Intel ME controller chip has secret kill switch
Intel ME controller chip has secret kill switch
Intel ME controller chip has secret kill switch
http://www.theregister.co.uk/2017/08/29 ... _disabled/
" Security researchers at Moscow-based Positive Technologies have identified
an undocumented configuration setting that disables Intel Management Engine 11, a CPU control mechanism that has been described as a
security risk. "
Chris.
http://www.theregister.co.uk/2017/08/29 ... _disabled/
" Security researchers at Moscow-based Positive Technologies have identified
an undocumented configuration setting that disables Intel Management Engine 11, a CPU control mechanism that has been described as a
security risk. "
Chris.
From the article:
I think I'll leave it at that.
Yes. It is also typical for certain government agencies to ensure the possibility of unauthorized access.Positive Technologies in its blog post acknowledged that it would be typical for government agencies to want to reduce the possibility of unauthorized access.
I think I'll leave it at that.
https://www.notebookcheck.net/Eureka-Th ... 922.0.html
so a silver lining is on the cards. Horizon? Whatever - you get my drift. Thank goodness for our Guardians of Democracy at the NSA, eh? Eh?? When cthisbear posted the OP I had been wrangling with a refurbished Win7 laptop (now with several Puppy flavours dual-booting) when I noticed some strange Intel AMT stuff crop up in updates I didn't actually recall giving the OK for. So my BS-meter was already sensitized to Intel's shifty machinations. I wonder whether going "native" with Coreboot etc would help to ship this sort of commercialized duplicity into the latrine trench were it all belongs?
so a silver lining is on the cards. Horizon? Whatever - you get my drift. Thank goodness for our Guardians of Democracy at the NSA, eh? Eh?? When cthisbear posted the OP I had been wrangling with a refurbished Win7 laptop (now with several Puppy flavours dual-booting) when I noticed some strange Intel AMT stuff crop up in updates I didn't actually recall giving the OK for. So my BS-meter was already sensitized to Intel's shifty machinations. I wonder whether going "native" with Coreboot etc would help to ship this sort of commercialized duplicity into the latrine trench were it all belongs?
Search engines for Puppy
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...
You can make light of it and joke around but really it has profound effects on what manufacturers of phones ,tablets,computers,TVs and all electronics gear are producing.
Consider say the arduino microprocessor and any others really as an example of a chip. This is an Atmel AVR chip but you can safely bet that this has similar built in hardware if Intel are doing it.
You buy one ,build a device and place on it hex code you have developed over 20 years say and have paid thousands or even millions to develop only to find the chip you trusted to hold that code can be looked at over the internet and they can take a full copy of the hex code .
Thats pretty damn despicable behaviour by anyone no matter what their so called justification. Thats "CRIMINAL BEHAVIOUR" from the yanks.
Consider say the arduino microprocessor and any others really as an example of a chip. This is an Atmel AVR chip but you can safely bet that this has similar built in hardware if Intel are doing it.
You buy one ,build a device and place on it hex code you have developed over 20 years say and have paid thousands or even millions to develop only to find the chip you trusted to hold that code can be looked at over the internet and they can take a full copy of the hex code .
Thats pretty damn despicable behaviour by anyone no matter what their so called justification. Thats "CRIMINAL BEHAVIOUR" from the yanks.
Last edited by april on Thu 31 Aug 2017, 17:11, edited 1 time in total.
Not in this context . Its just not funny or ironic . Its just bloody fraud and theft by deceipt.Burn_IT wrote:Have you never heard of IRONY??You can make light of it and joke around
They are quite prepared to kill inocent people too to justify their ends . Makes you wonder where they are taking the world in general and more specifically who it will be that stops them?
I didn't know of Coreboot can you recommend a good site to read up on it. ?Puppyt wrote:https://www.notebookcheck.net/Eureka-Th ... 922.0.html
I wonder whether going "native" with Coreboot etc would help to ship this sort of commercialized duplicity into the latrine trench were it all belongs?
If the above intel stuff boots up anyway each time the hardware boots then surely whichever BIOS, or UEFI nowadays ,you use its still gong to be there isn't it?coreboot, formerly known as LinuxBIOS, is a software project aimed at replacing proprietary firmware found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.More at Wikipedia
Reading the above links tells me it can run its own server and access any memory location without the operating system ,and thus the firewall ,being aware.
