Domain: youtube.com
Stories and comments across the archive that link to youtube.com.
Comments · 87,129
-
Re:No one has said this yet...
I was going to mention that, but honestly, he's not thrilled with that being what he's best known for. "I used to say, and I'm still inclined to say occasionally, that I hate it. I hate the Game of Life."
-
Have you ever read the XMPP protocol?
As a programmer, i have had to read a many white papers and technical specifications. For a work project I started writing a perl script that used XMPP protocol to send messages to co-workers on a OPENFIRE server. For this I had to read the XMPP specifications, and OH MY GOD are they the most beautifully written and clearly explained technical documents I have ever had the privilege of reading: https://xmpp.org/rfcs/rfc6120....
And developing apps using the XMPP protocol was super easy and fun. Sadly, the protocol was mostly abandoned due to lack of features we have seen in proprietary implementations. E.g. XMPP clients don't have universal support for in-lined pictures and video (showing someone embedded youtube video or the picture instead of http://imgur.com/aabbbaa or http://youtube.com?watch=blah) It has no support for video messaging (it was build for chat and IM) nor does it have support for screen-sharing. Also if you close your XMPP client and someone sends you a message, you don't get that message when you log in again. Some servers implement an extension that kinda does this, but because its not an official part of the XMPP protocol its spotty and unreliable. Various XMPP clients tack one or multiple of these features onto the XMPP spec, but this fragmented support tends to drive people away instead of too it.
But if ALL you want is a protocol for real-time chat rooms and instant messaging of text-only, man is XMPP fantastic, cheap, easy to use, and reliable. -
57 channels and nothing on came out in the 80's
-
Re:hello_1984.m
New math. Understand what you are doing rather than get the right answer.
-
Re:Why do you believe that?
"The Colonel doesn't think we're nice people, Louie!"
(pro tip: URL tag https://www.youtube.com/watch?v=YRke9pMnqEE )
-
Come on, not that "Terminator" BS again...
"Robot" engineer here. And when I say "Robot", I really talk about "Industrial Robot". Not the one that look like human.
It's 2015 all over again when another "Robot" killed a Volkswagen worker. People were all "Matrix have begun" rogue.
First, let me tell you to scary part : "The robot have done exactly what it have been programmed to".
Second, let me tell you the encouraging part : "The robot have done exactly what it have been programmed to".
It's always the same thing, "industrial robot" kill/hurt someone, and we see an headline about Robot revolution coming to kill us all in Terminator style. Those robot are just basic program controlling a bunch of servomotor, nothing "AI rogue humanoid robot with a shutgun" like. But there's on thing that are common to each of those story : "Safety violation".
In my mind, industrial robot are still the most dangerous piece of hardware you'll ever work with, period. And that's why there's a shit ton of safety measure for them. Yeah gears are dangerous and could tear off your finger, but you indistinctly know that as long as you don't put your finger close to them, they won't bite you. It's not the case with robot.
Back to the Volkswagen case, the worker didn't respect the safety procedure. The robot are connected to a safety gate that "must" be open when there's a worker inside the cell. You enter the cell, you put your lock in the gate to deactivate everything dangerous inside of it. But, from what I've understand, those worker wanted to work fast and took a "shortcut" while testing their equipment and decided to close the gate while a worker was inside. Of of the system then activated the robot that started it's wielding procedure with the worker right between both : https://www.youtube.com/watch?... (Look between 0:05 and 0:30, everything else in this video is shit).
I work constantly in this sort of system and you'll be amazed how many "close call" I've seem so far. The thing is, people are completely clueless about robot (Hell, one time I was presenting a robotic cell with two KUKA robotic arm to some potential customer and one of the cute asian girl asked me if she should "see" the body of the robot. She was thinking there's was a huge robot under the floor controlling the two arm).
Long story short : Respect the freaking safety procedure.
-
What about WebRTC?
(already mentioned above by some anonymous cowards)
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 13, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocesso
-
Re:Emergencies?
Professor Farnsworth address this issue: https://www.youtube.com/watch?...
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
Obligatory: Intel CPU Backdoor Report
Intel CPU Backdoor Report (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about Intel CPU backdoors so far:
TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak.
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.
30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel.""the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."
"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."
"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
"We can permanently monitor the keyboard buffer on both operating system targets."
Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.
If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded.
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a n
-
More Like Bringing Back the Yugo
As Steve Jobs correctly pointed out:
Netbooks really don't do anything well. In fact, they have no reason to exist.
