WikiLeaks' New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago (vice.com)

The more complex the easiest to hack by Anonymous Coward · 2017-03-23 04:05 · Score: 2, Funny

Nothing like good old BIOS and hardware jumpers

Re:The more complex the easiest to hack by Anonymous Coward · 2017-03-23 04:11 · Score: 2, Insightful

Exactly the opposite. It used to be easy to hack your own computer. Now you need the resources of the CIA.
Re: The more complex the easiest to hack by Anonymous Coward · 2017-03-23 16:28 · Score: 0

If you don't like it, you should just build your own chipset

Apple Innovations! by guyniraxn · 2017-03-23 04:09 · Score: 1

So UEFI is now a Mac only thing, huh?

Re:Apple Innovations! by Anonymous Coward · 2017-03-23 04:21 · Score: 0

Only the intel made Mac chips.
Re:Apple Innovations! by Carewolf · 2017-03-23 04:46 · Score: 2

So UEFI is now a Mac only thing, huh?
It was 10 years ago ;)
Though as far as I know Apple uses EFI

The management unit in all intel processors by goombah99 · 2017-03-23 04:17 · Score: 5, Interesting

It seems to me that having a chip, the management unit, in all intel processors that sits above even a hypervisor and can read all memory, have it's own connection to the network, runs java code, and is software reprogrammable, is basically the wet dream of root kits. it's invisible to anything you run on the CPU but sees all and tells all.

--
Some drink at the fountain of knowledge. Others just gargle.

Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 04:25 · Score: 0

But whaddabout...
Re:The management unit in all intel processors by goombah99 · 2017-03-23 04:33 · Score: 4, Interesting

for a little background on the management engine:
http://hackaday.com/2016/11/28...

--
Some drink at the fountain of knowledge. Others just gargle.
Re:The management unit in all intel processors by phantomfive · 2017-03-23 04:40 · Score: 2

And it's been hacked, multiple times, actually.

--
"First they came for the slanderers and i said nothing."
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 04:43 · Score: 2, Informative

Let's not forget the fact that Intel (Israel) and NSA (US) have collaborated to bury far far more insidious things inside the many BILLIONS of transistors of the CPU itself... we're talking full backdoor encrypted magic packet access, interaction with Windows NSA_KEY, heuristic triggers, the works. BILLIONS of transistors folks, BILLIONS, all inside a TOP SECRET CLOSED SOURCE die and company... think about that for just a minute folks.
Opensource software is MEANINGLESS when you can't trust the platform.
DEMAND OPEN SOURCE HARDWARE and FABS.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 04:44 · Score: 0

However I never heard (yet) about any of the TLA's using this attack avenue.
That doesn't mean they don't have the tool (#pulling the tinfoil hat#). Legacy code ?
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 04:47 · Score: 0

It's almost like someone from the CIA works at Intel.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 04:59 · Score: 0

I'd like to see a citation to a reliable source here, AC.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 05:02 · Score: 0

Source for this, or is it all coming out of your tinfoil hat?
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 05:11 · Score: 0

It's worth noting that that incorporating back doors would be grounds for dismissal for violating the "no back doors" policy that everyone learns about as part of the mandatory security training.
Re:The management unit in all intel processors by Megol · 2017-03-23 05:20 · Score: 1

Eh, no. UEFI implementations have been "hacked"* several times but AFAIK there is no instance of the security processor being tampered with.
(* back in the days we used to assume that access to hardware == access to the computer, it's just that hardware/software makes that much harder to do than before)
Re:The management unit in all intel processors by phantomfive · 2017-03-23 05:32 · Score: 1

It doesn't really matter as long as you have control of the innermost ring of the CPU.

--
"First they came for the slanderers and i said nothing."
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 06:11 · Score: 0

If Open source hardware is your goal than I suggest you setup a crowd fund to raise the billions of dollars needed to start your own FABs.
Oh wait! How and the hell would this type of expense be recouped? Or do you think Intel is just going to give away all their work and create competitors who would get all the expensive R&D.
If I was you I would worry more about what China embeds in all the technology they export. Or do you think China would ever do anything like setting up back doors? Maybe you need to target some of your paranoia at China instead of using it all up on the US.
Re:The management unit in all intel processors by ArmoredDragon · 2017-03-23 06:38 · Score: 1

