zdnet.com · Domains · Slashdot Mirror

Obligatory: Intel CPU Backdoor Report (Jan 1 2018 by Anonymous Coward · 2018-03-15 11:59 · Score: -1 · on Apple Bans Iran from the App Store (bleepingcomputer.com)

Intel PR: I warned you about -1, this is now being posted on multiple threads

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-03-15 10:26 · Score: -1 · on Intel Says 'Partitions' in New Chips Will Correct the Design Flaw that Created Spectre and Meltdown (geekwire.com)

I told you -1 won't work

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivi

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-03-15 05:39 · Score: -1, Offtopic · on Intel Says 'Partitions' in New Chips Will Correct the Design Flaw that Created Spectre and Meltdown (geekwire.com)

To Intel PR drone: -1 will only make this report appear in another spot

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-03-15 05:13 · Score: 2, Informative · on Intel Says 'Partitions' in New Chips Will Correct the Design Flaw that Created Spectre and Meltdown (geekwire.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Re:Logistics by Solandri · 2018-03-15 05:06 · Score: 1 · on How Amazon Became Corporate America's Nightmare (bloomberg.com)

Actually, the business keeping Amazon afloat is their cloud services (AWS).Yes their e-commerce division pulls in the bulk of their revenue, but most of that is pass-through. Amazon only gets to keep a small portion of it as profit (net operating income). And globally their e-commerce actually operated at a loss last year. Meanwhile roughly a quarter of the revenue AWS pulls in is profit.

Amazon's North America e-commerce business delivered fourth quarter operating income of $1.69 billion on revenue of $37.3 billion.

International e-commerce sales were $18.04 billion with a operating loss of $919 million.

AWS had operating income of $1.35 billion for the fourth quarter with sales of $5.11 billion.

For the year, Amazon's international e-commerce operating losses eclipsed the company's North American operating profit. AWS had 2017 operating income of $4.33 billion on sales of $17.46 billion.

That's the pairing that should scare any retailer/distributor. Amazon is driving the profit margin for those businesses to zero, and paying for it with profit from their cloud services. A luxury most retailers and distributors don't have.

Re:A possible answer, which I'm sure wasn't an opt by Anonymous Coward · 2018-03-05 09:52 · Score: 0 · on Facebook Asks Users: Should We Allow Men To Ask Children For Sexual Images? (theguardian.com)

Oh, and one more thing. You can give consent, which is what you're doing when you sign up for a FB account.
http://www.zdnet.com/article/s...

Re: Seen all of this before by TheFakeTimCook · 2018-03-05 08:52 · Score: 1 · on Bad iPhone Notches Are Happening To Good Android Phones (theverge.com)

None of the positive things have something to do with a walled garden. At best the malware thing has to do with an app store.
Walled garden only helps if somehow having e.g. root access makes you unable to resist installing random crap from the internet, but then I would say a better impulse control would on your side would be a worthy thing to strive for instead.
Security and updates you can mostly get from select vendors on Android as well, though admittedly it is a big issue because most smartphone companies are a sad joke when it comes to software competence, and the little they have they decide to spend on useless crap.

"Random crap from the internet"?!? Boy, THAT's rich!!!

HOW many reports of Malware have their been regarding APPROVED Apps from the Google Play Store?!?

https://9to5google.com/2018/01...

https://www.cnet.com/news/goog...

http://www.zdnet.com/article/p...

http://fortune.com/2017/09/14/...

https://www.digitaltrends.com/...

https://blog.malwarebytes.com/...

https://www.wired.com/story/go...

Genuinely sorry if there are (likely are) dups in the above list. But you get the picture.

And if you say "Well, but Google REMOVED these Apps, proving the system works!" It begs the question, how many people downloaded and had their information stolen, etc. BEFORE an App was removed?!?

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-22 07:54 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 7x now when I posted them before (2 samples) https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 11:48 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 11:43 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 11:32 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 11:20 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 10:37 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 10:17 · Score: 0 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 09:53 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

RoTfLmAo!

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 09:39 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & https://it.slashdot.org/comments.pl?sid=11776235&cid=56165053/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 08:01 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

CNN = Conde Nast Network (ars owners)?

Must be - BOTH do "FAKE NEWS", lol!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstechnica = mere SPECTATORS - f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts 2x now when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/ & /

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 06:45 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel))!

Goodin & arstehnica = mere SPECTATORS - doing nothing more than f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

Lastly RoTfLmAo: Arstechnica tried HIDING I posted these facts when I posted them before https://it.slashdot.org/comments.pl?sid=11776235&cid=56164223/

APK

P.S.=> See subject: ...those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

There's 2 kinds of people in the world... apk by Anonymous Coward · 2018-02-21 05:19 · Score: -1 · on Lawsuits Threaten Infosec Research -- Just When We Need it Most (zdnet.com)

Article source quotes show how STUPID arseholetechnica is w/ SOLID PROOF:

"Goodin's story, posted December 15, cited Google security researcher Tavis Ormandy...The bug has since been fixed, according to Ormandy's follow-up note" FROM http://www.zdnet.com/article/chilling-effect-lawsuits-threaten-security-research-need-it-most/

* PROOF'S RIGHT THERE IN BLACK & WHITE he did indeed LIBEL them with FALSE INFORMATION on a BUG that was LONG FIXED by time he put out his bullshit 'article'!

(Note scumbag Ken Fisher of arseholetechnica won't COMMENT either (he knows he's fucked)).

Dan Goodin != security researcher - he's from ARSEHOLETECHNICA (home of underachiever wannabes).

FACT: He's nothing more than a HACK that spits back what others actually DO do in security, & nothing more (hence his blunder posting about a bug LONG FIXED by the time of his 'article' (derivative drivel)!

Goodin & arstehnica = mere SPECTATORS - doing nothing more than f'ing up big posting FALSEHOODS a bug exists when it was patched LONG beforehand!

APK

P.S.=> See subject: ... & - those who ACTUALLY DO & those who merely WRITE ABOUT THOSE THAT DO do REAL SECURITY (arstechnica != the latter)... apk

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-02-16 05:45 · Score: 5, Interesting · on Intel Hit With More Than 30 Lawsuits Over Security Flaws (reuters.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Security pros say hosts = good security by Anonymous Coward · 2018-02-12 11:28 · Score: 0 · on Consumers Prefer Security Over Convenience For the First Time Ever, IBM Security Report Finds (techrepublic.com)

Aryeh Goretsky/ESET/NOD32: hosts = good security http://it.slashdot.org/comments.pl?sid=7442373&cid=49747129/

ZD NET http://www.zdnet.com/article/how-to-use-a-hosts-file-to-improve-your-internet-experience/ "Hosts files really shine by letting you block ads, spyware sites, malware sites, & tracking sites"

Steve Gibson on hosts https://www.grc.com/sn/sn-045.htm/

"classic Windows hosts trick to block the Coinhive or Crypto-Loot domains" - https://www.bleepingcomputer.com/news/security/a-new-player-joins-coinhive-on-the-browser-cryptojacking-scene/ - BLEEPING COMPUTER

Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/columnists/491/ "Host file browsing the Web - is actually faster

Spybot S&D add a layer of defense against trojans & other forms of malware to hosts

Malwarebytes hpHosts hosts & RECOMMENDS my program.

APK

P.S.=> SEE SUBJECT STUPID: Security pros BOTH past & present say hosts = good security... apk

Re:Not good, even if I believe their numbers by _Sharp'r_ · 2018-02-09 05:36 · Score: 1 · on Uber Study Says Self-Driving Trucks Will Result In More Truck Drivers, Not Less (theatlantic.com)

So what you're saying is that you just keep narrowing your definition of the market Microsoft supposedly has a monopoly on until you can try and make a case for it.

Guess what, Microsoft doesn't control the price there either, because alternatives exist (and are used). Yeah, most companies have sunk costs and other considerations for wanting to stay Windows if it's not too expensive, but if Microsoft started charging $1000 per MS Windows license, almost every company would switch to an alternative (and here's the key point) rather than just stop using a laptop/desktop, because alternatives do exist. Plenty of large enterprises actually offer non-MS options for employees who prefer them.

So Microsoft doesn't control the pricing, they have to take into account what their customers are willing to pay without them going to the competition instead.

And I don't need to "find" an economist, I just need to look in the mirror to see one. Your desperation in losing this debate is showing....

Re:They couldn't replace the humans . . . by Hal_Porter · 2018-02-07 20:08 · Score: 1 · on Foxconn Unit To Cut Over 10,000 Jobs As Robotics Take Over (nikkei.com)

. . . until they could perfect a robot that could commit suicide due to poor working conditions.

http://www.zdnet.com/article/m...

Patrick Mattimore, a fellow at the Institute for Analytic Journalism, recently published the following article on China's People's Daily Online, headlined: Media badly misplaying Foxconn suicides.

Taiwanese-owned Foxconn has had seven suicides this year. That sounds like a lot, but the firm has an estimated 800,000 workers, more than 300,000 of them at a single plant in Shenzhen.

Although exact figures are hard to come by, even the most conservative estimate for China's suicide rate is 14 per 100,000 per year (World Health Organization). In other words, Foxconn's suicide epidemic is actually lower than China's national average of suicides.

I checked his figures. World Health Organization suicide figures for China (1999) are 13 males and 14.8 females per 100,000 people.

Elderly (65+ years) suicide rates can be as much as 50% higher than youth (18 to 24 years), which means Foxconn's suicide rate, with its younger workforce, should be significantly below the national average.

Let's estimate an average of 10 suicides per 100,000 at Foxconn. Just the Shenzhen Foxconn plant alone, with its 330,000 employees, would be expected to have about 33 suicides this year, or 14 so far.

Foxconn has had just 10 suicides this year, and that's across its entire workforce.

Working at Foxconn dramatically reduces people's risk of suicide!

Re:Seems like a nice guy by Nivag064 · 2018-02-05 07:18 · Score: 1 · on Why Windows Vista Ended Up Being a Mess (usejournal.com)

No Microsoft O/S is good for everyone - more and more people are choosing to use Linux.

Same claim I've seen made for years on slashdot and sadly the facts don't agree with you: http://www.zdnet.com/article/n...

Android and Chrome books should be counted as part of the Linux percentage - which would probably put Linux at over 30%. As otherwise Linux would not show up, but would show up only via percentages of Desktop Environments like KDE & Mate.

Also Linux dominates servers and embedded devices.

So overall, Linux is on more things than all other O/S's combined!

Re:Seems like a nice guy by zifn4b · 2018-02-05 00:48 · Score: 1 · on Why Windows Vista Ended Up Being a Mess (usejournal.com)

No Microsoft O/S is good for everyone - more and more people are choosing to use Linux.

Same claim I've seen made for years on slashdot and sadly the facts don't agree with you: http://www.zdnet.com/article/n...

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-26 04:05 · Score: 1 · on Intel Plans To Release Chips That Have Built-in Meltdown and Spectre Protections Later This Year (businessinsider.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-24 04:01 · Score: 1 · on Dell and HP Advise All Their Customers To Not Install Spectre BIOS Updates (bleepingcomputer.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could ga

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-22 03:40 · Score: 0 · on LWN.Net Celebrates Its 20th Birthday (lwn.net)

Intel shills down voted this to "Score:0 Interesting" from the Intel thread, so I am spamming this to 3 non Intel threads in retaliation.

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for da

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-22 03:39 · Score: -1 · on To Combat Shortage, Nvidia Asks Retailers To Limit Graphics Card Orders (pcmag.com)

Intel shills down voted this to "Score:0 Interesting" from the Intel thread, so I am spamming this to 3 non Intel threads in retaliation.

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for da

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-22 03:37 · Score: 0, Offtopic · on Yale Privacy Lab and Exodus Privacy's F-Droid Android App Store is a Replacement for Google Play That Features Only FOSS Apps That Don't Do Any Tracking (wired.com)

Intel shills down voted this to "Score: 0 Interesting" from the Intel thread, so I am spamming this to 3 non Intel threads in retaliation.

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for d

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-21 20:38 · Score: 1, Interesting · on Linus Torvalds Calls Intel Patches 'Complete and Utter Garbage' (lkml.org)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain

Re:How deep does this go? by Monster_user · 2018-01-15 06:14 · Score: 4, Interesting · on Lenovo Discovers and Removes Backdoor In Networking Switches (bleepingcomputer.com)

There is enough possibility left open, that RTFS doesn't quite discredit the implication I suggested. This was added to ENOS during a time when someone in China had a full backdoor into Nortel's systems, which apparently went undetected until 2004, and was not fully detected at least until 2012. http://www.zdnet.com/article/n...

This might have been requested by HP, as another commenter suggested elsewhere, and then incompetence spread it to equipment beyond the requester's equipment. Or it could have been compromised code planted by the hackers, hiding it as HP requested code. Yet another option is that this was code intended for HP equipment, which the hackers then approved for non-HP equipment.

We also don't know if any of the hackers involved in the incident(s) from 2000-2012 are employed with Lenovo. It is logical to assume they would have valuable expertise and skills.

PIG Nation by sdinfoserv · 2018-01-15 03:03 · Score: 0, Flamebait · on City of Barcelona Dumps Windows For Linux and Open Source Software (europa.eu)

This really isn't about Open Source, it's about money and Spain is running out. Spain is one of the PIG nations with run away national debt ( Portugal, Italy, Greece, and Spain)
https://en.wikipedia.org/wiki/...
Munich went the other direction and after a decade of attempting to run Linux on Government desktops, threw up their goose stepping hands and reverted to something that works - Windows.
https://www.linuxinsider.com/s...
Overall adoption of Linux desktop is only 1.5% (2017 numbers). Considering hackers, network admins, and die hard fanboys, that's abysmal.
http://www.zdnet.com/article/n...
It's been 20 years - time enough to realize that corporate and Government - where it matters - wide scale adoption of Linux desktop is failure. move on.

Open Source too small of an ROI .. by najajomo · 2018-01-15 02:10 · Score: 1 · on 20 Years Later, Has Open Source Changed the World? (infoworld.com)

"[T]he reason most software remains locked up within the four walls of enterprise firewalls is that it's too costly with too small of an ROI to justify open-sourcing it."

Talk about damning with faint praise. A novel interpretation and the first I've ever heard of this analysis. The worlds top supercomputers all run on a variant of Linux and the makers still manage to make a profit. If I was paranoid I would suspect Matt Asay was put up to join the Open Source Initiative and subvert it from the inside.

Linux totally dominates supercomputers

Red Hat on the NYSE

78 percent of companies run open-source software

Open Source too small of an ROI .. by najajomo · 2018-01-15 02:10 · Score: 1 · on 20 Years Later, Has Open Source Changed the World? (infoworld.com)

"[T]he reason most software remains locked up within the four walls of enterprise firewalls is that it's too costly with too small of an ROI to justify open-sourcing it."

Talk about damning with faint praise. A novel interpretation and the first I've ever heard of this analysis. The worlds top supercomputers all run on a variant of Linux and the makers still manage to make a profit. If I was paranoid I would suspect Matt Asay was put up to join the Open Source Initiative and subvert it from the inside.

Linux totally dominates supercomputers

Red Hat on the NYSE

78 percent of companies run open-source software

Obligatory: Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-12 17:01 · Score: 4, Interesting · on Researcher Finds Another Security Flaw In Intel Management Firmware (arstechnica.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode with me_cleaner, Blackhat Dec 2017 Intel ME presentation, Intel ME CVEs (CVSS Scored 7.2-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode, use me_cleanerme_cleaner with -S option to set the HAP bit, see me_cleaner: HAP AltMeDisable bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented HAP mode (NSA High Assurance Platform mode)
me_cleaner: Set HAP AltMeDisable bit with -S option
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacke

Re:Seems like the uninformed... by d0rp · 2018-01-10 10:11 · Score: 3, Informative · on FCC Plan To Lower Broadband Standards Is Met With 'Mobile Only Challenge' (arstechnica.com)

Actually, he's right... I had to look it up to be sure, and according to this article , and the actual FCC document it references, says that the definition for fixed broadband remains the same, and it's only the mobile broadband definition that is changing.

First, we propose to maintain the current speed benchmark of 25 Mbps download and 3 Mbps upload (25 Mbps/3 Mbps) for fixed broadband, and we also seek comment about other potential benchmarks.

We seek comment on whether a mobile speed benchmark of 10 Mbps/1 Mbps is appropriate for mobile broadband services. Would a download speed benchmark higher or lower than 10 Mbps be appropriate for the purpose of assessing American consumers’ access to advanced telecommunications capability?

Re:Tethering detection by tepples · 2018-01-10 04:57 · Score: 1 · on Would You Use a Smartphone-Style Laptop With a Three-Day Battery Life? (king5.com)

A desktop user is more likely to plan out good uses for excess data to come in just under the cap, much of it during prime time from 7 PM to 11 PM tower time.

I assume you have data sources to back up those assertions.

The article "The truth about tethering: Pay up or you are a thief" by James Kendrick implies an expectation among carriers that customers not use the entire monthly data allowance, where carriers price plans based on this expectation. From the article:

Our agreement may state that we must pay an overage fee when we exceed a certain amount of data usage in a given period (the cap), but the carrier is not stating we are paying for the right to use that much data. Most carriers have unspecified "normal usage" parameters that are used to determine when customers exceed the intended usage, even if under the data cap. Carriers have been known to throttle usage, or even cancel, customers who regularly exceed the normal usage parameters, even when they don't exceed a specified cap. We may not like it but that's the way it works.

I would forward your request for data to Mr. Kendrick, but "Comments for this thread are now closed."

In addition, a desktop user is more likely to watch long high-definition streams, compared to a 5" screen that occupies less of the visual field (in units of steradians or square degrees) than a computer monitor or living room TV.

I assume you have data sources to back up those assertions.

Then let's make some data.
1. How big is your PC monitor diagonally, and how far do you sit from it?
2. How big is your living room TV diagonally, and how far do you sit from it?
3. How big is your phone's screen diagonally, and how far do you hold it?
From these figures, I can calculate the apparent density of SD and HD video in pixels per radian and compare them to the human fovea's limit of roughly 3400 pixels per radian.

Obligatory:Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-08 11:49 · Score: 5, Informative · on Intel Launches 8th Gen Core Series CPUs With Integrated AMD Radeon Graphics (hothardware.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Blackhat Dec 2017 presentation, Intel ME CVEs (CVSS Scored 9.0-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Obligatory:Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-08 02:40 · Score: 0, Informative · on OpenBSD's De Raadt Pans 'Incredibly Bad' Disclsoure of Intel CPU Bug (itwire.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Blackhat Dec 2017 presentation, Intel ME CVEs (CVSS Scored 9.0-10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Obligatory:Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-07 11:58 · Score: 0 · on After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip (bleepingcomputer.com)

Change log:
2018/01/01 - Added 14 Useful Links. Disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0)

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP mode.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EFF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Obligatory:Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-07 11:22 · Score: 1 · on After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip (bleepingcomputer.com)

Change log:
2018/01/01 - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware

Obligatory:Intel CPU Backdoor Report (Jan 1 2018) by Anonymous Coward · 2018-01-06 22:45 · Score: 0 · on Can We Replace Intel x86 With an Open Source Chip? (zdnet.com)

Obligatory:Intel CPU Backdoor Report (Jan 1 2018)

Change log:
2018 Jan - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

Intel CPU Backdoor Report
The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
[Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
@21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

[Quotes] Vortrag:
"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

2017 Dec Update:
Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links (Added 2018 Jan 1):
Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode)
Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine
EEF: Intel's Management Engine is a security hazard, and users need a way to disable it
Sakaki's EFI Install Guide/Disabling the Intel Management Engine
Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws.
CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
CVE-2017-5706: Multiple buffer overflows in kernel in Intel Server Platform Se

Re:Zhaoxin by Hal_Porter · 2018-01-06 08:52 · Score: 5, Informative · on Linus Torvalds Says Intel Needs To Admit It Has Issues With CPUs (itwire.com)

Chinese companies just put in backdoors for the Chinese government, organised crime, your Chinese competitors and so on.

https://thehackernews.com/2015...

http://www.zdnet.com/article/f...

http://www.securityweek.com/ap...

http://www.businessinsider.com...

https://tvnewswatch.blogspot.c...

Re:It's serious as it affects all Intel cpus by Anonymous Coward · 2018-01-03 15:44 · Score: 0 · on 'Kernel Memory Leaking' Intel Processor Design Flaw Forces Linux, Windows Redesign (theregister.co.uk)

Critical flaws revealed to affect most Intel chips since 1995

Re:only a local privilege escalation by Hal_Porter · 2018-01-02 10:22 · Score: 1 · on macOS Exploit Published on the Last Day of 2017 (bleepingcomputer.com)

Stuxnet needed a local privilege escalation to work

http://www.zdnet.com/article/s...

As new details emerge to shine a brighter light on the Stuxnet attack, Microsoft said the attackers initially targeted the old MS08-067 vulnerability (used in the Conficker attack), a new LNK (Windows Shortcut) flaw to launch exploit code on vulnerable Windows systems and a zero-day bug in the Print Spooler Service that makes it possible for malicious code to be passed to, and then executed on, a remote machine.

The malware also exploited two different elevation of privilege holes to gain complete control over the affected system. These two flaws are still unpatched.

I.e. the problem is not your buddy lends you their machine, it's that code arrives by more dubious means and uses a privilege escalation to be able to do more damage.

I could see Macs being hit with something which encrypts files and demands a password to decrypt them and privilege escalation would be necessary for such an attack.

Best make sure you've got a Time Machine backup on a removable disk.

