Backdoor Mechanism Discovered in VIA C3 x86 Processors

bleepingcomputer.com/news/security/backdoor-mechanism-discovered-in-via-c3-x86-processors/
>At the Black Hat 2018 and DEF CON 26 security conferences held in Las Vegas last week, a security researcher detailed a backdoor mechanism in x86-based VIA C3 processors
>Christopher Domas, a well-known hardware security expert, says that VIA C3 x86-based CPUs contain what he referred to as a "hidden God mode" that lets an attacker elevate the execution level of malicious code from kernel ring 3 (user mode) to kernel ring 0 (OS kernel).
>Domas says that this backdoor mechanism —which he named Rosenbridge— is a RISC (Reduced Instruction Set Computer) co-processor that sits alongside the main C3 processor.
>The researcher says that by using a launch-instruction (.byte 0x0f, 0x3f) he can flip a register control bit that enables this additional coprocessor, which he argues doesn't benefit from the same security protections the main C3 chipset.
>Any instructions sent to this additional coprocessor are all run under ring 0, and not under the normal ring 3 level.
>Domas says he identified this "hidden God mode" feature in VIA C3 Nehemiah chips, but he says all other C3 chipsets are bound to feature a similar mechanism.
You didn't actually believe all of those paid VIA marketers when they told you their shit was secure, did you?

Attached: P1010031.jpg (1900x1140, 748K)

Other urls found in this thread:

warosu.org/g/image/fRHoBgjDx5QuIwE0fwatSA
warosu.org/g/?task=search2&ghost=yes&search_text=Zhaoxin&search_op=op&search_del=dontcare&search_int=dontcare&search_ord=new&search_capcode=all&search_res=post
youtube.com/watch?v=KrksBdWcZgQ
twitter.com/AnonBabble

it's good to see that the VIA Internet Defense Force has already killed themselves

No one seems to care

there were a decent amount of VIA shilling threads when the quad cores came out, all of the /hrt/ fags must have fucked off to 8gag or something

Has it been addressed yet if this mechanism actually works on all C3s? Or is it just an edge case working only on a few lucky samples?

What does even use those pieces of thrash?
Even ATMs use some shitty embedded celerons.

Show one of those threads.

Just one.

Domas is a fucking god, go watch his talks.

Because it only affects Nehemiah VIA CPUs which are 2001 CPUs.

can't remember their exact shitpost formula but here's some
warosu.org/g/image/fRHoBgjDx5QuIwE0fwatSA
warosu.org/g/?task=search2&ghost=yes&search_text=Zhaoxin&search_op=op&search_del=dontcare&search_int=dontcare&search_ord=new&search_capcode=all&search_res=post

Never heard of him before. Please link me to his talks you recommend most.

The same geniuses at Centaur who brought you this shit are still building every VIA chip to date from the same stock as the C3.

Fake news, already assraped and left to bleed to death on the floor at OSnews: it's a fully-documented debugging feature, with a fully-documented "off" switch.

>blackhat 2018 and Defcon
>Helping people by exposing security flaws and then telling EVERYONE about them
Fuck off you white hat nigger.

>TFW blackhat now has normie conference
So now what? Do we get to change the name for actual black hats to something else?

Actual "black hat" stuff is non-existent and a faggot fantasy, it's just fucking social engineering and phishing. You know, like what pajeet does.

Are VIA even relevant still? they don't even appear in embedded stuff any more as far as i can tell.

>VIA C3
>Nehemiah
>release date: January 22, 2003
Wow, very timely and relevant info, OP.

There is apparent resurrection, and plans to expand, so anything with VIA processors costs many times as much as far more powerful Intel / AMD CPUs

Woot, this effects how many VIA powered computers out there?

Aren't VIA CPUs currently available basically intel atom level of performance? You can't even use them in a htpc.

guess we shouldn't care about spectre because the Pentium Pro was like 25 years ago lol miss me with that old shit

specter also affects currently relevant CPUs. Whatever this thing is - doesn't, unless you, for some inexplicable reason, still use a rare CPU from early 00s

VIA has like lower marketshare than that chink Epyc clone that AMD sold to the chinks doesn't it?

