Slashdot Mirror

← Back to Domains

Domain: intel.com

Stories and comments across the archive that link to intel.com.

Comments · 3,303

  1. Only on Intel Core chips with vPro and some Xeons by o'reor · · Score: 1 · on Malware Uses Obscure Intel CPU Feature To Steal Data and Avoid Firewalls (bleepingcomputer.com)

    There are actually a number of Intel Core chipsets released every year that are not cursed with vPro and AMT. You may want to choose from those. Not sure how to pick the right Xeon though. http://ark.intel.com/Search/Fe...

  2. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: 4, Interesting · on Intel: Steer Clear Of Our Patents (axios.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    [Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    @21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

    [Quotes] Vortrag:
    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

    Long version:

    ME: Management Engine

    The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

    The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or

  3. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: 5, Informative · on Malware Uses Obscure Intel CPU Feature To Steal Data and Avoid Firewalls (bleepingcomputer.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  4. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: 5, Informative · on Malware Uses Obscure Intel CPU Feature To Steal Data and Avoid Firewalls (bleepingcomputer.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  5. Re:SD 835? Stick that in a cellphone not a laptop. by Anonymous Coward · · Score: 0 · on Qualcomm, Microsoft Announce Snapdragon 835 PCs With Gigabit LTE (arstechnica.com)

    Benchmarks and old Atom CPUs are a poor comparison. Benchmarks measure raw compute power

    Benchmarks aren't the final word but good ones do give some idea of relative performance so they are in fact useful.

    and the old Atoms were single or dual core at best.

    The Atom proc in my Acer is the Z3537f, a somewhat recent quad core processor. The main reason I brought it up is it is the fastest non-Core computer I have used in recent memory that was still literally too slow to be a comfortable experience. The SD 835 is probably a little bit faster but it is still slower than the slowest Core processor so it is comparable.

    The Snapdragon 835 has 8 cores to start with

    This is mostly irrelevant for what an ultra (super?) portable Windows device will be doing. Most users will be running 1 or at most 2 applications at a time and will be most sensitive to single core IPC which on the SD 835 will be noticeably less than any laptop they are likely to also own. To put a finer point on it, the instances of a user saturating even 3 or more cores at any give time will be few and far between.

    For most applications this will be an excellent trade-off of very slightly lower performance

    Very slightly lower against what? A core2duo from 2008? Because that's about the only thing this will be "slightly" lower performance in comparison to.

    in exchange for much improved battery life and/or reduced weight

    Very few people will care if the device is slow and the combination of SD 835 with full on Windows 32 applications binary translated is a recipe for exactly this.

  6. The PC Appliance by WheezyJoe · · Score: 4, Informative · on Intel's Super Portable Compute Card Could Be Your Real Pocket PC (techcrunch.com)

    I am personally not excited.

    Me neither. The Stick is much more like your own personal pocket-carried PC, as at least it comes with an HDMI plug and a power supply. This thing doesn't appear to be able even to power up without help from a dock or some new wave of appliance, which appers to be what Intel's after.

    Seems like insane overkill to slap in whole PC's just for kiosks, window signage, grocery-store displays, door-openers and soap-dispensers, but if Intel keeps making PC's smaller then I guess that's where we're headed. It's just sick to think this might mean a complete copy of copy of Windows 10 on damn near everything because... it can. Perhaps Red Hat can package and market a Linux for tiny business PC's, packaged with signage or kiosk application software, and break this potential Microsoft stranglehold, please?

  7. Re:Compensating? by MachineShedFred · · Score: 1 · on Intel's Massive 18-core Core i9 Chip Starts a Bloody Battle For Enthusiast PCs (pcworld.com)

    Not really. Xeon with 24 cores, and you can put 8 of them into a single server.

    And that's not even including the Xeon Phi 7290 that can be slapped in using PCI-e, adding 72 more cores.

    264 cores per server would get Oracle / Microsoft frothing at the mouth for per-core licensing. 18? Not so much.

  8. Re:Huh, someone was paying attention to Firewire by Mousit · · Score: 5, Informative · on Intel Drops Thunderbolt 3 Royalty, Adds CPU Integration and Works Closely With Microsoft (windowscentral.com)

    Thunderbolt has massive restrictions on WHO is allowed to use it..

