>Researchers from Positive Technologies have revealed that some new Intel CPUs contain a debugging interface, accessible via USB 3.0 ports, that can be used to obtain full control over a system and perform attacks that are undetectable by current security tools.
An attacker could use this to bypass all security systems for the embedding of code over a certain period of time, reading all possible data and even making the machine inoperative, for instance by re-writing its BIOS.
Intel backdoors? Not in my CPU!
Josiah Reed
Other urls found in this thread:
Levi Evans
Joke's on them. I only have USB 2.0 ports.
Joshua Martinez
At least this makes locking down computers with secure boot or whatever useless
Xavier Williams
sure glad I don't let people stick their bits in my machine
Jack Wilson
Skylake and newer CPUs.
Justin Ross
irrelevant for most of us. if a guy bursts through my door with his usb 3.0 donger in his hand, ready to plug it in deep inside and abuse the backdoor, I'll have other worries than my PC security.
Benjamin Sullivan
>cuck magazine
fuckoff and shill elsewhere faggot.
advertisements keep Sup Forums running, you resorting to shitposting not only deprives potential and actual technological discussion, but makes other retarded fucks not much unlike yourself, from opting towards an ad instead of relentless shillposting.
Leo Campbell
>Positive Technologies
And they say that russian hackers are meme
Caleb Moore
>attacker has physical access you your hardware
>implying there aren't 999 and 1 other ways to bug and hijack you
Jason Brown
I've learned that Russian Hackers are the new 400 pound my little pony boogiemen.
Dominic Long
>implying Russian make that much money to buy such amounts of food to get that fat
Samuel Williams
Evan Diaz
Eh, highly motivated people that are all out of fucks to give need a wide berth.
Adrian Watson
Ha, I already closed USB ports with tape.
Grayson Powell
>owning a pc with usb ports
Ian Clark
>owning a computer
>not booting tails from different net cafés
David Anderson
>This indestructible tape will keep them out for sure!
Gavin Ward
We are all scared of random guys, sniffing out our back doors and try to penetrate it.
Grayson Peterson
That's why I'm only using amd
Evan Murphy
>it's okay when AMD does it
Jaxon Hernandez
People actually believe in the Holodomor bullshit?
Gavin Ward
If someone with malicious intent has physical access to your computer, you're probably fucked anyway.
Elijah Rogers
You're better off with one of those dongles that pretend to be a network port.
Elijah Moore
Don't worry
RYZEN has USB3.0 too
Joshua Watson
>tfw 2500k master race
Who's laughing now, skylake fags?
Samuel Powell
> expecting AMD chipsets to work as advertised
Learn to apprectiate the power of Security Through Incompetence(tm), user.
John Murphy
This implies USB 3.0 controller being active on the motherboard.
Nobody forces you to use these ports. You can add your own controller via pcie.
Jason Mitchell
Intel? Whats that, oh, not AMD? Then does anyone care?
>Answer: No
Cooper Brown
Intel fucking sucks, cant even make a decent driver
Liam Howard
>MFW this is literally a feature on high-end motherboards, you don't even need a CPU.
Can anyone say Q-Flash and Flashback?
Luis Stewart
Joke's on you, (((they))) have it in ryzen chips too. Have fun on fx series cpus
Jacob Butler
Checked
Sebastian Powell
USB requires the CPU, so the controller could still be vulnerable.
Carter Turner
because AMD doesnt have this as well right?
Camden Gray
You'd be scared of the UEFi/EFI bugs hiding in the darkness.
Jason Reyes
of course AMD make no backdoors
Chase Long
Literally their logic:
>haha jokes on you all who got raped in prison, I was wearing a butt plug the whole time.
Josiah King
>haswell
the feeling is quality, male community member
Leo Young
>it's another physical access exploit episode
Looks like proprietary software is finished for real this time guys
Anthony Ross
>a person physically accessing my desktop pc
not in my lifetime, i don't live near niggers either
Connor Sullivan
So this thing can bypass full-drive encryption or can at most allow you to install malware before the encryption, so the attacker can steal the password and decrypt the drive later?
Ryder Lee
But does it allow fucking jtag over usb, a feature literally nobody asked for?
Robert Barnes
if you havent noticed, serial isnt too common
usb is hot swap, serial wasnt
usb jtag is an amazing feature, it will make debugging other pcs so much easier
Michael Torres
>a feature literally nobody asked for
Except system integrators, who buy the majority of CPU's.
Ryan Scott
If you want to see if this short-sighted corporate fuckup is enabled, retrieve the IA32_DEBUG_INTERFACE MSR value via 'rdmsr --bitfield 0:0 0xc80'. If it comes back as one, congratulations, you are probably runnning a budget, U-suffixed Skylake processor that was designed with the manufacturer, rather than you, in mind.
Landon Brown
My assumption is that it permits direct memory access.
Same issue with thunderbolt (or firewire lol) if you don't have VT-d enabled as via intel_iommu=on.