What are you talking about? It runs on its own separate processor. It's not even x86, it's ARC. The purpose is to allow you to troubleshoot a PC that merely powers on but is otherwise dead, up to and including a dead CPU.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 09:38 · Score: 0

Maybe all you dumbfucks need to realize that maybe just maybe Intel is backdoored by the NSA PRECISELY so they can spy ON CHINA!!!
And of course you and everyone else in the process.
Maybe just maybe you need to realize that it doesn't take BILLIONS to start a fab, it only takes billions of unfocused waste, stupid product lines, and mismanagement.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 09:43 · Score: 0

Magic packets are real:
http://www.intel.com/content/www/us/en/support/network-and-i-o/ethernet-products/000005793.html
AMD's secret debug mode:
https://www.theregister.co.uk/2010/11/15/amd_secret_debugger/
Intel's Management Engine
https://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 10:05 · Score: 0

Oh yes, Mandatory training, cute little HR policies and background checks, for all the nice little honest workers, Ha!Ha!Ha!
You do know they have secret workteams with special access dedicated to making room on die for certain chip management modules that are slipped into the mask code right before production.
You really need to get a grasp on what $Billions of dollars and "clearanced" employees actually does in the world.
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 10:15 · Score: 0

Intel is a 100% closed source organization, you as a consumer have ZERO access to observe and audit ANY part of the design and production of ANYTHING Intel makes, or AMD, or ARM, or Qualcomm, or NVIDIA, or Apple, or Google's Android blobs, Microsoft, etc, etc.
Yet people here somehow convince themselves that that is a situation having intrinsic, explicit and implied TRUST?
GET A FUCKING CLUE.
You can't even get them to publish hardware programming API's.
These companies are Completely UNTRUSTWORTHY until such a time as you install an independant public observation and audit program over them.
OpenDesigns printed on OpenFabs.
That is the ONLY trustworthy solution.
Re:The management unit in all intel processors by phantomfive · 2017-03-23 12:25 · Score: 1

The story talks about UEFI/EFI attacks, which allows access below the OS. I see your point though.
Is there an API that allows you to talk to the ARC (or to reflash it)? How do people program it (surely not jtag; or rather, there must be some way in addition to jtag)?

--
"First they came for the slanderers and i said nothing."
Re:The management unit in all intel processors by Anonymous Coward · 2017-03-23 18:33 · Score: 0

Why hasn't Wikileaks or Snowden or whoever leaked any Intel documentation on this shit?
Re:The management unit in all intel processors by Agripa · 2017-03-27 00:07 · Score: 1

It would be an awful risk for Intel to knowingly or unknowingly take. Like a forced security certificate, the secret would only have to leak once and the evidence would be in non-volatile memory for inspection.
More likely would be a compromise in Intel's hardware random number generator which leaves no evidence to be found but hey, why not both?

And now maybe we'll know why ... by Ungrounded+Lightning · 2017-03-23 04:19 · Score: 5, Interesting

And now maybee we'll know why it's been so hard for Open Source developers to get information on writing their own against-the-metal drivers for telephony radios and startup modules (BIOS, EFI/UEFI, etc.)

It has long been suspected that was not just proprietary info-walling, but to reduce chances of discovery of backdoors and persistent threats imposed in the name of spying.

--
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way

Re:And now maybe we'll know why ... by Anonymous Coward · 2017-03-23 04:45 · Score: 0

Radios, yes, but uEFI is an open specifications, and there are many, repeat many FOSS solutions. In fact there is even Tianocore, Free Software uEFI implementation. Don't mix up uEFI, Secure boot, and other features that are often implemented with uEFI, but not part of the standard
BIOS on the other hand is a closed, but reverse engineered specification from IBM
Re:And now maybe we'll know why ... by Megol · 2017-03-23 05:44 · Score: 1, Insightful

