Slashdot Mirror

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Long version:

ME: Management Engine

The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Long version:

ME: Management Engine

The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or

Here you go:
https://github.com/Microsoft

SSL is now completely free via let's encrypt.

Let's Encrypt requires a fully qualified domain name (FQDN) under a well-known top-level domain (TLD), not an IP address in RFC 1918 space or a name under a made-up TLD such as .local or .internal. So do all other CAs whose root certificates are included in Mozilla NSS, as a FQDN is one of the Baseline Requirements adopted by the CA/Browser Forum.

Domains are cheap.

Cheap enough for every head of household to buy and to continue to renew in perpetuity? Because buying a domain is the only way to get a certificate for hosts on your LAN that visitors' devices will trust, and a certificate is the only way you're going to satisfy the "Secure Contexts" requirement for recently introduced JavaScript APIs.

Free ones are available.

Namely?

If you're referring to subdomains offered by dynamic DNS providers, these providers have to be on Mozilla's Public Suffix List (PSL). If a domain isn't already on the PSL, and 20 other users of subdomains under the same domain have obtained certificates in the past week, Let's Encrypt will deny you a certificate, citing its rate limit policy. If a domain is on the PSL, each subdomain gets its own separate rate limiting bucket of 20 certificates per subdomain per week. In addition, submissions to the PSL must be made by the dynamic DNS provider as a pull request through GitHub.com, and use of GitHub.com requires running proprietary software written in JavaScript on your computer.

See blog entry: https://puppet.com/blog/nsa-re...

https://github.com/NationalSec...
https://github.com/SIMP

A great and extremely useful project by the way.

1) If you're a 'tech journalist', make some minimal effort to get facts right (like you know actually looking at dates on the GitHub org page), at least in your fucking headline.

2) I hate this reductive 'anything with the word NSA in it is bad' reasoning. Open source is open source, and useful code is useful. GitHub is full of cool stuff from organizations that don't get much love here - Walmart, Facebook etc.

See blog entry: https://puppet.com/blog/nsa-re...

https://github.com/NationalSec...
https://github.com/SIMP

A great and extremely useful project by the way.

1) If you're a 'tech journalist', make some minimal effort to get facts right (like you know actually looking at dates on the GitHub org page), at least in your fucking headline.

2) I hate this reductive 'anything with the word NSA in it is bad' reasoning. Open source is open source, and useful code is useful. GitHub is full of cool stuff from organizations that don't get much love here - Walmart, Facebook etc.

The British information security services, GCHQ, have been posting interesting and useful stuff to GitHub for a while. In fact if you want to do interesting analytics on graphs with annotations to both arcs and nodes they have released some pretty neat tools, and they're not just useful for finding terrorists on social networks.

Have you tried the "releases" section on their github page?
https://github.com/mozilla-mob...

I think that SiS' old 486-to-pentium-ish designs are carrying on as Vortex86. If they aren't now; they were until comparatively recently.

On the FPGA side, there is ao486. Don't know much about it; but seems similar to what you have in mind.

Counterpoint: https://github.com/google/oss-... Google is fuzzing a whole bunch of open source projects and filing bugs.

At some point Linux ABI was updated to support files exceeding 2^31 bytes while retaining full backwards compatibility so I I'm not buying insurmountable technical justifications other than simple lack of will.

There does in fact seem to be some progress taking a similar approach to large file suport..

https://sourceware.org/glibc/w...
https://github.com/3adev/y2038
https://gitlab.com/bminor/glib...

If/when it will be completed/merged I do not know.

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Long version:

ME: Management Engine

The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or

The problem with GitHub is the lack of any way to effectively organize repos. There has been a request to provide some basic tools for over a year: https://github.com/dear-github...

I've got well over 100 repos on my account. Some personal, many related to my work organization... It's a nightmare to work with.

