SoylentNews is people
SoylentNews
from the idle-hands-devil's-playthings dept.
Positive Technologies has posted an interesting article about disabling the Intel Management Engine 11 via an undocumented mode.
Our team of Positive Technologies researchers has delved deep into the internal architecture of Intel Management Engine (ME) 11, revealing a mechanism that can disable Intel ME after hardware is initialized and the main processor starts. In this article, we describe how we discovered this undocumented mode and how it is connected with the U.S. government's High Assurance Platform (HAP) program.
[...] Intel Management Engine is a proprietary technology that consists of a microcontroller integrated into the Platform Controller Hub (PCH) chip and a set of built-in peripherals. The PCH carries almost all communication between the processor and external devices; therefore Intel ME has access to almost all data on the computer. The ability to execute third-party code on Intel ME would allow for a complete compromise of the platform.
[...] Unfortunately, analysis of Intel ME 11 was previously impossible because the executable modules are compressed by Huffman codes with unknown tables. Nonetheless, our research team (Dmitry Sklyarov, Mark Ermolov, and Maxim Goryachy) managed to recover these tables and created a utility for unpacking images. The utility is available on our GitHub page.
Hey, the government isn't the only one who wants "high assurance" for their computers. We trolls and average peons would like to think our systems are secure as well.
But it gets better.
Intel allows motherboard manufacturers to set a small number of ME parameters. For this, the company provides hardware manufacturers with special software, including utilities such as Flash Image Tool (FIT) for configuring ME parameters and Flash Programming Tool (FPT) for programming flash memory directly via the built-in SPI controller. These programs are not provided to end users, but they can be easily found on the Internet.
From these utilities, you can extract a large number of XML files (detailed description of the process). These files contain a lot of interesting information: the structure of ME firmware and description of the PCH strap, as well as special configuration bits for various subsystems integrated into the PCH chip. One of the fields, called "reserve_hap", drew our attention because there was a comment next to it: "High Assurance Platform (HAP) enable".
[Ed Note - The fine article contains the following disclaimer:
Disclaimer: The methods described here are risky and may damage or destroy your computer. We take no responsibility for any attempts inspired by our work and do not guarantee the operability of anything. For those who are aware of the risks and decide to experiment anyway, we recommend using an SPI programmer.
You've been warned.]
(Score: 4, Interesting) by Anonymous Coward on Friday September 01 2017, @09:51AM (20 children)
If this pans out so that normal lusers obtain the option to have sole effective control over their hardware again, Intel may see some of my money for the first time in decades.
(Score: 4, Insightful) by The Mighty Buzzard on Friday September 01 2017, @10:26AM (11 children)
Yup. I hate dropping cash to Intel because their price:value ratio is shit compared to AMD's currently but if I can have a new CPU that I am the boss of that'll make up for the cost difference.
My rights don't end where your fear begins.
(Score: 5, Insightful) by Hyperturtle on Friday September 01 2017, @04:05PM (10 children)
Why are you going to reward them for providing you a benefit because of a mistake?
This *will* get sealed up with an update--either via Windows 10 automandatory-for-security purposes, via some bios update that claims to do something else, or just on new hardware that simply won't have this option -- just like all of their previous hardware that only was exploitable once exploits were found.
Stating that this sways your decision "to give them money" seems like the wrong metric is being used, at least based on the context.
Do yourself a favor and buy something used; don't let them profit from their eventual correcting of their mistake by rewarding them directly.
This is no different to me than if someone said that because some hack in a savegame file allowed for the PS3 to run an alternate OS again, Sony products are suddenly worth buying again. Not they aren't--at least not brand new consoles and not because of a mistake that unexpectedly enables a feature they thought they stamped out.
Intel(Sony) already had made the decision to take away user control. They have made no statement suggesting they want to give control back. Exploits get patched, and what can't get patched easily will be fixed in the next product. Preventing the patches can get challenging as the OSes mature.
And Windows 10, as we know, can do ever greater and greater invasive checks--and enforcement.
I imagine that some people will find, perhaps if this is done on major brand hardware (as opposed to a DIY computer/motherboard)--then using the right ME firmware module settings will be enforced unless via corporate control. Some INF will downloaded in the background without asking. Then after the next reboot, a check will determine you're not compliant --no properly functioning OS for you on next bootup, contact your administrator for assistance.
It's not like Windows hasn't remotely bricked machines before because it didn't like bios changes.
