I've been working at Intel for the last 15 years as an electrical engineer. 3 years ago I got bored with my job and wanted to move to a different department. Intel is pretty good about letting employees move around within the company. An opening came up on the Management Engine team, and since I have experience with micro-controllers I figured I'd give it a shot. The interview went great and they wanted me on board, but the final step was to get a security clearance.
I asked them WTF I need a security clearance for, and they said they couldn't tell me until I was on the team. Thus began a 3 year trip down the fucking rabbit hole.
I'm coming forward today because of the news that Trump was spied on. I know exactly how it was done because I spent the last three years adding backdoors into the ME. For those of you that are unaware, the ME is on a separate CPU and cannot be disabled, and it exists at a level below the operating system. Intel has been working with the intelligence community for years to get backdoors into physical hardware so they don't have to worry about finding OS exploits. If the hardware itself is compromised then the whole machine is compromised.
The ME has full access to memory without the parent CPU having any knowledge, it has full access to the TCP/IP stack, and full access to every peripheral connected to the computer. It also runs when the computer is hibernating. It doesn't matter if you're using Windows, Linux, Mac OS X, Whonix, Tails, Qubes OS, or Subgraph. If you have an i3, i5, or i7 then you're completely owned by the intelligence community.
We added similar functionality to Samsung's WEEPING ANGEL, except the intelligence community calls our project ODIN'S EYE. Through the ME we can activate the mic and webcam even though the computer appears to be off or sleeping.
Evidence of surveillance on Trump, his family, and key people in his campaign will come out eventually. I know the surveillance happened for a fact. Future leaks are coming, watch for ODIN'S EYE.
your image can be reverse searched asshole. your another Jew trying to slide/create paranoia. Die. not everyone here is dumb hymie.
Easton Stewart
It all makes sense now, same with Google being named "Alphabet" they are taunting us right under our noses, goddamn CIAniggers.
Benjamin Torres
Yep 4chan was full of tards so I came here.
Reverse search it then.
Camden Gonzalez
Fuck off kike, everyone knows that CIAniggers and NSA have been implanting backdoors in everything they can get their greasy kike hands on since the Snowden leaks and Vault 7, OP is just specifying which models to are compromised and how it happens.
Noah Thomas
Is there anyway to get uncompromised hardware? I have built PCs before but it is not like I can manufacture my own components, wat do?
Carter Gray
...
Gavin Thomas
Don't use a computer
Josiah Taylor
Buy an SGI Octane2.
John Clark
...
John Fisher
And last decade Core products? they have an early IME in the chipset.
Parker Thompson
I would try ARM based hardware like RaspberryPi and other single chip computers, even if it do have a backdoors it is unlikely there is wide dragnet tools since the user-base is too small for alphabet agencies to care
Gabriel Russell
Any other notable people you know are getting watched? Any other juicy shit you can say without compromising yourself?
Owen Foster
How is this different from the previous leaks? We all know that most modern intel chips are spyware. What's the mechanism for activating the management engine? Let's get technical if you're not LARPing.
Hudson Perez
Whether OP is LARPing or not is irrelevant. The backdoor in the Intel ME technology is well known among anyone in tech with half a brain. To break down the logic required to understand if tech is spying on you with absolute certainty: To break this down: 1) The ME technology is pitched as a way for sysadmins to turn machines on remotely. There were already wake-over LAN systems which worked 100% of the time for that task. 2) Very few people actually used it because it's a borderline worthless feature (sysadmins rarely turn off their machines even when they aren't using them and users are too dim to use those kinds of technologies to pull files off their home machines they forgot to stick on a thumbdrive.) 3) It takes, at a bare minimum, about a million dollars to put a new chip design through even basic R&D (anything beyond prototyping on an FPGA, usually even more just that for high power chips like CPUs.) It takes even more resources to make two independent systems keep from talking to eachother. 4) The ME is completely closed technology. Even getting your hands on a useable API as a system admin (the people it was supposedly made for) is a no-go. You have to use similarly closed source proprietary tools to access the more basic functions, and the higher order functions like pulling memory and such (known to exist due to documents that have slipped out over the years) simply aren't available to anyone in the it sector.
It's spyware, this has been known since about when the i5 came out half a decade ago.
Connor Perez
nice OP, anything else with a timestamp
get good with integrated circuits and small bits of wire
Carson Gutierrez
Ok I'll take the bait, do you know if Intel sells this underlying technology to AMD?
Jaxon Reyes
This.
Jonathan Barnes
OP, if you dont answer these spooky digits then you're a LAPRing faggot, stay out of the 4chan thead and answer some Holla Forums questions but practice OPSEC obvously
Chase Ward
Here's a manual from the intel site. archive. fo/LmG5z
I was a systems admin. It's a cost saving feature that even at casual glance is a huge security risk. It's obvious anyone with a warrant could get in and do at least what I could do, which was quite a lot.
Zachary King
Arm is only open in the spec, not in the manufacturing. No reason to believe it isn't also compromised (AMD also has a less well known piece of spyware similar to Intel's ME, seems highly unlikely they would neglect ARM, especially when it's in practically all mobile devices.) Honestly, you're probably be the most secure by simulating a CPU in an FPGA, but that has it's own issues (all the software to compile FPGA images [save for the horribly under-useful various OpenCores projects which couldn't be used to make a CPU image yet] is closed source and on the order of 5-20GB, too large to decompile and analyze in a lifetime.)
