>Bugs can be exploited to extract info, potentially insert rootkits
>Intel today admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) are vulnerable to multiple worrying security flaws, based on the findings of external security experts.
>The firmware-level bugs allow logged-in administrators, and malicious or hijacked high-privilege processes, to run code beneath the operating system to spy on or meddle with the computer completely out of sight of other users and admins. The holes can also be exploited by network administrators, or people masquerading as admins, to remotely infect machines with spyware and invisible rootkits, potentially.
>Meanwhile, logged-in users, or malicious or commandeered applications, can leverage the security weaknesses to extract confidential and protected information from the computer's memory, potentially giving miscreants sensitive data – such as passwords or cryptographic keys – to kick off other attacks. This is especially bad news on servers and other shared machines.
>In short, a huge amount of Intel silicon is secretly running code that is buggy and exploitable by attackers and malware to fully and silently compromise computers. The processor chipsets affected by the flaws are as follows:
>6th, 7th and 8th Generation Intel Core processors >Intel Xeon E3-1200 v5 and v6 processors >Intel Xeon Scalable processors >Intel Xeon W processors >Intel Atom C3000 processors >Apollo Lake Intel Atom E3900 series >Apollo Lake Intel Pentiums >Celeron N and J series processors
So you're telling me the best cpu made, the 2500k, is not affected?
Jason Hernandez
>tfw 2500k owner
lmao the best intlel even after six years.
Matthew Stewart
>tfw changed to ryzen a moth ago
Angel Reed
I have a Core i3-2350M laptop. Am I affected?
Isaiah Morgan
Old news. Been using SPARC for years already.
Brandon Anderson
4th generation here. Seems I'm not affected.
Andrew Robinson
>using Larry Ellison's processors
Caleb Jones
As long as none of that is exploitable over port 80 I guess I don't fucking care at all. Boohoo someone standing right beside the machine or someone who is logged in (there is only one account and that is me as root) can do anything he/she wants. I just don't fucking care. Getting my password is easier than exploiting anything cpu-related.
Alexander Martin
When are they going to recall all these CPUs?
Eli Powell
>bugs >not features for nsa Nice try
Benjamin Hill
>So our backdoors got found out, now we need to replace them with newer, better ones.
Grayson Sullivan
>Intel finds
That's all I needed to read. Are they trying to pass as the good guys that warn people about IME now?
Brayden Hughes
Is there a way to get a modern Intel computer without the problematic IME stuff?
Jeremiah Anderson
>he doesn't just use a PowerBook G4 as a daily driver
Alexander Anderson
PPC is not supported by Apple or the macOS community anymore; only old software is available for it now.
Jayden Lewis
>what is leopard-webkit
Easton Reed
>Stallman was right again When will newfags ever learn?
Christian Diaz
>when you actually have to download firmware drivers for your CPU
Where's that permabtfo intel shill at? I wanna laugh.
>write an intentional backdoor to your shit >whistle-blower tells everyone there's a backdoor in every single new chip >someone finds the backdoor >"bug" can be exploited Seems like a feature to me rather than a bug. It's working as intended.
Brayden Sanders
>he/she he/she/xir sweetheart
Jaxson Williams
resbond
Henry Sanders
it*
Carter Morales
them
Joseph Sullivan
fuck off with your incorrect grammar piece of shit commie
Kevin Gomez
...
Cameron Russell
it says error ME driver not installed and 'maybe'. Haswell here.
Charles Taylor
YOU DIDN'T LISTEN
Jacob Thomas
Do MacBooks have this problem? If so, looks like it wouldn't really be a bad idea for Apple to start putting their own CPUs in their laptops.
Benjamin Richardson
These Sup Forums roleplayers are getting really good
Andrew Taylor
This was inevitable
Parker Davis
>tfw he was spot on
However I think most of us really saw this coming even if we probably wouldn't be this close.
>buying intlel ever
Logan Torres
>it has full access to the TCP/IP stack Can anyone explain what exactly this means? Maybe newer hardware is different, but I'm pretty sure TCP/IP doesn't even exist until the OS says so.
Isaiah Wilson
ME has its own TCP/IP stack not sure what that poster meant though
Connor King
Anyone else get "unknown or unsupported hardware platform"? Just installed the new microcode update from the 17th.
Juan Campbell
Yes, they have had it since shortly after Apple switched from PPC to x86. If you have an i3/5/7 you are fucked. Very old PPC macbooks are good though.
William Perry
Intel i5 3320M here, seems not affected.. nice
Nathaniel Gutierrez
Reposting the list made in the Hardware Removal-of-botnet Threads (/hrt/):
(2/2) OpenPOWER: Raptor Engineering sells POWER9 workstations, that may soon be getting RYF certification. They're expensive as fuck, but probably the most powerful non-botnet computers that exist. Comparable to Xeons/Epyc. raptorcs.com/TALOSII/
Sadly an equivalent way of disabling AMD's PSP is still unknown.
Landon Mitchell
Actually not intel found them.
Brandon Martin
>not affected it might seem that way, but only because jewtel doesn't care about LEGACY products. if that machine of yours ever becomes a target the exploits will work just fine. and if you have a problem with that all you have to do is UPGRADE (read BUY) to a more recent processor were the issue doesnt present, which will probably require new silicon
Benjamin Brown
Is there a list anywhere of all CPUs affected by IME/PSP? I hear people say it affects all modern x86 CPUs, but I haven't seen proof that it's in CPUs other than vPro/Ryzen. What about older Pentiums and the AMD FX?
Eli Wood
You are as safe as my virginity
Jaxon James
so now that software is fully open, is time for the hardware
Levi Ross
That W2 form really convinced me.
Jonathan Thompson
Literally never when it's tied to intellectual property. And even open source hardware specs don't guarantee the manufacture simply won't implement malicious or otherwise hidden blackbox features on the assembly line. Nor any other entity doing the same at any point of distribution.
Evan Turner
>not 4th gen sweet
Owen Davis
So only safe until the government decides to fuck you in the ass?
William Allen
>logged-in administrators, and malicious or hijacked high-privilege processes So what you're saying is... my computer would have to already be compromised in order to be compromised?
Whatever. Maybe with these new findings we can deliberately hack the ME and disable it somehow.
Andrew Sullivan
>still on ivy bridge Feels good
Lucas Russell
Its called microcode, it is downloaded during every boot, and it is distributed in BIOS updates.
Jayden Richardson
>tool New backdoor patch tool?
Oliver Gutierrez
What was the latest model of Thinkpad that could benefit from libreboot?