Slashdot Mirror
Intel x86s Hide Another CPU That Can Take Over Your Machine -- You Can't Audit it (boingboing.net)
A report on BoingBoing, authored by Damien Zammit, claims that recent Intel x86 processors have a secret and power control mechanism implemented into them that runs on a separate chip that nobody is allowed to audit or examine. From the report: When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. Further explaining the matter, the author claims that a system with a mainboard and Intel x86 CPU comes with Intel Management Engine (ME), a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an "extra general purpose computer." The problem resides in the way this "extra-computer" works. It runs completely out-of-band with the main x86 CPU "meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend)." On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU. From the report: The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system. Update: 06/15 18:54 GMT by M :A reader points out that this "extra computer" could be there to enable low-power functionalities such as quick boot and quality testing.
Editor's note: The summary is written with inputs from an anonymous reader, who also shared the story. We've been unable to verify the claims made by the author.
Editor's note: The summary is written with inputs from an anonymous reader, who also shared the story. We've been unable to verify the claims made by the author.
Breaking: A user with AMD-powered computer found happy. More at 11PM.
https://libreboot.org/faq/#int...
https://libreboot.org/faq/#amd
Both Intel and AMD had this for years - read above links ...
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
From the article:
We have no physical separation between the components that we can trust and the untrusted ME components, so we can't even cut them off the mainboard anymore.
Why do you trust the main CPU, if you don't trust the ME chip?
Editor's note: The summary is written with inputs from an anonymous reader, who also shared the story. We've been unable to verify the claims made by the author.
Uh, the claims are quite true. I've been using these features at work for about a decade to perform remote OS installs and HD re-imaging at remote locations, where the on-site staff only pop in a new blank HD.
All Core i7 CPUs have this in them standard, and many i5's too especially at the higher end.
[PDF] Datasheet on the MEBX management engine:
http://download.intel.com/supp...
[PDF] How to enable and use the AMT active management engine:
http://www.intel.com/content/d...
And here is the SCS software used on another computer to control an AMT enabled computer:
http://www.intel.com/content/w...
RealVNC works with an AMT enabled computer out of the box too and with all the normal features you would expect like remote keyboard/video/mouse control, redirected drives, etc. But isn't a free program.
Other VNC clients seem to be hit or miss but even when they work you only get remote KVM, you'd have to use the built-in AMT web server to configure drive redirection and issue power on/off/reboot commands.
There is a similarly limited VNC client included in the SCS software link above, and a second web browser window will let you do the rest, even if slightly clunky, but still for free.
Intel market cap: $150 Billion
AMD market cap: $3.54 Billion
That is a lot of kiddie gamers........
The plain truth is that Intel spends 4 times as much on R&D as AMD generates in revenue. AMD is a sad joke compared to Intel. They are not peers, hell they arent even really competitors. If they were sodas AMD would be RC Cola, to Intel's Coca-Cola, not Pepsi.
Good-bye
... and guess what, AMD CPUs have an extra ARM core in them, as well as multiple little cores of various architectures attached to the GPU. All running proprietary firmware.
Throwing random little CPUs at problems is nothing new. What makes you think the firmware in your PCIe WiFi card also can't access all main memory and be turned into a rootkit? What about the Embedded Controller on laptops, that runs even when it's off?
Yes, the state of firmware auditability of modern PCs is dismal. It's been like this for at least a decade. Yes, Intel does it one way, AMD does it another way, and just about every other peripheral on your board is also an attack surface. GPU? Dozens of little auxiliary cores (unrelated to the GPU unified shaders); Nvidia or AMD, doesn't matter. That USB 3.0 host controller? Probably runs firmware too. Ethernet? Yup, often has firmware these days. That LSI SAS controller? Full PowerPC core with enough oomph to run Linux itself. Your hard drive? 3 ARM cores, you can make them run Linux too. And all of those things can scribble all over your main memory unless you enable the IOMMU (except the HDD, that one can scribble all over your storage instead).
Sleep tight.
I use AMT a lot as well, and have for years. My main question here is: How the fuck is this even remotely news material? Furthermore, why is it presented as some sort of conspiracy? Intel advertises this as a feature and never made any attempt to hide it. AMT is also off by default, by the way.
The only Intel feature I'm at all concerned about is SGX, which by design can't be audited, and has nothing to do with anything mentioned in TFS.
If the only goal was simply to provide low-power functionality, the coprocessor would be fully controlled by the operating system (ultimately, by the owner of the machine).
In fact, the main goal is to provide remote administration capabilities (what they call Intel Active Management Technology). In other words, the idea is to allow a remote administrator to take over the machine in a way that is independent of and invisible to the main operating system and processor. This serves a legitimate purpose in an "enterprise" environment (one person administers a large number of diverse machines) -- for example it allows taking back control of a cracked machine, or recovering critical data from memory after OS crashes. However, this feature is not useful for a privately administered single-user machine.
Finally, by definition a remote administration feature is a back door. This one is incredibly dangerous: a rootkit running on the coprocessor is entirely invisible to the operating system, has its own independent network access, and can monitor the disk, the memory and all other peripherals. In principle the remote management features must be activated via the System BIOS and you can set a password there, but really your only measure of safety against this back door is your trust that there are no bugs in Intel's code.
Why isn't Intel allowing you to replace the firmware? Because it's hard to ensure that the owner of the machine is the one initiating the firmware replacement. The real troubling point is that Intel isn't allowing you to disable this feature with a hardware switch. Hardware switches (jumpers on the motherboard) are a way of controlling the system available only to the physical owner of the machine. Having a hardware switch would satisfy both the enterprise and security-concious customers.
AMD is the one that came up with x86-64 which Intel subsequently copied. Has anyone ever used an Itanium?
AMD is a cheap knockoff whose entire design philosophy revolves around avoiding patent and copyright lawsuits from Intel. Its in house technology is extremely inferior. The only good thing they can possibly do for the market now is to completely open up all development resources.
And, let's bring back the alpha chip. It already is superior to Intel. Always has been.
And GODDAMMIT! Where's our 3D printers that can print homemade computers? We were supposed to have that shit 30 years ago.
Really...
Its not like they are the one that made the AMD_64 instruction set that was then in turn licensed to intel...
While its manufacturing technique is inferior that is because the brain-dead executives sold off their fab and they now have to contract with someone else to do it.
As for bringing back ALPHA it may have been superior then they stopped developing it in 2001. Intel/AMD have come a long way in 15 years.
---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.