Lobz Lemmy
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
RobotToaster@mander.xyz to Technology@lemmy.worldEnglish · 27 days ago

AMD silently removes memory encryption from consumer Ryzen CPUs, leaving users unaware that they may be vulnerable

www.tomshardware.com

external-link
message-square
22
link
fedilink
  • cross-posted to:
  • hackernews@lemmy.bestiver.se
145
external-link

AMD silently removes memory encryption from consumer Ryzen CPUs, leaving users unaware that they may be vulnerable

www.tomshardware.com

RobotToaster@mander.xyz to Technology@lemmy.worldEnglish · 27 days ago
message-square
22
link
fedilink
  • cross-posted to:
  • hackernews@lemmy.bestiver.se
AMD silently removes memory encryption from consumer Ryzen CPUs, leaving users unaware that they may be vulnerable — security feature vanishes after newer AGESA firmware, AMD engineers go radio silent when pressed about the change
www.tomshardware.com
external-link
AMD engineer shuts down discussions on the issue
  • unexposedhazard@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    27 days ago

    The article isnt very clear on this, but did they actually remove a critical feature from already sold products? Surely they can be sued for that?

    • frongt@lemmy.zip
      link
      fedilink
      English
      arrow-up
      45
      arrow-down
      2
      ·
      27 days ago

      Tom’s is trash and should be banned. The original Ars article it mentions is better: https://arstechnica.com/security/2026/06/users-cry-foul-after-amd-stripped-memory-crypto-from-its-consumer-cpus/

      Sounds like it was never really supported, but available. With the new BIOS update it’s no longer available.

      • Mihies@programming.dev
        link
        fedilink
        English
        arrow-up
        15
        ·
        27 days ago

        If that’s the case, AMD shouldn’t have problems saying so. Although it’s still a very bad move from their part.

        • frongt@lemmy.zip
          link
          fedilink
          English
          arrow-up
          7
          ·
          27 days ago

          I suspect lawyers are involved.

          • Mihies@programming.dev
            link
            fedilink
            English
            arrow-up
            4
            ·
            27 days ago

            Probably. Also PR to limit damages.

    • MalReynolds@slrpnk.net
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      27 days ago

      Eh, it protects against a certain class of attack when the attacker has physical access e.g. reading memory with memory probes while the computer is (still) on to get passwords etc., i.e. sophisticated attackers like customs, FBI. If they have physical access you’re probably hosed anyway, but if you have the presence of mind to shut the machine off (not sleep, hard off if needed) memory encryption becomes irrelevant.

      • frongt@lemmy.zip
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        27 days ago

        That is not correct. Data can persist in RAM even when powered off, especially if the sticks are frozen. https://en.wikipedia.org/wiki/Cold_boot_attack

        • MalReynolds@slrpnk.net
          link
          fedilink
          English
          arrow-up
          4
          ·
          27 days ago

          Ah, thanks, I stand corrected. Still a good practice.

        • Janx@piefed.social
          link
          fedilink
          English
          arrow-up
          3
          ·
          27 days ago

          Isn’t that attack only viable within minutes of a machine being powered down? That seems like a huge caveat…

        • Left as Center@jlai.lu
          link
          fedilink
          English
          arrow-up
          1
          ·
          27 days ago

          TIL. Thanks.

Technology@lemmy.world

technology@lemmy.world

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


  • @L4s@lemmy.world
  • @autotldr@lemmings.world
  • @PipedLinkBot@feddit.rocks
  • @wikibot@lemmy.world
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 123 users / day
  • 917 users / week
  • 7.57K users / month
  • 23K users / 6 months
  • 1 local subscriber
  • 85.5K subscribers
  • 2.78K Posts
  • 70K Comments
  • Modlog
  • mods:
  • L3s@lemmy.world
  • enu@lemmy.world
  • Technopagan@lemmy.world
  • L4sBot@lemmy.world
  • L3s@hackingne.ws
  • BE: 0.19.16
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org