Security & web pros disagree w/ you by Anonymous Coward · 2017-12-31 05:53 · Score: 0 · on 2017: The Year in Programming Languages (infoworld.com)

Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/columnists/491/ "Host file browsing the Web - is actually faster

Spybot S&D add a layer of defense against trojans & other forms of malware to hosts

ZD NET http://www.zdnet.com/article/how-to-use-a-hosts-file-to-improve-your-internet-experience/ "Hosts files really shine by letting you block ads, spyware sites, malware sites, & tracking sites"

Aryeh Goretsky/ESET/NOD32: hosts = good security http://it.slashdot.org/comments.pl?sid=7442373&cid=49747129/

Steve Gibson on hosts https://www.grc.com/sn/sn-045.htm/

"classic Windows hosts trick to block the Coinhive or Crypto-Loot domains" - https://www.bleepingcomputer.com/news/security/a-new-player-joins-coinhive-on-the-browser-cryptojacking-scene/ - BLEEPING COMPUTER

Malwarebytes hpHosts hosts & RECOMMENDS my program.

APK

P.S.=> See subject... apk

Re:How do you know? by Hal_Porter · 2017-12-28 08:51 · Score: 2 · on Postcard From Pyongyang: The Airport Now Has Wi-Fi, Sort of (apnews.com)

While the poster (the one who talks about "blowing out the TCP connection stack," whatever the fuck that means) has the social skills of a rabid ferret,

Lulz

Normally I would chalk fears like this up to paranoia...but this is the lounge for international travelers in North Korea's only international airport. I mean, honestly...if I could think of a single place that's most likely a site where travelers would be attacked, this is it. It's practically a line out of a comedy, it's so over-the-top as a description of a risky situation. Can we really say that North Korea...NORTH KOREA...has set up a WiFi network specifically for visiting foreigners just out of the goodness of their heart?

Honestly when it comes to hoovering up data on an industrial scale, you can't really beat the US. I noticed my Samsung Galaxy S5 which was ancient started getting frequent 'security updates' when I was in NYC. Maybe I'm paranoid but I always assumed the NSA had sent national security letters to Google, Samsung, the carriers, etc to make sure their latest SmurfKit was running on it.

http://www.zdnet.com/article/m...

The S5 started to run a lot slower and hotter and I ended up buying a LG V20 rather than trying a firmware reset and a new battery. So those damn smurfs finally caused my elderly phone to die. Still, it's actually kind of endearing to be honest. The US and UK working together on cutting edge SIGINT, Bletchley Park style, in a way that some commie shithole like NK or even China can only dream of.

Security & web pros disagree #2/2 by Anonymous Coward · 2017-12-27 04:45 · Score: 0 · on Beware: 'Digmine' Cryptocurrency Bot Is Spreading Via Facebook Messenger (techspot.com)

ZD NET "How to use a Hosts file to improve your internet experience" http://www.zdnet.com/article/how-to-use-a-hosts-file-to-improve-your-internet-experience/ (where Steven Vaughan Nichols says "Where Hosts files really shine is by letting you block ads, spyware sites, malware sites, and tracking sites" )

Brocke Wilders of WILDERS' SECURITY does inferior clone of MY work http://www.wilderssecurity.com/threads/hosts-block.378901/

OReilly hosts security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html/ & hosts speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3/

APK

P.S.=> See subject - Nations too: China = imitation = flattery http://www.theregister.co.uk/2017/04/26/boffins_supercharge_the_hosts_file_to_save_users_plagued_by_dns_outages/

Security & web pros blow you away #2/2 by Anonymous Coward · 2017-12-24 11:46 · Score: 0 · on Days Before Christmas, Theranos Secures $100 Million in New Funding (fortune.com)

OReilly hosts security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html/ & hosts speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3/

Brocke Wilders of WILDERS' SECURITY does inferior clone of MY work http://www.wilderssecurity.com/threads/hosts-block.378901/

ZD NET "How to use a Hosts file to improve your internet experience" http://www.zdnet.com/article/how-to-use-a-hosts-file-to-improve-your-internet-experience/ (where Steven Vaughan Nichols says "Where Hosts files really shine is by letting you block ads, spyware sites, malware sites, and tracking sites" )

* NEXT, I WILL DIRECTLY DUST YOUR BS EASILY TOO...

APK

P.S.=> China = imitation = flattery http://www.theregister.co.uk/2017/04/26/boffins_supercharge_the_hosts_file_to_save_users_plagued_by_dns_outages/

Slashdot Mirror

Domain: zdnet.com

Comments · 5,181