It have also been long suspected that UN strives for world domination and have plans to take control of the US via military force, that aliens insert tracking chips into people and that the MIB goes around harassing people that "knows" this with silent black helicopters.
IT'S. NOT. LOGICAL.
Stop giving in to shitty conspiracy theories - there's no need for them. If there were secret backdoors inserted in hardware and software then we would know it, stopping such information from leaking via the engineers building the things would be impossible. Add to this the fact that many hardware designs are created and manufactured abroad or (not that unusual) as a co-operation between several teams in several countries. How could leaks be stopped unless all the governments in question work together and wipe the minds of the engineers after the designs are done? That's simply crazy!
It is more likely that the companies doesn't want to release the data as:
. they haven't documented it well enough.
. they don't want to add extra work for documentation for external consumption.
. they don't want to waste money on something that will not earn them extra money.
. there are hacks and holes in the specification that they don't want others to see. (not backdoor holes - crappy code holes)
. they don't want to have problems with people using the hardware out-of-spec, something that can lead to serious legal problems.
. they don't want competitors to see how they solved some hardware, software or hardware-software problem. Trade secrets are a thing.
. they don't want competitors to see that they use patented technology without license.
Of course there may be _some_ hardware manufacturer that is forced (as it would be a liability for them) to insert backdoors from a goverment agency, hard to prove otherwise. But again that would be either an unusual exception for an unusual case as otherwise the reveal of such backdoors from a certain country will lead to quick and hard economical problems. E.g. a processor manufacturer may suddenly get no orders from abroad and other processor manufacturers will be suspected to also have backdoors. Do you realize the impact that could have?
Re:And now maybe we'll know why ... by sjames · 2017-03-23 06:19 · Score: 1

We would know eventually, see TFS. The other reasons probably exist as well.
Re:And now maybe we'll know why ... by Zero__Kelvin · 2017-03-23 07:23 · Score: 2

You evidently didn't know the entire source for UEFI is available. I have git cloned it and built and used it successfully. Of course, that doesn't tell you about the UEFI build running on your system, but it DOES allow you to roll your own.

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Re:And now maybe we'll know why ... by Agripa · 2017-03-27 00:11 · Score: 1

And now maybee we'll know why it's been so hard for Open Source developers to get information on writing their own against-the-metal drivers for telephony radios and startup modules (BIOS, EFI/UEFI, etc.)
It has long been suspected that was not just proprietary info-walling, but to reduce chances of discovery of backdoors and persistent threats imposed in the name of spying.
Maybe but the backdoor only has to be discovered or leaked once. I doubt this would matter for telecommunication providers who have immunity anyway and are known to be jerks but it would be a big deal for Intel or AMD.

UFIA or EEFI? by goombah99 · 2017-03-23 04:20 · Score: 2

I've always transposed UEFI to UFIA in my mind. now I know why

--
Some drink at the fountain of knowledge. Others just gargle.

So, it's not only the Russians that hack, huh! by bogaboga · 2017-03-23 04:22 · Score: 2

Prior to this, I'd have thought America and especially its government agencies do not hack.

I guess I was wrong. What troubles me is that the media only talked about the Russians, yet the act was taking place in our backyard!

Question: Will the media put both the left and right to task?

Re:So, it's not only the Russians that hack, huh! by Jeremi · 2017-03-23 04:26 · Score: 2

Prior to this, I'd have thought America and especially its government agencies do not hack.
Why would you have thought that? Spying has been going on since pretty much the dawn of time. It's what spy agencies do, and hacking computers is one way that they do it. Being surprised that the CIA does hacking is like being surprised that the Army shoots people.

I guess I was wrong. What troubles me is that the media only talked about the Russians, yet the act was taking place in our backyard!
What makes you think this spying was taking place in our backyard? The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens. (it doesn't mean they weren't, either -- but as a matter of law, they are not legally allowed to spy inside the US)

--

I don't care if it's 90,000 hectares. That lake was not my doing.
Re: So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 04:28 · Score: 0

So are chromebooks safer? Then again cia likely doesn't need to hack they 'helped' design. They may hold the keys to cloud city. I am Anonymous Howard
Re: So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 04:32 · Score: 0

I think it was common knowledge that the CIA and NSA hacked, and they should be. The whole purpose of the organizations is to collect intelligence, do you really think they would ignore digital platforms? This story is a story about nothing, it's simply to drum up hysteria and sell adds.
To be honest it's only recently that devices even became moderately secure, so not sure how anyone could be surprised. That and the fact that most attacks like this require physical access, pretty much making them only useful on valuable targets.
Re:So, it's not only the Russians that hack, huh! by bogaboga · 2017-03-23 04:33 · Score: 0

The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens.

Do I smell naivety here?
Re:So, it's not only the Russians that hack, huh! by Highdude702 · 2017-03-23 04:39 · Score: 0

No you apparently just have bad reading comprehension or are trying to take stuff out of context just to be a cock sucking prick. Either way you're part of the problem.
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 04:40 · Score: 0

The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens.
Do I smell naivety here?
Did you stop reading before you got to:

it doesn't mean they weren't, either -- but as a matter of law, they are not legally allowed to spy inside the US
Re:So, it's not only the Russians that hack, huh! by king+neckbeard · 2017-03-23 04:45 · Score: 1

>CIA
>matter of law
Choose one.

--
This is my signature. There are many like it, but this one is mine.
Re:So, it's not only the Russians that hack, huh! by fustakrakich · 2017-03-23 04:50 · Score: 1

Yeah, well, when it comes to the CIA/DEA/FBI/etc it is pretty naive to believe they are bound by any 'laws'

--
“He’s not deformed, he’s just drunk!”
Re: So, it's not only the Russians that hack, huh! by infolation · 2017-03-23 04:54 · Score: 1

Chromebooks (specifically the Asus c201) can be safer if the firmware has been replaced with Libreboot. The rest of the c201 hardware has open source drivers for Chrome OS. So, in theory, that would be the most up-to-date hardware capable of entirely running FOSS, including the firmware, without BLOBS.

(no tails support though, argh)
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 04:56 · Score: 0

Prove "it's the law'...DO YOU KNOW if all of FISAs ruling are open? NO, you are a subject , just like the rest of us, pal.
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 05:00 · Score: 0

Prior to this, I'd have thought America and especially its government agencies do not hack.
People have been bitching about this for a quarter of a century, with the passage of CALEA which was basically a requirement that things aren't allowed to be secure against government intrusion. (With various limitations, but it was enough to reveal the government's intent.) And there are lots of great, legendary stories about American "white hat" (from American PoV) hacking, whether it's Russian pipeline sabotage in the 1980s, Stuxnet not-so-long-ago, and some great WW2 stories too (though the Brits were even more famous).
You're either lying, or you are far more ignorant than the average ignorant person. I think you're lying, though.

Question: Will the media put both the left and right to task?
I think they started doing it in the 1760s (in debates over the Stamp Act) but it might be older than that (I'm no historian). You might want to try harder to keep up-to-date.
Re:So, it's not only the Russians that hack, huh! by tinkerton · 2017-03-23 05:11 · Score: 1

What makes you think this spying was taking place in our backyard? The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens. (it doesn't mean they weren't, either -- but as a matter of law, they are not legally allowed to spy inside the US)
Ahem,I don't know about what they're installing on US home computers but where communication is concerned I know at least three ways around the legal limitations without the need to ask for a warrant and without doing anything illegal: they can target someone abroad with the express purpose to monitor a US resident who is in contact with that person abroad. They can ask the UK to monitor the US resident, and they can do some rerouting through foreign servers in order to label communication as foreign.
And apart from that they are of course also doing things that are illegal but maybe in the future will no longer be so.
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 05:19 · Score: 0

>>Prior to this, I'd have thought America and especially its government agencies do not hack.
Then you are either a deliberately disingenuous person or someone completely disconnected with reality. Either way, stop posting.
Re:So, it's not only the Russians that hack, huh! by Fire_Wraith · 2017-03-23 05:35 · Score: 1

No one should be surprised that US Intelligence agencies hack. That's the very core of their job - spying!

What made the Snowden leaks such a big deal was not that the U.S. was spying, but that there was bulk spying going on, grabbing everyone's information, including Americans. What these leaks accuse the CIA of doing is being able to spy on particular, specific targets, which is the way they're supposed to do it.

Now, some people might think that this is bad because the CIA can hack computers we use, but that's an entirely different issue. Put another way, the CIA has guns that can kill me, yet absent any indication that they're going to use them on me/someone like me, or have in the recent past, it's not something I'm going to be worried about. Cops have guns, but I'm not worried about them having guns until/unless I see that my local police department is getting involved in a bunch of unjustified shootings of citizens - and even then, my worry isn't that they have them, but that they're misusing them. (And I'm not seeing evidence of that in these leaks, with these capabilities, yet)
Re:So, it's not only the Russians that hack, huh! by phantomfive · 2017-03-23 06:10 · Score: 1

Prior to this, I'd have thought America and especially its government agencies do not hack.
The US has a long history of hacking spying. One of the recent complaints against the NSA is they keep exploits for their own use, instead of finding them and fixing them (thus they potentially leave everyone exposed).

