/tech/ - Technology★

So? Thorough testing of chips allows you to do things such as enjoying Netflix or Fortnite smoothly and flawlessly.

>One of the techniques shared by the researchers involved vulnerabilities detailed in Intel-SA-00086 advisory that give access to Intel Management Engine (Intel ME)

I'm interested. Any chance it could be used to disable ME?

>>1048418

No, the ME is used to gain access to this and therefore memory.

>>1048418

https://www.youtube.com/watch?v=aRUxfxp9dJ8

these are now released almost every week but somehow theres no mass exploiting of intel systems happening

>>1048418

or could it be used to reverse engineer the proprietary parts so all intel devices could have libreboot and maybe free cpu firmware too

So can you get root as regular user or what exactly is the implication here?

Is there even an implication or is this merely good news for people trying to reverse engineer intel chips like anon said?

>>1048571

these are now released almost every week but somehow theres no mass exploiting of intel systems happening

There really isn't many people who know about hardware because it's alls secret and really disgustingly ugly designed so those vulnerabilities are probably expensive as fuck.

everyone posting ITT is retarded

this isn't an "exploit". this is a hidden debug mode that has to be enabled using preexisting exploits that are practically impossible to utilize unless very specific conditions are met and even then exploit execution is incredibly time consuming, prone to failure + super easy to notice by a semi-competent administrator

>>1048586

irregardless here are some tips for tightening security:

disable hardware virtualization

disable multithreading

don't use an operating system that allows memory to be wx

make sure your bios firmware is up to date and you have the latest intel microcode updates

KILL THEM ALL

A PHOENIX SHALL RISE FROM THEIR ASHES

>>1048571

>these are now released almost every week but somehow theres no mass exploiting of intel systems happening

>>1048586

>everyone posting ITT is retarded

>this isn't an "exploit".

INTEL ON FULL DAMAGE CONTROL

DO NOT EVER BUY INTEL HARDWARE OR PRODUCT

EVERYTHING FROM INTEL IS TOTAL JEWISH ORWELLIAN BOTNET

INTEL is israeli jewish mossad company that supports (((world government))) and killing of all white people

The faggot mods here don’t like Intel vuln threads.

>>1048698

Maybe they should write Intel a letter and ask them to stop leaving so many vulnerabilities in then.

>>1048702

>Maybe they should write Intel a letter and ask them to stop leaving so many vulnerabilities in then.

I kek'd. Now >>>backtoreddit

>>1048587

>disable multithreading

You could just say "don't use a computer" at that point.

>>1048659

Sure thing schizo

>>1048744

Ask me how I can tell you’re a kike.

>>1048762

It takes one to know one.

>>1048698

>The faggot mods here don’t like Intel vuln threads.

they are corrupt and get a lot of dollars from Intel

>>1048698

You're actually wrong. The mods don't like multiple threads for a single topic. Keep the discussion to that one thread and recreate the thread when it reaches the thread limit.

>>1048762

Because you're a schizo?

>>1049145

No it's your alien mode of argumentation. You'll never fit in amongst the gentiles.

Uninstall the unnecessary ISA drivers if you're using jewtel laptops/computers.

Laptops with jewtel core processors 2n'd gen above are likely gonna have the same level of exploits and it's not just your data, but the MINIX backdoor that lets them watch you over the webcam as long as it's connected through the intel gigabit lan + intel mobo + intel/minix processor. Mainly the reason why laptops could only use whitelisted wlan cards that doesn't break or spill the beans of that ecosystem of backdoors. That is ME. There's another which is handles the intel RAID that is likely on modern computer/laptops.

The new shit is the (((NVMe))) and seriosly hope you didn't buy that crap.

Anything intel is mossad hardware that reports livestock human to the ayy overlords.

>>1049145

NOTHING WRONG WITH BEING A SCHIZO. THE SCHIZO'S ARE DESCENDANTS OF JESUS. IT GIVES THEM TELEPATHIC POWER.

>>1049225

Schizophrenics are glowniggers

>>1049016

Synagogue of Satan members.

>>1048564

Recommendations.

Instead of hotwiring a prototyping board pull out soldering iron and make it right.

Have the raspberry pi open a reverse shell back to the and talk to a handler on your other machine. Better yet just attach a screen to the pi.

Create a script to do all of this so all you have to do is plug in the chip and run ./unfuckmyshit.sh

It would not be a big deal to write some BASH or Python scripting to handle the entire process. That is a lot of work just to turn of some shit.

Github repo

https://github.com/ptresearch

Blog

https://blog.ptsecurity.com

This looks like it could be fun to fuck around with. Oh seems it's just privilege escalation. That's no fun. This is a lot of fuss over something that you need to have local access to manipulate. Or am I missing something?

>>1049261

Every layer is like peeling an onion. Yes you missed something.

>>1049266

So VISA is vulnerable to RCE?

>>1049267

Maybe not directly but you should watch every Positive Technologies presentation as soon as they are put onto the web, and follow their blog. A couple ruminations later and you'll arrive at the same conclusion I did, which is that ME can be exploited in several ways including with undocumented instructions of which we know now there are quite literally millions.

>>1050721

Is none of this mitigated with coreboot?

>>1049261

Breaking into the houses of their top level engineers and torturing them for information sounds more feasible tbh

>>1050804

Me_cleaner is included with coreboot and can help with some me attacks. Coreboot can help against uefi attacks. Lots of the recent intel exploits are against the cpu though.

>>1050721

How do I watch Positive Technology presentations? I don’t see them on their website.

>>1048410 (OP)

People still using kike products? Ha

>>1048587

>disable hardware virtualization

Don't virtually all recent hypervisors require h/w virtualization enabled (VT-x and/or VT-d etc.)?