Watch and Learn... -
Obligatory: Intel CPU Backdoor Alert
Intel CPU Backdoor Alert (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about the Intel backdoor so far:TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak:
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware is in the chipset flash chip (Intel Management Engine).
ccc.de: "Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
30C3 Intel ME live hack, @21m43s, keystrokes leaked from Intel ME outside the OS, wireshark cannot detect packets:
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware MalwareThe backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal is tricky and requires a Raspberry Pi (with GPIO pins) and a SOIC clip.The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort. If you are skilled in BIOS/Firmware, download some of the Intel ME firmware from this collection have a go at it (Intel used various decode counter measures, explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.
Long version:
The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the networ
-
Obligatory: Intel CPU Backdoor Alert
Intel CPU Backdoor Alert (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about the Intel backdoor so far:TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak:
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware is in the chipset flash chip (Intel Management Engine).
ccc.de: "Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
30C3 Intel ME live hack, @21m43s, keystrokes leaked from Intel ME outside the OS, wireshark cannot detect packets:
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware MalwareThe backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal is tricky and requires a Raspberry Pi (with GPIO pins) and a SOIC clip.The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort. If you are skilled in BIOS/Firmware, download some of the Intel ME firmware from this collection have a go at it (Intel used various decode counter measures, explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.
Long version:
The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the networ
-
Obligatory: Intel CPU Backdoor Alert
Intel CPU Backdoor Alert (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about the Intel backdoor so far:TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak:
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware is in the chipset flash chip (Intel Management Engine).
ccc.de: "Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
30C3 Intel ME live hack, @21m43s, keystrokes leaked from Intel ME outside the OS, wireshark cannot detect packets:
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware MalwareThe backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal is tricky and requires a Raspberry Pi (with GPIO pins) and a SOIC clip.The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort. If you are skilled in BIOS/Firmware, download some of the Intel ME firmware from this collection have a go at it (Intel used various decode counter measures, explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.
Long version:
The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the networ
-
Obligatory: Intel CPU Backdoor Alert
Intel CPU Backdoor Alert (Updated Mar 12, 2017)
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge.
What we know about the Intel backdoor so far:TL;DR version
Your Intel CPU and Chipset is running a backdoor as we speak:
The backdoor hardware is inside the CPU/Bridge and the backdoor firmware is in the chipset flash chip (Intel Management Engine).
ccc.de: "Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."
30C3 Intel ME live hack, @21m43s, keystrokes leaked from Intel ME outside the OS, wireshark cannot detect packets:
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware MalwareThe backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal is tricky and requires a Raspberry Pi (with GPIO pins) and a SOIC clip.The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort. If you are skilled in BIOS/Firmware, download some of the Intel ME firmware from this collection have a go at it (Intel used various decode counter measures, explained below).
Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops1. Introduction, what is Intel ME
Short version, from Intel staff:
Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AMThe Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.
Long version:
The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).
The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the networ
-
Training or hire self-trained contractors
Yes -- training is being replaced by H1B hiring! Investments in employee training by big companies like HP and IBM are what made Silicon Valley possible in the first place.
Discussions about H1Bs also often imply that if you pay an H1B as much as a US citizen then everything is OK -- but it is not. Where is the extra incentive for people to risk their own time to learn stuff which might or might not be in demand when wages are essentially capped at market wages for employees? Or for contractors to put a *lot* of extra unpaid time (and stress) into learning as they go after taking on a project? Granted, most techies learn stuff on the side anyway -- but that is more problematical when you have a family. Example:
"Ask HN: Developers with kids, how do you skill up?"
https://news.ycombinator.com/i...Another part of this rarely discussed is that companies used to pay 2X to 3X more than a worker's salary+benefits to specific highly-compensated individuals as independent contractors. But, big contracting firms like Perot Systems lobbied around the 1980s to get laws passed affecting IRS regulations that made it financially risky for companies to hire individuals on a 1099 independent contractor basis -- thus forcing more individuals to work through big companies as W2 employees. We just take that change for granted decades later, but things were not always like this. (That said, in many areas of the economy 1099 IC workers are indeed exploited -- just not back then in the technology field in in-demand areas.)
Increasing mastery (i.e. on the job learning) is one important part of a happy work life (along with autonomy, purpose, and community); sad that so many companies ignore it:
"RSA ANIMATE: Drive: The surprising truth about what motivates us"
https://www.youtube.com/watch?...And no, learning some new flavor of the month JavaScript framework that reinvents the wheel badly does not count much towards a feeling of "mastery" for an experienced programmer...
Related:
http://blog.getabstract.com/th...
"So, why are some companies dragging their feet and refusing to invest in employee development? In some cases, it comes down to an insecurity most managers don't want to acknowledge: the fear an employee may become become overqualified, outgrow his job, and leave the company to pursue a better position elsewhere before a promotion is available. This fear isn't completely baseless. Young high achievers job hop frequently to earn a higher salary, and on average, leave their jobs after only 28 months.