The Stuxnet attack was a difficult one to pull off because they had to go over an air-gap, and attack very expensive equipment (most of us don't have access to that equipment, and can't afford it).

Snowden reported quite a bit of hacking. It's also known that the NSA was monitoring Angela Merkel's phone, presumably through hacking it.

In a very cool hack, the US sent submarines to spy on Soviet underwater cables.

I've read reports that the US had a corporate espionage program in the 80s and 90s, but I can't find any reference to it right now somehow.

--
"First they came for the slanderers and i said nothing."
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 06:19 · Score: 0

I believe the US government agencies are engaging in widespread warrantless spying of US citizens because:
1) they have the tools, talent, and resources to do so
2) there is great profit in doing so (think evil, you will figure it out)
3) they can get away with it (up until recently, they have been doing it in secret, and still now, they are above the law).
Means, motive, and opportunity. The only force that would stop them would be some kind of moral righteousness. That all goes straight out the window once one attains any real amount of power or wealth.
Seriously, only optimists who chose to remain naive convinced themselves that this sort of thing wasn't going on...and continue to convince themselves that it will stop now that some information about it has come to light.
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 06:21 · Score: 0

Prior to this, I'd have thought America and especially its government agencies do not hack.
Ummm, naivety aside, did you not hear about Ed Snowden and all of his disclosures in 2013?
It was big news at the time... were you living under a rock?
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 06:25 · Score: 0

Those laws are NOT ENFORCED. It is absolutely naive to believe that an unenforced law will stop a powerful agency that can operate in secret!
Transparency is the *only* means of ensuring that government agencies do not break the law. You can't rely on their good nature! These people are power-hungry career politicians for God's sake!
Wherever you cannot see what your government is doing, there your government is betraying you. It's a fact. Cast your idealistic bullshit to the wind and face the realities of human nature.
Re:So, it's not only the Russians that hack, huh! by chispito · 2017-03-23 07:09 · Score: 1

Prior to this, I'd have thought America and especially its government agencies do not hack.
I guess I was wrong. What troubles me is that the media only talked about the Russians, yet the act was taking place in our backyard!
Question: Will the media put both the left and right to task?
Newflash: Spies spy.

--
The Daddy casts sleep on the Baby. The Baby resists!
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 07:31 · Score: 0

> but as a matter of law, they are not legally allowed to spy inside the US
Except via giant loopholes which do allow them to spy inside the US
Re:So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 08:07 · Score: 0

I guess I was wrong. What troubles me is that the media only talked about the Russians, yet the act was taking place in our backyard!

You have to be kidding. Why the hell you think Snowden got himself exiled in Russia? It was the whole point of his CIA/NSA reveals. As for IME, that's been known by techies since 2011(?). The whole IME scheme makes so much more sense since neither Russia or China has put up much of a computing competitor to Intel.

Will the media put both the left and right to task?
No, the fact that you couldn't add up two plus two underlines how mainstream media panders to the security state. Its not enough to be scrupulously truthful, and yet only report half of the story.
As a side note, everyone (except perhaps Trump) wants to make the Russians the new and improved boogeyman, but the reality is they were much more dangerous to US interests back when it was the Soviet Union. They don't possess a top ten GNP economy, technologically and industrially they're behind most Western nations and China. Their military prowess is only regional, and would get their asses kicked by a united and prepared EU; not even including the US. The only genuine threat the Russians possess is their nuclear arsenal, and that has an extremely limited utility in diplomacy. Putin is a ruthless autocrat, but he's way more rational than Kim Jong Un. Russia is just the world's street punk, who's willing to punch above his weight. They're not a good boogeyman threat against the US, and they're more useful when dealing with them (ruthlessly) in kind. If the Dick Cheney's of the world want to create a big boogeyman for US citizens to throw away their rights and common sense, they're better off making China/North Korea that existential threat.
Re:So, it's not only the Russians that hack, huh! by squiggleslash · 2017-03-23 08:33 · Score: 1

Just to be clear: you think the CIA doesn't spy on anyone with modern technologies, and you think this because the media didn't report it?
First: Are you aware what the CIA is? Or the NSA?
Second: Do you really read newspapers? I mean, there's this Manning person, and another guy called Snowden, who passed quite a bit of information to the newspapers during the last part of the last decade, and first part of this one, about how groups like the NSA work. Did you not read those articles?
Look, I'd point you at some links, but why not just hop over to guardian.co.uk, and do a quick search. You'll find quite a bit of news you apparently missed.

