this post was submitted on 04 Feb 2025
32 points (100.0% liked)

Security

5154 readers
5 users here now

Confidentiality Integrity Availability

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
32
AMD Zen 1 through Zen 4 CPUs use an insecure hash function in the signature validation for microcode updates; researchers released a proof of concept update which makes the RDRAND instruction return 4 (github.com)
submitted 1 day ago* (last edited 1 day ago) by cypherpunks@lemmy.ml to c/security@lemmy.ml
3 comments fedilink hide all child comments
 

for readers missing the significance of the number 4 in the proof of concept: to demonstrate this vulnerability the researchers created a microcode update which replaces the "hardware" random number generator behind the RDRAND instruction with an implementation of xkcd#221 ๐Ÿ˜ญ

you are viewing a single comment's thread
view the rest of the comments
[โ€“] cypherpunks@lemmy.ml 7 points 1 day ago

screenshot of the moment in the 1987 film Spaceballs when President Skroob (Mel Brooks) says "That's amazing! I've got the same combination on my luggage!". (no text)