SoylentNews is people
SoylentNews
Submitted via IRC for TheMightyBuzzard
Since 2008, most of Intel's chipsets have contained a tiny homunculus computer called the "Management Engine" (ME). The ME is a largely undocumented master controller for your CPU: it works with system firmware during boot and has direct access to system memory, the screen, keyboard, and network. All of the code inside the ME is secret, signed, and tightly controlled by Intel. Last week, vulnerabilities in the Active Management (AMT) module in some Management Engines have caused lots of machines with Intel CPUs to be disastrously vulnerable to remote and local attackers. While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one.
[...] EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.
It's a crying shame the what the EFF says doesn't hold a whole lot of weight.
Source: The Electronic Frontier Foundation
(Score: 3, Interesting) by Anonymous Coward on Monday May 15 2017, @07:20AM (2 children)
I had a bear of a time trying to install Linux when the network drivers kept failing for no apparent reason. Turns out Intel vPro was seizing control of the chipset and trying to use the network for its own purposes. I was shocked to discover a nefarious parasitic computer inside the computer. I disabled vPro immediately and vowed from that day forward never to allow vPro to be enabled ever again.
I learned my lesson from helpful Linux penguins. GNU bless Linux for all time.
(Score: 1, Interesting) by Anonymous Coward on Monday May 15 2017, @01:47PM (1 child)
I remember that, though at the time I didn't comprehend the magnitude of the issue at the time. NFS wouldn't work, because the mangement platform was stealing traffic to ports in the NFS range.
(Score: 2) by kaszz on Monday May 15 2017, @04:56PM
No configuration option to "don't use these ports for NFS" ?
Must seem obscure to miss incoming TCP traffic despite knowing it was sent.. ;-)
(Score: 0) by Anonymous Coward on Monday May 15 2017, @07:33AM (41 children)
As all major CPU brands have similar issues, what are the alternatives? I don't care for windows, as long as it runs Linux or a BSD I'm satisfied. I know there was a project for building a POWER based system, but if I remember correctly that was cancelled.
(Score: 3, Informative) by butthurt on Monday May 15 2017, @07:45AM (4 children)
Correct me if I'm wrong, but I'm assuming these are fine:
https://libreboot.org/docs/hardware/#list-of-supported-hardware [libreboot.org]
(Score: 3, Informative) by The Mighty Buzzard on Monday May 15 2017, @11:05AM
They've got large bits of the ME disabled but not by any means all of it.
My rights don't end where your fear begins.
(Score: 4, Informative) by Hairyfeet on Monday May 15 2017, @11:10AM (2 children)
There is also all AMD chips up to Ryzen (haven't had a chance to look closely at the Ryzen arch layout so I can't say one way or another with those) except for AM1 if you wanted to be ultra paranoid. But the security module in AM1 is disabled, in the hardware itself IIRC (socket AM1 chips are simply the original PS4 and Xbone chips so the security module was for the DRM baked into the consoles) and no software exists that can access the security module on PC so I doubt it would be a threat.
All the rest? No CPU security module and AFAIK there are no AMD motherboards that have any kind of extra modules, the closest that I know of is the Asus gamer boards have an ARM CPU baked on the board to control OCing and power saving called the EPU but it doesn't have any security settings, its strictly power control.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 0) by Anonymous Coward on Monday May 15 2017, @04:59PM
I thought AMD DASH / AMD PSP was a thing. http://developer.amd.com/tools-and-sdks/cpu-development/tools-for-dmtf-dash/ [amd.com]
(Score: 0) by Anonymous Coward on Monday May 15 2017, @08:03PM
A few earlier chipsets had an lm32 in the SBxx0 southbridge offering the features of the PSP. Don't remember if those were signed or unsigned.
ALL current chips that were produced after sockets G34, C32, AM3+, and I believe the original FM2 have ARM TrustZone based PSPs baked into them, with manufacturer only signed firmware.
Clipper/Palladium/etc is real and has been rolled out into all processors since 2008 or so (When did trustzone first roll out? Earlier if TZ was earlier.)
Having said that: There is a PicoRV32 project that has a a RISC-V core in under 2100 6LUTs, and should be sythesizable in under 4k 4LUTs (IE an iCE40 FPGA). It won't replace an x86/arm for mobile or high performance desktop purposes, but it could be the first step in freeing our systems and ensuring possession plus ownership gives control of the hardware and firmware, even if doing so requires wiping a signing key (this should have always been a write protect jumper feature, just like with flash prior to SPI. Hint: Go read the datasheets on many SPI flash chips (like used in modern computers) many of them implement write protect in software and require software ENABLE of the Write Protect pin on initialization in order for write protection to be active... Kind of defeats the point, doesn't it?
