LE: Apparently the story is a bluff since this SUPER SECRET WTF OMGGMG SHIT discovery has been publicly known and used for at least 6 years now(look for 0x9c5a203a at the beginning). So, El Reg, you suck for not verifying stories before publishing them. AMD Rocks!
According to The Register a super secret password protected on-chip debugger has been discovered in all AMD chips since Athlon XP. The debugger seems to be activated once a specific password value(0x9C5A203A) has been set in a certain register(EDI to be more exact, a heavily used register).
I can’t help but wonder where exactly software security will stand on AMD CPUs, once you can access and control chip functionality by just setting a certain value in a register(free ring0 access huh?, local root?..nice, what about system?..even nicer). What about that value making it into that register by chance? Slow CPU operation? Deal with it.
Though i am afraid my assumptions are just heuristic since one needs more details and insight into this issue before making this into a statement. Quote from Czernobyl(the discoverer):
Amidst a ton of comments, I’ve seen some somber interrogations about security. IMO what is described herein does not pose new security problems per se; after all MSRs and Control Registers aren’t accessible except from ring zero. Nor are the Host’s CRs and MSRs accessible from a properly designed Virtual machine. I doubt the newly disclosed features will open security risks that were not already present due to poor OS and/or virtualization systems designs… (end of note).
Excerpt from The Register article:
A hardware hacker has discovered a secret debugging feature hidden in all AMD chips made in the past decade.
The password-protected debugger came as a shock to reverse-engineers who have hungered for an on-chip mechanism for performing conditional and direct-hardware breakpoint operations. Although AMD has built the firmware-controlled feature into all chips since the Athlon XP, the company kept it a closely guarded secret that was only disclosed late last week by a hacker who goes by the name Czernobyl.
Yesterday, Packet Storm re-launched with a completely new website, both in looks and functionality, adding lots of web2.0 features like favorites, commenting, trending, tagging and rss everywhere, etc..
In my opinion the new framework is very promising, but hey, why not decide for yourself. Here is the e-mail announcing the launch:
November 15, 2010 – Today is the launch of a completely
new version of Packet Storm that has been long awaited
and is long overdue. The security community has given
us a lot of feedback during our design phase and we
have attempted to integrate many features.
As you may already know, Packet Storm is home to a
massive security portal that houses news, whitepapers,
advisories, exploits and tools.
It’s a place to showcase your work, whether it be
a research advisory or a tool you wrote. It’s a
place to check news headlines coming down the
wire or to find out about the latest vulnerabilities.
The goal of the new site is usability and integration.
We realized that this community is missing a centralized
portal to appropriately promote their work and interact
with others in the community.
The site currently hosts:
More than 38,000 advisories
More than 20,000 exploits
More than 5,000 tools
More than 2,000 whitepapers
Full historical view of releases – going all the way back to 1998.
New core features:
Trending for top author, popular topics and daily additions
Tagging exists all over the place
Commenting is allowed everywhere
RSS feeds are all over the place
Search Users, Files, News and Authors
Commenting, favorites and the ability to view the favorites of the people you follow.
CVE and OSVDB integration
Privacy settings for all personal information
You can send messages to other users
You can switch to a minimal listing view
You can set your primary mirror; we’re on four continents
Share items with Facebook, Twitter, Digg, Reddit, LinkedIn, etc
Your very own author page and author id.
Ability to add biographic information and a picture.
Authors ranked by releases per month
If an already established author applies with the
same email address as is stored in the archive,
their profile will be linked to their work on the site.