Intel ME controller chip has secret kill switch

For discussions about security.
Post Reply
Message
Author
cthisbear
Posts: 4422
Joined: Sun 29 Jan 2006, 22:07
Location: Sydney Australia

Intel ME controller chip has secret kill switch

#1 Post by cthisbear »

Intel ME controller chip has secret kill switch

http://www.theregister.co.uk/2017/08/29 ... _disabled/

" Security researchers at Moscow-based Positive Technologies have identified
an undocumented configuration setting that disables Intel Management Engine 11, a CPU control mechanism that has been described as a
security risk. "

Chris.

User avatar
souleau
Posts: 148
Joined: Sun 23 Oct 2016, 15:24

#2 Post by souleau »

From the article:
Positive Technologies in its blog post acknowledged that it would be typical for government agencies to want to reduce the possibility of unauthorized access.
Yes. It is also typical for certain government agencies to ensure the possibility of unauthorized access.

I think I'll leave it at that.

Puppyt
Posts: 907
Joined: Fri 09 May 2008, 23:37
Location: Moorooka, Queensland
Contact:

#3 Post by Puppyt »

https://www.notebookcheck.net/Eureka-Th ... 922.0.html
so a silver lining is on the cards. Horizon? Whatever - you get my drift. Thank goodness for our Guardians of Democracy at the NSA, eh? Eh?? When cthisbear posted the OP I had been wrangling with a refurbished Win7 laptop (now with several Puppy flavours dual-booting) when I noticed some strange Intel AMT stuff crop up in updates I didn't actually recall giving the OK for. So my BS-meter was already sensitized to Intel's shifty machinations. I wonder whether going "native" with Coreboot etc would help to ship this sort of commercialized duplicity into the latrine trench were it all belongs?
Search engines for Puppy
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#4 Post by Burn_IT »

It is almost llike the government/security people insist on having back doors built in to products with the intention of them being discovered/leaked just to justify their own existence.!!!! :roll:
"Just think of it as leaving early to avoid the rush" - T Pratchett

april

#5 Post by april »

You can make light of it and joke around but really it has profound effects on what manufacturers of phones ,tablets,computers,TVs and all electronics gear are producing.

Consider say the arduino microprocessor and any others really as an example of a chip. This is an Atmel AVR chip but you can safely bet that this has similar built in hardware if Intel are doing it.

You buy one ,build a device and place on it hex code you have developed over 20 years say and have paid thousands or even millions to develop only to find the chip you trusted to hold that code can be looked at over the internet and they can take a full copy of the hex code .

Thats pretty damn despicable behaviour by anyone no matter what their so called justification. Thats "CRIMINAL BEHAVIOUR" from the yanks.
Last edited by april on Thu 31 Aug 2017, 17:11, edited 1 time in total.

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#6 Post by Burn_IT »

You can make light of it and joke around
Have you never heard of IRONY??
"Just think of it as leaving early to avoid the rush" - T Pratchett

april

#7 Post by april »

Burn_IT wrote:
You can make light of it and joke around
Have you never heard of IRONY??
Not in this context . Its just not funny or ironic . Its just bloody fraud and theft by deceipt.
They are quite prepared to kill inocent people too to justify their ends . Makes you wonder where they are taking the world in general and more specifically who it will be that stops them?

april

#8 Post by april »

Puppyt wrote:https://www.notebookcheck.net/Eureka-Th ... 922.0.html
I wonder whether going "native" with Coreboot etc would help to ship this sort of commercialized duplicity into the latrine trench were it all belongs?
I didn't know of Coreboot can you recommend a good site to read up on it. ?
coreboot, formerly known as LinuxBIOS, is a software project aimed at replacing proprietary firmware found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.More at Wikipedia
If the above intel stuff boots up anyway each time the hardware boots then surely whichever BIOS, or UEFI nowadays ,you use its still gong to be there isn't it?
Reading the above links tells me it can run its own server and access any memory location without the operating system ,and thus the firewall ,being aware.

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#9 Post by Burn_IT »

I was being ironic suggesting that it was accidental.
Of COURSE the back doors are there by design and demand of governments.

In this case the it IS a complete OS hidden in the chip and was put there so that Intel and whoever else has access could UPDATE the firmware without having to worry about what the user had running on the chip (including any security software). It will start as soon as power is applied and will be invisible to and not accessible by any normal processes.

There are pretty much ALWAYS going to be back doors into code of any sort.
In many cases they will never be used or even made known because they would have been put there by the original designer in order to facilitate the correction of the errors that will always also be there - no matter how well the system is designed.
I know I have left back doors into many systems I've worked on - some under orders and some for my own protection.

The usual and biggest one is a developers password. [/i]
"Just think of it as leaving early to avoid the rush" - T Pratchett

Puppyt
Posts: 907
Joined: Fri 09 May 2008, 23:37
Location: Moorooka, Queensland
Contact:

#10 Post by Puppyt »

Thanks april for your earlier message
april wrote:<snip>
I didn't know of Coreboot can you recommend a good site to read up on it. ?
coreboot, formerly known as LinuxBIOS, is a software project aimed at replacing proprietary firmware found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.More at Wikipedia
If the above intel stuff boots up anyway each time the hardware boots then surely whichever BIOS, or UEFI nowadays ,you use its still gong to be there isn't it?
Reading the above links tells me it can run its own server and access any memory location without the operating system ,and thus the firewall ,being aware.
...yes it was a fruitlessly quixotic thought I had, as outlined here with a bit of research https://www.coreboot.org/Intel_Management_Engine and you are quite correct, the rot is already in the foundations it seems. The coreboot list summarizes a pretty good argument of "what NOT to buy" laptops if one were concerned about working on proprietary information or intellectual property. I wonder what backdoors AMD might have in their chipsets?

EDIT: https://www.coreboot.org/users.html outlines coreboot's philosophy to eliminate "backdoors and '80's cruft", and provides further working solutions for isolating yourself (i.e., intellectual property etc) from Intel Management Engine incursions. (Whups Freudian slip - incursions via Intel Management Engine)
Search engines for Puppy
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...

april

#11 Post by april »

I see thanks "Toady"

Time to leave the toads and stop the Narvua Sedge . Cattle paddocks are going down at a frightful rate . 50% loss of production of edible grass for ruminants.
Last edited by april on Sat 02 Sep 2017, 22:21, edited 2 times in total.

april

#12 Post by april »

Burn_IT wrote:[There are pretty much ALWAYS going to be back doors into code of any sort.
In many cases they will never be used or even made known because they would have been put there by the original designer in order to facilitate the correction of the errors that will always also be there - no matter how well the system is designed.
I know I have left back doors into many systems I've worked on - some under orders and some for my own protection.

The usual and biggest one is a developers password. [/i]
Hmm I don't feel that is needed . Fine while the code is being developed it has to be but once released to the public it can't be altered ,or shouldn't be,so it should be left out on final release. Any changes necessary after that are done by releasing a patch or the next release .

User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#13 Post by Burn_IT »

You obviously have not had to support many pieces of software!!
I can't count the times I've been rung up in the middle of the night and some large institution is pannicking because their critical system is down and their own support staff are on holiday and cannot be contacted.
The hardest part is convincing them that you were told their password and remember it. In some cases I have had to refuse to help even though I could.
"Just think of it as leaving early to avoid the rush" - T Pratchett

april

#14 Post by april »

Whatever

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#15 Post by 8Geee »

The day the wpa2 supplicant KRACK vunerability gets released to vendors comes this revelation as Original Post.

hmmmmm
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Post Reply