Withholding professional development from employees is not the right response to this fear; it's a self-fulfilling prophecy. Employees seek professional development to achieve successful careers, and when companies don't invest in this development, employees leave."As I suggested in this comment about Google and H1Bs:
https://slashdot.org/comments....
"So, in a similar way that Angela Davis suggests prisons are the USA's way [of consolidating] dealing with social issues it can't or won't address, hiring H1Bs willing to live like sardines in SV slum-equivalents helps Google make up for those less-than-desirable recruiting aspects while not having to address fundamental issues which are harder to wrestle with involving the soul of the organization and how it spends its revenues towards what ends." -
It ever ceases to amaze me people who don't check
Yes, vacuums DO exert a massive amount of pressure, or rather our atmosphere does and because there's no counter-balance in a vacuum that pressure is fully felt. The numbers are easy to get: about 14.7 pounds per square inch at sea level. That means about 15 pounds of force for every square inch of material, which is not a large area. You can throw a little math at something to figure out the total force a given area takes.
Also it turns out vacuum pressure is something that companies have to worry about, so they've tested it and posted demonstrations online. Here's one of a company subjecting one of their tanks to a vacuum and it failing in a spectacular fashion:
https://www.youtube.com/watch?...
This isn't Hollywood, this is a company that makes tankers for transport.
Mythbusters (which I'm sure you'll deride as being Hollywood) has a great episode where they try it with a tougher tanker and it dues survive under effectively full vacuum... until they drop something on it and dent it, at which point it fails spectacularly.
As a related thing to forces from a vacuum (or rather the sudden failure) have a look at ping pong ball cannons. You evacuate a tube with a ball in it, and then suddenly open up the end. The pressure wave can drive the ball to extremely high speeds:
-
Re:Emergencies?
Hyperloop tube gets a hole. Air streams in. Air slows down the cabin, probably to a halt.
Yes, just like in this demo: https://www.youtube.com/watch?...
Shoot a hole in that tank before it undergoes collapse and you'll have a violent decompression, not some gentle "air streams in" scenario.
As someone said below, "Instead of denying science, do us all a favor and prove Thunderf00t and the Mythbusters wrong with your pseudo science."
-
Re:Yes those emails
Why do you say SJWs aren't a thing?
Because they're not.
That's as much bullshit as claiming that racist Trump supporters don't exist. Off the top of my head:
Game of Thrones was "glamorizing" rape in a scene that was supposed to be creepy as fuck: her brother forcing himself on her over the corpse of their dead son. The SWJ's on Salon got half a dozen articles out of that, but DGAF about cannibals murdering an entire village in the same episode, and Theon's far worse fate in a previous season.
All the ratfucking aimed at Bernie Sander's way when he said "excuse me, I'm talking" during a debate - ermagerd he's so sexist to shout down the wooman in the race! When in reality she had constantly been interrupting him, and Sanders was just speaking up for himself.
The craters made in fainting couches over Marvel's variant cover of Spider-Women, even though Spider-Man often drawn in the same pose. In the same vein, the pearls clutched over Apocalypse holding Mystique by the throat, ignoring the fact that is also a common display of dominance from both antagonists and protagonists.
Of course SJW's exist. They are the left wing equivalent of right wingers who rail against trans people using bathrooms or Muslims - assholes who use demagoguery to control conversation and shut people up.
-
Re:Emergencies?
You are probably not far off
-
Re:Emergencies?
I never cease to be amazed how many people think vacuum exerts a massive amount of pressure; Hollywood has a *LOT* to answer for for all those ridiculous explosive decompression scenes.
In space the pressure is an outward force, in atmosphere it's an inward force.
Vacuum can create the exertion a LOT of pressure. Try the old experiment where you lay a ruler hanging halfway off of a table and cover the end on the table with a sheet of newspaper. Now bang on the end of the ruler that's off the table and see what happens. The ruler stays right where it is because the pressure of the air against the newspaper is actually very significant. Figure 15lbs per sq inch on a 20"x20" sheet of paper (400 sq inches) is 6000 lbs.
People who haven't seen this demonstration are always shocked when the ruler doesn't fly up and take the newspaper with it. You're much more likely to break the ruler off at the edge of the table. Try it if you don't believe me.
Or if you're lazy, watch a demonstration here: https://www.youtube.com/watch?...
I worked with high vacuum quite a bit in my younger days and the forces involved can be immense. The forces involved with the hyperloop are really quite insane and the possibility of an accident is very, very high. The results could be catastrophic to say the least.
-
John Oliver on DST
John Oliver did an informative thing on DST a couple of years ago:
https://www.youtube.com/watch?... -
Re:thunderf00t says bs!
And there is a debunk of his debunk: https://www.youtube.com/watch?...
-
Re:Emergencies?