Or maybe I am just paranoid--but it seems I am not alone in that regard.
(Score: 3, Interesting) by The Mighty Buzzard on Friday September 01 2017, @04:32PM (3 children)
Because ARM chips won't play the games I want to play and parts for my Phenom II x6 box aren't going to be replaceable forever.
Besides, I don't/never will run Windows 10 and why would I update the bios on a working system?
And if you think they won't leave this feature built into all future chips, you've underestimated how many chips the NSA buys by quite a lot.
My rights don't end where your fear begins.
(Score: 2) by KiloByte on Saturday September 02 2017, @10:16AM (1 child)
While this box starts getting long in the tooth, it's the fastest machine included in the recent reverse-engineering of AMD microcode. Thus, we're going to be having some fun if we don't upgrade.
Ceterum censeo systemd esse delendam.
(Score: 2) by Hyperturtle on Wednesday September 20 2017, @04:51PM
Yes-- this is what I mean by bios upgrades and associated 'hacks'.
There is a lot of potential to add features to otherwise old hardware with the community surrounding keeping the platforms alive.
It is even possible to update the 'OROMS' or 'option roms' -- like for the Intel ME discussed, or the RST(e) (disk drive controllers), the network cards, even the E-SATA controller if one is present--sometimes USB-3 chipsets as well are influenced.
A good place to start looking is the 'win-raid forum', which has many people from all over the spectrum working on how to get more out of what they have--sometimes contributing modifications, sometimes providing instructions, or links to tools. (I've donated a few bucks there like I have here--there are some great technical references there that much harder to find outside of their forum.)
The site doesn't host anything directly, since the changes can be questionable as far as who owns the code in a given modification described, so keep in mind that caveat emptor very much applies.
(Score: 3, Interesting) by Hyperturtle on Saturday September 02 2017, @09:15PM
Oh, updating the BIOS on a working system is a risk... But I've modded in new microcodes and option rom features, like backporting Xeon microcodes into my motherboard and allowing NVMe storage to work natively via the installation of updates Intel RST rom codes. I've ended up with a number of custom roms on my hardware, depending on what I have been able to get things to do and what I've found floating around on-line that would work with a given chipset.
There are lots of reasons to update your bios, but I guess our mutual definition of "update the bios" is different -- I would 'upgrade' my bios.
I wouldn't likely update my bios, as you suggest, on a working system that has nothing wrong, unless there was something I specifically needed or wanted to enable that I can't get otherwise.
Anyway, NVMe on an x79 platform, is pretty fantastic. It's something that otherwise just isn't supported on the X79 platform and there are no X79's with built in m.2 ports for NVMe. Without the bios mod, I'd have to settle for M.2 to PCIe with AHCI protocl support for the storage (like an SATA SSD), but now I can run NVMe natively and it's far faster than my original storage. I only had to tinker a bit and then buy the storage.
There's lots of great hacks you can do to older gear... but I will concede it's sometimes way more convenient to just buy something that already works without having to void the warranty of what you already have, or risk blowing up the only one you've got trying to squeeze more out of it.
(Score: 4, Interesting) by jmorris on Friday September 01 2017, @04:46PM (2 children)
Read the article before saying something dumb. Intel confirmed the existence of the feature. They won't remove a feature that is a requirement by a large volume buyer like the U.S. Gov because that would be so dumb there isn't language to express the concept with.
What we should be pushing for is for motherboard makers to expose that knob in BIOS. We fought the CPUID and they did it, we just have to make sufficient noise that one of them sees an opportunity to move some additional units in a stagnant market. Now is the time, we have the whip hand.
These things are out of control. Did you read that description? Three (3) 486 class processors inside the chipset that we know almost nothing about and are cryptographically locked out of ever controlling? Shut it down!
Next we have to make AMD give us an escape mode too.
(Score: 1, Interesting) by Anonymous Coward on Friday September 01 2017, @10:52PM
The solution to this (sadly not for TMB there with his x86 videogame addiction..) is crowdfunding ACTUAL desktop chips.
Hell, find out if there are any design copyrights still being enforced on Socket 7/SS7 and use that. Depending on the unused pins (if any) we could even run multiprocessor support off the same socket, while providing single or dual socket boards that were electrically compatible with vintage pentium processors. And socket 7 should be good for at least 266 mhz, maybe more before running into the power/ground plane issues that lead the jump to 423/478/775.
