Stories
Slash Boxes
Comments

SoylentNews is people

Intel AMT Vulnerability: Hacker's Backdoor Dream

posted by martyb on Sunday May 07 2017, @11:08AM   Printer-friendly
from the Intel-likes-the-backdoor dept.

An Anonymous Coward writes:

Days after being announced, Tenable reverse engineered the Intel AMT Vulnerability. According to a blog post, the vulnerability is a backdoor dream. The AMT web interface uses HTTP Digest Authentication, which uses MD5. The problem is that partial matches of the hash are also accepted. Therefore, Tenable decided to experiment and while doing so:

[W]e reduced the response hash to one hex digit and authentication still worked. Continuing to dig, we used a NULL/empty response hash (response="" in the HTTP Authorization header).

Authentication still worked. We had discovered a complete bypass of the authentication scheme.

Long story short, for over five years, a complete and trivial bypass of AMT authentication has existed. If this wasn't an intentional backdoor, it is a monumental mistake in security and coding best practices. Regardless, the "backdoor" is now public. With Shodan showing thousands of unpatchable computers (as no patch is currently available, assuming they would ever be patched) exposed to the Internet, some poor IT sod is bound to show up to work some bad news on Monday.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Intel AMT Vulnerability: Hacker's Backdoor Dream | Log In/Create an Account | Top | 44 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Wootery on Wednesday May 10 2017, @08:45AM

    by Wootery (2341) on Wednesday May 10 2017, @08:45AM (#507438)

    I disagree. I think this could cost them bigtime. Your CPU turning out to be hackable is the best thing you can do to scare off security-aware customers.

    coercing a bunch of H1Bs to work a week of unpaid overtime

    Intel's software engineers do not, on average, work for free. Let's not be silly.

    I wouldn't be surprised if coding this right in the first place was actually more expensive than fixing it later.

    But again, you're pretending there's no way this could scare off big customers. Military cyber-security folks might seriously question opting for Intel products in future, for instance. It says a lot about Intel that they allowed this to happen in the first place, both in terms of their competence and their high-level values and decision-making. They placed gimmicky bullshit over risking exposing their customers to below-ring-zero compromise.

    I agree that a lawsuit deterrent isn't likely, but I don't agree that the market will necessarily forgive them.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2