LE: Apparently the story is a bluff since this SUPER SECRET WTF OMGGMG SHIT discovery has been publicly known and used for at least 6 years now(look for 0x9c5a203a at the beginning). So, El Reg, you suck for not verifying stories before publishing them. AMD Rocks!

According to The Register a super secret password protected on-chip debugger has been discovered in all AMD chips since Athlon XP. The debugger seems to be activated once a specific password value(0x9C5A203A) has been set in a certain register(EDI to be more exact, a heavily used register).

I can’t help but wonder where exactly software security will stand on AMD CPUs, once you can access and control chip functionality by just setting a certain value in a register(free ring0 access huh?, local root?..nice, what about system?..even nicer). What about that value making it into that register by chance? Slow CPU operation? Deal with it. 🙂

Though i am afraid my assumptions are just heuristic since one needs more details and insight into this issue before making this into a statement. Quote from Czernobyl(the discoverer):

Amidst a ton of comments, I’ve seen some somber interrogations about security. IMO what is described herein does not pose new security problems per se; after all MSRs and Control Registers aren’t accessible except from ring zero. Nor are the Host’s CRs and MSRs accessible from a properly designed Virtual machine. I doubt the newly disclosed features will open security risks that were not already present due to poor OS and/or virtualization systems designs… (end of note).

Excerpt from The Register article:

A hardware hacker has discovered a secret debugging feature hidden in all AMD chips made in the past decade.

The password-protected debugger came as a shock to reverse-engineers who have hungered for an on-chip mechanism for performing conditional and direct-hardware breakpoint operations. Although AMD has built the firmware-controlled feature into all chips since the Athlon XP, the company kept it a closely guarded secret that was only disclosed late last week by a hacker who goes by the name Czernobyl.

Tagged with: