26 Sep 2017 >Security researchers say they've found a way to exploit Intel's accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December.
>Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”.
>Because ME runs independently of the operating system, a victim's got no way to know they were compromised, and infection is “resistant” to an OS re-install and BIOS update, Ermolov and Goryachy say.
the NSA must have had known about this for years, it's proven itself with negligence to be basically a terrorist organization
Levi Morgan
And I will still buy Intel because it's the best.
Brody Myers
>the NSA must have had known about this for years Yes, they knew about it. They had Intel design in a disable switch for it even. Look up ME HAP bit.
Nicholas Roberts
You don't need to tell us that you're brain damaged. Nobody expects Intel's customers to have a working brain, everyone knew that.
Liam Hall
>everything
I run AMD and Apple, so I’m unaffected by this.
Mason Brown
implying amd and arm don't have their own versions of the thing
David Nelson
>Apple wut Apple uses intel
Benjamin Morales
POWER9 and Talos II will save us.
Michael Campbell
Everyone also expects tripniggers to miss the point and engage in naturally aspired retardation, it's like a law of nature.
Joseph Kelly
Libre boot soon
Logan Russell
Only if you've got a cool $5k to drop on a replacement desktop and don't mind extremely limited software availability.
Juan Martin
>best I think we all just found out that's not true.
Owen Edwards
iOS :)
I know some androids use intel atoms so :)
Xavier Peterson
>on any motherboard via Skylake+”.
So Ivy and Sandy Bridge is safe? phew.
Dylan Gomez
Hopefully it will become more affordable in the future.
Adrian Sanchez
All post 9/11 hardware is backdoored buy an old computer from the 90s and install Gentoo
Mason Gutierrez
>people will still defend the x86 monopoly because of muh games
We need to move to a paradigm where different use-cases have entirely different architectures and platforms.
Owen Moore
So what's the the problem here?
It's ALWAYS been game over if someone gets physical access to your machine, and this exploit requires it.
What's the fucking issue here?
Joshua Scott
>plug in a usb for a few seconds and then pull it out >you now have more control over the machine than the user themselves >what's the issue
Asher Perry
Not safe. But requires the special debugging adapter from Intel, and can't be done over USB 3.
Chase Rivera
>implying anyone can physically get close to any important computers or servers >implying this isn't an improved rubberducky/poisontap/empire+ruler spawn USB >implying they all don't require physical access which mitigates the threats pretty much entirely
Fuck off nigger. Shit that gives you full control with physical access has existed forever.
Owen Johnson
>cool $5k to drop Check
>don't mind extremely limited software availability.
It runs Debian, most of the software is already ported. It should also run x86 software under Wine on QEMU user-mode.
Jack Powell
>$2.75k Oh, sweet. I'm sure it used to be about $4.5k.
Eli Gomez
>have a laptop >you can't leave it alone in a public place for more than a few seconds even though it's locked
>have any kind of computer >plugging in a simple usb storage device to transfer some data is a huge security risk
>visit a printing shop >give them a document to print on usb >you now own the printing shop
Jaxson Martin
That's for a complete system. The Supermicro chassis they were selling it with was extremely marked up, so I'll just buy the components separately and save about $1K.
Austin Walker
ARM is also full of shit and POWER and openRISC are not really accessible.
Blake Gonzalez
>POWER >not accessible >TALOS II imminent
Isaiah Mitchell
>POWER and openRISC are not really accessible.
In terms of freedom or price/scarcity?
Jaxon Sanchez
No ME/PSP machines for me from now on.
Aaron Collins
Meet us here: We've got cookies!
Julian Bell
Taking inflation into account, that's not really that much to spend. Also, it will run most any open source software.
If you need your gaymes and such it could be a problem but for non-gaming type tasks it should be fine.
Kevin James
>tfw on a pos ivy bridge chromebook thank god
Jose Moore
aside from this, it also illustrates that once again these extremely powerful completely-closed products are never the unassailable, unhackable things that the designers or (((them))) think they are.
just wait until the next ME exploit the NSA either found, or had included by design, becomes known
Henry Brooks
Well considering they're the ones who wrote the gag order that made them put it in, yeah they knew about it from the beginning.
Jordan Robinson
Wait until someone leaks the NSA's point-and-shoot scripts.
It would be apocalyptic.
Lincoln Taylor
So this is pretty much programmed obsolence at work right? They knew full well 95% of people could get by forever with Sandy Bridge and upwards.
Justin Price
>implying all raptor products wont be intercepted during shipping by the NSA for backdoor installation
Gabriel Price
what the fuck are you talking about? do you even know what the words you're using mean? if anything, this would make you would roll back to sandy bridge.
Angel Green
it makes anything pre skylake very valuable
Isaac Wright
> programmed obsolence
That...That makes me think. Could they make it so the CPU gets slower over time, and force a repurchase?
Oliver Brooks
you could, say, make it so the processor runs 30C hotter than it should unless its delidded...
Dominic Gomez
The exploit seems to require USB access, which make it more useful to removing the intel ME shit than hacking a machine.
Elijah Hill
theyll come up with one exploit for those too what was the last gen. that didnt have any of this bullshit? c2d?
Thomas Myers
hmm
Hudson Mitchell
This is only stage 1. It's all downhill from here.
Jackson Gomez
Yes, but it ends with stage 1 as soon you stick an USB that disables all the shit.
Xavier Foster
>removing the intel ME shit Is that even possible?
Mason Campbell
CD/C2D are the "we're 90% they didn't" because they can be easily Libre/Corebooted.
there's always pentium 4. At least those haven' gotten too expensive yet
Jeremiah Reyes
Lucky you.
Nolan Williams
Is this done remotely, without needing access to the machine, or the network it is on?
Otherwise this isn't anything of note.
Julian Mitchell
i love it when governments get options to disable these "features" because they are inherently flawed and insecure bullshit
William Ross
God damn I hate the USA.
Owen Morgan
I run Libreboot. I don't have this problem.
Kevin Morgan
>theyll come up with one exploit for those too has nothing to do with what I said. The point was that relating it to planned obsolescence is retarded.
Dominic Gray
The US is fine, except for their government and megacorporations.
William Ross
Good!
John Brown
and the entire population that supports them and bends over backwards to get fucked
Charles Hughes
not even 20% of the population even votes
Nathaniel Nelson
exactly
Nathaniel Clark
>OH EM GEE GUISE, IF SOMEONE GETS PHYSICAL ACCESS TO THE COMPUTER YOU'RE FUCKED!
Are people new to computers or something? Wait when they find out they can exploit the whole computer with a slegdehammer if they gain physical access too.
>b-b-b-b-b-but muh laptop >muh evil maid
Tamper resistant mechanism. Epoxy goes in all ports.
Aaron Phillips
You mean ARM probably. >Retarded apple user Shocker!
Brayden Kelly
Good thing I'm still on sandy bridge and ryzen
Jackson Torres
>we have been so focused on intel backdoors that we ignore AMD might have several to because indians incompetence just waiting for the big reveal
Jace Flores
>Tfw still running top Yorkfield cpu Feels good man, system wise is fast as fuck with an SSD, can't tell from modern systems.
Jackson Gomez
intel has more indians working for it than amd
Jordan White
This, what the fuck
GUYS WE HACKED SOMETHING WE HAD ON A TABLE IN FRONT OF US HOLY SHIT
Camden Moore
Because any dumb SKID can do this. You do know computers are in places besides bedrooms,right?
Mason Reyes
>muh enterprise >what are security clearances? >what are logs?
This changes nothing, just clickbait meme news.
Ethan Watson
ME is capable of networking and it has been theorized that is capable of receiving commands like AMT does, of course such capabilities could only be use by authorized personal (INTEL, NSA, etc...). Now that ME has been broken is just a matter of time before somebody find the keys to every Intel board post C2C.
Jackson Sullivan
The end result of this will be an USB device that can disable the intel ME, and there will be two varieties: And Open dinky shit that will barely work but will give you true freedom, and a google stick that will always work, but will just replace the botnet.
Ethan Adams
>what are logs?
What are you going to do? Try find out which kid has a USB stick? Oh, what, it's all of them? I guess our school/college will just have fucked computers from now on. Never mind, "if they can see the computer it's already compromised" right?
Robert Cook
Told ya
Zachary Reyes
You're a retard, don't let kids close to your computer "security clearance". Also, if there was no way to avoid having shady people around, epoxy all ports or get the computer on a tamper resistant/evident physical enclosure.
>omgz guise this is da end of compootahs
Jace Collins
Why do schools even need computers?
There is nothing wrong with whiteboards/chalkboards and overhead projectors.
Christian Butler
>via Skylake+ Still save on Haswell and no reason to upgrade.
Levi Perez
This.
Pretty sure my old School only got a 'computer lab' because some other school in the district got one. Gee Bill! How come your School gets Two Computers Labs?
Jason Russell
>tfw my 4770k is dying
Kayden Cox
there's this weird notion of americans as some sort of government worshiping patriots.
foreigners dont realize how many are just totally disenfranchised with the political system, which is why they dont vote. I don't know if this is better, but it sure isn't 'support' of the government
our government is actually pretty terrifying so i cant blame them
Camden Baker
>calls me a retard >says that schools should break their computers so kids don't mess with them
Anthony Davis
well they sure are military worshiping patriots
Justin Wright
dumb niggerposter can't read, more news at 11 your last (you)
Luke Sanchez
>trannyboot
Mason Bailey
wiping a computer or smashing it with a hammer is COMPLETELY different from being able to clandestinely take over the cpu without any practical way for the owner to know about it.
also, i think you underestimate how many ways people can get physical access to your computer without you explicitly knowing
Daniel King
Do you realise how much it would cost to put every computer in a school or college in a tamper-proof safe.
Oliver Diaz
>implying anyone can physically get close to any important computers or servers >What is social engineering
It's so fucking easy. I need to access a lot of server rooms for my job, every single one goes like this
>Walk into reception wearing hi vis vest and carrying toolbag >Bimbo at reception browsing facebook >Hi I'm here to do X and need to get into the server room >Blankstare.exe >The room with all the big computers? >Oh, yeah whatever here is the key, make sure you sign in on this piece of paper
I mean for fucks sake one of those places was a cryptocurrency exchange.
Zachary Brown
So far only through USB, so need physical access.
Adam Howard
The concept of a computer being compromised if someone gains physical access is not new. >clandestinely Yeah, like maid attacks, it's simple, if you really care, don't use public computers for personal stuff, as easy as that.
The price of freedom.
Joseph Young
>core i fox and freedom grapes
Connor Morgan
actually all they need is to get you to plug in a usb
how long till haxors put infected USBs back into oem packacking and throw them on the shelf at target.
Connor Rodriguez
My country is implementing 'BYOD open learning'. Basically they corral 60+ kids with laptops and tablets into a classroom with one teacher and expect it to work.
The parents of the kids are also expected to provide laptop/tablets for the kids. Naturally these break/are stolen/lost all the fucking time and parents are expected to keep buying new devices. It's fucking madness.
Connor Butler
>put them literally in thin MDF or plastic boxes >if the box is broken, assume compromised computer and check the security camera footage
Woah, mirrion dorrars
Jacob King
Yeah, you are correct, if they get people to plug in USB devices with the payload they will have access to everything and thus remote attack.
James Price
I mean the government and it's organs, yes. Random american citizens are OK people and aren't really responsible for this.
Julian Robinson
The vast, vast majority of primary and secondary education does not require any electronic devices at all.
Oh, but they're shiny so we gotta let the kids have them! Fucking magpies are more intelligent.
The scheme you describe sounds like a recipe for disaster, I'm sorry to say. I fear the children in it may learn very little at all at a very crucial time in their lives.
Logan Thompson
>aren't really responsible for this. yes they are 100%. Americans suck corporate cock. Everyone thinks they are going to become a billionaire if they just keep on sucking the cock. Then of course there are the consumers who have no problems getting fucked over repeatedly buying whatever the fuck.