Slashdot Mirror

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Blackhat Dec 2017 presentation, Intel ME CVEs (CVSS Scored 9.0-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Blackhat Dec 2017 presentation, Intel ME CVEs (CVSS Scored 9.0-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Change log:
2018/01/01 - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Change log:
2018/01/01 - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Obligatory:Intel CPU Backdoor Report (Jan 1 2018)

Change log:
2018 Jan - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Se

Obligatory:Intel CPU Backdoor Report (Jan 1 2018)

Change log:
2018 Jan - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Se

It's not Dell's fault and it did genuinely take some effort on their part to figure out a way to do this without bricking machines in a fairly reliable manner.

Except they don't have to, and didn't. It was previously reverse engineered by others.

I'd bet $10.00 that this is an attempt by Dell to gouge certain types out of more money. Heck I wouldn't be surprised if they try to prevent the end user from doing it themselves in some way, just to help ensure a profit.

This is why you don't hand control of things to others out of apathy. Those others will always try to find a way to take advantage of that fact one way or another. In this case, it's "We'll give back the control you gave up to them, for a price."

Intel's ME being based on MINIX is quite old news. Or at least, based on the summary. Is there anything new in the talk that should have been in the summary / writeup?

See subject & proof of a sad truth on routers from reputable sources (far from complete): https://it.slashdot.org/comments.pl?sid=9995967&cid=53488785/
http://blog.ptsecurity.com/2015/12/critical-vulnerabilities-in-3g4g-modems.html/

APK

P.S.=> See why I use hosts files/firewalls in software + OS patching & IP security tweaks OS side to supplement all that weakness in routers? Betting on routers of IPS etc. ALONE in "eggshell perimeter only" security = stupid risk & NOT good "layered security"/"defense-in-depth"... apk

See subject & these links proof of sad truth on routers (hosts = better. See 'p.s.' below & links there too for proof):

http://hardware.slashdot.org/story/15/11/26/1541216/900-embedded-devices-share-hard-coded-certs-ssh-host-keys/
http://it.slashdot.org/story/08/01/14/1319256/Most-Home-Routers-Vulnerable-to-Flash-UPnP-Attack/
http://it.slashdot.org/story/10/07/16/122259/Millions-of-Home-Routers-Are-Hackable/
http://it.slashdot.org/story/12/04/26/1411229/backdoor-found-in-arcadyan-based-wi-fi-routers/
http://blog.emaze.net/2013/08/huawei-b153-3gumts-router-wps-weakness.html/
http://blog.ptsecurity.com/2015/12/critical-vulnerabilities-in-3g4g-modems.html/
http://blogs.pcmag.com/securitywatch/2008/06/new_malware_silently_changes_r.php/
http://ea.github.io/blog/2013/10/18/tenda-backdoor/
http://hardware.slashdot.org/story/13/01/14/2049241/remote-linksys-0-day-root-exploit-uncovered/
http://hardware.slashdot.org/story/15/01/29/2256236/d-link-routers-vulnerable-to-dns-hijacking/
http://hardware.slashdot.org/story/15/08/20/1319253/bruce-schneier-on-cisco-rommon-firmware-exploit-this-is-serious/
http://it.slashdot.org/story/13/04/17/2228258/researchers-hack-over-a-dozen-home-routers/
http://it.slashdot.org/story/13/10/14/0120221/d-link-router-backdoor-vulnerability-allows-full-access-to-settings/
http://it.slashdot.org/story/14/03/19/1619222/security-industry-incapable-of-finding-firmware-attackers/
http://it.slashdot.org/story/14/08/12/1917257/study-firmware-plagued-by-poor-encryption-and-backdoors/
http://it.slashdot.org/story/14/10/23/1345230/cisco-fixes-three-year-old-telnet-flaw-in-security-appliances/
http://it.slashdot.org/story/15/01/09/1349229/asus-wireless-routers-can-be-exploited-by-anyone-inside-the-network/
http://it.slashdot.org/story/15/01/09/1936214/lizard-stresser-ddos-for-hire-service-built-on-hacked-home-routers/
http://it.slashdot.org/story/15/02/19/1445251/duplicate-ss

http://blog.emaze.net/2013/08/...
http://blog.ptsecurity.com/201...
http://blogs.pcmag.com/securit...
http://ea.github.io/blog/2013/...
http://hardware.slashdot.org/h...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://it.slashdot.org/story/0...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/article...
http://it.slashdot.org/it/05/0...
http://it.slashdot.org/it/07/0...
http://it.slashdot.org/it/08/0...

* PARTIAL QUOTING ME Ash-Fox? Again?? The lists I am putting out are going to CRUSH your do-nothing ass on router "reliability" & security... lol!

(My routers don't go down by the way loser...)

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

http://blog.emaze.net/2013/08/...
http://blog.ptsecurity.com/201...
http://blogs.pcmag.com/securit...
http://ea.github.io/blog/2013/...
http://hardware.slashdot.org/h...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://it.slashdot.org/article...
http://it.slashdot.org/it/05/0...
http://it.slashdot.org/it/07/0...
http://it.slashdot.org/it/08/0...
http://it.slashdot.org/story/0...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

No. This was not gross negligence. This was not a bug that would affect anyone under conditions remotely close to normal. This is something that is being actively exploited by someone (the criminal in this case) in a way never intended by the programmers. It'd be like suing the people who made the bullets used in the Sandy Hook massacre. Not only that, they probably agreed when they installed the software not to hold the software company responsible for anything. The way the system works, if Microsoft does this enough and demonstrates that they cannot create secure products, the market (cue angel choir) will punish them.

Yeah, for no other browsers have vulnerabilities and exploits..