Users Cry Foul After AMD Stripped Memory Crypto From Its Consumer CPUs (arstechnica.com) 54
An anonymous reader quotes a report from Ars Technica: A decade ago, AMD added a protection to its high-end CPUs to protect them against cold boot attacks and other types of physical exploits that siphon sensitive data out of the connected memory chips. Short for Transparent Secure Memory Encryption, TSME encrypts the entire contents stored in memory, making the data useless to physical attackers. Over time, AMD added TSME to lower-end processors, including the consumer version of its Ryzen chips, a CPU that costs less than the Pro version. Over the years, users of these lower-end chips have gotten used to the added security. Recently and without warning or notice, this lower-end line of AMD chips suddenly dropped the protection, and did so in a way that was impossible to detect on Windows machines and required a fair amount of technical work when using Linux.
AMD has yet to say why TSME worked on these CPUs, or even to confirm the change. AMD declined to answer questions sent by email other than to say TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." The statement is the first known time the chipmaker has explicitly made this restriction public. [...] There's no indication that AMD ever advertised or marketed TSME as being available in consumer CPUs. AMD has long said that a related memory protection, Secure Memory Encryption (SME), is available only in the Pro and Epyc CPU tiers. SME is OS-managed. It uses a single key and allows the OS to selectively encrypt individual memory pages. TSME is firmware-managed. It encrypts all RAM with no OS involvement. When active, it provides protection against physical attacks, including cold boot exploits, DRAM interface snooping, and memory module removal. It activates silently when enabled in the BIOS, making it the more practically useful of the two protections. Ben Kilpatrick, a self-described "privacy-conscious Linux hobbyist," discovered that TSME had stopped working on his consumer Ryzen processor despite remaining enabled in the BIOS. He spent months investigating, persuaded MSI engineers to test multiple CPUs, motherboards, and firmware versions, and filed a public AMD bug report that traced the change to newer AGESA firmware apparently disabling TSME on consumer chips while retaining it on Pro and EPYC models.
"AMD engineers' comments, such as those mentioned above, and the years of TSME working just fine in the lower-cost tier processors, have understandably conditioned Kilpatrick and other users to reasonably regard it as an expected part of the chip package," reports Ars Technica. "AMD quietly removing it and providing no acknowledgment or explanation strikes these users as something of a betrayal."
Joe Fitzgerald, an expert in silicon-level security, said in an interview: "They could have not realized they did it leading to their cagey responses, or they could have done it intentionally and tried to get away with it, leading to the same cagey responses. But I really feel like an explanation should be in order, even if it was 'TSME was never supposed to be supported. We did ship some firmwares that erroneously enabled it, but you shouldn't use them since we can't guarantee it'll work properly.'"
AMD has yet to say why TSME worked on these CPUs, or even to confirm the change. AMD declined to answer questions sent by email other than to say TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." The statement is the first known time the chipmaker has explicitly made this restriction public. [...] There's no indication that AMD ever advertised or marketed TSME as being available in consumer CPUs. AMD has long said that a related memory protection, Secure Memory Encryption (SME), is available only in the Pro and Epyc CPU tiers. SME is OS-managed. It uses a single key and allows the OS to selectively encrypt individual memory pages. TSME is firmware-managed. It encrypts all RAM with no OS involvement. When active, it provides protection against physical attacks, including cold boot exploits, DRAM interface snooping, and memory module removal. It activates silently when enabled in the BIOS, making it the more practically useful of the two protections. Ben Kilpatrick, a self-described "privacy-conscious Linux hobbyist," discovered that TSME had stopped working on his consumer Ryzen processor despite remaining enabled in the BIOS. He spent months investigating, persuaded MSI engineers to test multiple CPUs, motherboards, and firmware versions, and filed a public AMD bug report that traced the change to newer AGESA firmware apparently disabling TSME on consumer chips while retaining it on Pro and EPYC models.
