who are the right people?
Ryan Carboni
ryacko at gmail.com
Mon May 1 15:21:52 PDT 2017
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
> First a little bit of background. SemiAccurate has known about this
vulnerability for literally years now, it came up in research we were doing
on hardware backdoors over five years ago. What we found was scary on a
level that literally kept us up at night. For obvious reasons we couldn’t
publish what we found out but we took every opportunity to beg anyone who
could even tangentially influence the right people to do something about
this security problem. SemiAccurate explained the problem to literally
dozens of “right people” to seemingly no avail. We also strongly hinted
that it existed at every chance we had.
...
> The problem is quite simple, the ME controls the network ports and has
DMA access to the system. It can arbitrarily read and write to any memory
or storage on the system, can bypass disk encryption once it is unlocked
(and possibly if it has not, SemiAccurate hasn’t been able to 100% verify
this capability yet), read and write to the screen, and do all of this
completely unlogged. Due to the network access abilities, it can also send
whatever it finds out to wherever it wants, encrypted or not.
keep in mind, just how many computers run Intel. We don't backdoor
encryption. We backdoor everything.
We should have adopted the Clipper chip.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1690 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170501/4d504fcf/attachment.txt>
More information about the cypherpunks
mailing list