Of course it's not about real blackhat, they just put that name to be edgyer

Do you think bugs/backdoors carrying over to new implementations of an architecture is an Intel-only thing or something? All of VIA's current lineup are direct descendants of the C3.

And newer VIA CPUs are almost non-existent outside of China and maybe 2-3 countries (and that's a big maybe). They cost too much, they are soldered to mobo, they are weak.

So? We still discuss architectures like POWER and RISC-V even though nobody gives a shit about them either.

POWER's far more relevant than VIA (especially to Jow Forums with the Talos II) and RISC-V is an upcoming architecture well worth discussion. I'm not saying VIA isn't but those are poor examples

Neither are really relevant, POWER's only major market is in vendor locked legacy shops that can't get rid of AIX to save their lives and the Talos "workstations" are overpriced failures only a handful of people have actually invested in. RISC-V has fuck all physical silicon outside of weak IoT trash and all either processor has going for it are a couple shitposters jerking off to them on Jow Forums despite not owning and never intending to own an example of either product.

They're not really that much less irrelevant than this shit whether you like it or not.

POWER's got a place in HPC and like I said, RISC-V's upcoming. Meanwhile VIA's just the third x86 company everyone forgot exists.

>paid VIA marketers
They quit after the S3 acquisition.

Attached: best gpu.png (2000x853, 215K)

Tried to buy it a few years ago, couldn't find it

>POWER's got a place in HPC
Yeah, so do mainframes. It's still a dinosaur with market share shrinking every year.
>RISC-V's upcoming
It's been "upcoming" for years and it's never going to change. The only interest it has is from freetards who don't intend to actually back it up with their wallets.
>Meanwhile VIA's just the third x86 company everyone forgot exists.
Jow Forums forgets about anything that doesn't play games or see use in some reddit-cool market like supercomputers and smartphones

>never intending to own an example of either product
You can make this point about Talos, but not RISC-V. A lot of people, both on Jow Forums and not, will buy the RISC-V equivalent of a RasPi when it comes out.

Didn't VIA's x86 license expire several years ago? Or they just don't care?

>Yeah, so do mainframes.
Do they?
>It's still a dinosaur with market share shrinking every year.
I don't see it going anywhere.
>It's been "upcoming" for years and it's never going to change. The only interest it has is from freetards who don't intend to actually back it up with their wallets.
iirc it's got interest from Google and several other large companies.
>Jow Forums forgets about anything that doesn't play games or see use in some reddit-cool market like supercomputers and smartphones
I never said anything about Jow Forums

iirc tere's some technicality that allows them to continue

Capped for incorrect prediction.

Attached: risc-v nonbeliever.png (1002x249, 60K)

i didn't know via still makes cpus

Jeez.

They'll come back once the Zhaoxin new chips start coming out, they honestly don't seem that bad relatively speaking if they're as good as they claim and especially if they can actually reach ryzen level perf like they claim they will.

I'll buy new VIAs CPU is it is affordable (on the level of low/mid-end Intel/AMD CPUs), and if I can actually find it without scalpers.
Having a PGA/LGA socket (where you could upgrade/replace your CPU, should you choose to) would also be beneficial

If it comes out, and only if it's cheap, which given how niche RISC-V is going to end up that's unlikely.
>Do they?
The latest Z series are very powerful, and people are still ordering them.
>I don't see it going anywhere.
Their market share is shrinking pretty steadily. POWER hardware is incredibly expensive for what little it delivers, most people want to get the fuck away from it. Same deal with SPARC.
>iirc it's got interest from Google and several other large companies.
Yeah, so did POWER, where are they now? "Interest" doesn't translate to progress.
>I never said anything about Jow Forums
Not trying to say you did, but I conjured it as a general sample of the public. Nobody gives a shit about the kinds of systems VIA chips end up in, so of course they're going to forget about it.
Wouldn't bother me to be proven wrong.

