The article lacks a lot of information unfortunately, but it makes it sound like the website (distribution channel) was the only part they are concerned about, which wouldn't be classed as major.
What I'd class as major would be some third party gaining access to NVIDIA's RTL designs and source code for their drivers for current and unreleased GPUs, but this hack doesn't sound remotely close to that. Luckily.
> the website (distribution channel) was the only part they are concerned about, which wouldn't be classed as major
By whom? I'd certainly class it as major if their website could distribute malware instead of the real drivers, as that impacts everyone. Stealing nvidia's proprietary designs impacts only them.
I visited that page a few days ago to setup a new system which is, at the same time, supposed to be very secure (the proprietary drivers being one of the weak points indeed, but can't quite get around that if the GPU is to be fully functional). If this was compromised then I can start over and have a bunch of passwords and private keys to rotate.
> What I'd class as major would be some third party gaining access to NVIDIA's RTL designs and source code for their drivers
Ransomware operators are not that clever, they go for low hanging fruit. I mean, yeah, by all means, do recon on a system you just pwned and try to do a supply chain attack, but it's outside the range of these operators. They only have a hammer, and everything just looks like a nail.
Even if they get the RTL I'm not sure how useful those would be. While Russia does have semiconductor fabs, apparently their smallest node is around 65nm, completely useless for the large designs current NVidia GPUs use. At best they could have them made at a fab in mainland China, but even there the smallest node is only 14nm.
Putting on my Paranoia hat: what if some aggressor indeed was able to introduce code into the Nvidia drivers, which - if put on enough systems - would cripple the ability to (re-)train Ai systems which might be used in military defense systems. What if - even worse - people decided to use Nvidia hardware in the inference systems as well…
> would cripple the ability to (re-)train Ai systems which might be used in military defense systems.
Crippling use-cases is quite difficult: how could you distinguish at hardware/firmware-level object detection for fighter jets vs object detection for cars. Under the hood everything is just a bunch of compute units with extremely wide ALUs. I would even say, it's next to impossible to cripple "AI" without crippling graphics engines and most GPGPU kernels.
EDIT: Ah, you meant drivers. Yeah, that's perhaps more doable (since the OS can provide context on the calling application), also more detectable by the end-users: many people diff drivers to find patched vulnerabilities, security researchers would eventually notice it.
This has always been a problem. Third party closed source OS components are a massive security risk. Te people of the next century will look back on us as barbarians.
> Another major concern is that NVIDIA will now have to ensure that their services and the software they are providing to end-users is entirely free of any viruses or malicious code that could affect them.
I don't know, things like this just show how great it is to put unknown code into your kernel.
Well, it has potential for a singularly unpleasant watering hole attack, few states have a blindingly obvious track record of it, and exactly one of those is in the acute phase of open acts of aggression warfare...
Seems pretty clear what's the highest priority working hypothesis until the evidence is in.
Number two could well be entertaining ideas about shaving a couple of items off their conquest list while the action is keeping the World busy though, and if so both trojanizing a particularly poorly defended part of billions of computing devices worldwide and securing fuller access to software and plans for "AI accelerators" would seem desirable.
DRAGONERO|4 years ago
What I'd class as major would be some third party gaining access to NVIDIA's RTL designs and source code for their drivers for current and unreleased GPUs, but this hack doesn't sound remotely close to that. Luckily.
lucb1e|4 years ago
By whom? I'd certainly class it as major if their website could distribute malware instead of the real drivers, as that impacts everyone. Stealing nvidia's proprietary designs impacts only them.
I visited that page a few days ago to setup a new system which is, at the same time, supposed to be very secure (the proprietary drivers being one of the weak points indeed, but can't quite get around that if the GPU is to be fully functional). If this was compromised then I can start over and have a bunch of passwords and private keys to rotate.
WallyFunk|4 years ago
Ransomware operators are not that clever, they go for low hanging fruit. I mean, yeah, by all means, do recon on a system you just pwned and try to do a supply chain attack, but it's outside the range of these operators. They only have a hammer, and everything just looks like a nail.
ginko|4 years ago
alangibson|4 years ago
/humor
prohobo|4 years ago
unknown|4 years ago
[deleted]
james-redwood|4 years ago
annadane|4 years ago
"Ammunition of Mass Destruction?"
"No..."
technonerd|4 years ago
LAPSU$ extortion group, a group operating out of South America, claim to have breached NVIDIA and exfiltrated over 1TB of proprietary data.
LAPSU$ claims NVIDIA performed a hack back and states NVIDIA has successfully* ransomed their machines.
doubtfuluser|4 years ago
Putting down the paranoia hat. Happy weekend.
ethbr0|4 years ago
Not sure you're familiar with defense update and release schedules. As long as this gets fixed sometime in the next 5+ years, everything will be fine.
AlexAltea|4 years ago
Crippling use-cases is quite difficult: how could you distinguish at hardware/firmware-level object detection for fighter jets vs object detection for cars. Under the hood everything is just a bunch of compute units with extremely wide ALUs. I would even say, it's next to impossible to cripple "AI" without crippling graphics engines and most GPGPU kernels.
EDIT: Ah, you meant drivers. Yeah, that's perhaps more doable (since the OS can provide context on the calling application), also more detectable by the end-users: many people diff drivers to find patched vulnerabilities, security researchers would eventually notice it.
ganzuul|4 years ago
It's not a very good hat, honestly.
Melio|4 years ago
It's just nothing someone can just do. And there is also nothing which will prevent Nvidia to debug the ml issue and revert the change.
pinephoneguy|4 years ago
marcodiego|4 years ago
zamalek|4 years ago
I don't know, things like this just show how great it is to put unknown code into your kernel.
amelius|4 years ago
etiam|4 years ago
Number two could well be entertaining ideas about shaving a couple of items off their conquest list while the action is keeping the World busy though, and if so both trojanizing a particularly poorly defended part of billions of computing devices worldwide and securing fuller access to software and plans for "AI accelerators" would seem desirable.
rmbyrro|4 years ago