Joseph Morgan
this is distraction.
first intel me has its uses, and abuses, but the ime interface is designed around fabric control, not logmein cunt country. win8 and win10 do far more spying than ime ever could. emphasizing mole hill on another planet vs mountain for free in your backyard.
second, the sgx instruction set is now baked in to the cpu since part of gen5, most of gen6 and all of gen7. so whereas ime was an 'expense' and limited, sgx is 'for free' and guaranteed systematic clockwork adoption. despite this, amd sucks monkey balls and is not viable alternative. aside from select boards and well designed atom cores, much has not only denied trust, but moved to deny any remnants of verify as well.
any focus on ime was serious, then annoying but serious, and now a superseded miserable joke. win8/10 + gen6/7 = go fuck yourself.
Colton Young
I guess I better start using upstream hardware firewalls. Though if I was targeted in these attacks I'd get the incoming and outgoing packet, from that I might be able to reconstruct call signs.
Then ofc is to just build an OS which runs every permutation of binary codes of N length through the processor and check at any point if there is something going up stream in all modes of the processor.
I have to wonder though how long their Initial code sequence is. I remember LOADALL but I'm sure they use some crypto now.
Leo Howard
This has been known for over a decade friendo. I'm actually not surprised Intel hired someone like you.
Adam Howard
probably true, but they likely want multiple tools to infiltrate. its certainly easier to spy via the OS, but you can still get everything if you examine a computer one bit at a time
James Ortiz
yes.
note: insufficient. endpoint still requires full ethernet to application stack too (dns, rdns, ip, networkid/subnet, vlan, and application rule over the same). remember to block the universal 'update check' sites like *.gvt1.com.
William Walker
Jewtel vPro = ME Funny coincidence.
No. AMD/Jewtel or "Made in China" ARM shit, all compromised.
Carter Ross
op, what can be done about this. Can the ME be modified to remove this feature? I understand that its filesystem consists of a series of compartmentalized partitions. Is it possible to wipe the rootkit partition(s) while leaving the essential features like power management intact?
Adam Ross
Did OP died?
Michael Torres
...
Joshua Cox
If you're trying to claim a big reveal, 0/10, this is old news, even in the news again recently. If I recall correctly this goes as far back as the pentium ii, so if you wanted uncompromised hardware for a firewall you'd put it on a non mmx pentium 1 which luckily has enough power to push current net bandwidth.
Adam Nguyen
if you are on a hostile/public/unknown fabric, then worry +/-. if no hostile fabric, then no worry. most are on mobile, then wireless (which can have ime tie-in, but is so often ignored it is inconsistent. reason: higher level bios / firmware coders do not exist in designated country). hostile ethernet is primary ime vector, often engaged by a hijacked / open machine that does have ime done well enough to insert the frames, and/or likewise wifi router cable modem shit.
Jordan Perry
Could upstream hardware firewalls contain chips which would prevent on a hardware scale certain websites to go through and not be seen? One has to wonder how far they'd take it.
I have no evidence ME is on AMD and unlikely on ARM as its not as monolithic as Intel x86 only chip.
Damn I better start printing my own transistors but I could only get down to at best 10mm with a lot of error and a printer. Be a big expensive power hungry machine too.
Kayden Taylor
He didn't even say much either. No big reveals at all.
Samuel Powell
He was probably a larper tbh, he never responded to this user when he asked for technical details.
That he couldn't even do that much probably meant he was full of shit.
Levi Bennett
most NSA employees are no more qualified than script kiddies, it is unlikely that one assigned to you will have training on how to operate backdoor on nontraditional hardware. So I assume you must be someone really important for them to care enough to keep trying after firs obstruction
Easton Campbell
What’s inside of a SoC? CPU – the central processing unit, whether it’s single- or multiple-core, this is what makes everything possible on your smartphone. Most processors found inside the SoCs that we’re going to look at will be based on ARM technology, but more on that later Memory – just like in a computer, memory is required to perform the various tasks smartphone and tablets are capable of, and therefore SoCs come with various memory architectures on board GPU – the graphic processing unit is also an important component on the SoC, and it’s responsible for handling those complex 3D games on the smartphone or tablets. As you can expect, there are various GPU architectures available out there, and we’re going to further detail them in what follow Northbridge – this is a component that handles communications between the CPU and other components of the SoC including the southbridge Southbrige – a second chipset usually found on computers that handles various I/O functions. In some cases the southbridge can be found on the SoC Cellular radios – some SoCs also come with certain modems on board that are needed by mobile operators. Such is the case with the Snapdragon S4 from Qualcomm, which has an embedded LTE modem on board responsible for 4G LTE connectivity Other radios – some SoCs may also have other components responsible for other types of connectivity, including Wi-Fi, GPS/GLONASS or Bluetooth. Again, the S4 is a good example in this regard. Other circuitry
Nathaniel Williams
by definition, what you just said is not possible.
the ime-vector is on ethernet. the ether. aether. whatever. it is a fabric control that does not require a compliant OS. because that's the purpose: to load, boot, mgmt, etc machines and assets and inventory.
to send a packet past a layer2, thru a layer3, out of the subnet and onto the internet, requires that the OS do the packet queue.
what you will run into instead is perhaps fucked microcontrollers with non-flashed firmwares. this is linksys / cisco home + netgear + trendnet/micro + a few others, and already run into myself. though the application is redirect-updater, mc-crazy dns404 'helpers', and other violators of every last rfc (not necessarily packet duplication snooping). to date, the firmware is the target for end-user shit, which has these in the radio realtime cpu side of the asic – that is, same as phones. and same as phones, the firmware can be changed, preventing any prevention of layer3 / tcp-ip packet inspection.
