Intel Management System Vulnerability

[ChadD]

https://arstechnica.com/gadgets/202...-severity-bug-that-exposes-a-cpus-master-key/

Well it does require physical access.... but anyone wanna take bets on how long before someone takes this and finds a way to exploit it remotely. lol Intel can't catch a break.
This seems to effect their low end stuffs... I wonder what they did so different on these, Cutting corners again ? Who knows. Not blatant performance cheating like specter, but I wonder if these cheapies where skipping some check. Odd it only effects Pentium celeron and Atoms.

 

[auntjemima]

I always say, if they manage to get physical access, and the time to pull this off AND it be useful, they deserve the data they get. It's like a mission impossible attack.

 

[kirbyrj]

I think it's because those CPUs were based on older technology.

 

[RanceJustice]

Aside from how Intel CPUs seem to require greater mitigations with performance penalties (ie spectre/meltdown) even on recent and high powered hardware, it has long been an issue of the privacy and data security community that both Intel and AMD have "blackbox" aspects of their CPU which cannot be disabled in a verifiable manner - the FSF and DefectiveByDesign have written on the issue, as have numerous others. Intel has the Management Engine (ME), which is far more extensive in its feature set and what it links to yet on some slightly older hardware can be "neutered, if not wholesale removed", AMD has the more limited PSP but to date it we've not seen the kind of workarounds present on Intel to the same degree. Especially since confirmed as a possible backdoor method used by state-level actors via Snowden's whistleblowing, having these "trusted" blackboxes not fully accessible to the user yet with access to everything within the CPU and system doesnt' sit well. Its more and more troublesome that these elements tend to have vulnerabilities which both open the system to malicious actors but also show how little sovereignty the user has over the chip and computer for which they paid. There are some vendors now such as System76 that will prepare a laptop using Coreboot/Libreboot with Intel ME as neutered as possible and depending on hardware (sometimes requiring soldering to dump certain keys) users of certain older hardware like some Thinkpads can basically do it themselves, but it really shouldn't come to this.

I've long advocated that AMD could score another major blow against Intel if they simply released consumer (and Threadripper, if they come back ) chips with the verifiable ability to disable the PSP and open sourcing whatever software and firmware is necessary, demystifying the "blackbox" and also making sure it serves its owner. Alternately, they could support Coreboot/Libreboot projects for their CPUs and grant the kind of features we see on more typical UEFI without the lockdown. Intel could in theory do the same thing. If not proprietary, it isn't a "bad" feature necessarily but it would be up to to the particular user and use cases to enable if needed, rather than having it sitting there going unused for the vast majority of users outside a business setting. Its frustrating this continues and we're going to see the kind of continued vulnerabilities that proves its not really serving as the impregnable security they advertise, while also being opaque so they user can't really trust what's happening on their own hardware.

 

[1_rick]

Odd it only effects Pentium celeron and Atoms

Apollo Lake and Gemini Lake Celerons and Pentiums are also Atoms.

 

[ElementDave]

A bit of trivia: The OS used by Intel's Management Engine is MINIX 3.

https://www.cs.vu.nl/~ast/intel/

 

[Red Falcon]

A bit of trivia: The OS used by Intel's Management Engine is MINIX 3.

https://www.cs.vu.nl/~ast/intel/

That was a great find, but sadly, Intel didn't even bother to tell the creator of MINIX that their work had been utilized, even vaguely, and gave zero credit to them.

From the article:

After that intitial burst of activity, there was radio silence for a couple of years, until I read in the media (see above) that a modified version of MINIX was running on most x86 computers, deep inside one of the Intel chips. This was a complete surprise. I don't mind, of course, and was not expecting any kind of payment since that is not required. There isn't even any suggestion in the license that it would be appreciated.

The only thing that would have been nice is that after the project had been finished and the chip deployed, that someone from Intel would have told me, just as a courtesy, that MINIX was now probably the most widely used operating system in the world on x86 computers. That certainly wasn't required in any way, but I think it would have been polite to give me a heads up, that's all.

Typical Corporatist garbage from Intel not telling him - it really shows how much that work was appreciated.


Also from the article:

If I had suspected they might be building a spy engine, I certainly wouldn't have cooperated, even though all they wanted was reducing the memory footprint (= chip area for them). I think creating George Orwell's 1984 is an extremely bad idea, even if Orwell was off by about 30 years. People should have complete control over their own computers, not Intel and not the government. In the U.S. the Fourth Amendment makes it very clear that the government is forbidden from searching anyone's property without a search warrant. Many other countries have privacy laws that are in the same spirit. Putting a possible spy in every computer is a terrible development.

Andrew Tanenbaum, you rock.