--
You are not alone. This is not normal. None of this is normal.
Re: So, it's not only the Russians that hack, huh! by Anonymous Coward · 2017-03-23 08:45 · Score: 0

Not all of the drivers for the c201 are open source.
Re:So, it's not only the Russians that hack, huh! by AHuxley · 2017-03-23 10:11 · Score: 1

Re "The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens."
"Files on Illegal Spying Show C.I.A. Skeletons From Cold War" (June 27, 2007)
"...new details about how the Central Intelligence Agency illegally spied on Americans decades ago, including trying to bug a Las Vegas hotel room for evidence of infidelity and tracking down an expert lock-picker for a Watergate conspirator."
http://www.nytimes.com/2007/06...
Operation CHAOS https://en.wikipedia.org/wiki/...
".. American domestic espionage project conducted by the Central Intelligence Agency from 1967 to 1974"
Thats why the US got its United States President's Commission on CIA Activities within the United States. https://en.wikipedia.org/wiki/...

Inquiry by C.I.A. Affirms It Spied on Senate Panel (July 31, 2014)
".. officers penetrated a computer network used by the Senate Intelligence Committee in preparing its damning report on the C.I.A.’s detention and interrogation program."
https://www.nytimes.com/2014/0...

--
Domestic spying is now "Benign Information Gathering"
Re:So, it's not only the Russians that hack, huh! by Agripa · 2017-03-27 00:15 · Score: 1

What makes you think this spying was taking place in our backyard? The fact that the CIA was installing spyware doesn't mean that the CIA was installing spyware on the property of US citizens. (it doesn't mean they weren't, either -- but as a matter of law, they are not legally allowed to spy inside the US)
They were not suppose to be torturing people either but that did not stop them. So I guess it was legal. And I assume it is continuing. It was certainly been sanctioned with approval.

I thought that was only in servers by Viol8 · 2017-03-23 04:34 · Score: 1

For remote management of OS startup/shutdown and system monitoring and its effectively a small seperate computer. I don't think consumer machines have this installed. Unless I'm getting confused about what you're referring to.

Re:I thought that was only in servers by goombah99 · 2017-03-23 04:37 · Score: 4, Informative

nope, it's in every core processor chipset.

--
Some drink at the fountain of knowledge. Others just gargle.
Re:I thought that was only in servers by Anonymous Coward · 2017-03-23 06:07 · Score: 0

That's why I've been hoarding Pentium's [pre 2006]. I have lots of them. With a good load balancer and my custom Linux distro, I'm good for the rest of my life.
Re:I thought that was only in servers by Zero__Kelvin · 2017-03-23 07:14 · Score: 1

The IME (Intel) and PSP (AMD) are on all modern systems, however they can be disabled in the UEFI configuration. Servers tend to have Out of Band network interfaces (NICs) to access them such that the controlling entity can be on a LAN that is separate from the internet connected one, but all modern systems have such capabilities (management engines.) You can go into your UEFI (falsely a.k.a. BIOS) setup and see the options to enable and disable it and it's features,.

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Re:I thought that was only in servers by Zero__Kelvin · 2017-03-23 07:15 · Score: 1

Or you could, you know, disable it in the UEFI config.

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Re:I thought that was only in servers by Anonymous Coward · 2017-03-23 08:27 · Score: 0

In the days of Jaketown processors and Rosecity motherboards it's in the motherboard firmware and CPU specifically. Had to get one without ME to test it and it took an act of god along with a special CPU and firmware to disable ME.
Re:I thought that was only in servers by goombah99 · 2017-03-23 10:41 · Score: 1

you can't disable it. if it doesn't run it shuts the chip down in 30 minutes.

--
Some drink at the fountain of knowledge. Others just gargle.
Re:I thought that was only in servers by goombah99 · 2017-03-23 10:43 · Score: 1

what you said seems to be fully contradicted in everything I have read on this. People have been trying to years to turn this off. there were a couple of hacks discovered but now those dont work either.

--
Some drink at the fountain of knowledge. Others just gargle.
Re:I thought that was only in servers by Trogre · 2017-03-23 11:58 · Score: 1

So... just route around Intel by buying AMD and you're good, right?