    I wish the TFS would've linked to Intel's actual press release. The article that the summary linked to left out one of the biggest pieces: "...next year Intel plans to make the Thunderbolt protocol specification available to the industry under a nonexclusive, royalty-free license..." which then goes on to explicitly state they want third-party chipset makers producing Thunderbolt chipsets. This announcement is NOT about them letting motherboard makers slap the port and an Intel chipset on their board royalty-free. This is about letting other chipset makers produce their own TB chips royalty-free. They are basically releasing it industry-wide, and it will no longer be limited to Intel chipsets.

    So yes, expect to see AMD-compatible motherboards sporting TB3 support. I'd be more doubtful that AMD will be able to license it for integration into their CPUs (though they might; certainly wouldn't be remotely the first Intel technology they licensed to put directly in their silicon), but the new licensing does not preclude third-party chipsets being put onto AMD-supporting motherboards. And I completely expect the likes of Asus, Gigabyte, ASRock, etc. to do this. Probably on their high-end/gamer boards only at first, but still.

  9. Re:AMD has scared intel. by Lord+Crc · · Score: 2 · on Intel Drops Thunderbolt 3 Royalty, Adds CPU Integration and Works Closely With Microsoft (windowscentral.com)

    Being "royalty free" can mean different things, so I checked the source, which is quite explicit about this point:

    In addition to Intel's Thunderbolt silicon, next year Intel plans to make the Thunderbolt protocol specification available to the industry under a nonexclusive, royalty-free license. Releasing the Thunderbolt protocol specification in this manner is expected to greatly increase Thunderbolt adoption by encouraging third-party chip makers to build Thunderbolt-compatible chips.

    So yeah, seems there shouldn't be any legal reasons preventing AMD to implement it.

  10. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: 0 · on Microsoft's New Surface Pro Features Faster Intel Kaby Lake Processor, 13.5 Hours of Battery Life (thurrott.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  11. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: -1 · on Apple To Refresh Entire MacBook Lineup Next Month, Air and Pro To Feature Kaby Lake (bloomberg.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  12. Which Computers Are Vulnerable Out-Of-The-Box? by Anonymous Coward · · Score: 1 · on EFF Warns Most Of Intel's Chipsets Contain 'A Security Hazard' (eff.org)

    According to the article:

    Not every machine is susceptible to the attack. For it to work, AMT has to have been both enabled and provisioned... It can be provisioned by default if vendors used a feature called "Remote Configuration" with OEM Setup

    So, which computers have "Remote Configuration" with OEM Setup? These are the computers that are vulernable the moment you take them out of the box and plug them in.

    For example, are Lenovo ThinkCentres vulnerable out-of-the-box? I recently read a report of an indivual complaining that his ThinkCentre M58P is affected by this vulnerability:

    http://openbsd-archive.7691.n7.nabble.com/How-are-people-dealing-with-the-Intel-AMT-BIOS-vulnerability-backdoor-td318400.html

  13. Re:Unprovisioning clients by michael_wojcik · · Score: 1 · on Intel's Remote Hijacking Flaw Was 'Worse Than Anyone Thought' (arstechnica.com)

    Essentially it means AMT will be disabled. "Provisioning" means "making AMT available for use"; unprovisioning is the the opposite.

    If the Intel tool[1] shows your system is provisioned, go ahead and unprovision it. Regardless of what you might be using AMT for in your organization, it's not worth the risk.

    The Intel tools[2] include some documentation which, while pretty bad, does help clarify some things.

    [1] Or some alternative, if you're not running Windows; unfortunately I have no idea what the alternative might be, because Intel's communication in this issue is abysmal. Their tools are crap and their instructions are crap, even for Windows, and if you're running anything else then ha ha fuck you. Really this is an appallingly poor response by a vendor, and Intel deserve every bit of bad press and more.

    [2] They can be downloaded from Intel here. Of course that page requires Javascript because it's impossible to provide downloads without Javascript. No, wait, it's because the people in charge of Intel's website are idiots.

  14. Obligatory:Intel CPU Backdoor Report (May 5 2017) by Anonymous Coward · · Score: -1 · on Intel's Remote Hijacking Flaw Was 'Worse Than Anyone Thought' (arstechnica.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  15. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: 2, Interesting · on Intel Announces Xeon Scalable Processor Family (hothardware.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  16. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: -1 · on Samsung May Overtake Intel As World's Largest Chip Maker In 2017 (pcmag.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  17. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: -1, Offtopic · on You Can't Change the Default Browser or Switch To Google Search In Windows 10 S (betanews.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  18. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: -1 · on You Can't Change the Default Browser or Switch To Google Search In Windows 10 S (betanews.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  19. Re:Great... by Gadget_Guy · · Score: 1 · on Intel Patches Remote Execution Hole That's Been Hidden In Its Chips Since 2008 (theregister.co.uk)

    LMS does allow local applications to talk to AMT, but the vulnerability exists over the network whether you have LMS or not.

    According to Intel's disclosure (upon which your linked page was based), the correct way to fix this vulnerability is to update the firmware. If you can't do that then you are directed to unprovision the Intel manageability SKU to prevent network attacks and then disable LMS to mitigate against local attacks. From the INTEL-SA-00075 Mitigation Guide :

    These mitigations are intended to prevent unauthorized activation and use of Intel manageability SKUs, Intel® Active Management Technology (Intel® AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology (SBT) that have not applied the firmware update addressing the vulnerability.
    ...
    Intel highly recommends that the first step in all mitigation paths is to unprovision the Intel manageability SKU to address the network privilege escalation vulnerability. For provisioned systems, unprovisioning must be performed prior to disabling or removing the LMS.

    So the original advice that disabling LMS is all you need to do (or not run Windows) was incorrect as it may lead people to believe that they are safe when they can still be affected by network intrusions.

  20. Re:Great... by Gadget_Guy · · Score: 1 · on Intel Patches Remote Execution Hole That's Been Hidden In Its Chips Since 2008 (theregister.co.uk)

    LMS does allow local applications to talk to AMT, but the vulnerability exists over the network whether you have LMS or not.

    According to Intel's disclosure (upon which your linked page was based), the correct way to fix this vulnerability is to update the firmware. If you can't do that then you are directed to unprovision the Intel manageability SKU to prevent network attacks and then disable LMS to mitigate against local attacks. From the INTEL-SA-00075 Mitigation Guide :

    These mitigations are intended to prevent unauthorized activation and use of Intel manageability SKUs, Intel® Active Management Technology (Intel® AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology (SBT) that have not applied the firmware update addressing the vulnerability.
    ...
    Intel highly recommends that the first step in all mitigation paths is to unprovision the Intel manageability SKU to address the network privilege escalation vulnerability. For provisioned systems, unprovisioning must be performed prior to disabling or removing the LMS.

    So the original advice that disabling LMS is all you need to do (or not run Windows) was incorrect as it may lead people to believe that they are safe when they can still be affected by network intrusions.

  21. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: 0, Offtopic · on Microsoft Unveils the Surface Laptop, a Traditional Notebook That Is 'Better' Than MacBook Pro (engadget.com)

    Aka I FUCKING TOLD YOU SO.

    Newest update: On May 1st 2017, under pressure from the Vault 7 leak, Intel released a "Critical" security bulletin INTEL-SA-00075, admitting Intel Core CPU from 1st gen to 7th gen (2006-2017) all share the same critical vulnerability.

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

  22. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: -1 · on Senate Republicans Introduce Anti-Net Neutrality Legislation (thehill.com)

    Aka I FUCKING TOLD YOU SO.

    Newest update: On May 1st 2017, under pressure from the Vault 7 leak, Intel released a "Critical" security bulletin INTEL-SA-00075, admitting Intel Core CPU from 1st gen to 7th gen (2006-2017) all share the same critical vulnerability.

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

  23. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: 0 · on Security Researcher and Alleged Spam Operator To Square Off In Court In Ugly Lawsuit (bleepingcomputer.com)

    Aka I FUCKING TOLD YOU SO.

    Newest update: On May 1st 2017, under pressure from the Vault 7 leak, Intel released a "Critical" security bulletin INTEL-SA-00075, admitting Intel Core CPU from 1st gen to 7th gen (2006-2017) all share the same critical vulnerability.

