Researchers Find a Way To Disable Intel ME Component Courtesy of the NSA

Name
Email
Subject
Comment *
File	Select/drop/paste files here
* = required field	[▶ Show post options & limits] Confused? See the FAQ.

Flag
Oekaki	Show oekaki applet (replaces files and can be used instead)
Options	Do not bump (you can also write sage in the email field) Spoiler images (this replaces the thumbnails of your images with question marks)
Password	(For file and post deletion.)
Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf Max filesize is 16 MB. Max image dimensions are 15000 x 15000. You may upload 3 per post.

File (hide): 15ae2e9f968af75⋯.png (72.3 KB, 589x360, 589:360, NSA-Inside-Dave-van-Engleh….png) (h) (u)

▶Researchers Find a Way To Disable Intel ME Component Courtesy of the NSA Anonymous 12/08/17 (Fri) 08:54:47 No.834537>>834542 >>834662 [Watch Thread][Show All Posts]

https://www.bleepingcomputer.com/news/hardware/researchers-find-a-way-to-disable-much-hated-intel-me-component-courtesy-of-the-nsa/

>Researchers from Positive Technologies -- a provider of enterprise security solutions -- have found a way to disable the Intel Management Engine (ME), a much-hated component of Intel CPUs that many have called a secret backdoor, even if Intel advertised it as a "remote PC management" solution. People have been trying for years to find a way to disable the Intel ME component, but have failed all this time. This is because disabling Intel ME crashes computers, as Intel ME is responsible for the initialization, power management, and launch of the main Intel processor.

>Positive Technologies experts revealed they discovered a hidden bit inside the firmware code, which when flipped (set to "1") will disable ME after ME has done its job and booted up the main processor. The bit is labelled "reserve_hap" and a nearby comment describes it as "High Assurance Platform (HAP) enable." High Assurance Platform (HAP) is an NSA program that describes a series of rules for running secure computing platforms. Researchers believe Intel has added the ME-disabling bit at the behest of the NSA, who needed a method of disabling ME as a security measure for computers running in highly sensitive environments.

http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

Can I buy Intel processors now? I fucking love NSA.

▶Anonymous 12/08/17 (Fri) 09:07:13 No.834542>>834548

>>834537 (OP)

>"fixed" one "flaw" yet "accidentally" create another.

Check'm. Also NSA and security do not compute.

▶Anonymous 12/08/17 (Fri) 09:17:52 No.834548

>>834542

It's for their own machines so maybe it does something, unless Intel have built in a different bit to reactivate the ME for a foreign government cough cough (((israel))) cough

▶Anonymous 12/08/17 (Fri) 10:34:19 No.834585

How the fuck can I do this?

▶Anonymous 12/08/17 (Fri) 10:52:41 No.834593

https://twitter.com/rootkovska/status/938458875522666497

>Attacking #IntelME by @h0t_max & @_markel___ at #BHEU

>1. Requires malformed file on SPI flash (needs physical access or bug in BIOS)

>2. Bug in early-loaded module, so ME "disabling" by HAP is not a cure

>3. Culprit is classic(!) stack overflow

>4. Full code exec in ME Congrats!

Sorry OP but your solution is worthless.

▶Anonymous 12/08/17 (Fri) 11:31:15 No.834600>>834717

WOW FRESH NEWS

Congratulations, you totally contributed to the topic of Intel Meme Engine, OP!

▶Anonymous 12/08/17 (Fri) 14:47:17 No.834662

>>834537 (OP)

ME CANNOT BE DISABLED ON NEW GEN HARDWARE

https://mail.coreboot.org/pipermail/coreboot/2017-December/085669.html

*"The disappointing fact is that on modern computers, it is impossible to

completely disable ME. This is primarily due*

*to the fact that this technology is responsible for initialization, power

management, and launch of the main processor."*

I will repeat again (in RED). Long before BIOS starts, there are (at least

>5) very complex phases how the whole platform, by HW

and FW is initialized. There are several components which are interacting

with PCH, thus/read ME, BEFORE BIOS starts, These

components are the following:

PMIC (Power Management IC, integrated or discrete)

EC (Embedded Controller)

Some of IO init (HW wise default straps, then ME applied FW straps)

ICC (Integrated Clock Controller)

All of which need to be set correctly BEFORE MEI allows BIOS to start. And

there are some relationships among these entities

in the process of ME driving init of these components.

▶Anonymous 12/08/17 (Fri) 17:45:25 No.834717

Bump.

>>834600

Stay salty you affirmative action hire.

/tech/ - Technology★

General

WebM

Theme

User JS

Do not paste code here unless you absolutely trust the source or have read it yourself!

Favorites

Customize Formatting

Filters