--
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife

Don't forget about IntelAnon by Anonymous Coward · 2017-03-23 04:35 · Score: 0

Today has two big stories, get them both.

https://archive.4plebs.org/pol/thread/117886401/

coreboot, Coreboot, COREBOOT! by Anonymous Coward · 2017-03-23 04:43 · Score: 0

And still, still, not a single major hardware vendor has the guts to offer hardware that has freed, open code from the silicon up. All too cowed by Intel (which, funnily enough, is beginning to look like an all-too apt name for that company), into using UEFI.

To bad you can't get to the UEFI / BIOS menus on a by Joe_Dragon · 2017-03-23 04:47 · Score: 1

To bad you can't get to the UEFI / BIOS menus on a mac to be able to change boot keys.

User-maintainable is a security requirement by Anonymous Coward · 2017-03-23 04:47 · Score: 0

If you can't audit or maintain it, then you have no reason to suspect it may be secure. And in fact, you really do have good cause for thinking that it is deliberately made to be insecure on purpose -- not even a bug.

Not exactly news by 93+Escort+Wagon · 2017-03-23 04:57 · Score: 1

This even made it into an episode of "Person of Interest" during its last season - although in that case I believe it was a criminal syndicate adding code to the EFI before the computers were shipped. Oh wait, I guess it was exactly the same after all!

--
#DeleteChrome

Re: So, it's not only the Russians that hack, huh by Anonymous Coward · 2017-03-23 05:33 · Score: 0

Thank you for your insightful words

Good For The CIA by Anonymous Coward · 2017-03-23 05:42 · Score: 0

If you oppose the CIA installing their software at the firmware level, then you are in cahoots with Trump and Russia.

GO CIA! Your software needs to be in ALL electronics!

Physical access by MikeMo · 2017-03-23 05:47 · Score: 2

Note that both of these hacks require physical access.

Re:Physical access by Anonymous Coward · 2017-03-23 09:31 · Score: 0

Like when items are ordered online and sent through the post? Or when you are sending equipment abroad and it has to go through customs?
I try not to let my laptop out of my sight when travelling, but on two occasions, this has happened. The first was to swab my laptop for explosive residue (which to the confusion of the customs agent it did - we live right next to a quarry). The second was when the budget airline decided that on flight no one was going to be allowed to carry any hand luggage.
I have relatives who got their broadband along with a free PC from British Telecom. When they had connection problems and called up BT to fix it, the BT engineer from the other end of the country simply logged into their PC remotely and set up all the connections right there.
Re:Physical access by AHuxley · 2017-03-23 09:54 · Score: 2

That makes it better? The CIA has to distract a person to get to the phone? Or become their friend? Or watch their online shopping and alter it during shipping?.
The physical access just avoids unexpected network sweeps, logs or code litter.
No network access to the device to alter the device, no network access to remove captured data.
Its more about tradecraft than any US domestic legal protection.
Be aware of unexpected new friends, offers of friendship that seem too perfect. Its a distraction to get the device.

--
Domestic spying is now "Benign Information Gathering"
Re:Physical access by cmseagle · 2017-03-23 23:29 · Score: 2

That makes it better?
Uh, yeah, it definitely does. It drastically reduces the number of people/organizations who can exploit the vulnerability. Needing physical access is a huge obstacle for your average cyber criminal.

Obligatory: Intel CPU Backdoor Report by Anonymous Coward · 2017-03-23 06:13 · Score: 5, Interesting

Obligatory: Intel CPU Backdoor Report

Intel CPU Backdoor Report (Updated Mar 13, 2017)

The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

What we know about Intel CPU backdoors so far:

TL;DR version

Your Intel CPU and Chipset is running a backdoor as we speak.

The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

30C3 Intel ME live hack:
@21m43s, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.
[Video Link] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware
[Quotes] Vortrag:
"DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel."

"the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug."

"We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code."

"To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME)."

"We can permanently monitor the keyboard buffer on both operating system targets."

