4 New Vulnerabilities in Most Intel CPUs
submitted 4 months ago by BackwardsCompatible from (engadget.com)
[–]magnora7 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 0 fun6 insightful - 1 fun - 4 months ago (5 children)
After finding out they deliberately built backdoors in to all intel processors a couple years ago, I find it hard to care anymore about Intel's CPU security. They've obviously built it to be backdoored in the deepest ways possible, so how can I expect to be secure? I can't.
[–]wizzwizz4 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 4 months ago (4 children)
This isn't a backdoor, though. (And if you're talking about IME, it probably isn't intended to be a backdoor (despite being able to easily function as one) and there are several ways to mostly disable it. Still pretty rubbish, though.)
[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 4 months ago (3 children)
Good points, but I think it was intentional. https://www.eteknix.com/nsa-may-backdoors-built-intel-amd-processors/
[–]wizzwizz4 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - 4 months ago (0 children)
That article makes the claim:
This is faulty logic. Yes, the whole malware-prevention system is flawed if Intel releases IME software containing a backdoor (as they kind of accidentally did, by releasing buggy IME software without providing a way to invalidate that seal of approval, so an updated less-buggy IME system can just be replaced with the buggy one and then exploited as usual – which is only an issue if the attacker has IME-flashing ability, but is still a larger attack surface than strictly necessary) but that doesn't mean they're deliberately introducing backdoors into IME-signed code.
I think Intel should be making IME-free processors or making the code more open, but you're already trusting Intel when you buy their chips and install their microcode patches.
What I'd really like is if there was some mechanism like this:
This allows anyone to write code for the IME system in their device (so Puri.sm could just include an extra ROM chip and write their own IME code, then release updates to that IME system when bugs are found without having to go through Intel) without making it insecure.
[–]zyxzevn 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - 4 months ago (1 child)
I think that Intel and AMD will have gotten quite a donation for backdooring all PCs. But we will probably not really know, until it is too late.
[–]magnora7 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - 4 months ago (0 children)
I think you are almost certainly correct. It's probably part of that $60 billion per year additional "black budget" the CIA gets that no one gets to know anything about.
[–]Optimus85 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 4 months ago (0 children)
This is why an open-source/open-architecture CPU seems more and more like a viable alternative: https://www.youtube.com/watch?v=L8jqGOgCy5M
[–]HeyImSancho 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 4 months ago (0 children)
But dissenter, and gab, they're the evil!!! Mistake, or not, they knew, and concealed this; it's simple treachery for a buck, or worse.
use the following search parameters to narrow your results:
e.g. sub:pics site:imgur.com dog
sub:pics site:imgur.com dog
advanced search: by author, sub...
~5 users here now
Information Security Technology sub. For resources, news, memes, and community.
Please review the rules before participating.