On May 1, 2017, at 8:16 PM, Mirimir <mirimir@riseup.net> wrote:
On 05/01/2017 11:21 AM, Ryan Carboni wrote: https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platf...
First a little bit of background. SemiAccurate has known about this vulnerability for literally years now, it came up in research we were doing on hardware backdoors over five years ago. What we found was scary on a level that literally kept us up at night. For obvious reasons we couldn’t publish what we found out but we took every opportunity to beg anyone who could even tangentially influence the right people to do something about this security problem. SemiAccurate explained the problem to literally dozens of “right people” to seemingly no avail. We also strongly hinted that it existed at every chance we had.
...
The problem is quite simple, the ME controls the network ports and has DMA access to the system. It can arbitrarily read and write to any memory or storage on the system, can bypass disk encryption once it is unlocked (and possibly if it has not, SemiAccurate hasn’t been able to 100% verify this capability yet), read and write to the screen, and do all of this completely unlogged. Due to the network access abilities, it can also send whatever it finds out to wherever it wants, encrypted or not.
keep in mind, just how many computers run Intel. We don't backdoor encryption. We backdoor everything.
We should have adopted the Clipper chip.
;)
Another useful quote from SemiAccurate:
| The short version is that every Intel platform with AMT, ISM, and | SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely | exploitable security hole in the ME (Management Engine) not CPU | firmware. If this isn’t scary enough news, even if your machine | doesn’t have SMT, ISM, or SBT provisioned, it is still vulnerable, | just not over the network. For the moment. From what SemiAccurate | gathers, there is literally no Intel box made in the last 9+ years | that isn’t at risk. This is somewhere between nightmarish and | apocalyptic.[/QUOTE]
According to Intel:
| There is an escalation of privilege vulnerability in Intel® Active | Management Technology (AMT), Intel® Standard Manageability (ISM), | and Intel® Small Business Technology versions firmware versions | 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an | unprivileged attacker to gain control of the manageability features | provided by these products. This vulnerability does not exist on | Intel-based consumer PCs.
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
You can check your CPUs for vPro etc at https://ark.intel.com/#@Processors
Intel's mitigation guide: https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Gui...
Makes me want to boot a few of my netra t1s up ;). That 440mhz SPARC cpu is just a little slow...