Break the security of amd epyc processors for servers
Table of contents:
AMD's data center processors, EPYC, as well as its Ryzen Pro line, Secure Encrypted Virtualization technology. This decrypts and encrypts virtual machines on the fly while they are stored in RAM, so that the host operating system, hypervisor, and any malware on the host computer cannot spy on the protected virtual machines. However, one German investigators just broke this security.
Bad news for EPYC processor safety
AMD EPYC processors use Secure Encrypted Virtualization technology that assigns each virtual machine an address space ID that is tied to a cryptographic key to encrypt and decrypt data as it moves between memory and CPU cores. The key never leaves the system on the chip, and each VM gets its own key.
This means that, in theory, even a hijacked, malicious, hypervisor, kernel, driver, or other privileged code should not be able to inspect the contents of a protected virtual machine, which is a good security feature.
However, a technique dubbed SEVered can be used by a malicious host level administrator, or malware within a hypervisor, or the like, to bypass SEV protections and copy information from a client or user's virtual machine.
The problem, said German AISEC researchers from Fraunhofer (Mathias Morbitzer, Manuel Huber, Julian Horsch and Sascha Wessel) is that host-level hackers can alter physical memory mappings on the host PC, using standard page tables, ignoring the protection mechanism of the SEV.
The Researchers believe that they have devised a method to thwart security mechanisms that EPYC server chips. So much so that they said they can extract plaintext data from an encrypted guest through a hypervisor and simple HTTP or HTTPS requests.
Hopefully, AMD will update these chips as Intel did with its Core processors, and the blessed Meltdown and Specter.
TheRegister FontMobile security: the at & t security application for android
Mobile Security: AT & T's Android security application. Find out more about the security application launched by the operator.
Codex claims to have been able to break the security of the windows store
CODEX has been able to break the security of the Windows Store, its first victim has been the game Zoo Tycoon Ultimate Animal Collection.
Gigabyte announces new single socket servers with epyc processors
The new EPYC GPU servers are the 2U G291-Z20 and G221-Z30 and the storage server is the GIGABYTE 4U S451-Z30.