Backdoor removal:
The backdoor firmware can be removed by following this guide using the me_cleaner script.
Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

Decoding Intel backdoors:
The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

If you are skilled in these areas, download Intel ME firmwares from this collection and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

Useful links:
The Intel ME subsystem can take over your machine, can't be audited
REcon 2014 - Intel Management Engine Secrets
Untrusting the CPU (33c3)
Towards (reasonably) trustworthy x86 laptops
30C3 To Protect And Infect - The militarization of the Internet
30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software

1. Introduction, what is Intel ME

Short version, from Intel staff:

Re: What Intel CPUs lack Intel ME secondary processor?
Amy_Intel Feb 8, 2016 9:27 AM

The Management Engine (ME) is an isolated and protected cop

Re:Obligatory: Intel CPU Backdoor Report by ArmoredDragon · 2017-03-23 06:26 · Score: 0

That's nice, except for the part where it's independent of the CPU (in other words, it works even with a dead CPU) and the fact that it's off by default and the end user has to go out of their way to enable it. Though that doesn't make for a good enough conspiracy theory so nobody mentions it, and instead only pay attention to RMSs (incorrect) belief that it's enabled by default.
Re:Obligatory: Intel CPU Backdoor Report by Anonymous Coward · 2017-03-23 08:16 · Score: 0

lol you keep posting this but what do you want anyone to do about it? let me just throw out my whole computer or try to un-micro-solder random bits... get it sent to the lame stream news media and maybe it will grab some real attention by the general populace...
Re: Obligatory: Intel CPU Backdoor Report by Anonymous Coward · 2017-03-24 20:39 · Score: 0

AMD

UEFI rhymes with goofy by Anonymous Coward · 2017-03-23 06:15 · Score: 0

As I've long pointed out, that awful, cumbersome scheme that now is the way that Windows prefers to boot PC's is goofy. As we can see now, it's worse than goofy--it can invade our privacy.

Long I've heard the complaint of computer-repair techs that UEFI makes their work much harder.

Re:UEFI rhymes with goofy by Zero__Kelvin · 2017-03-23 07:07 · Score: 1

It is pronounced as "You Effy" so it rhymes with your friend's Jeff's name when he was a kid (Jeffy) ... as in , hey You ... Jeffy ... come here. So no, it does not rhyme with Goofy.

If a computer tech has told you that it makes his job more difficult then said computer tech is an incompetent moron.

As far as your claim you don't seem to understand how the optional Secure Boot facility would stop this attack cold in it's tracks. With UEFI you CAN fight such an attack. With BIOS you have no such capability to protect against boot sector viruses, etc. Your post is nothing but ignorant claims about technology you don't understand, so much so that you don't even know how to pronounce the technologies name.

Is UEFI perfect? Of course not. Is it the best possible solution? Of course not. Is it better than BIOS? Hell to the fscking YES.

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Re:UEFI rhymes with goofy by cfalcon · 2017-03-23 08:54 · Score: 1

Pretty much fuck you.
UEFI has greatly complicated everything it touches that I run into professionally, because it has turned stuff that had a reasonably standard way of happening into a shitshow of different custom crap, stupid shims, etc. Legacy OSes get confused, so it seems mostly tuned towards the applications that use the latest and greatest stuff. Sometimes you have to try out numerous combinations where the firmware treats some components as legacy BIOS and others as UEFI. The machines take longer than ever to boot, which I'm not sure is related to UEFI, but seems to have started around the same time.
All this from a product that was supposed to make stuff simpler!
Bitching about boot sector viruses is a dumb joke. BIOS just boots what you give it. If the BIOS isn't writable, then you can be sure your virus is gone if you just take out all the writable parts. With UEFI, you can have a FIRMWARE VIRUS that is literally and completely impossible to detect or remove. UEFI's ability to only launch a signed shim thing only inconveniences me, while creating an entirely new low level exploitable place that you can never trust- that is actually the point of this news article, after all.
UEFI is more capable, and slowly becoming standard enough. But it is still a mess that allows a new infection vector, a new place to store viruses, and somehow tries to be more secure by giving only Microsoft a signing key that everyone else has to beg for. There's a lotta backwards decisions in UEFI-land.
Re: UEFI rhymes with goofy by Anonymous Coward · 2017-03-24 20:34 · Score: 0

Uhh... I hate to tell you this but firmware malware and UEFI have very little to do with each other.
Most firmwares are updated by a simple software tool on the OS. Malware would just take this route, UEFI or not

Russia scared of Apple by WillAffleckUW · 2017-03-23 06:19 · Score: 1

Buy Apple. It's the American thing to do.

--
-- Tigger warning: This post may contain tiggers! --

Obligatory:Intel CPU Backdoor Report (Mar 22 2017) by Anonymous Coward · 2017-03-23 06:33 · Score: 0