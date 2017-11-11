Researchers Run Unsigned Code on Intel ME By Exploiting USB Ports (thenextweb.com) 46
Slashdot bongey writes: A pair of security researchers in Russia are claiming to have compromised the Intel Management Engine just using one of the computer's USB ports. The researchers gained access to a fully functional JTAG connection to Intel CSME via USB DCI. The claim is different from previous USB DCI JTAG examples from earlier this year. Full JTAG access to the ME would allow making permanent hidden changes to the machine.
"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."
They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."
"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."
They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."
Re: MODERATION IS CENSORSHIP (Score:1)
Re: (Score:2)
When you post off topic drivel in an attempt to derail a conversation you're suppressing the free speech of others. Get fucked.
Re: (Score:1)
Provably false. You're not very smart, are you?
Re: MODERATION IS CENSORSHIP (Score:2)
Re: (Score:3)
Posting as AC is self-censorship.
Re: (Score:3, Insightful)
even an AC on this site should be smart enough to know the difference. if you can't, perhaps you should go run along to reddit or some other site where the users and their submissions are down at your own comprehension level.
vulnerabilities in linux kernel drivers for usb are relatively easy-to-fix *SOFTWARE* issues.
the code is worked-on and reviewed by multiple, independent parties; and can also be examined and compiled by end users.
vulnerabilities in intel management engine are not. they are flaws in the
Re: (Score:2)
vulnerabilities in intel management engine are not. they are flaws in the *HARDWARE*
But you still need physical access to the machine.
And I think its mostly firmware, not hardware, so it's probably patchable.
JTAG = direct serial connection? (Score:1)
If they can get a JTAG connection to it directly, does this mean we could also just fry the thing to neutralize it without harming the rest of the computer then?
Re: (Score:2)
Epoxy the USB ports!
Re: (Score:2)
Not going to help if it's already been compromised before you receive it. [rawstory.com]
Will Intel ME run Windows ME? (Score:2)
Intel ME is awesome (Score:1)
What I hate about all these stories? We have security researchers who decry the evil of Intel ME. How it can be used to fully control a system. How it allows remote access. You know, those are GOOD things. The only bad parts are (1) it's closed source, (2) it has security vulnerabilities, and (3) the owner (whether it's a corporation or a single person) doesn't have control over it. What I want to see is not the Intel ME disabled. I want to see it turned into a bare bones OS precisely for the average
Re: (Score:2)
What I hate about all these stories? We have security researchers who decry the evil of Intel ME. How it can be used to fully control a system. How it allows remote access. You know, those are GOOD things. The only bad parts are (1) it's closed source, (2) it has security vulnerabilities, and (3) the owner (whether it's a corporation or a single person) doesn't have control over it. What I want to see is not the Intel ME disabled. I want to see it turned into a bare bones OS precisely for the average user to remotely log in, flash a new BIOS (or recover from a brick), and to maximize control over things like power settings, usb access, etc.
There's nothing wrong with a God mode. They key is making sure the right person is God.
The problem here is as the TFA points out, the Intel ME stuff is really poorly documented and it's very complicated what tools and documents I've come across. Certainly way more than an end user could wrap their head around if a refurbisher like me is still trying to understand ME and how it works, when it works, etc.
The closed-source nature of it is a huge problem too, as obvious from this article. So yeah, sure, God-mode might be pretty cool, but it's a bit dangerous if others can exploit it just as eas
dahlink (Score:1)
I've found a photo of this pair of "security researchers" in Russia:
https://pre00.deviantart.net/f... [deviantart.net]
Beyond scary (Score:3)
This Management Engine stuff just gets scarier and scarier. Just like intentional backdoors in encryption WILL be found and exploited, these undocumented "systems" within our systems will be cracked and the result can and will be DEVASTATING. It is hard enough to keep operating systems updated and secure. Firmware-level security is not something that can be easily maintained on running machines, even if Intel and friends can put out patches fast enough. I want my machine to be MINE.
These "infected" machines are making their way into our entire infrastructure- controlling everything from power generation, traffic, government operations, military, healthcare, just about everything. Imagine black-hatters, rogue nations, criminals, or terrorists simply bypassing all normal security and just taking control of the hardware and doing whatever they want.
WE ALL NEED THE ABILITY TO ABSOLUTELY DISABLE ME AT THE BIOS AND/OR HARDWARE LEVEL. And we need it NOW!
Oh, and AMD is doing the same thing as Intel, so don't look to them as some alternative.
Re: (Score:2)
Could make DRM core accessible (Score:4, Interesting)
This could potentially give people full access to the Intel Insider [wikipedia.org] core which is what all the 4K DRM relies on.
I hope after IME is fully pwn3d that people will start taking a crack at AMD's PSP because I would like to have a fully open system but I refuse to financially support Intel due to their highly unethical and anti-competitive behavior.