Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Hack Intel's VPro

Posted by kdawson on from the joy-of-breaking-the-unbreakable dept.

snydeq writes "Security researchers from Invisible Things Lab have created software that can 'compromise the integrity' of software loaded using Intel's vPro Trusted Execution Technology, which is supposed to help protect software from being seen or tampered with by other programs on the machine. The researchers say they have created a two-stage attack, with the first stage exploiting a bug in Intel's system software. The second stage relies on a design flaw in the TXT technology itself (PDF). The researchers plan to give more details on their work at the Black Hat DC security conference next month."

11 of 105 comments (clear)

  1. TXT? PDF? Wha? by Yvan256 · · Score: 4, Funny

    a design flaw in the TXT technology itself (PDF).

    So we need to read a PDF to read about flaws in TXT?

    What do you mean it's not about plain text files?

    1. Re:TXT? PDF? Wha? by Anonymous Coward · · Score: 2, Funny

      I can't you're joking. Whoosh if you are.

      If not: TXT: Trusted Execution Technology

      Guillotin?

  2. Design flaw in the TXT technology by Anonymous Coward · · Score: 2, Funny

    Apparently, loading a pdf into wordpad causes an overflow that allows arbitrary code to run as administrator.

    1. Re:Design flaw in the TXT technology by Meski · · Score: 5, Funny

      Reminds me of when QA wanted a corrupt word file to test something. "Fine", I said, opened a word doc with hexeditor, made some random changes, saved it. Opened it with Word, instant BSOD. "A little less corrupt" said QA.

  3. Wii Homebrew Channel by bluefoxlucid · · Score: 5, Funny

    The Wii has perfect encryption and signing on hardware-assisting firmware and system software that can't be compromised. It uses a completely trusted execution stack to ensure only authorized applications run and to immediately detect and disable unauthorized third party software.

    --
    Support my political activism on Patreon.
  4. This can't be possible! by fuzzyfuzzyfungus · · Score: 4, Funny

    Every single trade magazine and free objective TCO whitepaper for months has been full of pictures of PC desktops with combination locks photoshopped onto them, and fulsome praises of VPro! How could it possibly be vulnerable? I'm going to go cry in my corner office in the management suite now.

  5. Quick! by MightyMartian · · Score: 3, Funny

    Quick, somebody arrest these scoundrels! How dare they show flaws in technology! The next thing you know, fraudsters and pornographers will be taking advantage of this. THINK OF THE CHILDREN!!! THINK OF 9-11!!!

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  6. Re:TXT execution technology by Bill,+Shooter+of+Bul · · Score: 4, Funny

    Ed, Man! Ed!

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  7. Re:Another repeat: the unlockable lock by RiotingPacifist · · Score: 2, Funny

    Just use the analog hole, SACDs may be cracked eventually if somebody else starts using them though.

    --
    IranAir Flight 655 never forget!
  8. Re:Another repeat: the unlockable lock by Nethead · · Score: 2, Funny

    The one I keep in my truck.

    http://www.amazon.com/Bare-Tool-Cordless-Reciprocating-Contractors-Special/dp/B000VEUVZE

    --
    -- I have a private email server in my basement.
  9. Re:TXT execution technology by LostInTransportation · · Score: 2, Funny

    Real programmers use butterflies.