Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Intel and backdoors
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
JackHunt
n00b
n00b


Joined: 21 Aug 2016
Posts: 46
Location: Oxfordshire, England

PostPosted: Mon Nov 13, 2017 9:33 am    Post subject: Reply with quote

Bones McCracker wrote:
Sounds like a bunch of gobbledygook to me. You guys are just paranoid, and I'm sure this stuff is perfectly safe to use. As Obama said, "If you can't trust us, we gotta problem.". You probably think the moon landing was fake too.


Even if there is an NSA, GCHQ, etc "backdoor" then it doesn't bother me too much. I highly doubt it would be used to spy on citizens Stasi style. If anything it could be a positive when investigating genuine persons of interest.

The tangible world is policed, so why shouldn't the cyber world be too?
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Mon Nov 13, 2017 10:04 am    Post subject: Reply with quote

Actually the hello message sent by AMT when it switches from factory mode to setup mode is exploitable by hacker/viruses, so probably it is not a bad idea to check if AMT was burned in the firmware of your MB and eventually turn it off in the bios.
_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 17402

PostPosted: Wed Nov 22, 2017 6:35 am    Post subject: Reply with quote

erm67 wrote:
How do you know there is backdoor? Did someone find an exploit, or actually get their hands on the real firmware?
By design it is essentially a back door. Being unaware of exploits doesn't mean they don't exist, and odds are in favor that they do exist.

Intel warns of serious Management Engine vulnerabilities
_________________
Slowly I turned. Step by step.
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Wed Nov 22, 2017 1:09 pm    Post subject: Reply with quote

It's a remote management module what else could it be :lol: :lol: :lol: :lol:

If someone buys a PC that can be remotely managed and than compains it has a backdor is just making a fool of himself. How the fuck can a PC be remotely managed without a backdoor?

Some people claim AMT is installed and activated on some systems without being advertised but that is not proved, on my Intel systems it is not active, I check my network regularly. I fail to see proof that AMT is installed, enabled and active on systems not advertised as being capable of remote management and without the knowledge of the users.

Still 90% FUD

Quote:
Intel's Active Management Technology (AMT), a remote maintenance platform targeting enterprise users managing scores of client systems.


Code:
[erm67@lenovoB590 intel]$ sudo ./intel_sa00086.py
[sudo] password di erm67:
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-22 13:20:53 GMT

*** Host Computer Information ***
Name: xxxxxxx
Manufacturer: LENOVO
Model: xxxxxxx
Processor Name: Intel(R) Pentium(R) CPU
OS Version: Fedora 27 Twenty Seven (4.13.6-300.fc27.x86_64)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 8.1.0.1248
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 17402

PostPosted: Wed Nov 22, 2017 4:33 pm    Post subject: Reply with quote

erm67 wrote:
Still 90% FUD
lol
_________________
Slowly I turned. Step by step.
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Wed Nov 22, 2017 8:58 pm    Post subject: Reply with quote

Quote:
In short: It's a serious flaw, and one which affects almost every platform Intel has released in recent years. Any machine running a 6th, 7th, or 8th generation Intel Core processor, Intel Xeon E3-1200 v5 or v6, Xeon Processor Scalable, Xeon Processor W, Atom C3000, Apollo Lake-based Atom or Pentium, or a Celeron N or J series processor is vulnerable to attack, the company has confirmed.


This mean only systems produced after 2015 are vulnerable to the various CVEs, and only some of them are vulnerable to unpriviliged remote exploits (the NSA backdoor in AMT). There are trolls even here claiming that every intel system ever produced can be remotely owned, if that's not 90% FUD how do you call it?
_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 17402

PostPosted: Wed Nov 22, 2017 9:35 pm    Post subject: Reply with quote

erm67 wrote:
There are trolls even here claiming that every intel system ever produced can be remotely owned, if that's not 90% FUD how do you call it?
Unrelated to the issue at best, and at worst, trolling or being misinformed. Dismissal of the problem seems a lot like reverse FUD. It doesn't matter if it isn't a problem on CPUs which are no longer used. Which organizations buy new CPUs in greater number and frequency? Those with a lot of money. Which also happen to mostly be the organizations containing the data most likely to be at risk.
_________________
Slowly I turned. Step by step.
Back to top
View user's profile Send private message
bunder
Bodhisattva
Bodhisattva


Joined: 10 Apr 2004
Posts: 5691

PostPosted: Fri Dec 01, 2017 10:40 am    Post subject: Reply with quote

http://blog.system76.com/post/168050597573/system76-me-firmware-updates-plan

major takeaways:

Quote:
System76 will automatically deliver updated firmware with a disabled ME on Intel 6th, 7th, and 8th Gen laptops. The ME provides no functionality for System76 laptop customers and is safe to disable.


Quote:
System76 will not disable the ME on desktops but will provide updated ME firmware
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5440
Location: Removed by Neddy

PostPosted: Fri Dec 01, 2017 12:04 pm    Post subject: Reply with quote

yer I saw that this morning.

