Intel ME: NSA HAP Switch [re: hidden/undocumented instructions]
grarpamp
grarpamp at gmail.com
Sun Sep 3 21:09:05 PDT 2017
http://fm.csl.sri.com/LAW/2009/dobry-law09-HAP-Challenges.pdf
---------- Forwarded message ----------
From: Henry Baker <hbaker1 at pipeline.com>
Date: Tue, Aug 29, 2017 at 7:51 AM
Subject: Re: [Cryptography] How to find hidden/undocumented instructions
To: cryptography at metzdowd.com
FYI --
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
https://www.theregister.co.uk/2017/08/29/intel_management_engine_can_be_disabled/
Intel ME controller chip has secret kill switch
Researchers find undocumented accommodation for government customers
By Thomas Claburn in San Francisco 29 Aug 2017 at 00:12
Security researchers at Moscow-based Positive Technologies have
identified an undocumented configuration setting that disables Intel
Management Engine 11, a CPU control mechanism that has been described
as a security risk.
Intel's ME consists of a microcontroller that works with the Platform
Controller Hub chip, in conjunction with integrated peripherals. It
handles much of the data travelling between the processor and external
devices, and thus has access to most of the data on the host computer.
If compromised, it becomes a backdoor, giving an attacker control over
the affected device.
That possibility set off alarms in May, with the disclosure of a
vulnerabilityin Intel's Active Management Technology, a firmware
application that runs on the Intel ME.
The revelation prompted calls for a way to disable the poorly
understood hardware. At the time, the Electronic Frontier Foundation
called it a security hazard. The tech advocacy group demanded a way
to disable "the undocumented master controller inside our Intel chips"
and details about how the technology works.
An unofficial workaround called ME Cleaner can partially hobble the
technology, but cannot fully eliminate it. "Intel ME is an
irremovable environment with an obscure signed proprietary firmware,
with full network and memory access, which poses a serious security
threat," the project explains.
On Monday, Positive Technologies researchers Dmitry Sklyarov, Mark
Ermolov, and Maxim Goryachy said they had found a way to turn off the
Intel ME by setting the undocumented HAP bit to 1 in a configuration
file.
HAP stands for high assurance platform. It's an IT security framework
developed by the US National Security Agency, an organization that
might want a way to disable a feature on Intel chips that presents a
security risk.
The Register asked Intel about this and received the same emailed
statement that was provided to Positive Technologies.
"In response to requests from customers with specialized requirements
we sometimes explore the modification or disabling of certain
features," Intel's spokesperson said. "In this case, the
modifications were made at the request of equipment manufacturers in
support of their customer's evaluation of the US government's 'High
Assurance Platform' program. These modifications underwent a limited
validation cycle and are not an officially supported configuration."
Positive Technologies in its blog post acknowledged that it would be
typical for government agencies to want to reduce the possibility of
unauthorized access. It noted that HAP's affect on Boot Guard,
Intel's boot process verification system, remains unknown, though it
hopes to answer that question soon.
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the cypherpunks
mailing list