This would not be possible in Europe due to the fact that Credit Card Companies can not see your purchases. This is by law. They can see the type of store and guess what you bought, but will never be sure.
e.g. If you use it at the supermarket they have no idea if you bought diapers or wiskey or both. The store itself will only have the transaction number and not hold the card number, so that would be an extra layer of problems.
They would first need to ask the ISP, then ask the store and then ask the CC company.
With registration, all they need is ask the ISP and they will have your national number and with that all the info they need.

Want tro develop software for the ID card reader in Belgium for Linux? No problem: https://github.com/fedict/eid-...

To register all you need to do when you buy a card is put your card in the reader and they will have your details. You do not trust it? Well, read the code.
It is very easy to program in a check to see if the card is valid, stolen or what not.
Main downside is that every reader can read all the details. e.g. it will be able to read your address and there is no way to prevent that.

I use it mainly to do my taxes. Put the card in the card reader on my Linux box, Click on OK a few times as they already have all the info and done. Taxes took me 10 minutes. 8 more than normal, because I forgot I had to re-install the software.

A good python library will take ALL of them - and handle it correctly depending on the type it received. A good python function should accept ANY compatible data in any compatible type - and know how to deal with different types it may encounter.

Some tasks only ever make sense on a list - so only implement list code.

But if the task could, also, in a sensible way be done on a dict - then you damn well implement support for a dict and ensure your code checks which type it is and uses the right iterator.

Good python devs never let the user of a library try to guess what the library accepts - they tries to cater for whatever the users needs.
Consider this class I wrote:
https://github.com/ajventer/py...

Notice how it will work correctly regardless of whether the input is a list, an arbitrary sequence of parameters or even an arbitrary string - it will parse the data, and construct it into a generic format for use in internal calculations, and fail cleanly if the provided data cannot logically be parsed into an understandable sequence.

That's how python is supposed to do it. As long as the data is compatible with the processing function, all compatible types should be accepted.

Note that you two are not discussing the same kind of "type" here, even though they share a word. Dynamic type systems can be regarded as static type systems where all values have a single type. However, Python has been gaining optional static typing capabilities . See mypy, PEP 483, PEP 484 and also the typing and typeshed) modules.

Note that you two are not discussing the same kind of "type" here, even though they share a word. Dynamic type systems can be regarded as static type systems where all values have a single type. However, Python has been gaining optional static typing capabilities . See mypy, PEP 483, PEP 484 and also the typing and typeshed) modules.

Looks like there is a gist already up to protect against this sort of thing during initial setup:

#!/usr/bin/env bash
[[ -z "$1" ]] && \
  printf 'need a username as the first argument.\n\n' && \
  printf '(prefer lowercase and letters only, read more:\n' && \
  printf 'http://bit.ly/2siqPGt\n\n' && \
  printf '(wrap the username in quotes, read more:\n' && \
  printf 'http://wiki.bash-hackers.org/syntax/quoting)\n\n' && \
  exit 1
 
[[ -z "$2" ]] && \
  printf 'need a password as the second argument.\n\n' && \
  printf '(wrap the password in quotes, read more:\n' && \
  printf 'http://wiki.bash-hackers.org/syntax/quoting)\n\n' && \
  exit 1
 
USERNAME="$1"
PASSWORD="$2"
 
# add new user
sudo useradd "$USERNAME"
sudo usermod -p $(printf '%s' "$PASSWORD" | openssl passwd -1 -stdin) "$USERNAME"
sudo cp -pR /home/pi "/home/$USERNAME"
sudo chown -R "$USERNAME:$USERNAME" "/home/$USERNAME"
 
# add the same groups to the new user that the pi user has
for group in $(sudo groups pi | cut -d ":" -f 2); do
  if [[ "$group" == "pi" ]]; then continue
  else sudo usermod -a -G "$group" "$USERNAME"
  fi
done
 
# zip up the pi user's home directory, remove it and any mail
cd /home
sudo tar -cJpvf pi.tar.xz pi
sudo deluser pi --remove-home
 
# change sudo access from pi to new user
sudo sed -i 's/pi/$USERNAME/g' /etc/sudoers

Looks like it:

• - creates a new user with the supplied name and password
• - copies the pi's default groups to the new user
• - zips up the pi's home directory for safe keeping
• - and swaps out the pi user for the new user in /etc/sudoers

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Long version:

ME: Management Engine

The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or

So, you want to replace every frame in a movie with a collection of images or snippets that correspond to each part of the frame, right? And you're going to store a dictionary of snippets, referenced by number, then say "this frame takes snippet 1234, 6543, and 9274". The problem is that the number of snippets you'd have to store is enormous, and that each snippet itself is going to be a ginormous number (like the bits of the string of bytes in that snippet).

See where this is going? You're basically establishing a mapping of small numbers to much larger numbers. Either that set of big numbers is tiny (in which case you can only represent a small number of frames in the output video and picture quality is awful) or it's huge, in which case the index numbers themselves become roughly as big as the numbers they're referring to, and oh yeah, good luck searching through that space bunches of times per frame.

The idea isn't inherently bad if you have a small number of states you want to represent. For instance, Zstandard lets you precompute a dictionary of common strings you want to shorten. Imagine if you trained it on HTML so that each tag or other common string just takes a few bits, then you can distribute that dictionary to the whole world so that you can save the bandwidth of transmitting it alongside the compressed data each and every time (like we do with Zip, Gzip, etc.). That's a nice thing! But the search space of "things you can display on a screen" is a hell of a lot bigger than "things you can sent in an HTTP header".

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

Mozilla is breaking thousands of extensions in November including uBlock, and is integrating a clippy clone into Firefox as of version 55. It also moved the refresh button again with no way to move it back.

Mozilla can no longer be trusted as a voice on the web as it keeps crippling a once great web browser. in November we will be stuck with spyware browsers or having to pay thousands of dollars to get a Mac to get the new tracking protection in Safari.

What? no, it exists for zillions platform, see https://pwsafe.org/relatedproj...

Also and you can compile it yourself, source are available:
https://github.com/pwsafe/pwsa...

What? no, it exists for zillions platform, see https://pwsafe.org/relatedproj...

Also and you can compile it yourself, source are available:
https://github.com/pwsafe/pwsa...

From https://github.com/MycroftAI/m...:

Once signed and a device is paired, the unit will use our API keys for services, such as the STT (Speech-to-Text) API. It also allows you to use our API keys for weather, Wolfram-Alpha, and various other skills.

So yet another IP-connected, trigger-phrase-activated microphone then. Not interested.

Since HTML5+CSS3 was shown to be turing complete.

More here.

That profile works with every Tox client because those clients use open source to build around the same tox core. Example, a qTox profile you use on your laptop can be emailed to your phone and opened with Antidote and have the same setup, including contacts. As far as actual histories go, I'm not sure if the profile stores those too because I never keep them. You could probably use a trusted cloud storage service to keep the profile in sync with other devices instead of using Micro$oft to do it for you like it does for Skype users. And because everything is open source, I'm not as worried about backdoors, and I know for a fact that people actually look at the code for the various clients because I've helped out a little bit with the Mac version of qTox and Antidote as a tester.

If you do a quick Google search of "Skype hack," it's terrifying how many results you get. Screw that. As far as how decentralized Tox really is, there are some good arguments made here you may want to look at: https://github.com/irungentoo/..., but that argument is almost two years old and it's gotten better since then. I'm not saying Tox is perfect, but it's definitely still one of the better choices out there that not too many people know about, so it may actually have that going for it too. My top 3 in order: 1) Tox because it is cross-platform and haven't had any issues with it, 2) Signal because it's also open source and made by Whisper Systems, and then 3) Wickr because it has good reviews, a bug bounty, and interesting legal process guidelines if it ever came to it. Never use the version of a client (such as Signal or Telegram) that utilizes a web browser such as a "Chrome app" because well it's Google for one, but also because it's only as secure as your browser is and the more add-ons you have, the more iffy things get.

I'll just leave these here:

steamvr is coming to linux
known issues for steamvr on linux
this was also reported on /. a while back

and OS instead of children: R! /path/to/remove/.*

https://github.com/systemd/sys...