All the ancillary tech is out of patent if not copyright, SDRAM and DDR chips are both cheap enough for low production run systems at reasonable affordable rates.
Won't be a shiny modern x86 or arm system in power, price, or performance, but just look at where bitcoin took mining development there. If you built a first generation, even if it isn't that great, you can get people jumping on the bandwagon for future generations if it is something they are willing to continue throwing money at to buy, whether for profit or privacy. Obviously you aren't going to be selling lots of 2k-10k computer systems like they were able to with mining rigs, but if you aim for a 100-500 dollar price, carefuly budget to step down pricing on old models as demand increases and new models can be added, you should have no trouble getting market share in the tens to hundreds of thousands of units. Not much by modern computer sales standards, but numbers that were quite good in years past, even when motherboards/cpus were only in the 150 dollar range each. And thanks to modern electronics sales and design most of the components can be bought/built for far less than those older parts were, especially if you can tape on older processors like 180nm (like the propeller 2 is planning to, and which was used for... the Pentium 3 era processors? Capable of up to 1.5 ghz with a 512k cache onboard. Maybe more given modern process technology or a carefully designed prefetcher.
(Score: 2) by Hyperturtle on Saturday September 02 2017, @08:41PM
I agree with everything you say, from the context you've stated it. My context was for end users being unable to exploit this in the long term, because the process will change, and the power of control will end up back where it was supposed to be. I never suggested the people that wanted the features were going to somehow be without it because their firmware secrets are now known.
And why call me dumb? I can't say I've stated the same about you. Lighten up.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @10:21PM
Buy the systems used. Most used Intel/AMD hardware can be purchased for a pittance after the next generation comes out (not every gen obviously, and some of the newer gens have retained their value quite well.)
Like TMB AM3 is my primary, but motherboards are already unavailable new locally (and I need to purchase a replacement for a defective 970 for under 100 dollars) On the other hand, with ME stripping available, a lot of previously ignored intel hardware can also cover the gap for me, including hardware new enough to get version 2 IOMMU support for 'native hardware under virtualization', which has numerous benefits of its own if you can spoof a hardware config that doesn't appear to provide ME/PSP for exploitation.
(Score: 2) by PinkyGigglebrain on Friday September 01 2017, @10:58PM (1 child)
Your only paranoid when "they" aren't really out to get you.
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 1) by anubi on Saturday September 02 2017, @04:47AM
I am not afraid of "them" in the sense that "they are out to get me"...
Rather I feel the internet has some rather nasty characters in it, like a bad area of town, and when I make myself visible, I stand out like a target.
Asking me to get onto the internet with too much ID showing to me is like asking a businessman to take his daily store's cash receipts, on foot, briefcase in hand, to his bank on the other side of a bad neighborhood - all dressed up in suit and tie, signalling he's carrying money.
If I am going to use a public internet, I want to be able to identify myself ONLY to those I deem necessary to release that information to. To do anything else, I feel like a jackrabbit in a field of hungry wolves.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 5, Informative) by unauthorized on Friday September 01 2017, @11:50AM (6 children)
There was previously a way to remove it [github.com], but it is hardly a simple or elegant solution, since one typically requires an external programmer and the process involves deleting a bunch of encrypted modules with unknown functionality from the firmware.
(Score: 2) by leftover on Friday September 01 2017, @12:16PM (4 children)
If you want to disable ME in its entirety, who cares what the pieces do?
Bent, folded, spindled, and mutilated.
(Score: 4, Informative) by fraxinus-tree on Friday September 01 2017, @12:32PM (3 children)
You don't want to disable ME in it's entirety, because without some pieces you get (some) not working hardware.
(Score: 5, Interesting) by unauthorized on Friday September 01 2017, @01:55PM (1 child)
Actually, the CPU seemingly works just fine without the ME, although the catch is that the hardware is defective by design and the CPU will shutdown after 30 minutes of operation it cannot load one specific ME module. The tool I linked simply erases all other modules, although you still essentially have a possible backdoor into your system.
That said, some of those modules are benign and provide actual features, through nothing mission-critical thankfully.
(Score: 2) by leftover on Friday September 01 2017, @03:52PM
thank you for the information. This is the level of granularity I wanted.
Bent, folded, spindled, and mutilated.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @02:24PM
> You don't want to disable ME in it's entirety, because without some pieces you get (some) not working hardware.
Isn't getting some of the hardware to not work the entire point of the exercise?
(Score: 4, Interesting) by xhedit on Friday September 01 2017, @01:21PM
I have a clip, but you don't really need it to flash the ME_cleaned bios. On all my PCs I just copied the modified UEFI to a flash drive and used the built in flash tool, worked fine on every system I have.
I did make backups and was prepared for it not to work (making a programmer necessary) but everything went fine.
(Score: 3, Insightful) by frojack on Friday September 01 2017, @06:03PM
Silly Rabbit.
Intel will simply double down, Encrypt it deeper. Hide it in a darker place.
And even if they offer a processor model without the IME, who would believe them?
No, you are mistaken. I've always had this sig.
(Score: 4, Insightful) by fraxinus-tree on Friday September 01 2017, @12:33PM (8 children)
At least, we know what Sklyarov was arrested for, some years ago.
(Score: 4, Informative) by DannyB on Friday September 01 2017, @01:20PM (7 children)
I remember what Dimitry Sklyarov was arrested for [wikipedia.org].
Adobe was promoting it's trivial-to-crack DRM scam for PDF files.
Sklyarov was to give, or actually gave a talk about how to easily crack Adobe's faulty DRM in PDF files.
Adobe got the FBI involved. Sklyarov was arrested. Passport confiscated. He couldn't return to Russia to his wife and newborn son. (IIRC) Eventually after some time (six weeks?) he was freed, but not allowed to leave Northern California. Eventually he was cleared. The Wikipedia article linked above is more detailed than my summary here.
The whole thing at the time was maddeningly outrageous.
For some odd reason all scientific instruments searching for intelligent life are pointed away from Earth.
(Score: 2) by tangomargarine on Friday September 01 2017, @03:38PM (6 children)
Those in power really don't like being laughed at.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2, Funny) by The Mighty Buzzard on Friday September 01 2017, @04:57PM (1 child)
Speak for yourself. I was walking through Wal-Mart the other day to get some ice cream and Thriller came on their background music, so of course I broke out into the Thriller dance right there in the aisle.
My rights don't end where your fear begins.
(Score: 2) by frojack on Friday September 01 2017, @06:26PM
So within a few days you will appeare on http://www.peopleofwalmart.com/ [peopleofwalmart.com]
No, you are mistaken. I've always had this sig.
(Score: 2) by DannyB on Friday September 01 2017, @05:19PM (3 children)
I could make a Trump joke. It would be so incredibly easy. You just threw me the perfect bait.
Buuuuut . . . not right now.
For some odd reason all scientific instruments searching for intelligent life are pointed away from Earth.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @06:23PM (2 children)
> I could make a Trump joke.
Reeeealy tempted to abuse the moderation a bit and mod your post as "Redundant"...
(Score: 2) by DannyB on Friday September 01 2017, @06:38PM (1 child)
If you remember the outrage of the Sklyarov incident, you would have understood the "Those in power" comment to refer to those in power back then in 2001. So it wouldn't seem to be so redundant to then stretch the meaning to refer to present day.
For some odd reason all scientific instruments searching for intelligent life are pointed away from Earth.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @07:57PM
Ah, sorry, that was intended as a dig at the redundancy of the phrase "Trump joke" (as indicated by the quoted bit). You're reading way too much into it.
(Score: 4, Interesting) by RamiK on Friday September 01 2017, @01:01PM (12 children)
I've said it before with relations to LibreBoot and I'll say it again with regards to the ME blobs: It's quite possible that, similarly to how microcode updates fix real functionality issues, ME modules are addressing security issues you'd otherwise be exposed to without them.
The security concerns regarding ME and microcode are real. And overall, it's good that people are researching this. Naturally, if you happen to have an old motherboard pass its support that has an older ME version you know is insecure, it's a good idea to take the risk and disable ME.
But, to mistrust Intel's blobs is to mistrust Intel's hardware. If you want trustworthy hardware buy a Talos II or RISC-V. But thinking it's "more secure" to strip the ME blobs is just deluding yourself.
compiling...
(Score: 1) by xhedit on Friday September 01 2017, @01:18PM (9 children)
Okay Candide, tell me how having extra proprietary, heavily encrypted binary blobs running makes the PC MORE secure.
That's some serious optimism you got going there.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @01:24PM (8 children)
He's not saying it makes it more secure, he's saying it doesn't make it less secure, as even without it the processor is completely proprietary.
(Score: 4, Informative) by The Mighty Buzzard on Friday September 01 2017, @01:54PM (7 children)
And he's wrong. Less code == less attack surface. Assuming an attack is even needed and there aren't deliberate backdoors written in.
My rights don't end where your fear begins.
(Score: 3, Informative) by RamiK on Friday September 01 2017, @02:41PM (6 children)
Who's to say there's less total code being executed? Maybe the blob instructs a substitution of many, faulty routines with fewer, working ones? Or maybe it's disabling large amounts of code altogether. It's precisely what most of CVE-2017-5689 firmware updates did: Instead of delivering an update to the AMT, they just disabled the web-server code stored on the ROM. From our end, it would appear like they're added code. But from the stack's end, it's a net reduction in attack surface.
compiling...
(Score: 2) by The Mighty Buzzard on Friday September 01 2017, @04:39PM (5 children)
You really should RTFA if you think that's what's happening.
My rights don't end where your fear begins.
(Score: 2) by RamiK on Friday September 01 2017, @05:55PM (4 children)
I did. All I saw is speculations about one undocumented magic bit or the next. We don't know what it does. We don't know how well it works. And even if Intel or the NSA came out and said it turns off ME, believing them defeats the whole purpose of reversing while distrusting them leaves us where we started: speculating. Besides, who's to say they don't have any other undocumented "features" that turn it back on? Would it surprise anyone to know Intel sold the NSA a "security feature" that just didn't work? Microsoft does it all the time and they even give the government a peek at their source code. Do you think the NSA hired a group of EEs to go through Intel's ME engine and review it for security issues and flaws?
Overall, I'm not convinced.
compiling...
(Score: 2) by bob_super on Friday September 01 2017, @06:38PM (3 children)
> Do you think the NSA hired a group of EEs to go through Intel's ME engine and review it for security issues and flaws?
Definitely. Was that actually in question?
And most of the binary blobs are there to mitigate the effects of bugs and flaws found by Intel and the NSA (most, not necessarily all). You can remove them and never hit the specific issue they address, and even blame Microsoft, Apple or whatever SW you're seeing crash if you do...
But let's not have a rational answer get in the way of a good paranoia story
(Score: 0) by Anonymous Coward on Friday September 01 2017, @07:26PM (2 children)
> Definitely. Was that actually in question?
You are aware the question was regarding the whole "ME engine" rather than just ME? That is, the whole ROM + separate chip switches... We're talking about millions of lines of code going through hundreds of thousands worth of compilers into millions of lines of HDL.
The NSA did the same as when Microsoft extended their offer to review their code: They hired a dozen guys for a couple of months to go through the IP stack and document the magic packets so they'll be able to filter them out with a separate physical firewall.
Moreover, why on earth would the NSA ever disclose security issues and give up their backdoors? If they have a turn-off switch to ME, they have nothing to be afraid of. If they don't, they can just put up a physical firewall to block the magic packets.
> And most of the binary blobs are there to mitigate the effects of bugs and flaws found by Intel and the NSA (most, not necessarily all).
Agreed. But only as it extends to Intel. The NSA has no reason to disclose flaws.
> But let's not have a rational answer get in the way of a good paranoia story
Go look over at wikileaks. There are hundreds of flaws discovered by the NSA that were kept a secret. And again, especially in this case where they can either close ME or filter the packets or both, they have no reason to disclose any of it.
Gosh... Why does any of this needs explaining in 2017?
(Score: 4, Informative) by bob_super on Friday September 01 2017, @07:39PM (1 child)
> The NSA has no reason to disclose flaws.
Funny that. I used to work for a company where the guys with a Clearance would talk to the NSA, and the next generation of parts happened to have tweaks to various features to mitigate unspecified security risks.
The NSA is tasked with defensive action too, because you don't want your Reaper, Tomahawk or Minuteman to suddenly fly in the wrong direction (unless they're heading for 38°53′52″N 77°02′11″W or 38°53′23.29″N 77°00′32.81″W, obviously). They take that job very seriously, whatever Internet dwellers like us say about their Evil secretive ways.
(Score: 1, Insightful) by Anonymous Coward on Saturday September 02 2017, @09:23AM
> to mitigate unspecified security risks.
Or to enable others. But hey, don't look at a gift horse in the mouth, right?
(Score: 4, Informative) by bradley13 on Friday September 01 2017, @06:11PM
Trust Intel. Maybe. I mostly do. However...