"AMD engineers' comments, such as those mentioned above, and the years of TSME working just fine in the lower-cost tier processors, have understandably conditioned Kilpatrick and other users to reasonably regard it as an expected part of the chip package," reports Ars Technica. "AMD quietly removing it and providing no acknowledgment or explanation strikes these users as something of a betrayal."
Joe Fitzgerald, an expert in silicon-level security, said in an interview: "They could have not realized they did it leading to their cagey responses, or they could have done it intentionally and tried to get away with it, leading to the same cagey responses. But I really feel like an explanation should be in order, even if it was 'TSME was never supposed to be supported. We did ship some firmwares that erroneously enabled it, but you shouldn't use them since we can't guarantee it'll work properly.'"
Enshittification marches ever onward (Score:4, Interesting)
It seems there's always some update pushed out that removes functionality, with the only option of regaining it being to either buy new hardware or pay a subscription fee.
Altering the deal after the fact is now a standard business practice. Isn't that the kind of thing that governments are supposed to protect us from?
Sorry, I forgot - the corporate sector now IS the government, in many ways and many disguises. Freedom, democracy, and equality before the law are, increasingly, mere illusions.
Re: (Score:3, Insightful)
I'm still slightly annoyed to have something taken away, even if it wasn't a very useful thing I didn't need and may not have been working for some time.
Re: Enshittification marches ever onward (Score:2, Informative)
I'm still slightly annoyed to have something taken away, even if it wasn't a very useful thing I didn't need and may not have been working for some time.
It's a "feature" that was never publicly announced or supported on non-Pro processors, not consumer products.
You didn't 'lose' anything, you 'had' something you weren't supposed to, and that mistake has been corrected - you now have, and have always had, everything the Mfg claimed (and documented) the processors could do.
Re: (Score:3)
It's a "feature" that was never publicly announced
That does not change the situation that their firmware updates are now malware that removes existing features from existing systems.
Re: (Score:2)
Yes. However, at least with some motherboards, you can roll back the BIOS to an older version, and revert the AGESA. Not a long-term solution, though.
Re: (Score:2)
Re: (Score:2)
It's a bit more complicated than that, because although it wasn't advertised as a feature, it was well known that it was supported. ECC RAM support is another good example. A lot of people, myself included, bought Ryzen systems because they support ECC RAM and Intel doesn't on consumer hardware.
The fact that they kept it enabled and working for years, even unofficially, makes it something that consumers could reasonably expect not to be arbitrarily removed with a software update long after they bought the p
Re: (Score:2)
And since it worked, there was clearly no technical reason for it not to be available for all Zens. That's annoying. It's not like it is a feature that requires extra hardware not present in all Zens, it's something already there that I've been able to turn on in my "enthusiast" grade consumer motherboard. Didn't need a business board, like you do for some management features, just an x570.
But, at the same time, I don't need it. Not sure how ann
Re: (Score:2)
To be fair, if they don't advertise it, it's probably because it's a part of the silicon that they won't discard a CPU for if it doesn't work. Same with ECC support. Maybe it works 99% of the time, but if you get one in the 1% that failed, it's not a warranty issue.
Motherboard manufacturers and RAM manufacturers are the same. ECC works with Ryzen, but it's not officially supported so if your particular combo doesn't work, too bad I'm afraid.
Re: (Score:2)
Re: (Score:2)
It’s a sunk cost for them—time and money have already gone into putting it in place, and taking it out would just mean less security in a world that’s only going to need more of it, especially with AI-driven attacks from increasingly hostile actors. In the end, like most things, it comes down to money—similar to when Intel set its CPUs apart with features like virtualization or ECC. Now, people will simply move to other CPUs or alternative chipsets.
Re: Enshittification marches ever onward (Score:2, Insightful)
They removed something you never should have had, that your processor never should have done, and that they never, ever told you your processor should've could do.
That's 'enshitification'? No. It's a correction.
Re: (Score:2)
If it's in the CPU I bought, how should it never have had that feature that's clearly in the CPU I bought?
This is the CPU equivalent of those car makers wanting a subscription to enable the heated seats. Maybe AMD will enable it for $5 a month or something.