Attached: ibmshare.png (679x365, 64K)

>The latest Z series are very powerful, and people are still ordering them.
But for HPC? I was under the impression that mainframes were for banking and the like.
>Their market share is shrinking pretty steadily
Meanwhile new deals with market leaders such as Nvidia show promise.
>Yeah, so did POWER, where are they now?
A beefy arch in a beefy arch market
>Nobody gives a shit about the kinds of systems VIA chips end up in, so of course they're going to forget about it.
In other words VIA's that third x86 manufacturer everyone forgot about.

Watching
youtube.com/watch?v=KrksBdWcZgQ
now.
Whoa... didn't know about this stuff before.

>But for HPC? I was under the impression that mainframes were for banking and the like.
Yeah, I guess I was stretching the definitions a bit, though I wouldn't say such a system isn't up to the task.
>Meanwhile new deals with market leaders such as Nvidia show promise.
Businesses are always making deals, but the numbers don't lie.
>A beefy arch in a beefy arch market
A market that's been dying since about 2000 and of which POWER is one of the only survivors, basically coasting along on an IBM logo while being slowly eroded by commodity hardware that does 90% of the work at 10% of the cost. It's not hard to build a fast chip, it's making it worth owning that's challenging.
>In other words VIA's that third x86 manufacturer everyone forgot about.
But I guess the point of all of this is... it's still used and still worth being discussed. Just like POWER, SPARC, RISC-V or anything else.

Yeah, because x86 is so secure

>Businesses are always making deals, but the numbers don't lie.
You've got a point but I don't see Nvidia putting effort into POWER without them seeing it pay off
>A market that's been dying since about 2000
HPC's been dying since 2000?
I mean you can keep calling numbers into play but I think POWER's as much of a force in HPC as Fortran is. It's always claimed to be dying/dead but it never goes anywhere.
>But I guess the point of all of this is... it's still used and still worth being discussed
Back to my original point. POWER and RISC-V have their niches, VIA's just clinging on to marketshare ready to be lost to Atom.

Yeah, because using VIA's x86 processors would make the ATMs non-x86.

>You've got a point but I don't see Nvidia putting effort into POWER without them seeing it pay off
But shit, in this market you pretty much only need to sell a handful of systems to make it pay off. Are they really investing in POWER, or are they investing in IBM's ability to sell systems no matter what architecture they slap in them?
>HPC's been dying since 2000?
Your comment doesn't really make sense if HPC was what you meant by "beefy arch market," since HPC's been overwhelmingly dominated by commodity hardware for well over a decade now. POWER's hardly "beefy" or really anything but comatose there.
>I mean you can keep calling numbers into play but I think POWER's as much of a force in HPC as Fortran is. It's always claimed to be dying/dead but it never goes anywhere.
You could have said the same about SPARC only a few years ago, now what? Staying on life support on the backs of long time customers doesn't equate to relevancy. The platform's just not growing. Sure, it'll continue to win a handful of publicized contracts here and there and maybe stay alive for another 10 or more years, but does that really make it the juggernaut you seem to be making it out to be?
>VIA's just clinging on to marketshare ready to be lost to Atom.
And POWER isn't just clinging onto marketshare ready to be lost to Xeon and EPYC? Come on, man.

>But shit, in this market you pretty much only need to sell a handful of systems to make it pay off. Are they really investing in POWER, or are they investing in IBM's ability to sell systems no matter what architecture they slap in them?
I'd say they're investing in POWER, I'm sure you'd say otherwise
>Your comment doesn't really make sense if HPC was what you meant by "beefy arch market," since HPC's been overwhelmingly dominated by commodity hardware for well over a decade now. POWER's hardly "beefy" or really anything but comatose there.
Commodity hardware may be less beefy but has the advantage of being commodity hardware.
>Sure, it'll continue to win a handful of publicized contracts here and there and maybe stay alive for another 10 or more years
The same's been said about Fortran for decades.
>And POWER isn't just clinging onto marketshare ready to be lost to Xeon and EPYC? Come on, man.
It's got its place.