SoylentNews is people
SoylentNews
from the One-ring-to-bring-them-all-and-in-the-darkness-bind-them... dept.
From Damien Zammit, we have this fun little tidbit:
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly un-killable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.
The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an extra general purpose computer running a firmware blob that is sold as a management system for big enterprise deployments.
When you purchase your system with a mainboard and Intel x86 CPU, you are also buying this hardware add-on: an extra computer that controls the main CPU. This extra computer runs completely out-of-band with the main x86 CPU meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend).
On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.
The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.
Yeah, and I'm sure they pinky-swear never to allow the NSA access to any computer via it. I'll be using AMD from now on, slower or not, thanks.
(Score: 2, Insightful) by DannyB on Monday June 20 2016, @03:23PM
Just turn your computer off.
That won't help you either. This secret processor running secret firmware still has power when your computer is turned off. It could still access the network. It may be able to power up your computer to a various extent. I'm a software guy and don't know much about motherboards, but could something that could control all of the pins of your Intel chip be able to power up the motherboard without starting the fan? Maybe not even starting the hard drive? For a very brief period? Or maybe just power it up to the extent that it can access the ethernet port, use the camera and microphone? Maybe WiFi hardware that can connect to a parked van on the street?
Don't say this is paranoid. No matter what kind of paranoid idea I come up with in the last ten years, reality always has proven that it is already worse than I thought. How many years again has this secret processor been inside our processors?
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 1) by kurenai.tsubasa on Monday June 20 2016, @06:31PM
And here I thought I was just reducing my power consumption by a tad with my habit of turning off my computer's power strip at night, when I was actually protecting myself from the lizard people!
Kidding aside, computers for a while now have had various wake features such as wake on lan or wake on timer from "powered off." I'm not a hardware person either, but that means that some part of the mobo is already powered after you've "power off" your computer, no? At any rate, one thing that comes up when looking for advice to minimize power consumption is that pretty much every device is never really "off" these days as long as it's plugged in. Hence, turning the power strip off is the only way to completely prevent a device from sipping on power.
My phone doesn't have a fan and is quite capable. I'm thinking what you've listed for the most part are valid concerns. I want to say they're far-fetched but as you've observed, all the crazy conspiracy ideas that were tossed around 10 years ago turned out not to be that crazy after all.
Something I could see as feasible. Given an on-board ethernet port, I suppose this thing could turn on, establish an ethernet link without turning the computer's link light on, do a very basic DHCP request to get an address, and begin executing a program designed to read from some secret ram where it's been storing juicy details and send the details down the pipe but with the "evil bit" set before deactivating. The switch might also detect the "evil bit" and fail to turn on its own link light. Or maybe it negotiates that with an evil frame or something.
Better check the dnsmasq logs.
I suppose it could use a protocol other than IP. Imagine that the chip is looking for DHCP responses (or v6 router advertisements). When it gets one, it stores the MAC address of the next hop along with which interface. When the home router DHCPs up to the cable modem, it stores the cable modem's MAC address along with which interface is the next hop. Then the desktop computer, when its secret chip activates, could send the snooped info to which ever MAC address it logged as being its DHCP/IPv6 router upstream. Then the router turns around and does the same thing.
From there, the ISP could take over getting the info to the lizard people.
(Score: 0) by Anonymous Coward on Tuesday June 21 2016, @01:32AM
With Intel - supposedly since 2006 (Core 2 Duo), with AMD - supposedly since 2013.