Pottering's Response:

I am not sure I'd consider this much of a problem. Yeah, it's a UNIX pitfall, but "rm -rf /foo/.*" will work the exact same way, no?

Unrelated, I also found sound worked much easier in FreeBSD than it did in Linux with pulseaudio. I wonder who designed that trash.

What filesystem on Linux operates in the way that Microsoft's GVFS does? For reference they put it here. There is the concept of virtual files already which is how cloud storage plugins work, the file is presented but how fetching and storing is handled is abstracted away, though there seems to be more to GVFS than just that.

The work they've done to make Git scale to fit their needs sounds great, and I see they've open-sourced the key components. That's awesome. At the moment it looks like GVFS is Windows-only (not a big surprise -- and not a complaint; they built what they needed). I'd like to see someone port it to Linux and make this infrastructure more broadly available. It sounds like it would be much nicer to work on than the "repo" tool that Android layers on top of Git to enable managing a whole bunch of smaller repositories.

Why? The only reason to use their GVFS is to (a) work with VS and TFS - both of which are Windows-only (no, VS Code doesn't count, it doesn't have 95% of the features of VS), and (b) to use their broken development model of locking files when you're working on them. Neither of those is desirable to anyone using git or who understands proper VCS systems.

Huh? I see absolutely nothing related to locking in GVFS. The GVFS protocol has no mechanisms for acquiring or releasing locks, and locking isn't mentioned anywhere else in the documentation. From everything I can see in the code, issues, documentation and TFA, GVFS just provides lazy fetching of git objects, which makes it possible to "check out" a large repository without having to wait for everything to download, and also optimizes the stat'ing of files that git does so much of.

The article summary also leaves out the minor point that MS had to write an entire abstraction layer underneath Git because it's so incapable of handling a large repository.

Not completely true. They call it GVFS, but all it really does is prevent the entire repository from being downloaded when you clone it. Instead it downloads "only what you need". And there are a couple of patches to make git aware that this is happening, so that it stats only what is local and not the whole repository. One might argue that since the developer teams are not working on the entire codebase at once but rather on, let's call them "modules", within the larger repository, then the repository itself should be made more modular that match this development pattern. That would be more inline with the way Git was designed in the first place, and these extensions would not be as necessary. Still, to have the capability is nice.

Just because your favorite version control system can't do something doesn't mean it's a bad idea.

No, but pick the right tool for the job. If you are not developing modular, self-contained code in a decentralized fashion, don't use a source control system designed with those explicit goals in mind.

Notice how LibreOffice splits up their fairly large codebase into several smaller repositories,
https://github.com/LibreOffice

Seems to work pretty well for them.

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

My favorite font: Hack

Looking at the website, here is some of the included software (pulled directly from the website):

Metrics Kit Metrics API — Lightweight API for recording user metrics from apps and system services.

Event Recorder Daemon — Saves recorded user metrics and transmits them in small batches when there’s an internet connection.

Metrics Instrumentation Daemon — Records information about the system, such as performance info.

Phone Home — Anonymous user counter.

A Linux distro that phones home. Well, now I think I've seen it all!

I work for Endless and work/worked on some of these metric subsystems and this is pretty much FUD. The metrics (excluding phone home) can be turned off from the installation screens. Phone home sends a single ping to us per day that's not user identifiable and the only thing we keep there is the country, make, model, and a few other things (you can see all of them here: https://github.com/endlessm/eo...) to know what devices are out there that we should try to support and to see our OS adoption trends.

Sometimes I think we need a "take your kids to work" day for all the rockstar programmers/vc's in silicon valley to show them how real world actually works. That no, all the Windows Admins have not vanished because there is still critical corporate infrastructure that runs on Windows NT and good luck moving it into the cloud anytime soon. And no, in the real world companies don't replace stacks because they're no longer cool, they replace them because the cost to maintain them has become more than the cost to shitcan it and start from scratch. And if you don't have network engineers, whose configuring all the VPN connections, routing tables, etc to your enclaves in the cloud because surely you don't just have everything up there with a route-able IP do you? (actually, given the number of alerts I get from have I been pwned, yes, they probably do).