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

  24. Obligatory:Intel CPU Backdoor Report (May 1 2017) by Anonymous Coward · · Score: -1 · on Microsoft's Surface Laptop With Windows 10 S Leaks Ahead of New York Unveil (hothardware.com)

    Aka I FUCKING TOLD YOU SO.

    Newest update: On May 1st 2017, under pressure from the Vault 7 leak, Intel released a "Critical" security bulletin INTEL-SA-00075, admitting Intel Core CPU from 1st gen to 7th gen (2006-2017) all share the same critical vulnerability.

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

  25. Re:Explain to me by Gadget_Guy · · Score: 1, Informative · on Intel Patches Remote Execution Hole That's Been Hidden In Its Chips Since 2008 (theregister.co.uk)

    Every single Intel CPU has this hardware. The business SKUs just have it enabled. It's still there with the same blob, likely with the same vulnerability.

    I would same that it is unlikely that the lowest of Celerons has all the features of the highest Xeon CPU with just some flags to turn off things like vPro. And I think that it is unlikely that they all have the same vulnerability when the security advisory explicitly states that:

    This vulnerability does not exist on Intel-based consumer PCs.

  26. Actually, right!!!! by Gadget_Guy · · Score: 5, Informative · on Intel Patches Remote Execution Hole That's Been Hidden In Its Chips Since 2008 (theregister.co.uk)

    The affected LMS service is enabled and run at startup by default in Windows 10.

    Only if you have a CPU and motherboard chipset with vPro, which very few of them do. I had a look at some of the entries on Intel's list of Skylake desktop products for the consumer-level products, but got bored trying to find which of the CPUs had vPro support. I ended up looking at the motherboard chipsets, and only the Q170 supports it. The Z170, H170, Q150, B150, and H110 chipsets do not.

    The original poster's point stands, that this does not affect consumer-grade PCs. Most people can happily ignore this vulnerability.

  27. Re:More information please! by Anonymous Coward · · Score: 0 · on Intel Patches Remote Execution Hole That's Been Hidden In Its Chips Since 2008 (theregister.co.uk)

    If your system doesn't support AMT (which, if you're not running a "business-class" machine, it almost definitely does not because that's a special feature you need to pay extra to get), then it doesn't affect you.

    Will somebody please MOD the Parent UP? This is quite correct. From the Intel AMT Product Page a processor with their "vPro" feature set is required to support the AMT function. Without that extra "advanced technology" built into the chip, which as the parent said you have to pay extra for, it would be impossible to exploit this bug because the feature lacks the hardware on the chip needed to make AMT work. So unless you paid extra for "vPro" on your desktop or have selected models of the Xeon processor, which is very expensive and aimed at businesses and not individual users, you almost certainly don't have AMT capability and are thus immune.

  28. Re:But Apple get its 30% cut still. by TheFakeTimCook · · Score: 1 · on Apple Cuts Affiliate Commissions on Apps and In-App Purchases (macstories.net)

    Kaby Lake CPUs didn't come out at all until October 2016 and, when they did, all of the quad-core SKUs supported 64GB of RAM. That's irrelevant, though, as the Kaby Lake CPUs aren't what's in the 2016 MBP. The two prior generations (at least) supported 32GB. That includes the i5-6360U in the lowest-end 2016 MacBook Pro.

    So, what's the excuse, again?

    So, I went back and re-read some of the articles that came out at the time the 2016 MBPs were launched, and it turns out that I was sort of right; but not exactly right.

    The real issue was that (if I got this right, synthesizing from a couple of different articles) the CPUs that were due to come out, but didn't, were due to support LPDDR4 (low-power DDR4) RAM, and when they didn't come out as promised by Intel, Apple chose to use a memory controller that supported LPDDR3 RAM (because that's all the CPU would support?), but limited it to 16 GB due to concerns with battery-life.

    And that is a legitimate concern; because, if you visit the product-forums for the laptops that do support more than 16 GB of RAM, you will find scores of complaints about hideous battery life, whereas, Apple just got praised for being the only laptop manufacturer who actually generally meets or exceeds their battery-life claims.