...I would trust them more if they played with open cards. Intel is important enough to be an NSA target. And if the NSA wants Intel to quietly install a backdoor, Intel will almost certainly do so.
The ME makes a lot of sense for large organizations that needs to remotely maintain lots of systems. For everyone else, it's just a security risk, and there is absolutely no reason that Intel shouldn't make a BIOS switch available to turn it completely off. They haven't done so, and that alone is suspicious.
Open, complete documentation, including an "off" switch. Ideally open-source the code. Then I'll trust them.
Everyone is somebody else's weirdo.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @10:27PM
Notable that dual procs are mandatory for using all PCIe slots.
That the motherboard costs 3-4x as much as the bottom line processors.
And most damning: It uses broadcom ethernet chipsets, which might as well be a management engine, for all the potential exploits both in their firmware and in their general hardware design.
Having said that, if you have car-sized amounts of money to blow, it is a PCIe 4.0 system SOON, as opposed to next year at earlist for the x86 stuff.
(Score: 5, Interesting) by bzipitidoo on Friday September 01 2017, @02:03PM (5 children)
Since 9/11, the desire to get ahead of all security problems, trying to stop them before they happen, has become a national mania. Precrime. Many of the so-called security measures haven't been worth the cost.
Intel is just one corporation of many that have been doing privacy eroding crap for years. The CPU ID they started with the Pentium 3 in the late 90s caused a lot less trouble than their infamous division bug in the first Pentiums. I stuck with a Pentium II based PC for years, trying to avoid the P3 ID crap, and I have to conclude it wasn't worth it. I did finally upgrade, and no Pentium 3 or 4 ever outed me for piracy or whatever.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @02:33PM (4 children)
The Processor Serial Number "feature" was only present in the earlier revisions of the Pentium 3. It was removed in later Pentium 3 revisions and was never present in the Pentium 4 or later processors. As far as I know nobody ever used it for anything.
(Score: 4, Informative) by jmorris on Friday September 01 2017, @03:56PM (2 children)
Yea, the public outcry made them stop doing it in the CPU. But notice the motherboard has a UUID now? And of course the hard drive has a serial number and if you want a UUID for it just has the manufacturer, model and serial number. Always watch what the other hand does.
(Score: 0) by Anonymous Coward on Friday September 01 2017, @10:32PM (1 child)
Those Pis also have a serial number embedded via prom or efuses, which is available via some of the proprietary Pi tools.
Meaning if you paid with a credit card, that second barcode they read off the back was your serial code and it is now tied to your purchasing information.
Same concern with pretty much every piece of hardware in your system. Everything except the CPU is definitely returning a UUID if not serial number, and some do both. If you play an MMO and/or use Windows, assuming that information is tied to that identity, and make sure you don't cross identities with applications, OSes, or hardware that is tied back to your meatspace ID.
The in person cash based used market should really be seeing more activity if people want to keep themselves anonymous, because the retail market, in person AND online definitely isn't. (Even paying cash... what did you think all those cameras at the checkouts were being repurposed for? Loss Prevention and law enforcement surveillance both.)
(Score: 0) by Anonymous Coward on Friday September 01 2017, @11:58PM
Good thing i buy clones, from china. They dont give a damn who buys their stuff.
(Score: 2) by bob_super on Friday September 01 2017, @06:43PM
If you believe that there isn't a specific serial number accessible through software for testing purposes, I have a nice bridge in Brooklyn you gotta see.
Everyone in the Si industry has unique IDs on their parts.
(Score: 3, Insightful) by Azuma Hazuki on Friday September 01 2017, @04:26PM (3 children)
Isn't it? A little while ago we read about a big backdoor in the Intel ME, and suddenly, mysteriously, it "leaks" that there's a way to disable most of it. Hmmmm...
I am "that girl" your mother warned you about...
(Score: 0) by Anonymous Coward on Friday September 01 2017, @06:12PM (2 children)
Do you buy aluminum foil in bulk at Big Lots?
(Score: 5, Funny) by Azuma Hazuki on Friday September 01 2017, @07:03PM (1 child)
Good Lord, no, that's much too easy to track. I raid dumpsters all over the city and then melt the foil I get down into slag, then press it out myself.
I am "that girl" your mother warned you about...
(Score: 2) by fido_dogstoyevsky on Tuesday September 05 2017, @11:31AM
Serious helmet users don't use aluminium, Velostat [wikipedia.org] is superior [stopabductions.com].
It's NOT a conspiracy... it's a plot.