Bentley Kelly
Can't assume FPGAs, compiler, nor fab equipment are secure either, which could be including the spy chip by default. It would take inspecting the produced chip with a microscope to make sure there isn't anything that's not of your intended design that has been baked in, same for any chip you put in the system.
Juan Powell
pic related, this thread and its halfchan equivalent
Easton Young
i can't say that you're wrong.
i can say that past the wire is past the wire. layer3 requires os control, otherwise you fuck with the clock itself, and state machines can not fuck with their clocks. that would be one very exotic multi component second board.
if fpga, find the rom store, load in a different rom, done. the fpga is typically flashed at each board boot to ensure predictability.
Ryan Thompson
So the real question is how do you deactivate this "feature"? I assume government have a way to deactivate it on their own hardware. They might have special edition chips but it would make it too expensive to do everything in two versions one for public and another for military and government
Thomas Nelson
you don't, and they don't, and there isn't.
yes, they are that stupid. see trump russia ohshitohshitohshit obama didn't spy nonsense. won't stop their stupid. hasn't stopped their stupid.
Jose Baker
Stay away from Altera
Intel poured out $16.7 billion [B] to buy Altera, which makes FPGAs (field programmable gate arrays), or chips that can be reprogrammed for specific tasks. The first chip that combines Intel and Altera technology will go into servers, cars, robots, the Internet of Things, automation equipment and other products, Intel says.
Libreboot and me_cleaner have taken aim at the management engine.
Sebastian Lopez
anything Russia do to counter ?
Lucas Lewis
remember the talks about firmware in hard drive, thumb drives etc being hacked by IC? ever since the UEFI motherboards it's been obvious to anyone with a half a brain what was up.
William Davis
Bump for based whistleblowers.
Connor Gomez
i can't understand you. white power?
security is not a castle-gate. it is an onion. welcome to 2001. layer your layers and keep layering the same design at each layer as much as possible. said another way, build walls, never stop building walls, always build the wall, and don't expect any wall to 'handle' the work of any other wall.
Carter Johnson
The urethra.
Joshua Howard
Thanks for sharing.
By the way, as an Intel insider, do you have any information or hearsay about the $300 millions Intel gave for diversity? Something about Feminist Frequency, Anita Sarkeesian, IGDA?
Oliver Campbell
I also used to work at intel. There is a program for being able to access the IME that was written in javascript. It is a piece of P2P software, and if you have the right certificate, you can access the IME remotely.
its likely a result of tax breaks recieved by intel from states, in exchange for the enterprize zone tax exemptions, they had to make certain hiring priorities. However Renee James and the Richard Taylor are no longer working at Intel, so there is a chance that they are going to scale it back.
Wyatt Torres
The OP was probably fired for ignorance and unable to know basic EE/HE concepts. You can definitely disable the ME…
Neutralize ME firmware on SandyBridge and IvyBridge platforms
* Read the content of the SPI flash chip via In-System Programming. * Neutralize the ME. * Anatomize the vendor BIOS image. * Write the modified image back.
Jeremiah Davis
How many people are going to tear their laptop apart to flash the IME chip, and are going to use a sandy or ivybridge system. In modern CPU's the IME is not a separate chip, and is actually a part of the CPU itself. In addition they are cryptographically signed by intel, so you cannot simply flash them and replace them with a modified image.
Sebastian Morales
The chip might be separate, but the ME Modules that are the programming for the chip to tell it what to do are located firmware storage area is off chip, and you can read most of them with github.com/herocodemaster/flashrom either from in linux, or via an external programmer.
You can extract it from most modern firmware updates you download from your vender's website or your dumped firmware from your PC with this utility: github.com/theopolis/uefi-firmware-parser
Jacob Adams
Are these viable alternatives OP?
RESPECTIVELY
I'm just confused as to how they are getting directly at the processor I guess. Wouldn't they already need tapped in so to speak? If so don't they have you already?
Henry Bennett
*meant to say the ME chip might not be separate from the processor, but the chip storing the firmware certainly is.
Also as far as tearing things apart, in most cases if you can boot linux, you don't even have to use an external programmer. If you do need to use an external programmer, you can usually just remove the case. The example I linked from hardenedlinux is an exception that goes to extremes for the reading/writing steps, that most people won't have to do.
Bentley Wright
The OS you showed won't fix the underlying problem of your motherboard running its own OS, the same way your cell phone runs a second OS to control its modem that connects to the cell network. As far as RISC-V, depends on your motherboard, also a dedicated person will find the weakest link.
Hudson Robinson
Why does nobody do this? There are people educated in hardware design (obviously not me, excuse the layman vocabulary), purchase components and go through them with a microscope to look for shady shit that shouldn't be there, if there is go very public about it. Make it a weekly series, people would love that shit
John White
Why no microscoping of the silicon?
Because a small zigzag designed to blend-in to the existing patterns of interconnected that connected a few wires that enables a secret way to enable a manufacturer's debug feature not meant to make it to production which after the change now doubles as a backdoor would most likely be overlooked.
Kevin Nelson
Somebody tell him about ME, see what happens…
Aaron Martinez
actually it doesn't matter because that OS is landlocked.
Hunter Sanders
(checked) Can confirm this is legit. Was trained on TPM (the first versions of this management engine) back in mid-early 00s and remote access/admin/management was a key part of it and rather glossed over… Core was the last architecture without this back door. That's why they added TPM for core2.