  29. Re:But Apple get its 30% cut still. by Anonymous Coward · · Score: 0 · on Apple Cuts Affiliate Commissions on Apps and In-App Purchases (macstories.net)

    Kaby Lake CPUs didn't come out at all until October 2016 and, when they did, all of the quad-core SKUs supported 64GB of RAM. That's irrelevant, though, as the Kaby Lake CPUs aren't what's in the 2016 MBP. The two prior generations (at least) supported 32GB. That includes the i5-6360U in the lowest-end 2016 MacBook Pro. So, what's the excuse, again?

    They don't support low powerDDR4, you dumbass. What's your excuse for not understanding that?

  30. Re:But Apple get its 30% cut still. by BronsCon · · Score: 1 · on Apple Cuts Affiliate Commissions on Apps and In-App Purchases (macstories.net)

    Kaby Lake CPUs didn't come out at all until October 2016 and, when they did, all of the quad-core SKUs supported 64GB of RAM. That's irrelevant, though, as the Kaby Lake CPUs aren't what's in the 2016 MBP. The two prior generations (at least) supported 32GB. That includes the i5-6360U in the lowest-end 2016 MacBook Pro.

    So, what's the excuse, again?

  31. Re:So, basically, it matches a current gaming PC by brambus · · Score: 1 · on Xbox Project Scorpio's Full Specs Revealed (eurogamer.net)

    PC gamers are notorious for overestimating power supply requirements. The wattage craze is completely unwarranted UNLESS you overclock. At stock clocks, the cards are actually pretty power efficient. See this graph for example. Under max load, a GTX 1070 draws maybe 150W by itself. Combine that with a 65W TDP CPU (e.g. Core i5 7600) and you're only at 215W at max load. Add in 5W for memory and 15W for the HDD and you can still fit yourself into 235W, 10W less than 245W. Now consider that the XBox Scorpio's CPU & GPU will be lower clocked than your average PC rig and you can see how they can fit into 245W. Also see this short informative video on the same subject.

  32. Obligatory:Intel CPU Backdoor Report by Anonymous Coward · · Score: -1, Offtopic · on Android Devices Can Be Fatally Hacked By Malicious Wi-Fi Networks (arstechnica.com)

    Wonder what kind of remote attack vector is hidden in Intel Wireless Display/Anti-Theft.

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected

  33. Obligatory:Intel CPU Backdoor Report by Anonymous Coward · · Score: 2, Informative · on Gigabyte Firmware Bugs Allow the Installation of BIOS/UEFI Ransomware (bleepingcomputer.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked wit

  34. Re:Dishonest benchmark is dishonest by aliquis · · Score: 1 · on AMD Ryzen Game Patch Optimizations Show Significant Gains On Zen Architecture (hothardware.com)

    The problem is ddr3 vs ddr4.

    Why cripple your ddr4 system to make it identical to the max ddr3 system?

    No, both systems use DDR4.

    All X99 systems use DDR4:
    https://ark.intel.com/sv/produ...
    And you can use overclocked RAM on their motherboards too:
    https://www.msi.com/Motherboar...

  35. Re:Dishonest benchmark is dishonest by red_dragon · · Score: 1 · on AMD Ryzen Game Patch Optimizations Show Significant Gains On Zen Architecture (hothardware.com)

    "However what really disturb me from a comparison stand-point is that they gave the i7 5960X 2133 MHz DDR4 vs 2933 MHz DDR4 for the Ryzen 7 1800X, that give the 1800X another opportunity to shine since infinity fabric run at the same clock as RAM but why wasn't the 5960X also given the same speed RAM? It can't run it?"

    Per Intel's ARK, the i7 5960X supports up to 2133 MHz DDR4. It has four memory channels, though, giving it more memory bandwidth on paper. The 1800X still makes do with only two memory channels, so the fact that it matches the i7 in speed is quite impressive.

  36. Obligatory:Intel CPU Backdoor Report (Mar 22 2017) by Anonymous Coward · · Score: 0 · on WikiLeaks' New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago (vice.com)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the en

  37. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 5, Interesting · on WikiLeaks' New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago (vice.com)

    Obligatory: Intel CPU Backdoor Report

    Intel CPU Backdoor Report (Updated Mar 13, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected cop

  38. Re:No Big Deal by Pascoea · · Score: 4, Informative · on AMD Confirms It's Issuing a Fix To Stop New Ryzen Processors From Crashing Desktops (digitaltrends.com)

    Here ya go I mean it doesn't say, "WONTFIX, LOL" verbatim, but there are 128 items in there labeled "No Fix", so they may as well say LOL after it.

  39. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 0, Offtopic · on Raspberry Pi Becomes Third Best-Selling General Purpose Computer of All Time, Beating Commodore 64 (raspberrypi.org)

    Intel CPU Backdoor Report (Updated Mar 13, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Quotes on Intel backdoors:

    A message from RMS
    by Richard Stallman on Dec 29, 2016 09:45 AM

    The current generation of Intel and AMD processor chips are designed with vicious back doors that users cannot shut off. (In Intel processors, it's the "management engine".)

    No users should trust those processors.

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and p

  40. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 1, Informative · on AMD Announces Ryzen 5 Processors With 4 and 6-Core Chips Starting At $169 (hothardware.com)

    Intel CPU Backdoor Report (Updated Mar 13, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in

  41. Re:TDP? by aliquis · · Score: 2 · on AMD Announces Ryzen 5 Processors With 4 and 6-Core Chips Starting At $169 (hothardware.com)

    Worth noticing is that the 95 watt Ryzen 7 1700X and 1800X increase the power-demands more when going from idle to fully loaded than the 140 watt i7 6900K as well as the whole platform using slightly more power for the whole system:
    http://www.sweclockers.com/tes...
    So take the TDP values with some salt. It doesn't tell the whole story. Neither have they done for AMD vs Nvidia graphics cards I've heard claimed but there with the advantage for AMD.

    Ryzen 7 1700X and 1800X idle whole system at the wall: 45 watt
    i7 6900K idle whole system: 60 watt.

    1700X blender & x264 benchmark: 155 & 160 watt.
    1800X blender & x264 benchmark: 165 & 170 watt
    i7 6900K blender & x264 benchmark: 150 & 150 watt.
    That's still for the full system.
    i7 6900K Intel Ark says 140 watt TDP: https://ark.intel.com/sv/produ...

    i7 6950X: 60/145/170 watt idle, blender, x264 (10 core also 140 watt.)

  42. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 0 · on It's Possible To Hack a Smartphone With Sound Waves, Researchers Show (cnbc.com)

    Intel CPU Backdoor Report (Updated Mar 13, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in

  43. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: -1 · on The Most Striking Thing About the WikiLeaks CIA Data Dump Is How Little Most People Cared (qz.com)

    Intel CPU Backdoor Report (Updated Mar 13, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:
    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:
    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in

  44. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 0, Informative · on What The CIA WikiLeaks Dump Tells Us: Encryption Works (ap.org)

    Intel CPU Backdoor Report (Updated Mar 12, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware

    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:

    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:

    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

    Useful links:

    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocesso

  45. Obligatory: Intel CPU Backdoor Report by Anonymous Coward · · Score: 0 · on Tim Berners-Lee Warns About the Web's Three Biggest Threats (webfoundation.org)

    Intel CPU Backdoor Report (Updated Mar 12, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.

    What we know about Intel CPU backdoors so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak.

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

    30C3 Intel ME live hack:
    @21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware

    [Quotes] Vortrag:
    "DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

    "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

    "We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

    "To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    "We can permanently monitor the keyboard buffer on both operating system targets."

    Backdoor removal:

    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    Decoding Intel backdoors:

    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

    If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.

    Useful links:

    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops
    30C3 To Protect And Infect - The militarization of the Internet
    30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a n

  46. Obligatory: Intel CPU Backdoor Alert by Anonymous Coward · · Score: 0, Informative · on Notepad++ Update Fixes 'CIA Hacking' Issue (archive.org)

    Intel CPU Backdoor Alert (Updated Mar 12, 2017)

    The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
    What we know about the Intel backdoor so far:

    TL;DR version

    Your Intel CPU and Chipset is running a backdoor as we speak:

    The backdoor hardware is inside the CPU/Bridge and the backdoor firmware is in the chipset flash chip (Intel Management Engine).

    ccc.de: "Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

    30C3 Intel ME live hack, @21m43s, keystrokes leaked from Intel ME outside the OS, wireshark cannot detect packets:
    [Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware

    The backdoor firmware can be removed by following this guide using the me_cleaner script.
    Removal is tricky and requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

    The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort. If you are skilled in BIOS/Firmware, download some of the Intel ME firmware from this collection have a go at it (Intel used various decode counter measures, explained below).

