2.5 Admins 2.5 Admins 235: XKCD221
7 snips
Feb 20, 2025 Discover how Google found a way to run unofficial microcode on AMD CPUs and what that means for security. Dive into the debate around whether end-of-life software should get CVEs. Uncover shocking findings about AI's persuasive powers, surpassing 82% of Reddit users, and its alarming ability to self-replicate. Plus, learn effective strategies for managing SSH keys at scale to bolster cybersecurity. This episode is packed with insights that highlight the intersection of technology and ethics.
AI Snips
Chapters
Transcript
Episode notes
Ryzen 7 2700 Bug
- Jim experienced a microcode bug on his Ryzen 7 2700.
- The RD_RAND instruction returned four, impacting WireGuard.
Google's Microcode Exploit
- Google found a way to run unsigned microcode on AMD CPUs, bypassing security.
- This breaks protections like SEV, allowing access to encrypted VMs.
Cryptographic Security Advice
- Don't roll your own crypto; consult experts in cryptographic security.
- Developers often overestimate their expertise and create insecure solutions.