So they are automatically disabling for laptops BUT not for desktops... The difference is on laptops it provides no functionality ... so what functionality does it serve on desktops? at least they are providing the option to disable
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Fri Dec 01, 2017 2:14 pm    Post subject: Reply with quote

https://libreboot.org/faq.html#intelme

It allegedly provide HW DRM to decode RIAA IP:
https://www.extremetech.com/extreme/204319-windows-10s-playready-3-0-mandates-hardware-drm-for-4k-playback

Recently google, amazon and other are pushing to move the secure HW DRM into the CPU to avoid it will be disabled, so the next backdoor will be built in the CPU iself


System76 hack is not fully supported:
Quote:
“One of the fields, called “reserve_hap”, drew our attention because there was a comment next to it: “High Assurance Platform (HAP) enable.” continues the analysis. “Googling did not take long. The second search result said that the name belongs to a trusted platform program linked to the U.S. National Security Agency (NSA). A graphics-rich presentation describing the program can be found here.”

Below the statement released by Intel in response to a request for comment.

“In response to requests from customers with specialized requirements we sometimes explore the modification or disabling of certain features,” Intel’s spokesperson said. “In this case, the modifications were made at the request of equipment manufacturers in support of their customer’s evaluation of the US government’s ‘High Assurance Platform’ program. These modifications underwent a limited validation cycle and are not an officially supported configuration.”


It will work only with Ubuntu linux and a special driver that prevents the computer from shutting down wihout a reason .... (very likely off-tree)

What is unclear is why everybody gets excited about Intel ME but don't care about similar processor built into https://libreboot.org/faq.html#amd or ARM.
_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
bunder
Bodhisattva
Bodhisattva


Joined: 10 Apr 2004
Posts: 5691

PostPosted: Sat Dec 02, 2017 7:56 am    Post subject: Reply with quote

erm67 wrote:
It allegedly provide HW DRM to decode RIAA IP:
https://www.extremetech.com/extreme/204319-windows-10s-playready-3-0-mandates-hardware-drm-for-4k-playback

Recently google, amazon and other are pushing to move the secure HW DRM into the CPU to avoid it will be disabled, so the next backdoor will be built in the CPU iself


HDCP is nothing new. It's been going on for years. They just don't want you plugging a bluray player into a ripping machine. I don't see the big deal personally. :?
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Sat Dec 02, 2017 10:12 am    Post subject: Reply with quote

More proof the secret nsa key to disable intel me was created for Dell:

https://www.reddit.com/r/linuxhardware/comments/7grglm/how_to_buy_a_dell_laptop_with_the_intel_me/
_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5440
Location: Removed by Neddy

PostPosted: Thu Dec 07, 2017 5:05 pm    Post subject: Reply with quote

erm67 wrote:


What is unclear is why everybody gets excited about Intel ME but don't care about similar processor built into https://libreboot.org/faq.html#amd or ARM.


Well apparently AMD are now exposing the PSP to the end user so they can disable (whether it really is disabled is another thing)

https://www.reddit.com/r/linuxmasterrace/comments/7i6kl7/amd_listened_to_us_and_added_a_psp_disable_option/?st=jawq1tt4&sh=eacf3aa8
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 17402

PostPosted: Thu Dec 07, 2017 5:30 pm    Post subject: Reply with quote

Nice. Hopefully it can be verified. I wasn't planning an upgrade, but now I'm going to have to consider it.
_________________
Slowly I turned. Step by step.
Back to top
View user's profile Send private message
erm67
Apprentice
Apprentice


Joined: 01 Nov 2005
Posts: 230
Location: Where the black men cannot enter

PostPosted: Sun Dec 10, 2017 8:40 am    Post subject: Reply with quote

http://www.ipwatchdog.com/2017/12/02/supplying-legal-notices-free-software/

Quote:
he CPU inside your computer contains its own software installed by the CPU manufacturer. This software is used to bootstrap your computer, for example by configuring the hardware before control is handed over to the operating system. To provide for remote management this software can also run after bootstrap, while you are using your computer. For recent Intel CPUs, security researchers have shown that the remote management software is probably running its own operating system based on Minix 3 which is released under a Free Software licence. This license, like many other Free Software licenses, require a legal notice to be given to the recipient when the software is distributed. Alas, it seems like Intel has not done so and as a result the distribution of Minix 3 inside the recent Intel CPUs could be copyright infringement.

_________________
True ignorance is not the absence of knowledge, but the refusal to acquire it.
A posse ad esse non valet consequentia
Πάντα ῥεῖ
Back to top
View user's profile Send private message
Naib
Watchman
Watchman


Joined: 21 May 2004
Posts: 5440
Location: Removed by Neddy

PostPosted: Sun Dec 10, 2017 9:31 am    Post subject: Reply with quote

erm67 wrote:
http://www.ipwatchdog.com/2017/12/02/supplying-legal-notices-free-software/

Quote:
he CPU inside your computer contains its own software installed by the CPU manufacturer. This software is used to bootstrap your computer, for example by configuring the hardware before control is handed over to the operating system. To provide for remote management this software can also run after bootstrap, while you are using your computer. For recent Intel CPUs, security researchers have shown that the remote management software is probably running its own operating system based on Minix 3 which is released under a Free Software licence. This license, like many other Free Software licenses, require a legal notice to be given to the recipient when the software is distributed. Alas, it seems like Intel has not done so and as a result the distribution of Minix 3 inside the recent Intel CPUs could be copyright infringement.
:lol: :lol: :lol: :lol: he should sue $10 per CPU sold
_________________
The best argument against democracy is a five-minute conversation with the average voter
Great Britain is a republic, with a hereditary president, while the United States is a monarchy with an elective king
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum