Intel x86s hide another CPU that can take over your machine (you can't audit it)

I'm just leaving this here :

boingboing.net/2016/06/15/intel-x86-processors-ship-with.html

Other urls found in this thread:

slideshare.net/codeblue_jp/igor-skochinsky-enpub
secure.raptorengineering.com/TALOS/prerelease.php
libreboot.org/faq/#intelme
github.com/ptresearch/me-disablement/blob/master/How to become the sole owner of your PC.pdf
libreboot.org/faq/#amdpsp
twitter.com/SFWRedditGifs

...

Not even news.

ARM also has the same kind of shit.

>On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.
>On systems newer than the Core2 series, the ME cannot be disabled. Intel systems that are designed to have ME but lack ME firmware (or whose ME firmware is corrupted) will refuse to boot, or will shut-down shortly after booting.
>There is no way for the x86 firmware or operating system to disable ME permanently. Intel keeps most details about ME absolutely secret.

>regardless of which operating system
>On systems newer than the Core2 series, the ME cannot be disabled
>There is no way to disable ME

Do Power8s and AMD chips also have a similar feature?

Couldn't one just monitor all activity on their ibm power8 based router's up and make sure only whitelisted packets can get through? Which port does it use?

AMD chips have remote overheat option.

Lol, thank god nobody has said anything about power.

it uses magical NSA classified neutrino quantum entaglement communication. You could never intercept its packets

obligatory
slideshare.net/codeblue_jp/igor-skochinsky-enpub
and a protip: everyone avare of that, for years, so buy an old PC and install gentoo for your terrorist cheese pizza

...

AMD do, they call it the Platform Security Processor. Signed, closed source, can't run the CPU without it.

Power8? No idea, I'd expect not.

>1 + 2 + ... + 62 + 63
>not doing all your computing from a raspberry pi.

RPi has issues too, needs a closed source blob uploaded to the GPU before the CPU can start.

Well shit. I didnt know about this. I'll search for some sources.

I guess I'll have to learn to live with the Botnet looking over my shoulder.

Or just buy one of this babies:
secure.raptorengineering.com/TALOS/prerelease.php

> POWER8 CPU (sold separately), the standalone Talos™ board and accessories (no CPU) may be purchased for around $2,700 USD.

Hory shet

>tfw every smartphone has another hidden CPU and OS as well

>BOTNET
>O
>T
>N
>E
>T

>They say that if you put a frog into a pot of boiling water,it will leap out right away to escape the danger.

>But, if you put a frog in a kettle that is filled with water that is cool and pleasant, and then you gradually heat the kettle until it starts boiling, the frog will not become aware of the threat until it is too late.

>this is bad proprietary blob that we want to replace
>but intels security on it is good enough to block any attempt at modifying it

okay

is there really jails this comfy?

Dunno mate. This pic is from guantanamo tho

>Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine

hao is this acceptable business

shouldnt this be illegal

Why would it be illegal?

This is legal because they give to the NSA / government / a bigger fish their racketeering share.

>toilet next to bed
>comfy
Pajeet pls

>running Libreboot
I couldn't give a fuck. People that care should support GNU Libreboot and buy the systems if they want freedom.

>pajeets
>liking toilets
Is this bizarro Sup Forums or something?

Libreboot replaces the proprietary BIOS/UEFI firmware. We're talking CPU here.

Also, the FSS is killed in the egg due to RMS's own extremism. I'm somewhat a freetard myself but I don't feel like contributing to a bunch of people that would reject me when my opinion disagrees with theirs. (I got "shamed" because I encourage people using matlab when possible due to its great documentation and ease of use instead of rooting for octave and some buch of underground stuff)

This is legal because WE give to the NSA / government / a bigger fish their racketeering share.

Read the documentation of Libreboot. It also removes or makes the ME inoperable and no proprietary updates are forced.

But they like to poo, and I refuse to believe they will just poo on the floor next to bed

Yes the freezing cold jail toilet

>implying pajeets just don't shit where ever they happen to be standing when they need to shit.

Should i buy a core 2 duo machine for my questionable porn addictions then?

There are several cheap HP core 2 duo PCs out there.

"WE" don't give anything. Spies steal information, they don't gently wait for you to give it to them -- well I'm wrong, I guess they do actually.

Yeah, I didn't read it through. I got a thinkpad x201 instead of a x200.

Your room

Intel users on suicide watch.

Freedom loving AMD master race.

...

stop with your tinfoil fuckery
intel has had ME and AMT since 2007, and you can disable it in the bios you fuckwit now get back to your mothers basement.

AMD is guilty of the same thing you idiot.
Please share with us your knowledge, oh wise one. I'm sure the Coreboot devs don't know what they're talking about.

>Actually believing in placebo switches
>"Even a paranoid can have enemies."

I wish I would have a basement to live in tho. My rent + utility bill is eating all my earnings.

...

only the newer apus.

fx cpus dont have that "feature"

AMD has the same thing, smartphones have an even worse version of the same thing.

there's nothing anyone can do, you were never secure to begin with from state-level actors.

There is Power and Arm.

I have an old VIA system I can use if I ever need to upload some Sowden level leak somewhere.

But guess what I'm a boring useless schmuck like the rest of this board and the federal government is not interested in my boring pathetic life.

AMD does the same shit, moron. All two are shit.

>tripfag
>implies the OP said AMD was different
>then ironically calls someone a moron

wow.jpg

Hardware-based AMT features on laptop and desktop PCs include:

Encrypted, remote communication channel for network traffic between the IT console and Intel AMT.[1][2]
Ability for a wired PC (physically connected to the network) outside the company's firewall on an open LAN to establish a secure communication tunnel (via AMT) back to the IT console.[1][2] Examples of an open LAN include a wired laptop at home or at an SMB site that does not have a proxy server.
Remote power up / power down / power cycle through encrypted WOL.[1][2]
Remote boot, via integrated device electronics redirect (IDE-R).[1][2]
Console redirection, via serial over LAN (SOL).[1]
Keyboard, video, mouse (KVM) over network.
Hardware-based filters for monitoring packet headers in inbound and outbound network traffic for known threats (based on programmable timers), and for monitoring known / unknown threats based on time-based heuristics. Laptops and desktop PCs have filters to monitor packet headers. Desktop PCs have packet-header filters and time-based filters.[1][2][13]
Isolation circuitry (previously and unofficially called "circuit breaker" by Intel) to port-block, rate-limit, or fully isolate a PC that might be compromised or infected.[1][2][13]
Agent presence checking, via hardware-based, policy-based programmable timers. A "miss" generates an event; you can specify that the event generate an alert.[1][2][13]
OOB alerting.[1][2]
Persistent event log, stored in protected memory (not on the hard drive).[1][2]
Access (preboot) the PC's universal unique identifier (UUID).[1][2]
Access (preboot) hardware asset information, such as a component's manufacturer and model, which is updated every time the system goes through power-on self-test (POST).[1][2]
Access (preboot) to third-party data store (TPDS), a protected memory area that software vendors can use, in which to version information, .DAT files, and other information.[1][2]

Remote configuration options, including certificate-based zero-touch remote configuration, USB key configuration (light-touch), and manual configuration.[1][2][14]
Protected Audio/Video Pathway for playback protection of DRM-protected media.
Laptops with AMT also include wireless technologies:

Support for IEEE 802.11 a/g/n wireless protocols[1][10][15][16]
Cisco-compatible extensions for Voice over WLAN[1][10][15][16]

We're fucked.

>tfw 5 out of your 8 computers are PowerPC

What do you use them for?

libreboot.org/faq/#intelme

>The ME consists of an ARC processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected
>(...) And a DMA engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM.

>The Active Management Technology (AMT) (...) , is a Web server and application code that enables remote users to power on, power off, view information about, and otherwise manage the PC.
> It can be used remotely even while the PC is powered off (via Wake-on-Lan)
> The AMT application itself has known vulnerabilities, which have been exploited to develop rootkits and keyloggers

>ME firmware versions 4.0 and later (Intel 4 Series and later chipsets) include an ME application for audio and video DRM(...)
>these DRM applications, which in themselves are defective by design, demonstrate the omnipotent capabilities of the ME:
>this hardware and its proprietary firmware can access and control everything that is in RAM and even everything that is shown on the screen

> ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH(...)
>If the ME's boot ROM does not find in the SPI flash memory an ME firmware manifest with a valid Intel signature, the whole PC will shut down after 30 minutes.

>Intel is only going to get worse when it comes to user freedom.
The libreboot project is actively ignoring all modern Intel hardware at this point, and focusing on alternative platforms.

>you can disable it in the bios

No you fucking can't , the Intel ME subsystem still boots up, in laptops with Core I3/I5/I7 CPUs , if the Intel ME system is not running the PC will fucking shut down after 30 minutes.
The only way is to flash the bios with a new firmware with a modified descriptor region and again, new laptops will shutdown if you do this.

Does amd have this problem? Specifically the 8350?

My G5 and 17" AlBook G4 can be used for just about everything, they're still more than capable. The only machine that has been properly retired is a 1997 PowerMac 8600/200 w/ G3 Sonnet upgrade, that's basically a doorstop now, it was used pretty much daily in a publishing office until 2009.

Yes.

How to disable this shit: github.com/ptresearch/me-disablement/blob/master/How to become the sole owner of your PC.pdf

libreboot.org/faq/#amdpsp

>This is basically AMD's own version of the Intel Management Engine. It has all of the same basic security and freedom issues, although the implementation is wildly different.

AYYMDPOORFAGS CONFIRMED ON SUICIDE WATCH!

Don't buy systems with it in the first place. It's virtually impossible to disable or remove at this point. Look to Libreboot supported Operating Systems.

Companies that do this do not deserve your money.

No.

maybe

psp is only available on APUs as far as I can tell, can anyone confirm?

this is why we cant have nice things

400 € for a goddamn x200. I'm not ready to be fucked this hard for using FSS tier machine.

I'd rather use a raspberry pi 3 for less than 10% of the price.

This is very handy (and well known).
Intel should add disable option on consumer chips, though.

Quantum entaglement has nothing to do with communication you cuck. Do you even science?

It does if you can transport tied quanta, or even better, generate a targetted potential quantum.

Will these features work under TempleOS or some other DOS?

Sounds like a load of horse shit.

you've never been in a jail have u

No, and I hope my answer to this question will never change.

yes clearly horse shit man, you're smarter than everyone

that's not what it does

Some i3/i5/i7 2xxx chipsets don't have the management engine though. This is still pretty old news, people were shitposting on Sup Forums about this in 2011 already.

I have nothing to hide anyway

NSA has an entangled qubit in each of the ME chips, they just have to send the signal. Router can't stop whats not there

I don't know.

Can you repeat the question?

Also yes, but only on APUs.

this was news in 2008/2009 when ME became irremovable

It has become the norm since then

>I couldn't give a fuck.
Maybe you should since by the way things look Libreboot is not going to be able to make it to any modern hardware unless a new free architecture miraculously comes around

Can't wait to get this