Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday January 04 2015, @06:26PM   Printer-friendly
from the you-might-have-paid,-but-it's-not-your-computer dept.

Over at Hackernews is a link to a discussion on how the Intel Management Engine (ME) is preventing screenshots, by bypassing the host CPU.

If you're on an Intel machine that you've purchased in the past 2-3 years, that computer almost certainly has an Intel Management Engine. You might not know what that is, and that's okay. You may also be unaware that the operating system on your computer could be leveraging features in the Intel Management Engine when consuming DRM Media.

This links to a blog posting on the Intel ME in response to Rosyna Keller's twitter posting about being unable to take screenshots from Netflix (The Rosyna of the article title).

The core of the technical detail is taken from Igor Skochinsky's presentation on the ME (PDF Link) . The article raises the questions over the position of the ME in the system and the security implications of the ME subverting the host machine hardware outside of the main processor:

Given that the ME sits in a position where it can configure the chipset and operate on the PCI bus, there are some serious security implications here I wish I could mitigate. Among them is the ability of the ME to run arbitrary code on the host CPU via option ROMs or presenting a disk-drive to boot from. Also among those abilities is the possibility to perform DMA to access host CPU memory. And another one is the ability to configure and use PCI devices present in the system (such as the ethernet card).

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by kaszz on Tuesday January 06 2015, @02:50AM

    by kaszz (4211) on Tuesday January 06 2015, @02:50AM (#132083) Journal

    Any idea how to screw this kind of chips?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1) by boltronics on Tuesday January 06 2015, @03:01AM

    by boltronics (580) on Tuesday January 06 2015, @03:01AM (#132088) Homepage Journal

    Without Intel's help, you'd have to crack the encryption and reverse-engineer how it works so the software can be replaced. I think I read somewhere that we have the ability to replace the code if we learn how to build a replacement.

    --
    It's GNU/Linux dammit!
    • (Score: 2) by kaszz on Tuesday January 06 2015, @03:10AM

      by kaszz (4211) on Tuesday January 06 2015, @03:10AM (#132091) Journal

      "if we learn how to build a replacement"

      Why is that step required?

      • (Score: 1) by boltronics on Tuesday January 06 2015, @03:42AM

        by boltronics (580) on Tuesday January 06 2015, @03:42AM (#132101) Homepage Journal

        Presumably we don't have specifications? Which is why we need either Intel's help or the ability to reverse-engineer the exisiting binary to figure it out.

        Happy for someone working on this to correct me if I'm misunderstanding the situation.

        --
        It's GNU/Linux dammit!