from the One-ring-to-bring-them-all-and-in-the-darkness-bind-them... dept.
From Damien Zammit, we have this fun little tidbit:
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly un-killable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.
The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an extra general purpose computer running a firmware blob that is sold as a management system for big enterprise deployments.
When you purchase your system with a mainboard and Intel x86 CPU, you are also buying this hardware add-on: an extra computer that controls the main CPU. This extra computer runs completely out-of-band with the main x86 CPU meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend).
On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.
The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.
Yeah, and I'm sure they pinky-swear never to allow the NSA access to any computer via it. I'll be using AMD from now on, slower or not, thanks.
Chinese supercomputer is the world's fastest — and without using US chips.
China now has a greater share of the world's fastest supercomputers than the US.
We just got through discussing about how Intel's Hardware Rootkit is used for providing remote access services to interested third parties that may want to have some say as to what you use your machine for...
From the article:
The Sunway TaihuLight takes the top spot from previous record-holder Tianhe-2 (also located in China), and more than triples the latter's speed. The new number one is capable of performing some 93 quadrillion calculations per second (otherwise known as petaflops) and is roughly five times more powerful than the speediest US system, which is now ranked third worldwide.
[...] The previous fastest supercomputer, China's Tianhe-2, was built using US-made Intel processors. There were plans to upgrade the Tianhe-2's performance last year, but in April 2015 the US government placed an export ban on all high-performance computing chips to China.
So, while we were backloading our stuff with backdoors, the Chinese are leapfrogging us, and leave the United States government shaking the hand of executives who outsourced our technical jobs. Hope it was a good hand shake.
I am already finding a lot of datasheets for very interesting chips I use for my Arduino stuff... things like very high precision ADC's and DAC's - available in native Chinese. Most of the time an English translation ( Google translator quality ) is available. I am getting used to the idea that the new high tech is apt to require an understanding of Chinese to read it.
This is gonna be interesting to see how this plays out when China develops weaponry surpassing that controlled by the USA.
China's New Supercomputer Uses a 260-Core Chip
HPCWire received a report about Sunway TaihuLight, the world's new #1 supercomputer system on the June 2016 TOP500 list, in advance, and has some details about its architecture. The system uses the native/homegrown SW26010 "manycore" processor instead of Intel's similar Xeon Phi chips. Each SW26010 has 260 cores divided into four groups, with 64 compute cores and a single "management core" in each group. The chip reaches about 3 teraflops of peak floating point performance, and can access
8 GB [CORRECTION: 32 GB] of DDR3 memory. There are 40,960 of these chips, for a total of 10,649,600 cores (10,485,760 compute cores). The system's efficiency is around 6.05 gigaflops per Watt, over three times more efficient than the Tianhe-2 supercomputer. Although the TOP500 and Green500 lists are due to merge, the Green500 list has not been published yet. As for what the system will be used for:
Submitted via IRC for TheMightyBuzzard
Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.
Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.
Bit late to the reporting but we haven't covered it yet, so here it is. And I was so looking forward to a new desktop too. Guess this one will have to stay alive until ARM becomes a viable replacement.
The Intel Management Engine, and How it Stops Screenshots
Intel x86 Considered Harmful
Of Intel's Hardware Rootkit
Intel Management Engine Partially Defeated
EFF: Intel's Management Engine is a Security Hazard
Malware uses Intel AMT feature to steal data, avoid firewalls