Stories
Slash Boxes
Comments

SoylentNews is people

posted by n1 on Monday May 15 2017, @07:04AM   Printer-friendly
from the phme dept.

Submitted via IRC for TheMightyBuzzard

Since 2008, most of Intel's chipsets have contained a tiny homunculus computer called the "Management Engine" (ME). The ME is a largely undocumented master controller for your CPU: it works with system firmware during boot and has direct access to system memory, the screen, keyboard, and network. All of the code inside the ME is secret, signed, and tightly controlled by Intel. Last week, vulnerabilities in the Active Management (AMT) module in some Management Engines have caused lots of machines with Intel CPUs to be disastrously vulnerable to remote and local attackers. While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one.

[...] EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.

It's a crying shame the what the EFF says doesn't hold a whole lot of weight.

Source: The Electronic Frontier Foundation


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Wootery on Monday May 15 2017, @08:27AM (8 children)

    by Wootery (2341) on Monday May 15 2017, @08:27AM (#509848)

    Is it possible to turn off AMD's system?

    The damning part of this whole episode isn't that Intel have a below-ring-zero bug, or even that it's on by default, but that it's impossible to turn off.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by butthurt on Monday May 15 2017, @09:19AM (1 child)

    by butthurt (6141) on Monday May 15 2017, @09:19AM (#509879) Journal

    Slashdot commenter sexconker seems to say "no":

    But AMD won't be removing it, so they could at least allow binary blobs to be loaded which disable functionality. (Or give us a config option or jumper to do the same.)

    -- https://news.slashdot.org/comments.pl?sid=10349793&cid=54015969 [slashdot.org]

    I haven't seen anything to the contrary.

    • (Score: 0) by Anonymous Coward on Monday May 15 2017, @08:15PM

      by Anonymous Coward on Monday May 15 2017, @08:15PM (#510208)

      'Lisa Su has been made aware of it, but sadly she has already left for the day, but you can be sure this has the attention of the highest levels of AMD management.' -- Or something similiar.

      Basically AMD gave a carefully worded and polite brushoff when the PSP was brought up. As the Netflix article also shows, Trustzone/ME components are not going away because media companies want a generally programmable 'master system' they can use to implement their DRM and spying on the user's system. While such a system could have mostly been implemented in secure, documented and reproducable hardware (barring perhaps the encryption engine, which would need to be standardized and modular to allow hardware to support new keytypes and deprecate broken ones for new importation to the hardware secured keyring), but due to cost reduction and a desire for control, rather than a mutually trusted shared escrow system (each side's keys being placable into a shared keystore without either getting access to the other's key and all cryptographic re-encoding taking place inside of it before being transmitted to an authorized decoding device, which in turn would have to relay a public key signed by a certificate authority trusted by the media company/DRM implementors, to ensure the remote device would not allow copying. Notice how this isn't very different from how HDCP is supposed to work? Combining a certificate authority like the internet uses, and a trustworthy non-reprogrammable hardware key escrow ensures both sides could trust its authorization. But neither TrustZone, Intel ME, nor the TPM/Secureboot modules have been designed that way.

  • (Score: 3, Informative) by kaszz on Monday May 15 2017, @09:37AM (5 children)

    by kaszz (4211) on Monday May 15 2017, @09:37AM (#509895) Journal

    Here's how to shut off the Intel one [github.io].

    • (Score: 4, Insightful) by The Mighty Buzzard on Monday May 15 2017, @11:09AM (4 children)

      Sort of. You can never be certain though. You can't even tell if they sold the NSA a backdoor. The firmware is closed source and heavily encrypted.

      --
      My rights don't end where your fear begins.
      • (Score: 2) by bradley13 on Monday May 15 2017, @11:26AM

        by bradley13 (3053) on Monday May 15 2017, @11:26AM (#509941) Homepage Journal

        Given all of the other Snowdon revelations, I wouldn't bet against it. In fact, I figure it's damn near certain that the NSA has a backdoor into the management engine. It's a much more attractive target that lots of other things they spend $billions attacking, and they can certainly bend Intel into compliance.

        There's every reason for the ME to be open source, and for owners to have the same level of access to it that they do to their system firmware. I.e., it should be possible for the owner to inspect it, and to alter it just as you would any other firmware. Obviously, this shouldn't be possible from an O/S level (rootkit danger), but possibly through a special physical port.

        --
        Everyone is somebody else's weirdo.
      • (Score: 1) by fustakrakich on Monday May 15 2017, @12:28PM (1 child)

        by fustakrakich (6150) on Monday May 15 2017, @12:28PM (#509966) Journal

        You can never be certain though.

        Can't you monitor network traffic?

        --
        La politica e i criminali sono la stessa cosa..
      • (Score: 2) by kaszz on Monday May 15 2017, @04:31PM

        by kaszz (4211) on Monday May 15 2017, @04:31PM (#510093) Journal

        You are absolutely right. I should been more clear on that. Otoh, most people here ought to figure out in a few seconds that it won't wipe out all backdoors that may exist. Anyway, it will at minimum put some serious rocks in the cogs of mass spying. The method is interesting but there are of course way sharper methods in the toolbox for the willing.

        As for prevention. Don't trust any manufacturer with a significant business stake in the US that they aren't willing to risk and there goes AMD and Intel instantly *poof*. And even a compromised machine needs to communicate somehow which can be thwarted by blocking such traffic in a firewall, not running a pre-compromised CPU or NIC. Any wireless and RF capable devices also has to be physically disabled.

        I'll propose that there IS a specific en-es-ay backdoor into machines with an Intel processor which will enable a mass compromise. It only takes a resourceful person(s) to discover it. What have been seen so far is only a light teaser.