Beyond all that. It amazes me how it seems many Node/JS advocates will generally declare C/C++ dead when that entire house of horrors only works because of libuv which is written in... C. You take that away and all you have is a crappy DOM manipulation language.

Seriously guys... we're glad you're innovating. But take time out for a reality check from time to time.

The problem is Handbrake isn't a signed app, period.

Actually, it is signed. While they don't use an Apple Developer certificate, they still do cryptographically sign each release. All of that is in addition to providing SHA1 and SHA256 checksums.

As I said, the user didn't check the signature, and you're quite right that they blew by the warnings about the app being from an unidentified developer, given that those warnings already occur even with the official Handbrake releases. Even so, your claim that they don't sign their releases is entirely incorrect.

https://github.com/jlund/streisand

Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

Sorry..... SECURITY trumps resource management, and Chrome is much more secure than Opera thanks to being miles ahead in process sandboxing.

You let me know when my tabs open in chroot() jails.

Surprisingly, somebody is working on this, but it certainly doesn't look like a priority.

An honest question - I switched to Brave a few months ago and it's now my go-to browser on everything, from MBPs and smartphones to gaming PCs. It is also a truly FOSS browser (see https://github.com/brave) which should ring true to this crowd.

Let's also not forget about this marketing-driven manoeuvre to try and get everyone onto Windows 10, which affects anyone running recent Intel or AMD hardware across several versions of Windows (W7, W8/8.1, Server 2008/2012 (w/ and w/out R2)). It also has erroneously affected some older CPU models. There is a third-party patch to work around this nonsense (which includes the disassembled and analysed code) -- https://github.com/zeffy/kb4012218-19. The downside is that it's likely to break every month and also will be flagged during an SFC scan, but it's all we've got right now.

This is exactly a reason *not* to enable automatic Windows Updates. Instead, to tech-savvy folks I recommend disabling automatic updates and do the process manually every few weeks, reviewing every single KB -- and waiting 2 weeks before installing them, as Microsoft in recent days has botched and re-issued them more times than I can count.

Relevant hack that works around this nonsense is here -- https://github.com/zeffy/kb4012218-19 -- but be sure to note that it's likely to break every single month and will be flagged during an SFC scan.

We no longer can rely on Microsoft to provide even a basic semblance of trust. What Linux/BSD users (of which I am one, as a systems administrator!) used to harp on about, re: Micro$oft and MS taking over people's PCs, has now become an actual reality. The Nadella era of Microsoft seems to be more about "renting" copies of Windows to users, rather than the age-old classic of buying the OS and using it as you see fit, with the software company providing updates that do solely what they're supposed to and nothing else. I can't believe I'm saying this, but I actually miss the days Ballmer was running the show.

Let's also not forget about this marketing-driven manoeuvre to try and get everyone onto Windows 10, which affects anyone running recent Intel or AMD hardware across several versions of Windows (W7, W8/8.1, Server 2008/2012 (w/ and w/out R2)). It also has erroneously affected some older CPU models. There is a third-party patch to work around this nonsense (which includes the disassembled and analysed code) -- https://github.com/zeffy/kb4012218-19. The downside is that it's likely to break every month and also will be flagged during an SFC scan, but it's all we've got right now.

This is exactly a reason *not* to enable automatic Windows Updates. Instead, to tech-savvy folks I recommend disabling automatic updates and do the process manually every few weeks, reviewing every single KB -- and waiting 2 weeks before installing them, as Microsoft in recent days has botched and re-issued them more times than I can count.

Relevant hack that works around this nonsense is here -- https://github.com/zeffy/kb4012218-19 -- but be sure to note that it's likely to break every single month and will be flagged during an SFC scan.

