm.io/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> can "bypass every freaking traditional technology we have out there" — new <a href="https://hachyderm.io/tags/firmware" class="mention hashtag" rel="nofollow noopener" target="_blank">#firmware</a>-based attacks could usher in new era of unavoidable ransomware Beek, <a href="https://hachyderm.io/tags/Rapid7" class="mention hashtag" rel="nofollow noopener" target="_blank">#Rapid7</a>'s senior director of threat analytics, revealed AMD Zen chip bug gave him idea that highly skilled attacker could in theory "allow those intruders to load unapproved <a href="https://hachyderm.io/tags/microcode" class="mention hashtag" rel="nofollow noopener" target="_blank">#microcode</a> into the processors, breaking encryption at the hardware level and modifying CPU behavior at will." <a href="https://www.tomshardware.com/pc-components/cpus/worlds-first-cpu-level-ransomware-can-bypass-every-freaking-traditional-technology-we-have-out-there-new-firmware-based-attacks-could-usher-in-new-era-of-unavoidable-ransomware" rel="nofollow noopener" translate="no" target="_blank">https://www.tomshardware.com/pc-components/cpus/worlds-first-cpu-level-ransomware-can-bypass-every-freaking-traditional-technology-we-have-out-there-new-firmware-based-attacks-could-usher-in-new-era-of-unavoidable-ransomware</a>

André Machado :debian:Extensive Analysis of the Raptor Lake CPU BugIntel’s Raptor Lake CPUs, which form part of the 13th and 14th generation Intel Core desktop processor line, were celebrated for their hybrid architecture combining high-performance cores with efficiency cores. However, shortly after their release, a critical bug emerged that has led to system instability and, in some cases, permanent degradation of the affected chips.Read More: <a href="https://machaddr.substack.com/p/extensive-analysis-of-the-raptor" rel="nofollow noopener" target="_blank">https://machaddr.substack.com/p/extensive-analysis-of-the-raptor</a><a href="https://mastodon.sdf.org/tags/CPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#CPU</a> <a href="https://mastodon.sdf.org/tags/Bug" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bug</a> <a href="https://mastodon.sdf.org/tags/Microcode" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microcode</a> <a href="https://mastodon.sdf.org/tags/Intel" class="mention hashtag" rel="nofollow noopener" target="_blank">#Intel</a> <a href="https://mastodon.sdf.org/tags/Computer" class="mention hashtag" rel="nofollow noopener" target="_blank">#Computer</a>

WulfyOne of the organisations I work for is so poor, we should not exist by any account.How poor? Our main server is fifteen years old. Only reason we got it, it was abandoned in a rack we bought for $50 and I resurrected it.This transcends boneyard. This is summoning machine spirits from beyond, Deus Mechanics incantations.I yelled at the Operations manager today, calling him a Necromancer because he was praising this ancient "Raid" box as "better than what we used to have" when all I want to do is nail it to the wall as a warning to others.Anyhoo... This is how I found today that a 15 year old iron running <a href="https://infosec.exchange/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a> 10 simply could not run any <a href="https://infosec.exchange/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#docker</a> images of this particular package because the <a href="https://infosec.exchange/tags/nodej" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodej</a> component just won't run on the <a href="https://infosec.exchange/tags/microcode" class="mention hashtag" rel="nofollow noopener" target="_blank">#microcode</a> I don't even realise it was a thing. But then, how many of you run a box that's 15 years old in production......how "slow" is that rack server? I pulled one of the Intel NUCs out of the boneyard (it's one of those paper book sized box "computers") and put Debian on THAT......it runs 33% faster and that thing was binned because it couldn't pull an office admin desktop workload.33% faster!!!

Benjamin Carr, Ph.D. 👨🏻‍💻🧬How to make any <a href="https://hachyderm.io/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#AMD</a> Zen <a href="https://hachyderm.io/tags/CPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#CPU</a> always generate 4 from RDRAND "We have demonstrated the ability to craft arbitrary malicious microcode patches on Zen 1 through <a href="https://hachyderm.io/tags/Zen4" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zen4</a> CPUs," the Google <a href="https://hachyderm.io/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> Team said. "The <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> is that the CPU uses an insecure hash function in the signature validation for <a href="https://hachyderm.io/tags/microcode" class="mention hashtag" rel="nofollow noopener" target="_blank">#microcode</a> updates." The flaw listed as CVE-2024-56161 with a CVSS score of 7.2 out of 10, was discovered and reported to AMD in September, and a fix was devised by December. <a href="https://www.theregister.com/2025/02/04/google_amd_microcode/" rel="nofollow noopener" translate="no" target="_blank">https://www.theregister.com/2025/02/04/google_amd_microcode/</a>

Recent searches

Search options

Administered by:

Server stats:

#microcode