SoylentNews is people
SoylentNews
It looks like it's nearly game over for the Intel Management Engine:
Positive Technologies, which in September said it has a way to attack the Intel Management Engine, has dropped more details on how its exploit works.
The firm has already promised to demonstrate [a] God-mode hack in December 2017, saying the bug "allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard".
For some details, we'll have to wait, but what's known is bad enough: Intel Management Engine (IME) talks to standard Joint Test Action Group (JTAG) debugging ports. As [does] USB, so Positive Technologies researchers put the two together and crafted a way to access IME from the USB port.
[...] The latest attack came to Vulture South's attention via a couple of Tweets:
Game over! We (I and @_markel___ ) have obtained fully functional JTAG for Intel CSME via USB DCI. #intelme #jtag #inteldci pic.twitter.com/cRPuO8J0oG
— Maxim Goryachy (@h0t_max) November 8, 2017
Full access the Intel ME( >=Skylake) by JTAG debugging via USB DCI https://t.co/TMvOirXOVI @ptsecurity @h0t_max @_markel___
— Hardened-GNU/Linux (@hardenedlinux) November 8, 2017
The linked blog post [in Russian] explains that since Skylake, the PCH – Intel's Platform Controller Hub, which manages chip-level communications – has offered USB access to JTAG interfaces that used to need specialised equipment. The new capability is DCI, Direct Connect Interface.
Reddit discussion linked by LoRdTAW in a journal.
Previously: Intel Management Engine Partially Defeated
Disabling Intel ME 11 Via Undocumented Mode
How-To: Disabling the Intel Management Engine
Andrew Tanenbaum's Open Letter to Intel About MINIX 3
(Score: 2, Interesting) by Anonymous Coward on Friday November 10 2017, @01:34PM (2 children)
Intel designed much of their crappy security with ME in mind. Turning it off might reduce the attack surface in theory. But it could also leave you exposed to a great many backdoors Intel left open for debugging purposes that ME was meant to close in production.
It's like killing off part of your immune system to avoid auto-immune diseases. There are times it's necessary. But most times it's stupid.
(Score: 0) by Anonymous Coward on Friday November 10 2017, @02:00PM (1 child)
That's quite the conjecture.
(Score: 3, Interesting) by RamiK on Friday November 10 2017, @08:32PM
Not as much as you'd think. We have these exact same problems with Intel's microcode updates. Whereby, by avoiding them, you're denying yourself from patches addressing serious functionality and security problems.
Similarly, since we don't know what's on-the-die when it comes to ME, we might be facing a situation where Intel keeps releasing flaws (in either functionality or security) PCH versions of ME and are instructing board manufacturers to update ME with patched version. Moreover, when we disable ME, we're actually politely asking it to enter stand-by mode. It's why Google's NERF focused on depriving ME from the blobs necessary to write the flash and access the networking and graphics.
compiling...