#WHEW

Question

#WHEW

Matthew Brooks

security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Whew.

May 1, 2017 - 16:23

Other urls found in this thread:

en.wikipedia.org/wiki/Intel_AMT_versions
thinkwiki.org/wiki/Intel_QM57
theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/
downloadcenter.intel.com/download/26754
software.intel.com/en-us/forums/intel-business-client-software-development/topic/563988
reddit.com/r/thinkpad/comments/4w3sr3/t430s_accidentally_permanently_disabled_access_to/
semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/
tenable.com/blog/rediscovering-the-intel-amt-vulnerability
embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
support.lenovo.com/fr/en/product_security/len-14963
hardenedlinux.github.io/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html
twitter.com/NSFWRedditGif

Jaxson Roberts

Fun

May 1, 2017 - 18:16

Aaron Mitchell

What did they mean by this?

May 1, 2017 - 18:27

Robert Smith

They mean they don't want consumers knowing the NSA can already take control of their machine.

May 1, 2017 - 19:12

Juan Robinson

en.wikipedia.org/wiki/Intel_vPro

May 1, 2017 - 19:42

Joseph Moore

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional[29] part in all current (as of 2015) Intel chipsets.

The ME has its own MAC and IP address for the out-of-band interface, with direct access to the Ethernet controller; one portion of the Ethernet traffic is diverted to the ME even before reaching the host's operating system, for what support exists in various Ethernet controllers, exported and made configurable via Management Component Transport Protocol (MCTP)

May 1, 2017 - 19:46

Luke Jones

Who's willing to bet they're reluctantly 'closing' it now because it's part of future Vault 7 releases?

Imagine the carnage when less subtle actors gain knowledge of that vulnerability, all the critical infrastructure that might be exposed.

May 1, 2017 - 20:40

Asher Taylor

What is the difference between Intel AMT and Intel ME, and how are they related? If I'm not mistaken ME is the underlying engine behind AMT.
So what does it mean for me if I permanently disabled AMT in BIOS? Is there any other way ME can be run on my machine?

May 2, 2017 - 01:13

Ayden Watson

AMT is the buzzword that Intel uses when businesses call them up and ask for Intel to control a computer directly from the northbridge (that has now become part of the die itself, power saving + """security""")
AMT uses the Management Engine (hardware buzzword).
Technically, yes, but there has to be a reason. Knowing the name Jim Watkins might be enough for XKeyScore-tier, might not. Go ask /bane/.

May 2, 2017 - 04:58

Cooper Parker

This is a titanic monstrous zero day. Fuck Intel with a rake. Made Ars' front page and was then pushed down by a deluge of shit. Noone else seems to care except tech communities who are horrified. The only reason everything hasn't been destroyed is likely due to the incompetence of Russian and Chinese hackers.

Core i5, i7 and Xeons only from the looks of it. Intel is lying about the consumer stuff to save face. Disable AMT in your bios if you can and get Intel's patch as well if you're affected.

May 2, 2017 - 09:33

1 2 ... 11 Next

#WHEW

Last threads