Intel hardware botnet

Grow up.

who cares anyway its not like ryzen get you any performance intel is better than anything we have by light years unless you are grandma or a 90's poorfag intel is the best option ryzen is like 50% slower and stutters

Patch it.

kek

>Intel Muhdick Engine

Everyone with half a brain knew this would be a problem eventually.

DELID THIS RIGHT NOW

>we implemented a non accessible circuit which runs forever, has below OS level access to everything you do + it can access the networking interface
>But it's not a backdoor. We do this because you want it trust us

>Wow there was a backdoor all this time? We didn't know, crazy how it got there!
>Btw it's not removable
>Oh right here is an OS patch that fixes the exploit
"But wasn't it below OS level?"
>Shhhhhh

Mandatory

This. ME was never a good thing and it was only a matter of time before something like this came up

...

How does he know his daughter would do anything for Jolly Ranchers if he didn't try it?
Seems like someone should've been under surveillance from the start.

>Not knowing your daughter's favorite stuff
I feel sorry for your future kids user.

You're a fucking idiot.

DELID THIS YOU STUPID GOY

Weren't you told to grow up?

So what's the upshot of this? I never installed the Management Engine software for my X58 machine but I don't remember stuff like that being selectable in the BIOS.

>What we found was scary on a level that literally kept us up at night. For obvious reasons we couldn’t publish what we found out

>P-P-Please believe us

...

>Charlie Demerjian
I'm not a huge fan of Intel but semiaccurate is a very appropriate name.

Are you mentally handicapped by chance?

Publishing it would force intel to release a fix. Can't have that!

They're already releasing a fix

They only announced this because Intel pushed out a fix to OEMs a week ago. Read the whole article.

>If you have provisioned AMT or ISM on your systems, you should disable it in the Intel MEBx. If you haven’t provisioned these, or have and want to mitigate the local vulnerability too, there are more steps to take. If you have a box with AMT, ISM, or SBT, you need to disable or uninstall Local Manageability Service (LMS) on your boxes.
...So basically, the only ones affected are corporations actually using ME and anyone who has completely not touched it is fine?

does this mean some ching-chong can access all my intel machines over the internet and steal my passwords and credit card info?

...

Do you believe every hyperbole you read on the internet ?

I am a bit skeptical here, they claim to know of a vulnerability, claim to have talked to the "right people" and have gotten nowhere.

Could it be that their vuln is nothing ? That they do no have the right information and cannot even make a proof of concept exploit because their vuln is literally nothing?

Its all doom and gloom in this article, listing what the ME can do then making it seem like their vuln will give you $100% control over the system.
I am not saying this vuln cannot be real, but the way they are going on about this sure seems to ruin their own credibility.

pic related

If you don't use AMT, no.

If it wasn't a real issue, why is Intel releasing a patch to OEMs?

Please link to technical description of patch so that it can be matched against the article.

Is it turned off by default, though?

We don't know if the management engine is listening to some secret port knocking pass even if it is disabled.

I hope AMD will open source theirs, then it may put pressure on Intel to open it up too or something. Or at least find a way to remove the IME

They'll release that after the patch is out, it's written in the article

so once again, we got to take their word for it.

>patch is coming out
>lets raise fear and tell everyone is *must* be patching this super secret exploit that no one knows about except us, and that is a very dangerous

Disable ME and leave the botnet.
github.com/corna/me_cleaner

So you don't even know that it's related to the issue mentioned in the article?

There's probably a trace you can cut.

how to fucking use that shit

you flash it using a raspberry pi and a SOIC clip

You need a hardware spi flasher.

github.com/corna/me_cleaner/wiki/How-to-apply-me_cleaner

but is it safe?

Yes

>e-everything is fine just belive intel
Yeah remember how intel tried to cover up their dying Atoms chips? Sure I'm going to take the word of Charlie

WHAT THE ACTUAL FUCK

libreboot.org/faq.html#amd

AMD's PSP isn't accessible over network like Intel's ME.
That's why it doesn't have a remote exploit.

>To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM “features” to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.

>"theoretically"
>quoting from trannyboot website

>control+f literally
>1 of 6 matches

Why? It's intended to be there.

it literally is the end of the world for computer, we talked to literally dozens of people and were ignored literally

>trannyboot
Yes, don't accept any alternative to Intel® SafeBoot® TrustSecurity®!

>"alternative"
Trannyboot is a ripoff of coreboot though.

So what? Doesn't make their description of the PSP any less accurate. If anything, it's part of their mandate to examine it.

they do their own dev work and have spent thousands funding boards to be ported to coreboot/libreboot

We can't really audit it now, can we?

The point is it's not remotely accesible from the *outside* because it doesn't have the zeroconf madness built in.

WHY DID I BUY JEWTEL
FUCK

FUCKING NIGGER CATTLE GOT ME

Yes goy, just trust us! Intel would never lie to you!

how do I know if I have AMT turned on?

So its pure speculation. Intel ME network access and previous vulnerabilities have been documented.

Somebody skillful can. Intel ME has been reverse engineered and exploited even though its a black box

hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/

fake, that url at the bottom does not exist.

Not that user, but you're an idiot. en.wikipedia.org/wiki/Intel_Upgrade_Service

You're fake news!

>Somebody skillful can. Intel ME has been reverse engineered and exploited even though its a black box
So the AMD PSP has received less attention since it's many years younger and fewer people use AMD. That's not exactly a reason to feel secure about it.

It's always turned on. You can (supposedly) turn off the network parts of it via the BIOS, however.

I'm a pedo, how fucked am I?

but rpi is botnet too

I did not see anything about it in my uefi setup

Lack of evidence is not evidence.

The SWAT is coming to your door right now

oh shit oh shit

I believe that means that your hardware is not equipped with the network portions of it. It's still locally exploitable, however.

Of course it's not "evidence", but having a secondary processor with full hardware access executing non-audited software is certainly in no way better than not having that.

If you don't make your own motherboard, cpu, graphics card, serial controller and OS: you're fucked

I suppose the network portions requires vPro? I do not think I have that.

AHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAH

r u 0k?

At least Su promised PSP transparency, haven't head anything similar from Intel. They actually do neat things with PSP like transparent memory encryption

>At least Su promised PSP transparency
She did? Please link, sounds amazing.

>I use an AMD CPU

AMD has an equivalent thing you nigger

How will we ever recover?

>from nehalem to cucklake

So my core2quad full of rare pepes is safe from the jew botnet?

Well not exactly promised herself but AMD James did respond like this in reddit

>Thanks for the feedback. Please believe me that this has CEO level attention and AMD is investigating the steps and resources necessary to support this. It is not the work of a minute, so please bear with us as we define what we can do.

If they don't follow this up they would lose face like intel

>If they don't follow this up they would lose face like intel
for Chinese and Indians the idea of losing face is bad, so this is bound to happen

By being very very nice to Intel, forever.

Almost nobody affected will get it.