We no longer can rely on Microsoft to provide even a basic semblance of trust. What Linux/BSD users (of which I am one, as a systems administrator!) used to harp on about, re: Micro$oft and MS taking over people's PCs, has now become an actual reality. The Nadella era of Microsoft seems to be more about "renting" copies of Windows to users, rather than the age-old classic of buying the OS and using it as you see fit, with the software company providing updates that do solely what they're supposed to and nothing else. I can't believe I'm saying this, but I actually miss the days Ballmer was running the show.

Let's also not forget about this marketing-driven manoeuvre to try and get everyone onto Windows 10, which affects anyone running recent Intel or AMD hardware across several versions of Windows (W7, W8/8.1, Server 2008/2012 (w/ and w/out R2)). It also has erroneously affected some older CPU models. There is a third-party patch to work around this nonsense (which includes the disassembled and analysed code) -- https://github.com/zeffy/kb4012218-19. The downside is that it's likely to break every month and also will be flagged during an SFC scan, but it's all we've got right now.

This is exactly a reason *not* to enable automatic Windows Updates. Instead, to tech-savvy folks I recommend disabling automatic updates and do the process manually every few weeks, reviewing every single KB -- and waiting 2 weeks before installing them, as Microsoft in recent days has botched and re-issued them more times than I can count.

Relevant hack that works around this nonsense is here -- https://github.com/zeffy/kb4012218-19 -- but be sure to note that it's likely to break every single month and will be flagged during an SFC scan.

We no longer can rely on Microsoft to provide even a basic semblance of trust. What Linux/BSD users (of which I am one, as a systems administrator!) used to harp on about, re: Micro$oft and MS taking over people's PCs, has now become an actual reality. The Nadella era of Microsoft seems to be more about "renting" copies of Windows to users, rather than the age-old classic of buying the OS and using it as you see fit, with the software company providing updates that do solely what they're supposed to and nothing else. I can't believe I'm saying this, but I actually miss the days Ballmer was running the show.

A lot of security researchers recommended having your own small, private network that wasn't connected to the internet. I think a lot of them are switching to VMs, though. You can check here for work someone is doing to reproduce the current vulnerability in Metasploit.

https://github.com/RiskSense-Ops/MS17-010/blob/master/exploits/eternalblue/ms17_010_eternalblue.rb#L32

According to the above, the bug comes from subtracting a DWORD from a WORD.

This is something a compiler will usually show a warning. If it did not, then the compiler is to blame.

If the Windows programmer set a flag to disable warnings from the compiler, or ignored the warnings from the compiler, then the programmer is to blame.

The biggest innovation I see is that it does some kind of automatic sharding. Good comparison here.

A lot of the source code is written in Go, which is interesting and probably not a bad choice. The code is clean and easy enough to understand. Its primary weakness is poor organization, which is also the primary weakness of their documentation. Both would benefit from the concept of "topic sentence, supporting sentences," so when I approach and ask, "what are the most important points here?" the answer is immediately obvious.

Looking at alternative databases these days, you always need to evaluate them in terms of the CAP theorem. What do they give up? The website mentions several times that they are consistent. They are big on partitioning, so that isn't what they've given up, so they must have given up availability. They claim to have good survivability. It seems they can keep running even if one of the servers running a shard dies (they expect sharding based on geography), and they don't offer consistency for queries across shards.

It's an interesting approach, but given the name, if the idea's any good someone else will take the idea and win with a better name. Ebola is an easier sell.

There's a good sumamry over at github.

Essentially, the malware looks for port 445 (SMB) on local computers and the internet. If you have this port open on the internet, and have older than Win10, and haven't updated with the Mar 2 patch, then you're vulnerable.

Note that WinXP has about 8% market share and cannot be patched. You can get infected from another machine on the local subnet as well.

Here is a good detailed description of how it works and what it does.

Note that the propagation has halted for now, however the virus also installs a rootkit on the user's machine. If the virus writer realizes that the domain has been taken, he could remotely change the hard-coded domain name on every currently-infected machine, thus restarting the propagation process.

Here is a factsheet: https://gist.github.com/slider23/bd617d0d376047c05d18980fde306840
The domain in question is "www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com".