Re: (Score:3, Informative)
It's basically buying a car and having heated seats installed even if you didn't pay for them. They did it because it simplifies production. If you choose to enable it yourself, it's unsupported - so if you activate the heated seats yourself that sets you
Re: Enshittification marches ever onward (Score:2)
Never should have had? Suck harder.
Re: (Score:2)
They removed something you never should have had, that your processor never should have done, and that they never, ever told you your processor should've could do.
It may not have been in the spec, but if it was widely known that the chip could do it, then it very well could be the case that people purchased the chip because of that, in which case the company unjustly benefitted from the widespread belief that it was supported, and is now seeking to further unjustly benefit by forcing those buyers to spend more money if they want to keep that feature.
Their failure to explicitly make clear that this was a bug and fix it in a timely manner is at least potentially an imp
Re: (Score:2)
No, companies just have to guarantee what they say in the spec. Take, for instance, overclocking! Some chips may run fine when overclocked some, but if they malfunction, it's the user who did that who should be SOL, not the manufacturer
Re: (Score:2)
No, companies just have to guarantee what they say in the spec. Take, for instance, overclocking! Some chips may run fine when overclocked some, but if they malfunction, it's the user who did that who should be SOL, not the manufacturer
Your comparing apples to orange seeds.
Overclocking... if it's possible, but unsupported, and the end user overclocks and fries their chip, it's on them. I agree.
If it's possible and unsupported, and the end user overclocks and all is working fine, no harm no foul, right?
Now, what if the manufacturer then issued a firmware update that blocked all overclocking attempts? That's the comparison here. It's not the former issue (user is SOL if they break it); It's the manufacturer actively preventing the user from
Re: Enshittification marches ever onward (Score:4, Insightful)
Re: (Score:2)
While technically true, there was no harm to the end user in leaving the feature active.
Re: (Score:2)
It's depressing to see the amount of corporate bootlicking here, but Slashdot can always be relied upon as a forum for bootlickers to lick boots.
FWIW, if someone buys something and it has a feature, that's it. End of story. You don't get to take that feature away any more than you get to modify soccer balls so they can't be used for volleyball after they left the store.
AMD cannot be trusted. And you should be ashamed of yourself for suggesting otherwise.
Re: (Score:2)
It seems there's always some update pushed out that removes functionality, with the only option of regaining it being to either buy new hardware or pay a subscription fee.
Altering the deal after the fact is now a standard business practice. Isn't that the kind of thing that governments are supposed to protect us from?
Sorry, I forgot - the corporate sector now IS the government, in many ways and many disguises. Freedom, democracy, and equality before the law are, increasingly, mere illusions.
Consumer protection is for real countries. The United States is currently in the process of exposing the fact that it's government is scams built on top of other scams, top to bottom. Illusions of it being anything other than scams are no longer useful, since the power structures are now firmly entrenched and the money flow no longer needs to be disguised.
Motorola owns the patent (Score:3)
A colleague of mine working for Motorola patented encrypted memory sometime in the 2006-2010 timeframe. Maybe Motorola figured out that AMD was violating their patent and negotiated royalties privately with AMD. I don't know; I don't work at Motorola, but if AMD had to suddenly start paying royalties, it makes sense that they'd remove the feature from lower end, lower margin processors.
Re: (Score:2)
Encrypted memory existed long before 2006, the patent was likely narrow are related to some small detail of a particular implementation.
Re: (Score:2)
They want you to buy EPYC or Threadripper Pro for such features.
Re: (Score:2)
"removes functionality"
AMD never claimed that the functionality was there and neve promised that it was going to be there.
I suppose you could work some estoppel argument.
Well, let's face it (Score:5, Insightful)
Does it rub me a little raw that a feature of my 5900 has been removed? Yeah, a little, but not very. If it really bothered me, I'd probably make sure to use a firmware where it still worked.
Re: (Score:1, Insightful)
You don't need it on consumer hardware
Except for, you know, illegal immigrants, legal immigrants, naturalized Americans and even American born, and all the other people targeted by their governments.