I was being ironic suggesting that it was accidental.
Of COURSE the back doors are there by design and demand of governments.
In this case the it IS a complete OS hidden in the chip and was put there so that Intel and whoever else has access could UPDATE the firmware without having to worry about what the user had running on the chip (including any security software). It will start as soon as power is applied and will be invisible to and not accessible by any normal processes.
There are pretty much ALWAYS going to be back doors into code of any sort.
In many cases they will never be used or even made known because they would have been put there by the original designer in order to facilitate the correction of the errors that will always also be there - no matter how well the system is designed.
I know I have left back doors into many systems I've worked on - some under orders and some for my own protection.
The usual and biggest one is a developers password. [/i]
Of COURSE the back doors are there by design and demand of governments.
In this case the it IS a complete OS hidden in the chip and was put there so that Intel and whoever else has access could UPDATE the firmware without having to worry about what the user had running on the chip (including any security software). It will start as soon as power is applied and will be invisible to and not accessible by any normal processes.
There are pretty much ALWAYS going to be back doors into code of any sort.
In many cases they will never be used or even made known because they would have been put there by the original designer in order to facilitate the correction of the errors that will always also be there - no matter how well the system is designed.
I know I have left back doors into many systems I've worked on - some under orders and some for my own protection.
The usual and biggest one is a developers password. [/i]
"Just think of it as leaving early to avoid the rush" - T Pratchett
Thanks april for your earlier message
EDIT: https://www.coreboot.org/users.html outlines coreboot's philosophy to eliminate "backdoors and '80's cruft", and provides further working solutions for isolating yourself (i.e., intellectual property etc) from Intel Management Engine incursions. (Whups Freudian slip - incursions via Intel Management Engine)
...yes it was a fruitlessly quixotic thought I had, as outlined here with a bit of research https://www.coreboot.org/Intel_Management_Engine and you are quite correct, the rot is already in the foundations it seems. The coreboot list summarizes a pretty good argument of "what NOT to buy" laptops if one were concerned about working on proprietary information or intellectual property. I wonder what backdoors AMD might have in their chipsets?april wrote:<snip>
I didn't know of Coreboot can you recommend a good site to read up on it. ?If the above intel stuff boots up anyway each time the hardware boots then surely whichever BIOS, or UEFI nowadays ,you use its still gong to be there isn't it?coreboot, formerly known as LinuxBIOS, is a software project aimed at replacing proprietary firmware found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.More at Wikipedia
Reading the above links tells me it can run its own server and access any memory location without the operating system ,and thus the firewall ,being aware.
EDIT: https://www.coreboot.org/users.html outlines coreboot's philosophy to eliminate "backdoors and '80's cruft", and provides further working solutions for isolating yourself (i.e., intellectual property etc) from Intel Management Engine incursions. (Whups Freudian slip - incursions via Intel Management Engine)
Search engines for Puppy
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...
[url]http://puppylinux.us/psearch.html[/url]; [url=https://cse.google.com/cse?cx=015995643981050743583%3Aabvzbibgzxo&q=#gsc.tab=0]Google Custom Search[/url]; [url]http://wellminded.net63.net/[/url] others TBA...
Hmm I don't feel that is needed . Fine while the code is being developed it has to be but once released to the public it can't be altered ,or shouldn't be,so it should be left out on final release. Any changes necessary after that are done by releasing a patch or the next release .Burn_IT wrote:[There are pretty much ALWAYS going to be back doors into code of any sort.
In many cases they will never be used or even made known because they would have been put there by the original designer in order to facilitate the correction of the errors that will always also be there - no matter how well the system is designed.
I know I have left back doors into many systems I've worked on - some under orders and some for my own protection.
The usual and biggest one is a developers password. [/i]
You obviously have not had to support many pieces of software!!
I can't count the times I've been rung up in the middle of the night and some large institution is pannicking because their critical system is down and their own support staff are on holiday and cannot be contacted.
The hardest part is convincing them that you were told their password and remember it. In some cases I have had to refuse to help even though I could.
I can't count the times I've been rung up in the middle of the night and some large institution is pannicking because their critical system is down and their own support staff are on holiday and cannot be contacted.
The hardest part is convincing them that you were told their password and remember it. In some cases I have had to refuse to help even though I could.
"Just think of it as leaving early to avoid the rush" - T Pratchett