Researchers discover and abuse new undocumented feature in Intel chipsets
Researchers find new Intel VISA (Visualization of Internal Signals Architecture) debugging technology.
At the Black Hat Asia 2019 security conference, security researchers from Positive Technologies disclosed the existence of a previously unknown and undocumented feature in Intel chipsets.
Called Intel Visualization of Internal Signals Architecture (Intel VISA), Positive Technologies researchers Maxim Goryachy and Mark Ermolov said this is a new utility included in modern Intel chipsets to help with testing and debugging on manufacturing lines.
VISA is included with Platform Controller Hub (PCH) chipsets part of modern Intel CPUs and works like a full-fledged logic signal analyzer.
[ . . . . ] Unauthorized access to the VISA feature would allow a threat actor to intercept data from the computer memory and create spyware that works at the lowest possible level.
But despite its extremely intrusive nature, very little is known about this new technology. Goryachy and Ermolov said VISA's documentation is subject to a non-disclosure agreement, and not available to the general public.
[ . . . . ] Intel says it's safe. Researchers disagree.
I'm stumped to think of a joke. It would be nice if you could trust the hardware and only deal with securing the software and firmware.
(Score: 3, Interesting) by Ethanol-fueled on Saturday March 30 2019, @02:02AM (1 child)
Just in case you are wondering about the name, Intel did it so that it could hide all its negative publicity about their VISA behind the far more useful National Instruments VISA. [ni.com] This is a classic case of Batesian mimicry. [wikipedia.org]
I'll leave the credit-card jokes to somebody else.
(Score: 0) by Anonymous Coward on Saturday March 30 2019, @07:16PM
Bah! These stinking re-Bates! I never get mah monnah!