Airplanes don't fly through solid steel tubes that have to be able to withstand massive amounts of pressure from a vacuum. There is no recovery from accidents if Hyperloop was to get off the ground, and to be honest I don't believe this project will work. Thunderf00t has done some validation of this project, or should I say shown major failure points.
Interesting ideas don't always pan out.
-
Re:We've known this for years
-
Re: Reason I want an automated driving vehicle
-
Re:Value of the open source ecosystem and communit
"Anonymous Coward said: "After seeing how GNOME 3, systemd and PulseAudio have destroyed Linux's usability for me"
What stopped you uninstalling PulseAudio or using one of the other Linux Desktop Environments. Video demo of XFCE vs MATE vs KDE. -
Right tool for the job
A comment my father used to make that took me a long time to fully understand was "Sure, bang it in with a wrench." That is, a true craftsman doesn't use a wrench as a hammer: they use the right tool for the job.
Novice programmers typically choose the wrong "tool" (language, library, design, algorithm, etc) because they're not even aware of the right tool - writing a complex graphical interface program entirely in Perl because that's all they know.
Intermediate programmers typically choose the wrong tool because they want to grow beyond their current job - writing all the company's shell scripts in assembly because they want to learn assembly.
Advanced programmers typically choose the wrong tool because they want to show off how smart they are - implementing core functionality in a language they designed themselves so they can brag about it to their friends.
Ultimately, in a professional settings you want simple solutions to hard problems. Code that's easy to understand, easy to debug, easy to modify. Of course, too often you get the opposite: complicated solutions to easy problems.
:)For the novice programmers, the path to becoming a better programmer is simple but time consuming: learn about all the different tools that are available and when, and when not, to use them. Having your own hobby project on the side is very good for this.
For intermediate programmers, having your own hobby projects is also good - better to write your own little open source device driver in assemby than the company shell scripts if you want to learn assembly.
But for advanced programmers, the path to becoming a better programmer is more difficult. Essentially, you have to let go of trying to prove to the world just how smart you are. John Cleese got into psychology after Monty Python and wrote a very nice book "Life and How to Survive It" about how to be a "gold medalist of mental health". He's also got an excellent YouTube video on creativity, for example
-
Re:Looks good to me
If that is the case, that WebAssembly calls the JavaScript engine to execute calls, it can't be much if any faster than well-written "native" JavaScript
If what you want to do is make JS API function calls, like popping up an alert(), then no it won't be any faster than just using JS for the purpose. But WebAssembly runs the Unreal engine quite a lot faster and smoother than JS would. The fine article included a link to the "Zen Garden" demo which runs in a web browser:
https://www.youtube.com/watch?v=TwuIRcpeUWE
WebAssembly will open up new use cases, like smooth 3D games running in the browser. Things like Google Apps will run much more smoothly. We'll see if that turns out to be a big deal or not; I think maybe it will be.
-
Re: Typo in the title
What are they teaching school kids in Oklahoma these days?
1. In Oklahoma, most people are literally so ignorant that they believe the word "ignorant" actually means "belligerent"
2. Most Oklahomans ("Okies") think cinder blocks are called center blocks (of course, if they could read the label at Lowe's or Home Depot, this might not be a problem)
3. When someone would say "heighth," I'd be tempted to ask "You mean like "weighth?"
4. Had to enroll one of the gf's kids in a new elementary school during the middle of the year; imagine our surprise when the teacher sent home a flyer on Feb 13st... announcing Valentime's Day- "What time is it?" "Valentime's."
And I am the ignorant hateful person ?
All I said is it is a racist statement to accuse our president of using the H1b program to acquire more foreign wives...
-
Re:USB sticks are inherently dangerous
For those that thinks, this won't happen to me.
Check this out: https://www.youtube.com/watch?...
And to get an idea about the extend of devices affected: https://github.com/brandonlw/P... -
Re: Typo in the title
What are they teaching school kids in Oklahoma these days?
1. In Oklahoma, most people are literally so ignorant that they believe the word "ignorant" actually means "belligerent"
2. Most Oklahomans ("Okies") think cinder blocks are called center blocks (of course, if they could read the label at Lowe's or Home Depot, this might not be a problem)
3. When someone would say "heighth," I'd be tempted to ask "You mean like "weighth?"
4. Had to enroll one of the gf's kids in a new elementary school during the middle of the year; imagine our surprise when the teacher sent home a flyer on Feb 13st... announcing Valentime's Day- "What time is it?" "Valentime's."
-
took our jobs
think of all the people put out good grenade launcher jobs by this godless monster.
-
GATTACA. In-valid vs valid scene
Still so poignant, even after all these years.
Employees tested. IN-VALID vs VALID. Self-esteem, standing in the community, opportunities or denial of them, all based on someone's genetics.