    Useful links:
    The Intel ME subsystem can take over your machine, can't be audited
    REcon 2014 - Intel Management Engine Secrets
    Untrusting the CPU (33c3)
    Towards (reasonably) trustworthy x86 laptops

    1. Introduction, what is Intel ME

    Short version, from Intel staff:

    Re: What Intel CPUs lack Intel ME secondary processor?
    Amy_Intel Feb 8, 2016 9:27 AM

    The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

    Long version:

    ME: Management Engine

    The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

    The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).

    The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the networ

  47. Re:OFFLINE Storage, with FS Access by fnj · · Score: 1 · on Ask Slashdot: Best File System For the Ages?

    I just discovered something that surprised me greatly, and should please you as it does me. The lowly Celeron G3900 dual-core Skylake supports ECC - 64GB of ECC. It doesn't have hyperthreading, and only 2MB cache, but it DOES have full VT-x with EPT, and VT-d.

    All for only $44.75.

  48. Wrong, it's on all of them by Anonymous Coward · · Score: 0 · on WikiLeaks Reveals CIA's Secret Hacking Tools and Spy Operations (betanews.com)

    The backdoor is on all modern intel CPU/Chipset and is marketed as vPro/AMT/Small Business Advantage/Anti-Theft Technology, it is in all Core i3/i5/i7/Xeon CPU/Chipset in the past 6 years.

    If it's not in vPro then it's in SBA, every desktop motherboard has SBA basic in the chipset, they just don't advertise it, if it's not in SBA then it's in Anti-Theft, which is for mobile/notebook CPUs.

    http://www.intel.com/content/www/us/en/support/software/software-applications/000005817.html

    Intel Small Business Advantage offers a server-like solution without a server. No special configuration is required to use Intel Small Business Advantage.

    SBA (Small Business Advantage) - A combination of hardware and software usage focused on security and productivity. SBA supports chat, file sharing, screen sharing, USB Blocker, Software Monitor, Backup, and Health Center.

  49. Read the fucking Intel website you noob by Anonymous Coward · · Score: 0 · on WikiLeaks Reveals CIA's Secret Hacking Tools and Spy Operations (betanews.com)

    Aww is that all you got?

    Intel is calling it an "advantage" because the fucking backdoor is on by default. ROTFLMFAO!!!!11!!

    http://www.intel.com/content/www/us/en/support/software/software-applications/000005817.html

    Intel Small Business Advantage offers a server-like solution without a server. No special configuration is required to use Intel Small Business Advantage.

  50. Another lying GCHQ/NSA scumbag shill by Anonymous Coward · · Score: 0 · on WikiLeaks Reveals CIA's Secret Hacking Tools and Spy Operations (betanews.com)

    The cat is out of the bag, you guys are evil, just fuck off with the lying.

    The Intel backdoor is in all Core/i3/i5/i7/Xeon CPU/Motherboard that support, it is packaged under multiple names.

    Intel ME is part of vPro, if your CPU has vPro, you have it, that means all Xeon, and most i3/i5/i7. It is also on all notebook CPUs and has WiFi capabilities under names such as "Anti-Theft Technology".

    http://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html

    Intel® Active Management Technology (Intel® AMT) is a feature of Intel® Coreâ processors with Intel® vProâ technology1,2 and workstation platforms based on select Intel® Xeon® processors.

    The rest is packaged as "Small Business Advantage":

    Learn about Intel® Small Business Advantage

    Intel® Small Business Advantage provides an out-of-the-box hardware-based security and productivity suite designed for small-business users with unmanaged IT.

    Intel Small Business Advantage offers a server-like solution without a server. No special configuration is required to use Intel Small Business Advantage.

    This piece of shit is everywhere and it is on by default. Intel actually say it is an "advantage" with a straight face.