Researchers Hack Intel's VPro

snydeq writes "Security researchers from Invisible Things Lab have created software that can 'compromise the integrity' of software loaded using Intel's vPro Trusted Execution Technology, which is supposed to help protect software from being seen or tampered with by other programs on the machine. The researchers say they have created a two-stage attack, with the first stage exploiting a bug in Intel's system software. The second stage relies on a design flaw in the TXT technology itself (PDF). The researchers plan to give more details on their work at the Black Hat DC security conference next month."

Invisible Things Labs is J. Rutkowska (Blue Pill)

[paleshadows]

"Invisible Things Labs" means, more or less, Joanna Rutkowska, discussed in these related slashdot stories

• VM-Based Rootkits Proved Easily Detectable [slashdot.org]
• Blue Pill Myth Debunked [slashdot.org]
• Hacker Defeats Hardware-based Rootkit Detection [slashdot.org]
• Rutkowska Faces 'Blue Pill' Rootkit Challenge [slashdot.org]

Hmm

[Anonymous Coward]

The Wii has 232 bit elliptic curve encryption. While it hasn't yet been broken, someone I believe did break a 109-bit key. There isn't security that will ever exist which can't be broken.

Re:Wii Homebrew Channel

[Anonymous Coward]

Yes. Google '360 timing attack'. All keys can be retrieved, at which point you can disable/bypass the encryption at any stage after the very first hardware-embedded loader signature checks.

Re:Wii Homebrew Channel

[marcansoft]

Someone's been living under a rock since December 2007.

I'll just point you to the recent 25th Chaos Community Congress Console Hacking talk (slides [marcansoft.com], video [tu-ilmenau.de]) which neatly summarizes a year of hacking and how much of a horrible failure Nintendo's security has been.

Spoiler: their signatures used to have 8-bit security. Literally.

We've had lots [hackmii.com] of [youtube.com] fun [wiibrew.org].

Re:Another repeat: the unlockable lock

[Anonymous Coward]

There's already a hardware hack in progress. [hydrogenaudio.org] But, as you say, the format is so obscure there's little demand for such ripping.

Re:Wrong Wrong Wrong

[wildstoo]

From Wikipedia [wikipedia.org]:

Intel Active Management Technology (AMT) is hardware-based technology for remotely managing and securing PCs out-of-band.

Also from Wikipedia [wikipedia.org]:

Out-of-band is a technical term with different uses in communications and telecommunication. It refers to communications which occur outside of a previously established communications method or channel.

In this case it means remotely changing system (BIOS) settings etc. while workstations/servers are 'powered down'. There's more to it than that, of course. Check the features list on that linked article.