Slashdot Mirror
Is the 'Secret' Chip In Intel CPUs Really That Dangerous? (networkworld.com)
New submitter Miche67 writes: A recent Boing Boing blog post by Damien Zammit is stirring up fears, claiming Intel's x86 processors have a secret control mechanism that no one can audit or examine. And because of that, he says it could expose systems to undetectable rootkit attacks that cannot be killed.
Blogger Andy Patrizio, after talking with an Intel spokesperson, says the developer's argument has holes and he doesn't think Zammit will persuade Intel to replace the system with a free, open source option.
Blogger Andy Patrizio, after talking with an Intel spokesperson, says the developer's argument has holes and he doesn't think Zammit will persuade Intel to replace the system with a free, open source option.
So, what we have is an open source crusader scaring the daylights out of people on a giant what-if scenario that even he admits couldn't happen in our lifetimes.
An Intel spokesperson told the publication: While the Intel Management Engine is proprietary and Intel does not share the source code, it is very secure. Intel has a defined set of policies and procedures, managed by a dedicated team, to actively monitor and respond to vulnerabilities identified in released products. In the case of the Intel Management Engine, there are mechanisms in place to address vulnerabilities should the need arise.
Anything I cannot audit, I have to trust. I have no reason to trust Intel. So yes, it is potentially dangerous because I can neither audit nor trust it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
No, the term security by obscurity means that the method MUST be a secret, because that secret is the only thing providing security. It is entirely possible, and quite normal, to have a security system which does not REQUIRE the method to remain secret, yet still not disclose what that method is. That is NOT security by obscurity, it is additional security by obscurity, and is in no way a bad thing.
Not disclosing the method sucks from an auditability standpoint, but in no way means that the actual security is provided by obscurity.
Not only "trust us," but also "oh, by the way, you have no choice because we've made implementing your own open-source firmware impossible".
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
and where it shares the same ethernet port as the main machine
Seriously? How about... practically all modern intel PCs. (very very few of which have a dedicated magement port)
"The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current (as of 2015) Intel chipsets."
https://en.wikipedia.org/wiki/...
So if you can find an modern Intel PC with a single ethernet port. It's got it.
where you can't disable it in the BIOS
Disabling AMT in bios, may not actually disable it, it may just disable exposing it as a device to the host operating system. There are *plenty* of posts from people who disabled AMT only to find it was still running, still picking up an address via DHCP, and still manageable via AMT management tools, even while the PC was "off".
In general there generally are ways to disable it; I can't find a cite for a system where it literally couldn't be turned off.
But.. even turning it off isn't reliable.
"A Ring -3 rootkit was demonstrated by Invisible Things Lab for the Q35 chipset. [...] The ME rootkit could be installed regardless of whether the AMT is present or enabled on the system, as the chipset always contains the ARC ME coprocessor. "
https://en.wikipedia.org/wiki/...
So even where AMT was disabled, the co-processor is still physically there and may be reachable/exploitable.
Oh, and i forgot to mention, it works with laptops on wifi too.
"Intel AMT supports wired and wireless networks. For wireless notebooks on battery power, OOB communication is available when the system is awake and connected to the corporate network, even if the OS is down."
I certainly don't think this article does any justice to the situation. But at the same time, the management engine stuff is a giant gaping security hole that does present serious and non-trivial to mitigate risks when exploits are found.
Very relevant video presented at last year's CCC
https://media.ccc.de/v/32c3-73...
The whole model (in)security is thoroughly explained - better than on yesterday' article,
and way, way better than on this so called "rebuttal".
-><- no