(Score: 3, Interesting) by TheRaven on Monday May 15 2017, @07:46AM (14 children)
We had a similar wake-up call from a Dell (I think) remote management system that shipped with an ancient (and known insecure) version of OpenSSH. We discovered this when Facebook contacted us to ask why we were attacking them - apparently someone had compromised the management system and was using it to attack Facebook. This is perhaps more of a problem than the Intel hack, because the owner of the compromised system has far less of an incentive to fix it if it's being used to attack computers off their network.
sudo mod me up
(Score: 3, Informative) by kaszz on Monday May 15 2017, @08:13AM (8 children)
The point is that with Intel Management Engine you don't have the option to turn off the LOM facilities.
(Score: 2) by TheRaven on Monday May 15 2017, @09:05AM (3 children)
sudo mod me up
(Score: 2) by kaszz on Monday May 15 2017, @09:16AM (2 children)
Not from what I have read. But then how can one be sure anyway?
(Score: 1) by fustakrakich on Monday May 15 2017, @12:24PM (1 child)
Um, network sniffer between the machine and the outside world?
La politica e i criminali sono la stessa cosa..
(Score: 3, Insightful) by kaszz on Monday May 15 2017, @05:00PM
Then you got to be sure what to look for among the gazillion of bits passing over the network. And that the sniffer platform don't fool you either.
Then there's the RF backdoor. Connect to your neighbor and establish a system prompt.
(Score: 1, Informative) by Anonymous Coward on Monday May 15 2017, @10:32AM (3 children)
You can minimize the attack surface by using a pci(-e) network card instead of the untrusted on-board NIC.
(Score: 1, Insightful) by Anonymous Coward on Monday May 15 2017, @02:10PM (1 child)
On a laptop?
(Score: 2) by Jeremiah Cornelius on Monday May 15 2017, @04:16PM
USB C or Thunderbolt!
You're betting on the pantomime horse...
(Score: 3, Insightful) by kaszz on Monday May 15 2017, @04:54PM
And you think that little spy engine of Intel won't find your wired network card? ;)
(Score: 1, Touché) by Anonymous Coward on Monday May 15 2017, @08:14AM
Facebook contacted us to ask why we were attacking them
I don't need a reason!
Hells bells, no matter what you're doing, some pissant somewhere wants you to stop. Fuck the world!
(Score: 2) by butthurt on Monday May 15 2017, @08:15AM (1 child)
Checkpoint, Fujitsu and Sun had separate physical ports for lights-out management. Is that typical?
https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/12676/FILE/CP_4800_12000_LOM_AdminGuide.pdf [checkpoint.com]
http://www.fujitsu.com/downloads/SPARCE/manuals/sparc-t1-t2e/alom1.3-en-01.pdf [fujitsu.com]
https://en.wikipedia.org/wiki/LOM_port [wikipedia.org]
(Score: 4, Informative) by TheRaven on Monday May 15 2017, @09:03AM
sudo mod me up
(Score: 0) by Anonymous Coward on Monday May 15 2017, @11:32AM (1 child)
So you told them, it wasn't you attacking them but Dell enabling the compromise of your machine and allowing a 3rd party to use your network to attack them?
Serious point being, could Intel's insurers take the hit from a bug in the ME that was exploited on the scale of the recent ransomware attack?
(Score: 2) by TheRaven on Monday May 15 2017, @01:37PM
So you told them, it wasn't you attacking them but Dell enabling the compromise of your machine and allowing a 3rd party to use your network to attack them?
[Disclaimer: I wasn't involved in the incident directly, so this is all from what people who were have told me:] They were actually very helpful in pinpointing the source and once the attacks were stopped didn't take it any further. I doubt that they had a case against Dell.
Serious point being, could Intel's insurers take the hit from a bug in the ME that was exploited on the scale of the recent ransomware attack?
There isn't any precedent for liability for associating liability with off-the-shelf software and it's not really a precedent that I'd be happy seeing set.
sudo mod me up
(Score: 4, Interesting) by Runaway1956 on Monday May 15 2017, @08:13AM (18 children)
I was gloating over Intel's problems, until I was reminded that AMD has a similar function onboard their chips. I guess the difference is in the level of transparency. But, I'm happy to see Intel having problems anyway. It some percentage of the population distrusts Intel, that opens the door for more competition, which in turn, helps to keep Intel honest. Intel has done a lot of more or less shady things in it's history, but I'll never forgive them for trying to make all their CPU's identify themselves on the internet. Sally Anonymous went to great lengths to prevent being identified while on the web, but her CPU was busy announcing her identity to anyone who knew how to ask. Sucks to be Sally, huh?
http://courses.ischool.berkeley.edu/i224/s99/GroupG/psn_outline.html [berkeley.edu]
(Score: 2) by Wootery on Monday May 15 2017, @08:27AM (8 children)
Is it possible to turn off AMD's system?
The damning part of this whole episode isn't that Intel have a below-ring-zero bug, or even that it's on by default, but that it's impossible to turn off.
(Score: 2) by butthurt on Monday May 15 2017, @09:19AM (1 child)
Slashdot commenter sexconker seems to say "no":
But AMD won't be removing it, so they could at least allow binary blobs to be loaded which disable functionality. (Or give us a config option or jumper to do the same.)
-- https://news.slashdot.org/comments.pl?sid=10349793&cid=54015969 [slashdot.org]
I haven't seen anything to the contrary.
(Score: 0) by Anonymous Coward on Monday May 15 2017, @08:15PM
'Lisa Su has been made aware of it, but sadly she has already left for the day, but you can be sure this has the attention of the highest levels of AMD management.' -- Or something similiar.
Basically AMD gave a carefully worded and polite brushoff when the PSP was brought up. As the Netflix article also shows, Trustzone/ME components are not going away because media companies want a generally programmable 'master system' they can use to implement their DRM and spying on the user's system. While such a system could have mostly been implemented in secure, documented and reproducable hardware (barring perhaps the encryption engine, which would need to be standardized and modular to allow hardware to support new keytypes and deprecate broken ones for new importation to the hardware secured keyring), but due to cost reduction and a desire for control, rather than a mutually trusted shared escrow system (each side's keys being placable into a shared keystore without either getting access to the other's key and all cryptographic re-encoding taking place inside of it before being transmitted to an authorized decoding device, which in turn would have to relay a public key signed by a certificate authority trusted by the media company/DRM implementors, to ensure the remote device would not allow copying. Notice how this isn't very different from how HDCP is supposed to work? Combining a certificate authority like the internet uses, and a trustworthy non-reprogrammable hardware key escrow ensures both sides could trust its authorization. But neither TrustZone, Intel ME, nor the TPM/Secureboot modules have been designed that way.
(Score: 3, Informative) by kaszz on Monday May 15 2017, @09:37AM (5 children)
Here's how to shut off the Intel one [github.io].
(Score: 4, Insightful) by The Mighty Buzzard on Monday May 15 2017, @11:09AM (4 children)
Sort of. You can never be certain though. You can't even tell if they sold the NSA a backdoor. The firmware is closed source and heavily encrypted.
My rights don't end where your fear begins.
(Score: 2) by bradley13 on Monday May 15 2017, @11:26AM
Given all of the other Snowdon revelations, I wouldn't bet against it. In fact, I figure it's damn near certain that the NSA has a backdoor into the management engine. It's a much more attractive target that lots of other things they spend $billions attacking, and they can certainly bend Intel into compliance.
There's every reason for the ME to be open source, and for owners to have the same level of access to it that they do to their system firmware. I.e., it should be possible for the owner to inspect it, and to alter it just as you would any other firmware. Obviously, this shouldn't be possible from an O/S level (rootkit danger), but possibly through a special physical port.
Everyone is somebody else's weirdo.
(Score: 1) by fustakrakich on Monday May 15 2017, @12:28PM (1 child)
You can never be certain though.
Can't you monitor network traffic?
La politica e i criminali sono la stessa cosa..
(Score: 2) by The Mighty Buzzard on Monday May 15 2017, @02:41PM
From another box that doesn't have any sort of ME, sure. From one that does, what's to stop them from refusing to register packets they don't want you to see?
My rights don't end where your fear begins.
(Score: 2) by kaszz on Monday May 15 2017, @04:31PM
You are absolutely right. I should been more clear on that. Otoh, most people here ought to figure out in a few seconds that it won't wipe out all backdoors that may exist. Anyway, it will at minimum put some serious rocks in the cogs of mass spying. The method is interesting but there are of course way sharper methods in the toolbox for the willing.
As for prevention. Don't trust any manufacturer with a significant business stake in the US that they aren't willing to risk and there goes AMD and Intel instantly *poof*. And even a compromised machine needs to communicate somehow which can be thwarted by blocking such traffic in a firewall, not running a pre-compromised CPU or NIC. Any wireless and RF capable devices also has to be physically disabled.
I'll propose that there IS a specific en-es-ay backdoor into machines with an Intel processor which will enable a mass compromise. It only takes a resourceful person(s) to discover it. What have been seen so far is only a light teaser.
(Score: 3, Insightful) by butthurt on Monday May 15 2017, @09:03AM (4 children)
> I was gloating over Intel's problems, until I was reminded that AMD has a similar function onboard their chips.
I noticed you gloating over the recent story announcing an exploit of an Intel misfeature. That story should have been linked to this topic we're in:
/article.pl?sid=17/05/07/0211240 [soylentnews.org]
I'm not aware of published exploits for AMD systems. If that's because those exploits haven't been announced, rather than because of my ignorance, then AMD would appear to be the lesser evil.
> I'll never forgive them for trying to make all their CPU's identify themselves on the internet.
The designers of "applications, including Web browsers" have the option of disseminating such information, or not. If your browser wasn't specifically designed to provide the processor serial number, the number would only be transmitted if a Web page could run arbitrary machine code on your computer, signifying a total lack of security. Your linked page says something similar:
The PSN is designed to be a passive element, never broadcast to the operating system, applications or to the Internet. In other words, outsiders cannot directly read a computer's PSN; a separate piece of software must be downloaded and executed before the PSN can be read and transmitted out. Allowing a mischievous piece of software to unknowingly read one's PSN is no different than allowing any other bit of code to wreak other forms of havoc on your computer.
In the absence of a processor serial number, there are other unique identifiers in commonplace hardware. Hard drives and Ethernet/Wi-fi interfaces come to mind.
(Score: 3, Interesting) by Runaway1956 on Monday May 15 2017, @09:27AM (3 children)
Note that I said "similar function" rather than "similar exploits". I was referring to the management functions. I'm not aware of AMD's processor management being exploited. It probably is exploitable, in some manner, but if so, it hasn't been publicized.
The link I provided above helps to underscore the disingenuous nonsense from Intel. On the one hand, they proclaimed that the computer would "prove" to business and banking that you were really you, on the other hand, it could only be turned on by rebooting the system. They claimed that it couldn't be hacked, while providing the software with which it could be hacked via the internet.
Software vendors, such as Mozilla, would almost certainly have been forced (by the market) to ENABLE the feature. They may or may not have been pressured into enabling it by default. Internet Explorer would almost certainly have enabled by default. (Bear in mind the dates, IE was the "One ring to rule them all" at that point in time.)
And, finally, AMD's "TrustZone" - here's AMD's marketing hype on the subject. Three different searches have failed to find any exploits, or discussion of potential exploits. https://community.amd.com/community/amd-business/blog/2015/09/11/securing-the-data-center-from-the-silicon-up [amd.com]
AMD also uses the term "Platform Security Processor", which appears to be the same thing. Some third party marketing hype here: http://www.electronicdesign.com/microprocessors/platform-security-processor-protects-low-power-apus [electronicdesign.com]
(Score: 2) by butthurt on Monday May 15 2017, @10:36AM (2 children)
Note that I said "similar function" rather than "similar exploits". I was referring to the management functions. I'm not aware of AMD's processor management being exploited. It probably is exploitable, in some manner, but if so, it hasn't been publicized.
I didn't misunderstand you as saying that there are similar exploits for AMD. My understanding of the recently announced one for Intel is slight, but in my estimation they were extremely careless.
On the one hand, they proclaimed that the computer would "prove" to business and banking that you were really you, on the other hand, it could only be turned on by rebooting the system.
I don't see a contradiction between those things. Proving one's identity would seem to be at odds with preserving one's anonymity. Identifying a computer, of course, is not quite the same as identifying a person.
> [...] forced (by the market) to ENABLE the feature.
Market pressures certainly exist. I would assume that they were the reason the feature was devised.
> AMD's "TrustZone" [...] AMD also uses the term "Platform Security Processor", which appears to be the same thing.
I read that "Platform Security Processor" is an earlier term that has been replaced by the term "AMD Secure Platform." It involves an ARM processor running in tandem with AMD's processor, and TrustZone is a feature of that ARM processor. From your last link:
AMD's Platform Security Processor (PSP) is based on an ARM Cortex-A5 that supports the ARM TrustZone technology.
From Wikipedia:
AMD has licensed and [incorporated] TrustZone technology into its Secure Processor Technology. Enabled in some but not all products, AMD's APUs include a Cortex-A5 processor for handling secure processing. In fact, the Cortex-A5 TrustZone core had been included in earlier AMD products, but was not enabled due to time constraints.
-- https://en.wikipedia.org/wiki/TrustZone#TrustZone_.28for_Cortex-A_profile.29 [wikipedia.org]
(Score: 2) by Hairyfeet on Wednesday May 17 2017, @05:49AM (1 child)
All the links on that Wiki? Simply go back to an article about ARM and again the only link they provide for AMD is a "coming soon" article that hasn't been updated since 2013. AMD was in talks with ARM, they bought a license and...they didn't do a thing with it. Total vaporware. The reason why is obvious, they saw Intel wasn't making mad money selling EMT laptops for business so didn't spend the tens of millions to redo their chip layouts to incorporate Trustzone.
If you say Trustzone exists in AMD chips? Show me some code that uses Trustzone. I can provide plenty of links to software that uses Intel EMT so if Trustzone exists in AMD chips? Show me some code and I have nearly a dozen AMD systems going back to AM2, I'll be happy to test it....but you can't because AMD never bothered to use Trustzone.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by butthurt on Wednesday May 17 2017, @10:24AM
Are you familiar with the site Tom's IT Pro? I'm not, but I found a 2015 article there stating that "6th generation Carrizo-based AMD Pro A-Series APUs" have TrustZone and that it's intended to provide "a safe execution environment that is completely segregated from the rest of the silicon."
http://www.tomsitpro.com/articles/amd-pro-carrizo-arm-trustzone,1-2917.html [tomsitpro.com]
By EMT you mean Extended Memory Technology, usually known as EM64T, is that right?
http://www.hardwaresecrets.com/intel-em64t-technology-explained/ [hardwaresecrets.com]
That's different: the AMD Secure Processor and Trustzone, as I understand them (and my understanding is slight), aren't accessible to a normal operating system. From what I gather, it runs proprietary firmware--which is what some people are objecting to. If the code were available, those objections would vanish.
AMD has a page which mentions these features:
AMD gives you a dedicated AMD Secure Processor1 built into select AMD Accelerated Processing Units (APUs). ARM® TrustZone®, a system-wide approach to security, runs on top of the hardware creating a secure environment by partitioning the CPU into two virtual “worlds.” Sensitive tasks are run on the AMD Secure Processor – in the “secure world” – while other tasks are run in “standard operation.” This helps ensure the secure storage and processing of sensitive data and trusted applications. It also helps protect the integrity and confidentiality of key resources, such as the user interface and service provider assets.
1. AMD Secure Processor (formerly “Platform Security Processor” or “PSP”) is a dedicated processor that features ARM TrustZone® technology, along with a software-based Trusted Execution Environment (TEE) designed to enable third-party trusted applications. AMD Secure Processor is a hardware-based technology which enables secure boot up from BIOS level into the TEE. Trusted third-party applications are able to leverage industry-standard APIs to take advantage of the TEE’s secure execution environment. Not all applications utilize the TEE’s security features. AMD Secure Processor is currently only available on select AMD A-Series and AMD E-Series APUs.
-- https://www.amd.com/en-us/innovations/software-technologies/security [amd.com]
(Score: 3, Informative) by Hairyfeet on Monday May 15 2017, @12:01PM (3 children)
Citation? Because I've looked at the CPU layouts of every AMD chip from the Barton Athlon to the Vishera core and the ONLY AMD chip that had a "security module" (which was just FYI disabled in hardware) was the socket AM1 APUs and the only reason they had the (again hardware disabled) security chip was socket AM1 was how AMD recovered the PS4 and Xbone APUs whose cache didn't completely check out, they just blew half the cache and the hardware DRM module used by the consoles and sold it as a super cheap ULV APU for HTPCs and office boxes.
So I'd really like to see a citation because every time someone makes that claim all they have been able to provide is an article on the AMD website talking about an "upcoming security module" to compete with the Intel EMT....dated 2012 and which hasn't been updated since 2013. In the end they never bothered to make it, probably because business laptops that sell based on an EMT chip is too much of a niche to be worth spending several tens of millions altering their chip layouts to accommodate it.
Now I can't guarantee the same is true of Ryzen as I haven't had the time to study the Ryzen die layouts but I haven't read a single article or seen a single vid talking about Ryzen where any kind of extra security is mentioned nor has AMD been pushing Ryzen for business laptops and from what I have seen of the die layouts for Ryzen its the same as for previous AMD CPUs, [techpowerup.com] a big chunk of cache and the usual, ALU, FP unit, Load/Store, etc. If you want even more detail AMD has given several presentations where they show in great detail every nm of the Ryzen chip with everything neatly laid out...don't remember seeing any kind of security modules. Oh and please don't try to bring in some EFF "article" because if you look at their citation for AMD it goes right back to that "coming soon" from 2012 I have already covered.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by Runaway1956 on Monday May 15 2017, @12:16PM (1 child)
Sorry, no, I don't have a good citation. In honesty, all that I've found are marketing hype links, and links referencing that same hype. As for studying the chips, I've never even really looked at them. Again, marketing hype. I'm not aware of any actual chips on the market. And, I think that when the subject was discussed in another thread, I just took those marketer's links at face value.
(Score: 3, Informative) by Hairyfeet on Wednesday May 17 2017, @05:37AM
Well checking out die layouts is kinda my thing, going back to the old 286 where you could actually see the various modules with nothing more than a magnifying glass, VERY cool. Once I got into AMD (when I found out Intel was market rigging, bribing, and rigging benchmarks to push their shitty Netburst arch) I started getting into checking out their chip layouts and their chip layouts? Really straightforward. Like I said ALUs, Load/store, FPU, a big ass cache, even their Bulldozer and later Vishera were laid out simply and logically, they simply bet that more cores would be better than less cores with faster single core performance but sadly software just didn't take advantage of the hardware.
But the EFF started pushing that "ZOMFG AMD has a security module like Intel wharrgarbl!" when it was all based on an abandoned "coming soon" article about hardware that turned out to be complete vaporware. Even the AM1 had the security module blown in the hardware which anybody that thought about it for a second would know why, I mean do you REALLY think MSFT and Sony would be happy if their security module that keeps their consoles from being hacked was being sold on a $29 APU on the easily hackable PC platform? They would have a royal shitfit and the hackers would have a field day trying to find weaknesses in the module because they know its the actual chip used in PS4 and Xbone...but nobody has bothered to even try using an AM1 to hack a PS4 because when AMD blows the questionable cache they blow the security module so its just a teeny tiny bit of dead silicon.
So if you want a PC with no security modules to worry about? Just get an AMD.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 0) by Anonymous Coward on Monday May 15 2017, @08:22PM
High level overview flowcharts from maybe a year ago?
The PSP was prominently shown alongside the cpu cores connected to the in-chip interconnect alongside the cache, memory controller and pci bus controllers.
Go look for one of those old flowcharts and you should find it.
Having said that, yes there has been a pretty MUM attitude towards it and the only real 'official' proof that it was in AM4 is the Reddit AMA where that discussion with an engineer about how many people would buy it if the PSP was unlocked/disabled/could run unsigned firmware. Obviously met to a diplomatic rejection while claiming they would consider it.
(Score: 0) by Anonymous Coward on Monday May 15 2017, @03:12PM (1 child)
i believe the alternative is to be non standard, non x86 and to have several layers of defense running on separate hardware platform cross-verifying everything... Perfection would be to have custom everything, built by trustworthy entities. But perfection is unattainable and i'm a poor scrub.
My next box will be 20-200 single board ARM computers and a few beefy x86 nodes with GPU's, most likely nvidia cos CUDA. Im thinking of using some of the boards to access other boards through some kind of DMA, and monitor memory for unusual patterns of activity and modifications, checksum the fuck out of it, compare to last known good state, if not revert etc. Do same thing through Thundebolt to x86 nodes? Some other boards will monitor ethernet for same kind of anomalies, maybe i can use ML to train a model or something... Maybe do weird stuff, like tunnel tcp/ip over HDMI or I2C to the x86 boxes, and place them in faraday cage, nobody expects that...? Maybe setup a SDR to detect, remix and broadcast em noise from the computer? It's a long term DIY project.
Criticism/suggestions would be appreciated.
(Score: 2) by kaszz on Monday May 15 2017, @04:48PM
Non standard, non x86 is good but also requires a lot of replication work (compiling and setup).
PCI, Firewire, PCMCIA, PC Card, ExpressCard and Thunderbolt all support direct DMA without CPU initiation, just a tip. Which would enable you to verify contents. But don't trust the computer to present you with the correct data through DMA either. Another hint is "lost clock cycles" or SMI# pin activation.
As for network. You can probably fool the management engine by rewriting the PCI registers into that the NIC really.. is a joystick device. Then just modify the network driver to interpretate that code as a NIC. The result is hopefully that whenever these backdoors wants to phone-home. There is no network. Another level is to leave the OS without network and have your application rewritten to communicate using other means. It could be as simple as running the mailer SMTP chat directly over asynchronous RS-232.
Even better yet is to ditch all chips that you can't certify is alright.
(Score: 4, Informative) by kaszz on Monday May 15 2017, @08:53AM (2 children)
AMD has their own version called TrustZone using a Cortex-A5 processor.
Smartphones usually have a ARM processor, which also in many cases have a ARM management processor besides the main one.
Alternatives:
IBM's Power8 [informationweek.com] ATX motherboard [raptorengineering.com]
OpenSPARC [wikipedia.org]
Cyrix/Centaur/Winchip CPUs, Eden
Elbrus [extremetech.com]
Raspberry Pi 3?
EOMA68 [elinux.org]
Routing counter strategies:
Block TCP ports 16992 - 16995 and only allow 80, 8080 & 443
Turn off UPnP
Distrust your proprietary router to do the right thing
Lock down permitted MAC addresses
Defense in depth..
Have a look in the BIOS setup if AMT is enabled
Supposedly there is a special ME firmware installed on computers sold to certain government entities..
What the OpenBSD [nabble.com] people have to say (only update via MS-Windows, exploit).
(Score: 2) by Jeremiah Cornelius on Monday May 15 2017, @04:20PM
I run an old Indigo Iris Elan and an original Mac Pro Bondi Blue tower.
When I want speed? There's a couple of Raspberry Pi boards on what used to be drive sleds. These are dedicated browser sandboxes. They xremote to the desktops.
You're betting on the pantomime horse...
(Score: 0) by Anonymous Coward on Monday May 15 2017, @08:40PM
Dead.
SPARC itself is terminated (Both Fujitsu and Oracle/Sun have dropped it. Fujitsu moved the engineering resources to ARM for their next supercomputer, and Oracle/Sun have fired their entire cpu engineering staff.)
The Elbrus chips got migrated to something else, and I think switched to some new arch.
The only one of the non-AMDWintel x86 chips still in production are the Via ones. The Cyrix IP had been licensed out by AMRISC I believe, and RDC was a primary seller of chips based on them (But their website appears dead, and the latest available parts don't appear to be for sale anywhere, unless you can maybe purchase them in Shenzen or something.)
Pi3 is almost open, firmware-wise, but Broadcom is not an open company, and the chips support firmware signing even if the Pi3s have it disabled.
EOMA68: Total Junk. Also more expensive than just producing a PCIMG compliant SBC. Much bigger, but actually allows a real peripheral bus instead of the multiple kludges the EOMA68 formfactor has, many of which are tied to the Allwinner A20 onboard it.
Having said all this, as I mentioned in another thread: There is the PicoRV32 core, the iCE40 FPGA, and PCIMG backplane boards which could (given documentation on the PCIMG standard, which is royalty free outside of PCIe bus patents for version 1.3) provide a complete and mostly libre systems platform for future systems, albeit limited to a 32 bit processor and addressing for now (unless someone wants to add 64 bit addressing extensions to the RV32 and just use fused registers for addressing and related math.)
If such a system gets produced, it could help drive demand for an ASIC implementation with far more transistors and higher clock rates, and from there a transistor optimized mask for whatever process technology users were willing to crowdfund engineering talent and manufacturing costs to produce successfully.
(Score: 0) by Anonymous Coward on Monday May 15 2017, @07:33PM (1 child)
Intel managment need a 4-2-6 (four-to-six) moment of insight.
Tcp/ip?
(Score: 2) by hendrikboom on Wednesday May 17 2017, @03:19PM
What is a four-to-six moment?