And it's not just about needing it now, it's also about needing it in the next years. Again, look at the recent history of a lot of countries to see how things can degrade quickly for people who were safe in the past.
If you are under that sort of threat, you aren't using consumer hardware.
Sure, the poor are never targets, except, you know, illegal immigrants, legal immigrants, naturalized Americans and even American born
Re: (Score:2)
You don't need it on consumer hardware
Except for, you know, illegal immigrants, legal immigrants, naturalized Americans and even American born, and all the other people targeted by their governments.
If your government breaking into your house and applying hardware-level attacks to scrape your secrets out of the RAM of your running computer is seriously part of your threat model, it's almost certainly very, very far from your biggest concern.
Also, you should probably consider turning your computer off.
Re: (Score:1)
it's almost certainly very, very far from your biggest concern.
So? Why should one be limited to only a single concern?
And why do you believe that those "minor" concerns will not have a compounding effect on the "biggest" one?
And "almost certainly" is not "certainly".
you should probably consider turning your computer off.
And lose my work? Or save it in permanent storage so it can be analyzed at whomever's leisure later?
And for what? Remember that we are talking about removing a feature from an *existing product*, and not about a new product without the feature.
Re: (Score:2)
You don't need it on consumer hardware. Who's going to go through the trouble of hitting your DIMMs with liquid nitrogen? Nobody, that's who. If you are under that sort of threat, you aren't using consumer hardware.
Does it rub me a little raw that a feature of my 5900 has been removed? Yeah, a little, but not very. If it really bothered me, I'd probably make sure to use a firmware where it still worked.
It significantly lowers the dev environment cost for the people who might work on supporting it.
Re: (Score:2)
Re: (Score:2)
You don't need liquid nitrogen, you just need to hit the reset button and boot Linux off a USB drive.
This could be mitigated by having the UEFI simply wipe memory early in the boot process, but very few manufacturers offer that feature.
Re: (Score:3)
My laptop has zero boot from USB option. In order for me to get linux installed, I had to do the partition work inside of windows. I made a boot partition that had the linux image on it, then extended the rest of the drive for my actual linux install. Then in the bios I had to install a shim to point to the boot partition I made.
At that point I was able point the bios at that partition and the rest of the installation went normally. For a while, Windows didn't enjoy the dual boot setup and I had to do extra
Re: (Score:2)
Wow, that sounds like a fairly old laptop. Certainly pre Ryzen.
Presumably you can boot a CD, to install an OS. Or at least a floppy.
Re: (Score:2)
You would think but nope, it's a new laptop. Maybe 3 years old tops. They probably just assumed Windows 11 was all anyone would need and it has a recovery partition, etc. No reason you'd ever want to change anything, right? :)
It was a surprise to me but others had already ran into similar problems and the work around I posted already worked just fine.
Re: (Score:2)
Had I cause for such concerns on my personal hardware, I would have bought something else.
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
But if you won't accept anything less than perfection, then you'll accept nothing at all. Including anything anyone else has to say, so... It's been lovely meeting you, but I suspect we will be unable to find any common ground upon which to base a discussion. I wish you well in your future endeavors.
Not AMD's first SCAM, remember ECC? (Score:4, Informative)
Let's face it, AMD has for a long time not been the "underdog" who plays fair with customers to get a reputation. Now that they had some years of success, they give a damn about their reputation, and will continue to scam their customers as they please.
How do they know it was working just fine? (Score:3)
Did they actually test the memory to see if it was encrypted? How do they know there wasn't an AGESA bug that set the flag in cases where the CPU didn't actually support the feature?
Re: (Score:2)
Yes, it's been tested. The key is regenerated at each boot, so you can easily test buy simply writing a known pattern, rebooting, and seeing if it is still there.
Cryptos crashing (Score:2)
Memory crypto stripped - does this spell doom to other Cryptos as well? Trumpcoin, Bitcoin, everything crashing ?
JK. Actually happy that someone is still using "crypto" to refer to cryptography
SOP (Score:2)