Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday January 20 2017, @01:06PM   Printer-friendly
from the if-you've-got-physical-access dept.

BleepingComputer has an interesting article on a 2015 design decision by Intel that opened up the JTAG interface to attacks.

Attackers with access to a device can take control over a target's computer and bypass all local security systems by abusing a hardware debugging interface included with Intel CPUs, which in recent years has become accessible via an external USB 3.0 port.

The debugging interface is JTAG (Joint Test Action Group), a debugging framework that has been included for many years with Intel chipsets.

JTAG works under the software level, allowing engineers, developers, and system administrators access to a hardware debugging utility that can provide insight into how the OS kernel, hypervisors, and local drivers are performing.

[...] In older Intel CPUs, the JTAG interface was only accessible by connecting a special device to the ITP-XDP port found on the motherboard, inside a computer's chassis.

Starting with the Skylake CPU line released in 2015, Intel dropped the ITP-XDP interface and allowed developers and engineers to access this powerful debugging utility via common USB 3.0 ports, accessible from the device's exterior, via a new a new technology called Direct Connect Interface (DCI).

Two Positive Technologies security researchers, Maxim Goryachy and Mark Ermolov, argue that this has significantly simplified the attack procedure needed to take control of Intel-based machines.

The two explain that while most hardware vendors disable the DCI interface before they ship products out of the factory's gateway, the DCI interface can be re-enabled via a computer's BIOS settings.

If a target doesn't password-protect its BIOS, attackers can enable this setting, and then connect via USB and alter core processes, undetectable to any type of security software installed on a targetted[sic] machine.

Submitted via IRC for TheMightyBuzzard


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Funny) by Anonymous Coward on Friday January 20 2017, @03:17PM

    by Anonymous Coward on Friday January 20 2017, @03:17PM (#456561)

    To be extra sure, I drive my USB ports with vacuum tubes.

    Starting Score:    0  points
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  

    Total Score:   2