Published in Cloud

BadRAM blunder

by on11 December 2024
BadRAM blunder


AMD’s 'Secure' chips exposed by a blackberry

AMD’s much-hyped “Secure Encrypted Virtualization” (SEV-SNP) tech—marketed as a fortress for cloud data—has been laid bare by an attack so laughably low-budget it makes a shoestring look extravagant. 

Dubbed "BadRAM" (because apparently, the naming committee was out to lunch at the time), this proof-of-concept attack was unveiled by a team of international researchers who, for the price of a large coffee, managed to blow AMD's security promises out of the water.

According to Ars Technica a chip designed to fend off the world's savviest hackers crumbles if someone sticks a Raspberry Pi to a DIMM chip and gives it a stern talking-to. 

For those who came in late, SEV-SNP, AMD's poster child for privacy in cloud computing, was supposed to be the gold standard. It encrypts virtual machine (VM) memory, promising that the precious cryptographic keys would remain a mystery even if some shady admin physically tampers with the server or loads it up with malware. AMD boasted that a VM admin could rest easy knowing no one—not a nosy cloud worker, nor a hacker, nor even Big Brother with a warrant—could pry open the vault. 

However, if the vault door can be jimmied open with $10 in off-the-shelf gear, the whole “trust us, it’s secure” sales pitch takes a bit of a hit. 

The researchers fiddled with the SPD chip on a DIMM (the tiny memory stick that sits in servers), tricking it into thinking it’s twice as capacious as it really is. This sneaky manoeuvre lets an attacker create “ghost bits” in memory—phantom addresses that fool the CPU into letting them peek at sensitive encrypted data.   

Once inside, the attacker can: 

1. Read and write protected memory. 

2. Fake cryptographic hashes. 

3. Backdoor a VM without triggering alarms. 

All this with a bit of Raspberry Pi magic and, in some cases, pure software. AMD’s SEV-SNP, sold as an impenetrable bastion, suddenly feels about as secure as a screen door on a submarine. 

AMD is keen to downplay the drama. In a statement, they point out that the attack requires physical access to the server (phew!) or kernel-level OS access (oh no). They also urge users to buy DIMMs that lock down their SPD chips. Apparently, expecting memory manufacturers to make their hardware secure is not baked into the SEV ecosystem’s grand design. 

Still, to their credit, AMD’s already issued patches to mitigate the problem. They also promise that the fix comes with "no performance penalties" unless you count the additional boot time needed to shuffle around all the ghost bits. 

The real star here, of course, is the humble Raspberry Pi, proving once again that it’s not just for nerdy DIY projects and teaching kids to code. Who knew it could moonlight as a  cheap hammer to shatter AMD’s carefully constructed glass house of security? 

For cloud providers like Amazon, Google, and Microsoft, who bet heavily on AMD’s SEV tech to secure their servers, BadRAM is a wake-up call—and not the gentle kind. When your state-of-the-art hardware can be undone by a glorified hobby kit, confidence in “secure virtualization” takes a nosedive. 

While researchers assure us that AMD’s fixes will keep most attackers at bay (for now), the BadRAM saga is a stark reminder that even the most sophisticated systems are only as secure as their weakest link. And when that link is an SPD chip designed for convenience rather than security, the whole house of cards comes tumbling down. 

Last modified on 11 December 2024
Rate this item
(2 votes)
Tagged under
More in this category: « Outift which shamed Apple does the same to Amazon Nokia and Elisa complete 5G Cloud RAN deployment »
back to top

Latest comments

Read more about: