Intel ME Vulnerable

this tool simply crashes

Run it with python2 instead of python3

what?

>2018

Not using amd with psp disabled

Run it with python2 instead of python3

Enjoy your vulnerabilities
primary% inxi -C
CPU: Octa core AMD Ryzen 7 1700X Eight-Core (-HT-MCP-) cache: 4096 KB
clock speeds: max: 3400 MHz 1: 2200 MHz 2: 2200 MHz 3: 2200 MHz 4: 2200 MHz 5: 2200 MHz
6: 2200 MHz 7: 2200 MHz 8: 2200 MHz 9: 2200 MHz 10: 2200 MHz 11: 2200 MHz 12: 2200 MHz
13: 2200 MHz 14: 2200 MHz 15: 2200 MHz 16: 2200 MHz
primary%

>"hey we add you a button to turn off psp just trust us it disable it"
>oh thx AMD

>downloadcenter.intel.com/download/2715
All good?

oops... I was going to say 'how?" and not "what?"

how do I do it exactly?

Tool Started 10-Dec-17 14:54:02
Name: ADMIN-PC
Manufacturer: System manufacturer
Model: System Product Name
Processor Name: Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
OS Version: Microsoft Windows 7 Ultimate
Status: Detection Error: This system may be vulnerable, either the Intel(R) MEI/TXEI driver is not installed (available from your system manufacturer) or the system manufacturer does not permit access to the ME/TXE from the host driver.
Tool Stopped

get cucked faggots

python2 intel_sa00086.py

>downloadcenter.intel.com/download/2715
page is 404, champ.

here's the actual link:
downloadcenter.intel.com/download/27150

but there is no Python file

you missed the 0 at the end

damn. i'm vulnerable.

*** Risk Assessment ***
Detection Error: This system may be vulnerable,
either the Intel(R) MEI/TXEI driver is not installed
(available from your system manufacturer)
or the system manufacturer does not permit access
to the ME/TXE from the host driver.

So what happens now?

Now you either switch to a CPU that doesn't have a mandatory backdoor in place, or you wait and hope that your mobo manufacturer releases a patch for you. Of course, such a patch won't disable the backdoor. It will only patch the currently public exploits for that backdoor. It's only a matter of time before new exploits are found.

Does that mean I have to go buy a lot of lube?

Pull the plug.

What about AMD processors? They don't have intel ME right? Are they safer?

>downloadcenter.intel.com/download/27150
>mfw X58 is unaffected
enjoy your shitty "modern" quad cores lads

what happens? I wait for updated firmware to be pushed down to me from my motherboard manufacturer. as for how vulnerable I am.. not very. an attacker still needs physical access to the machine, a JTAG to USB and a lot of technical knowledge to install anything malicious inside its flash ram.

these incompetent fucks at Intel, and the OEMs that pushed this shit into all Intel boards on their behalf, without doing any proper testing, should all be shot in the face.

the IME isn't in the CPU, it's inside the intel chipsets on motherboards.

AMD has an equivalent called Platform Security Processor. Supposedly an update for some Ryzen systems allows for this to be disabled, but you pretty much just have to take their word for it that it's truly disabled.

>just have to take their word for it
much like intel, amd's word isn't worth shit.

>not very. an attacker still needs physical access to the machine
see

i'm pretty chill thanks to me_cleaner

It's software that runs on a separate microprocessor which acts as a backdoor

REALLY? noooo. tell me more. dickhead.

So again, the solutions are to use a processor which does not have a backdoor or to wait for mobo manufacturer to provide a patch to "fix" it.

"CVE-2017-5712 - Buffer overflow in AMT in Intel ME Firmware allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege."

It clearly states how this bug functions. did you miss the part where it says "REMOTE ADMIN ACCESS" ? who except from enterprise systems even does this shit? yep, nobody. so, user is fine. enterprise users? kek. not so much.

keep trying, amd shill. you'll get there eventually.

> CPUs have backdoors
it really shows how much you know about this topic: and that's fucking nothing.

>How fucked are you

I'll get back to (you) when I have an Intel system.

The separate microprocessor in the chipset is a backdoor into the CPU. Are you pretending to be retarded?

My Haswell CPU is not vulnerable

Thanks for for the reply. I would buy a ryzen anyway if I'd build a PC in near future. Good to hear that one is relatively safe with ryzen.

The latest BIOS update for my laptop was specifically to fix this issue, yet the detector application says I am vulnerable.

wtf?

>mfw dell are planning to patch my 6 year old laptop's BIOS
always buy business grade laptops folks

ITT: Pajeets with old BIOSes and hardware.

MacBookAir5,1 here.

Based on the analysis performed by this tool: This system is not vulnerable.

Not at all because I'm posting from my Libreboot T400 right now where the ME is completely disabled. All of my Core i series machines have had the ME firmware stripped down to the FPT and BUP only, which means that it has no way to be accessed remotely with AMT and it can't even be updated from the OS level. Someone would literally have to break into my house with an SPI programmer and restore the entire original BIOS for me to be vulnerable to this.

Sup Forumstards get fucked.

LAWSUITS TO INTEL WHEN!?
LAWSUITS TO INTEL WHEN!?
LAWSUITS TO INTEL WHEN!?

>tfw you at coffee/library/univ with your laptop
>hearing noise
>"damn shut the fuck up u normie"
>come back at your laptop
>laptop is missing
>nsa niggers run with it
>tfw 20 years in jail

Anyone tried this with coffeelake?

>unironically using the word "normie"
>spending time at starbucks with your laptop

Yeah fuck off you plebeian scum.

Patched it when the article came out on ArsTechnica

Does this work on AMD?

is there a way to disable the me chip yet?

...

Only if you are using an old slow CPU

So... we are only safe if we not use new Intel hardware...?

I have disabled all AMT/ME related ports on my firewall as well as in windows firewall. I don't think it will help too much but i'm surprised lenovo hasn't released a patch yet.

i have a latitude and hopefully they update mine. I'm hopeful because the last ME vulnerability was patched in july of this year by dell.

I don't think your firewall will do anything, the backdoor runs Minix and lives in its own little world, separate from what you do.

Find your model here:

dell.com/support/article/us/en/04/sln308237/dell-client-statement-on-intel-me-txe-advisory--intel-sa-00086-?lang=en

Not fucked, the tool says my 4790K in my desktop and 4570S in my home server are both safe.

>no update from my laptop
>me_cleaner doesn't work since dell supply the .bin file for my bios
>get this from the tool

Detection Error: This system may be vulnerable,
either the Intel(R) MEI/TXEI driver is not installed
(available from your system manufacturer)
or the system manufacturer does not permit access
to the ME/TXE from the host driver.

everyday we stray further from God's light

INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.146
Scan date: 2017-12-10 17:59:24 GMT

*** Host Computer Information ***
Name: localhost
Manufacturer: System manufacturer
Model: System Product Name
Processor Name: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
OS Version: (4.14.4-1-ck)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 8.1.2.1318
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the INTEL-SA-00086 Detection Tool Guide or the
Intel Security Advisory Intel-SA-00086 at the following link:
intel.com/sa-00086-support

Phew

is the analysis tool foss?

Intel grants no licenses or other rights, expressly or by implication, estoppel, or otherwise, to:
(A) make, use, sell, offer for sale, or import modifications or Derivatives of the Software;

gno

if you download the python file, you can look at all of the code.

Dummie, Lenovo was the first manufacture to pushed IME firmware. Go get it from their website, but remember, this patch isn't gonna do shit against state actuor, black hat who wants to get into system whenever and do whatever they pleases.

Hey fuckstick that's the first thing I did. Installed the update, and it never updated the FW. It's still vulnerable. So I took the extra steps to mitigate remote access vulns by following steps found here.
downloadcenter.intel.com/download/26755?v=t
Faggot.

...

:^)

oh fug :DD

INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.146
Scan date: 2017-12-10 21:40:11 GMT

*** Host Computer Information ***
Name: archlinux
Manufacturer: Hewlett-Packard
Model: HP Pavilion dv6 Notebook PC
Processor Name: AMD A6-3410MX APU with Radeon(tm) HD Graphics
OS Version: (4.14.4-1-ARCH)

*** Risk Assessment ***
Detection Error: This system may be vulnerable,
either the Intel(R) MEI/TXEI driver is not installed
(available from your system manufacturer)
or the system manufacturer does not permit access
to the ME/TXE from the host driver.

For more information refer to the INTEL-SA-00086 Detection Tool Guide or the
Intel Security Advisory Intel-SA-00086 at the following link:
intel.com/sa-00086-support

why is everyone in this thread such faggots, just buy an SPI programmer and install libreboot