Adam Harris
No Encryption laws required backdoors in any exportable strong encryption even before this bullshit. So TLDR = you're fucked if you rely on security on a routinely used computer. VPNs matter shit when they can time in-out packets around the world. Or the myriad of backdoors in the multitude of chips themselves.
Aiden Fisher
For TOR they take into account regional outages to see if the server disconnects, to narrow things down, or they will blantently just shut down the internet for a whole country like Ireland just to help pin things, then continue the search in a binary method of flipping on/off internet in smaller subregions.
Ever have your internet go out for a few moments that can't be explained either on your local connection or VPN/TOR? Good chance they are trying to track somebody.
Parker Lopez
Well then if it's a law, then AMD must also have backdoors
Oliver Sanchez
You don't need risc-v, can do familiar x86, patents have been expiring, for example, the Pentium II patents expires May 7 this year, everything before it already expired and various companies making unencumbered 486/Pentium clones and Pentium III will expire February 26 2019.
Jordan Foster
I have shit internet but have also noticed this multiple times. Fascinating and makes total sense, thank you for the heads up.
Of course. Everything consumer electronics related that can be used for communication or otherwise does that's not like an amstrad or something ancient. Even then I wouldn't be surprised if backdoors are present. . If not then the security agencies and systems have failed. Everywhere you look from the early cellphones to modern electronics, there are backdoors. Go look into it and see for yourself.
When they do stuff like this (attached images) for high profile/secure targets, imagine what they already have integrated in at chip level.
Considering cyber warfare/infosec is critical, do you think they'd let us have secure systems? Terrorists/state factions/etc etc could use them. They are the _FIRST_ thing to attack. Without info you have lost the war.
Which is too bad we have made that redundant by beating them in the great meme war and operating in plain sight. We're too numerous to defeat now.
Parker Evans
I'd do it but my electron scanning microscope is in the shop for repairs. Sorry guys.
Connor Cox
Be very, very careful exposing that stuff….. Not just intel agencies you're fucking with but big multinational corporation image and revenue.
Ethan Johnson
does libreboot/coreboot work?
Gavin Brown
UEFI is a separate thing from the ME engine, they cannot be flashed but some of the modules can be deleted in the older versions, in the newer versions the ME is in the chip itself and cannot be changed at all.
Charles Phillips
Good luck analyzing 11nm tri gates which are 8 layers thick, you would need a Boron drill and an electron microscope, and be able to capture every gate, and then interpolate the data.
Jackson Cook
Will Libreboot do anything about it?
John Miller
this does libreboot/coreboot help?
Ethan Bennett
Did you guys read any of the thread? The compromises are occuring at hardware level. Whatever fucking OS means shit. Hardware don't care about your libremintblackhat unixdows 10 shit running on the top.
Aiden Brown
This, so much this. Only leftard buy into the BS that torture doesn't work.
Gabriel Roberts
well hardware is controlled by software and if you remove the Intel ME blobs how would it still work?
libreboot claims to be able to remove them on the GM45 chipset. Did you even know what libreboot is or ur just a larping faggot
Nathan Ross
Russian hardware like Elbrus running AstraLinux. Yes the FSB will spy on you but what the fuck can they do verse the the CIA/FBIC and 17 other Global/US spy agencies? Nothing.
Gabriel Russell
Libreboot replaces BIOS, which is responsible with POST (Power On Self Test) and loading the OS, you could easily just remove the module that checks/powers the ME bit because it's free, you can access the source code.
Nathan Campbell
Worse LARP thread ever
Lucas Myers
If this were happening, a packet sniffer would be able to see data leaving the system and heading out over the network. There's no way they could get around this, unless the system had a separate network connection of which you were unaware, which is infeasible. At some point someone watching the network would see the data being transmitted. So more or less this hardware exploit wouldn't be secret for long.
Liam Barnes
If you are talking performance, Ryzen is pretty darn good. For multi-threaded tasks it is the current king (especially when you throw price into the mix), and for single-threaded tasks it is still very high up there, it beats the single-threaded performance of my 2600k for example just simply due to being several generations apart.
Oliver Jackson
Actually you can mask the activity by making it look like normal SMTP/POP3. The way to go is Libreboot… maybe… if OP gets back to us on that one.
Easton Cruz
Don't touch the poop.
Landon Allen
Seems like he bailed though, sadly. Hopefully he didn't get ganked.
William Wilson
I'd watch the news for "freak electronic computer explosion accident"
Christopher Morales
A reminder Holla Forums, we had a chance to do something with the Talos Workstation; but it didn't get funded.
Nobody, wants to fund stuff that gets rid of the ME.
Jackson Carter
You mean all this time I thought Comcast was being shit, it was actually the NSA tracking a TORpedo? I guess I'll have to call them to bitch at instead of the Poo in Loos working for Comcast from now on.
Juan Thomas
I don't know… I guess it's back to buying old cheap laptops and slapping SSDs on them and hoping for the best. I doubt an 8 year old core duo would have the same problem… Though, if you're running a business that does R&D you're fucked. Some bureaucrat will leak the info and you'd have spent all that money for nothing. You can't run servers on old CPUs.
Carson Baker
time to go oldschool
Landon Rodriguez
Even so, eventually someone would notice their system is sending SMTP when they aren't doing anything
Isaac Bailey
Not really, no. Even if you aren't doing anything, it might update (looking for new emails) or re-authenticating. My point was that it's easy to mask the traffic going out of the NIC.
Brayden Lewis
This image doesn't reverse-image search. Is this legit?
Jonathan Roberts
It's $7k a workstation, user.
Joseph Cox
Not if you aren't speaking to a webmail client. The fact is that someone is smart enough to see traffic that doesn't make sense, and there are enough engineers doing packet sniffing that it would get found.
Julian Butler
not a argument
Hudson Garcia
an 11nm or 22nm celeron would be awesome. thnx for the heads up.
Brayden Price
So either you don't have the $7k, or you don't want to pay $7k to get rid of the ME.
There were lower-tier funding options too. But it's all gone now
Intel ME is their ace in the hole. I doubt such a valuable backdoor would get used frequently
Michael Cook
There is much more compromised hardware than just bios or turning off part of a management engine. If you understand libreboot then you should be capable of understanding that it doesn't matter what you do. There are backdoors in multiple places in multiple chips just to fuck sneaky, yet overconfident people like you. Did you even look at the vault 7 release? It just confirmed what was already known. Unless you go back to really old shit, which has other issues, or less documented backdoors, have fun with modern web pages etc. It's like tying your hand behind your back while trying to pour wet steel into a fucking steel mill. Sure you won't burn that arm but your entire fucking body will instead. You think they use a single backdoor which could be so easily worked around by anyone with a clue?
fuck off goy
Daniel Sullivan
in theory if every piece of hardware/software was open source, you would be secure though right? at least the closest you can get to a "secure" system
but then you could have 0day exploits i suppose, well fuck.
Angel Hernandez
What's ME?
t. luddite
Jason Perry
I5 - 2300 (sandy bridge) was the last I5 quad core to not support vPro (includes ME)
I feel like I'm safe
Chase Peterson
LEAK HOW TO ACCESS THE CHIP
THE LITERAL ONLY THING THAT WILL EVER KILL THOSE FAGGOTS IS SOMEONE LEAKING HOW TO GET FULL CONTROL OVER LITERALLY ANY COMPUTER
THE FUCKING CHAOS THAT WOULD ENSURE WOULD BE SO FUCKING HUGE THAT IT'S IMPOSSIBLE ANY OF THE INVOLVED WOULD GET AWAY WITH
Parker Long
The solution is here:
Levi Diaz
It would be a step in the right direction, as the current 'security myth' most believe would then be correct. It would give a better chance.
Current situation is something like this; it costs 30k to get firmware for a single realtek controller and extra to develop it, then you become a popular tech seller, someone comes along and goes 'hey pssst here's 100k to put this in and if you say anything you're in gitmo/national security letter'. Same goes for the manufacturer of that chip,
Intel has specialised hardware areas they activate for the xeon chips and no one outside of the companies that access each compartmentalised part, knows what that area does. NDA city. That's but one documented example of the sneakiness afoot.
Bit like the old Windows 'NSA key'. I believe that was a false flag, do you seriously think an intelligence agency working with M$ at such a high level would make a mistake so obvious? Easy way to make people think they only targeted the OS… again, one of many backdoors. They don't leave it to chance.
Evan Smith
For the management engine, it appears possibly yes.
What about your realtek ethernet controller hardware? Wireless hardware? Audio hardware? USB etc etc etc
Jordan Smith
figured as much OP. Been meaning to get an early 2000s era laptop for opsec
Hunter Smith
Get a old PowerPC G4 mac maybe
Carter Hughes
Allwinner is also notorious for backdoors.
Build your own CPU out of ICs if you are truly worried for your opsec. It's what the military used to do before they were pozzed by israeli spies.
Noah Martinez
Nice. Pentium III is still usable performance wise.
It's the least amount of risk before going pre-historic. More known and understood.
>this is my out and about laptop because I'm such a LARPer Built it myself in early 00s not long after being trained about TPM. Core duo mobo with disable-able TPM (first gen) and core2 2.0GHz added + bios flashed for cpu update. 2gb ram, SSD upgrade. About as good as it gets for a laptop pre forced TPM/ME without getting really crazy as per
From what I was told the TPM = ME and earlier Pentium stuff didn't feature it in most cases, some workstation/high end stuff did though it seems. It was not encrypted like modern cpus either so easier to detect inside CPU. TPM aka ME was introduced throughout the line up with the 2nd gen/core2 only models with a revised chipset etc. For a while prior, TPM was a separate chip and much easier dealt with - either disabling (which actually worked) or physically removing it as they were often on headers. The reason it's on my laptop is because of the fingerprint scanner, which was pretty cutting edge for early-mid 00s. It's funny how they forced a feature on us that even a many thousand client workplace I was at, never ever had any reason to use…
Easton Ramirez
Perhaps you mean full access to network controllers?
The TCP/IP stack differs in implementation from OS to OS so you cannot possible have access to the stack itself but perhaps only what comes out of it.
Daniel Kelly
How to spot the Holla Forums Redditor who fell for the Intel meme.
Landon Wright
I have an i7 now but wish companies were fine with standards of my Phenom II X4. Fucking SSE.
Parker Price
Anyone who has studied or flashed the EEPROM containing the BIOS on Intel based machines in the last decade or so has known all about this. This is nothing new. If you're not a dirty LARPer and you're telling the truth, then hopefully more people will come out against these management engines. I've had them disabled in my machines for years through the use of Libreboot on my C2D based stuff. Thanks to you guys making making the Intel ME highly modular, we can now disable it using ME Cleaner which deletes a part of the firmware for it. That combined with Coreboot and SeaBIOS will give you a fully functioning and backdoor free computer that retains its ability to boot Windows and Linux perfectly.
The tinfoils always win. If you wanted to do something that would make a real difference, LEAK THE KEYS!
Xavier Barnes
Anyone who has studied or flashed the EEPROM containing the BIOS on Intel based machines in the last decade or so has known all about this. This is nothing new. If you're not a dirty LARPer and you're telling the truth, then hopefully more people will come out against these management engines. I've had them disabled in my machines for years through the use of Libreboot on my C2D based stuff. Thanks to you guys making making the Intel ME highly modular, we can now disable it using ME Cleaner which deletes a part of the firmware for it. That combined with Coreboot and SeaBIOS will give you a fully functioning and backdoor free computer that retains its ability to boot Windows and Linux perfectly.
The tinfoils always win. If you wanted to do something that would make a real difference, LEAK THE KEYS!
Jacob Clark
This poster is from ShitRedditSays. It's one of their favorite catchphrases and refers to speech they don't like.
Christian Phillips
Those are highly sought after by gold scrappers, so you better get while the getting's good.
Camden Price
I got one I can't bear to throw away and actually it runs fast but you can't use any modern browsers or anything with it. You have to have an intel processor to run anything current mac s/w.
Michael Fisher
Cool LARP OP
Charles Garcia
1000X this. OP is probably a LARPer, but there has to be someone out there that is itching to fuck these people over.
Angel Lee
It was a phrase adopted by KotakuInAction and eventually our GamerGate board before it died. This was back when the GamerGate board was in the top 2 or 3 on the board list
Samuel Kelly
if the userbase is over 100 individuals its big enough for the alphabet agencies to care
try learning circuitry and building your own computer from the ground up, hardware and all
Matthew Nguyen
THAT FIRST SENTENCE BETTER BE FALSE DATA YOU RETARD YOU DONT WANT TO BE BACKTRACED MORON
Julian Thomas
oh no w8 you have not actually leaked or said anything worth mentioning lol what a fag
Alexander Scott
I wonder if it would be poasible to make a CPU "condom" that fits between the CPU and its contacts, like a game genie. The purpose would be to put the backdoor CPU in its own quarantine or echo chamber so that it cannot directly access hardware, if at all. It would have to be able to differentiate between instructions issued by the backdoor CPU and the other one, though, so maybe it is not possible. Any CPU engineers or OP able to provide inpit on whether or not this is possible?
Jacob Howard
Or you could just do it at the Firmware level Too bad this thread os full of LARPers who don't know jack shit about how any of this works
Camden Price
I know how parts of it work, but I'm no expert so I shut up.
Also, you can't replace the ME firmware, Mr. NotALarper.
Isaiah Allen
tyrannosaurus rekt
Luke Sanchez
No, look at openssl. It had an exploit hidden in plain sight for years. These systems are too complex and boring for public scrutiny to work.
Justin King
Can you make a PDF with technical details? If so, could we write a program in assembly that accesses the memory that the backdoor uses and disable it?
Dominic Collins
That's going to require some serious reverse engineering skills.
Oliver King
Nice digits. This is definitely how you do it.
Sage cause OP seems out.
Benjamin Gutierrez
it should be doable. I imagine that the backdoors were written in such a way that they could be easily applied on anything without the CPU noticing - therefore, it would use a bunch of (hardcoded?) memory addresses. If so, we can easily tweak some variables.
Ian Watson
9 hours ago and OP was never seen again
Kevin Cook
...
Daniel Flores
Why would you post this without scribbling "hi Holla Forums" on it or whatever? You know better than this.
It's also silly to post the details of your time spent in the one department and how long it took to join the other. This will obviously make it a simple matter for someone at Intel to figure out who you are, unless you're performing a Reddit style "let's call them Betty and Tina" fictionalizing of the details, and then we have to assume you're lying about other details. When you consider that this information isn't actually relevant to your claims, the best conclusion we can draw is you're a larpfag.
How disappointing.
This, on the other hand, is the most frightening thing I've read in a long time.
Robert Morris
...
Liam Allen
I got one, what to install? OBSD runs janky on it. Maybe try gentoo
gonna need your company badge with a timestamp user i know you have one faggot. my dad used to work at intel
Ayden Bell
It's old news, but thanks for sharing.
Colton Rogers
Is the management engine part of the CPU, chipset, or both?
I have an engineering sample dual Xeon E5-2699v4 (QHUP) on a Supermicro X10DAX with the C612 chipset. Am I pwnd?
Thank you in advance, user.
current system has 90 days of uptime
William Wilson
I've tried to warn Holla Forums before, IT user here. THERE IS NO SUCH THING AS OPSEC, ASSUME YOUR MACHINE IS COMPROMISED AT ALL TIMES The only secure computer is one that is totally powered off and sitting in a closet collecting dust. Even a freshly wiped machine with an updated OS image slip-streamed with security updates installed offline becomes suspect the moment you get online. We know for a fact the CIA has compromised all major operating systems, even Linux. Seriously, Holla Forums, if you aren't paranoid yet, get there. Assume your machine is compromised at all times.
Matthew Gomez
Wondering this myself. I use an old 2007 iMac. Wonder if it is compromised?
Maybe my miserliness will pay off for once.
Matthew Gomez
so then why should i give a shit?
Thomas Mitchell
Inb4 fuck off shills
This is the truth Holla Forums. Don't be all 9/11 cognitive dissonance faggotry about it. Just swallow the pill and learn the lesson. OPSEC + regular online use system = impossibru, unless you build it yourself from scratch at the sillicon level. That's why they go so hard on various airgap attacks, because it's the only easy way to get stuff offline and out of reach.
Cooper Butler
Anything that buys you time to get out of CIA/NSA/Alphabet Soup agency's reach can be worthwhile. It's just a matter of not if they catch you, but when. And unless some major things change, this will always be the case.
Carson Russell
Building a system from scratch at the silicon level is obviously not an option, but what about the "CPU condom" idea? I.e., a piece of quasi-simple hardware that physically sits between your CPU and the socket, providing a hardware-level virtualization layer around your CPU to make sure it cannot misbehave by either blocking or fooling the ME snooping hardware on die? Can any hardwarefags chime in on whether or not this could be a plausible countermeasure?
Also, trying to neuter ME at the firmware level is probably not going to work because that cointermeasure has likely been made impossible (I am guessing). But a novel piece of hardware such as the one described above might do the trick.
Owen Ramirez
So if we want Privacy we should probably buy a Q6600?
Ethan Hernandez
The CPU is just one place to look but if signal degradation is not a problem and it gives a legitimate security enhancement then why not. The other issue is e.g. motherboard.jpg - see how many complex ICs are onboard. Many can potentially be compromised at hardware level at varying levels of capability. ME/TPM is just one of them. These are independent subsystems, like your baseband modem hole in practically every GSM/etc phone ever made…
The leaked 2008 tech was impressive enough, wlan and capture + injection + filtering + vpn + radio devices built into usb + nic ports for high value targets… what about now…
Carter Ross
...
Grayson Moore
Holla Forums lurker here
one of our posters claimed you can easily fuck with the ME functions by one simple trick: buying a dedicated ethernet card and only using the ethernet port on said card. He claims the ME only has access to the onboard LAN port and by buying a dedicated ethernet card you will cut off the ME's ability to phone home. I can not verify what he said.
But as intel cpus are pozzed anyway, it would be smarter to buy a non-pozzed cpu. The AMD FX series are probably the last CPU generation that comes without any ME or AMD equivalent of it. The newer Ryzen chips all have a similar thing like ME (they call it PSP). The downside is taht they are old and primitive from a technological aspect with tons of heat generated compared to intel equivalents. However, you want to get rid of the botnet right?
Now comes the next problem: finding a motherboard. UEFI is a new standard GUI for BIOS settings. It is practically an OS itself and it is like a layer between you and the BIOS itself. It looks graphically nice and normies have it easier to use it as it is more intuitive. However, It has network access and it can run applications just like an OS. UEFI is standard on all modern motherboards, laptops and tablet computers. It is very hard to find a mobo today without UEFI. You might now ask what the problem with it is. It is the centralization. They have integrated so many functions in this UEFI that if it gets compromised you are fucked forever because you have no idea what it does and you cannot get rid of UEFI and install another bootloader program like coreboot. Some hacking crew even managed to install a rootkit into UEFI and hide a virus on it that will survive all attemts to purge and any HDD formating. You have to assume that any UEFI card is compromisable. Your only hope for motherboards is to find an old and used one on ebay.
Then the next problem: Linux. Even if you try to run free software you can never be sure about OS level backdoors. SELinux was made with NSA involvement and it is inside every linux distro. Systemd is in many distros and it is another form of centralization. They included all important functions into one tool and if anyone ever gets control of it, they control the computer. SImply said, systemd is a risk and you can avoid it by choosing another distro but you cannot be sure what is inside SElinux and how the NSA was exactly involved in it. You can choose a non-systemd Linux to minimize your risks but you can never be sure about the rest.
tldr: building a non-botnet pc is just too much work and it would be easier to get an old Thinkpad and flash the BIOS with libreboot (libreboot site has a list of compatible models). Flashing libreboot onto it will automatically cripple the ME and you will only be vulnerable to Linux exploits. As you would only use it for internet browsing anyway, it does not even have to be powerful to display Holla Forums on screen.
Lincoln Perez
ME engine has a automatic shutdown feature after 30 minute intervals if the ME engine microcode is removed or unable to be read. ME engine can repopulate onto firmware if network connection is established and the correct knock is sent to the computer. Once this forced behavior is applied they usually compromise further by implemented undetectable firmware into the hdd/ssd since the target is presumed a flight risk.
Open hardware is the first step to privacy.
The current viable options are with open hardware: Purism laptop + OpenBSD OpenRisc desktop + OpenBSD We know everything else is fucked.
I have personally experienced that peripherals such as headsets, keyboards, mouse (RAZER) and have malware injected into their USB firmware controllers.
Jaxon Edwards
Hey buddies, wanted to stop by and let you know that the folks over at Purism managed to disable the ME and remove 90% of the binaries in the subprocessor, only leaving a small amount of hardware initialization code to be reverse engineered.
That's good progress and when done + sure of it, move efforts to the bottom block next, then the remaining interfaces. We need to be certain networking at minimum is secure for any of this to be worthwhile for barebones stuff. Audio can be mostly worked around. Another one is they have holes in HDD firmware ffs…. But at least slowly, this way we can isolate something to a modern, easily constructable system with known safe components (subject to regular revalidation to avoid pozzing) for at least some security that isn't ancient shit and can do more than just 8ch…
Isaac Green
WikiLeaks just dropped more Vault 7 leaks today. This one is specific to Apple and backoors in UEFI/EFI and firmware.
So Apple has backdoors in their hardware and low-level firmware, it's possible that Intel does too. Perhaps we'll learn more about in future leaks as the OP implies.
Those lines come from the admin guide for Intel vPro. They're simply listing the features the product advertises.
KYS TORPEDO
Colton Allen
Show us a picture of the PDF with "Full access to memory (without the parent CPU having any knowledge)" in it, I wanna see that nigger-tier phrasing in a multi-billion dollar company's guide.
Jayden Foster
The person who wrote that tweet either doesn't know what an EFI is or they don't know how iPhones boot. The initial firmware on iPhones is hard coded, meaning it's impossible to update it, and the bootROMs run independently from the SoC. In fact, they boot the SoC.
Normal boot:
You can only flash as low as the lower iBoot in iTunes which accesses the user and system partitions. The user partition is used as a RAMdisk to reflash the system partition. This is called DFU mode. It's difficult to screw with anything in DFU mode without exploiting the bootROM which can't be done remotely. Hell, you can't even access the lower iBoot or any of the DFU stuff from the OS.
DFU boot:
This leads me to believe that Wikileaks, or at least some of the people running it, are incompetent.
Parker Thompson
It checks out, user.
Aaron Morgan
3d printed chips. we're not there yet but will be eventually
Ryder Watson
Any "easy" way to do this inside of Windows or Ubuntu (Or one of the easier Linux variants) that doesn't require actual hardware required to reflash? Or maybe something like an edited Bios File for specific motherboard and just reflash motherboard?
Cooper Myers
Intel has been working very hard to make reflashing BIOS from within the OS impossible unless the new image is signed. They claim this is to prevent BIOS rootkits, but it sure makes installing coreboot a pain in the ass.
In short, no, you'll need SPI interface hardware.
Take a good look at the link in and note that they mention "stays on for over 30 minutes". The first efforts to excise the non-free ME blob were to simply remove the whole thing from the BIOS image. The kikes at Intel anticipated that–a system with an ME will simply power itself off after 30 minutes if the ME firmware is removed.
Charles Long
That's exactly why the ME has a dedicated connection to the onboard NIC. And yes, the NIC hardware provides the ME with a hidden channel that the main CPU can't see. You'll need to capture packets on your router to catch this shit.
How many people actually monitor network traffic on infrastructure? The ME has a separate channel to the NIC that's invisible to the main CPU. Wireshark on the infected machine will see nothing.
Your Holla Forumsie's half-right. The ME has a dedicated connection on the onboard NIC. In theory, the ME can perform PCI transactions to any hardware in the system, including your dedicated ethernet card. In practice, the dedicated ethernet card will not have the second channel the onboard NIC has and the OS could notice if the ME diddles it.
IME is designed as an operating system controlling your operating system. Remote management is just one application running on it, the one Intel magnanimously told you about and let you use. Who knows what other applications are doing and how can they be installed. You can bet it has its own "Windows Update"-like mechanism built-in though, and that NSA has all the keys. Which is why people serious about security are moving away from it. Which is why the alphabets want backup OS-agnostic backdoors. THIS This is something that really needs to be discussed more, as it is evil beyond all comprehension. However, it is just one part of malware enablement ecosystem and on its own it can do little damage. As it is documented, the enclaves have to be created by the OS kernel and cannot access network or other hardware without calling for OS assistance. However, with IME help they can bypass the OS and use whatever services IME provides them with. Conceivably, IME itself could also force the CPU to create an SGX enclave of its own behind your OS's back, bypassing computing power limits of the tiny ME core. And even if caught, there is no way to reverse-engineer the malware and how it triggers IME functions due to encryption. SGX and IME are really complementary maltech. Uh, where have you been last month when Ryzen came out? It's Intel who sucks monkey balls now.
Nathaniel Walker
that's twice now, at least, that amd has come out and said 'but amd guys!'. ryzen is new, it is not proven enough, time will tell. i do not commit business and production assets to latest gen. that's for you to do. if ryzen is worth anything, it will stand on its own, and won't need your shilling of it. also, as the context is sgx (removal of verification from already untrusted, tossing out both 'trust but verify' components), amd is not superior in this regard. their un-inspectable state machine i would predict to be even more unstable than intel's sgx (less r&d rigor to validate all possible states for unexpected transitions).
ime starts with fabric and only does fabric well. it can do more. i has done more. it typically falls back down to what it does better. the default exploit setting is not inet-ime, it's lan-ime.
was there when bbs went dark, was there when slashdot overrun, was there when halfchan eternal'ed, was there when reddit blacked snackbar'ed and spic'ed, skipped sa shithole, skipped and still skipping fb and the rest (not true forums). if some latent memetics still exist from 2007 in my style, i'll sort them out. otherwise, it's 10yrs past, and i'm afraid you are mistaken.
Nathan Wright
Average modern home router has more processing power than an ancient pentium. Many are supported by OpenWRT Linux, too.
Gabriel Sullivan
Unless it was encrypted before reaching the network and unencrypted on the other end. But even in plaintext, so what? Any network of any size larger than a residential home would have so much traffic incoming and outgoing that some random text dump going out to Intel wouldn't seem suspicious at all. Hell, in the world today of Windows 10 Telemetry, "phoning home" is a fucking feature set and not a red flag like it should be. "Crowd sourcing" "anonymous" data, come on folks, who's buying that bullshit? THERE IS NO OPSEC, ASSUME YOUR MACHINE IS COMPROMISED
Easton Sanchez
https:// youtu.be/rcwngbUrZNg
Christopher Allen
if you remove the Intel ME or use older hardware that doesn't have the ME type malicious crap and lockdown your OS?
Ryan Cooper
Sound like a scare mongering shill, seek new employment
I'm no l33t hacker but look up Coreboot and Libreboot, can replace bios with those and list supported hardware without the ME crap or ways to remove it for specific hardware, they also sell shit configured with this stuff already https:// minifree.org/product/libreboot-d16/