News Intel Discovers Security Flaw in CSME Firmware

Toggle sidebar Toggle sidebar
J

jgraham11

Distinguished
Jan 15, 2010
54
21
18,535
Another one, this time Intel actually reported it themselves.
Do you think it has anything to do with the negative publicity they
have been receiving for all those strings they attach to "Prize money"
for reporting a bug.
Why the researchers who found Cacheout bug declined to stay
silenced for potentially years.
 
C

cfbcfb

Reputable
Jan 17, 2020
96
58
4,610
bit_user said:
It'd be interesting to know whether Intel's own internal IT disables the ME on their systems. I'm betting they probably do.
Click to expand...

Nope they don't. I have a number of friends who work in IT for the company. In truth, 90% of these "bugs" never affect anyone. I suppose if you download and install anything from anyone and spend your days on eastern european porn sites, you might get something. Oh, and your computer too!
 
bit_user

bit_user

Polypheme
Ambassador
Jan 20, 2010
14,137
5,718
62,040
cfbcfb said:
Nope they don't. I have a number of friends who work in IT for the company. In truth, 90% of these "bugs" never affect anyone. I suppose if you download and install anything from anyone and spend your days on eastern european porn sites, you might get something. Oh, and your computer too!
Click to expand...
I'm not sure you understand the nature of these ME bugs.

The ME is like a special core, inside your CPU, that has privileged access to the rest of the entire system. On top of that, it's pretty much directly connected to the network.

What that means is that, if there's a remote vulnerability, someone on your network could get root access to you box. That's one of the worst kinds of exploits, and it's a vulnerability that is especially of concern to corporations and potentially some cloud networks, where you have a ton of machines on the same networks.

A lot of the side-channel attacks that we've been hearing about, recently, tend to require having some code already running on the box (although even simple Javascript in a web browser could be sufficient, in some cases). For those, I wouldn't worry too much about servers that are entirely under my control. It's only people running in VMs on cloud servers with unknown code running in other VMs that mainly worry about that stuff.
 
C

cfbcfb

Reputable
Jan 17, 2020
96
58
4,610
bit_user said:
I'm not sure you understand the nature of these ME bugs.

The ME is like a special core, inside your CPU, that has privileged access to the rest of the entire system. On top of that, it's pretty much directly connected to the network.

What that means is that, if there's a remote vulnerability, someone on your network could get root access to you box. That's one of the worst kinds of exploits, and it's a vulnerability that is especially of concern to corporations and potentially some cloud networks, where you have a ton of machines on the same networks.

A lot of the side-channel attacks that we've been hearing about, recently, tend to require having some code already running on the box (although even simple Javascript in a web browser could be sufficient, in some cases). For those, I wouldn't worry too much about servers that are entirely under my control. It's only people running in VMs on cloud servers with unknown code running in other VMs that mainly worry about that stuff.
Click to expand...

There may be 5-7 people on earth that understand it better than I do. And you're fairly wrong on nearly evert single count. You're extremely unlikely to have any sort of problem unless you download malware. No, some random software on the internet cannot infect a desktop via the ME without you doing anything stupid.
 
bit_user

bit_user

Polypheme
Ambassador
Jan 20, 2010
14,137
5,718
62,040
cfbcfb said:
There may be 5-7 people on earth that understand it better than I do. And you're fairly wrong on nearly evert single count.
Click to expand...
Talk is cheap. Tell me something I probably don't know about it.

cfbcfb said:
You're extremely unlikely to have any sort of problem unless you download malware. No, some random software on the internet cannot infect a desktop via the ME without you doing anything stupid.
Click to expand...
I didn't actually say "some random software on the internet". Misquoting me only hurts your credibility. I specifically cited large corporate networks.

Now, I see that where I was slightly mistaken was in my belief that the ME was always connected to the network. According to this, only systems with the vPro enterprise feature are.

https://www.blackhat.com/docs/eu-17...-Unsigned-Code-In-Intel-Management-Engine.pdf

However, that would tend to include most servers and even desktops deployed in corporate/enterprise environments. So, I stand by my previous assertion.

You've presented no evidence refuting my claims - only weak insults and bravado. Next time, try harder.

BTW, I misspoke - it resides in the chipset - not the CPU. That doesn't seem to limit the amount of damage it can inflict on the host.
 
Last edited:
C

cfbcfb

Reputable
Jan 17, 2020
96
58
4,610
bit_user said:
Talk is cheap. Tell me something I probably don't know about it.


I didn't actually say "some random software on the internet". Misquoting me only hurts your credibility. I specifically cited large corporate networks.

Now, I see that where I was slightly mistaken was in my belief that the ME was always connected to the network. According to this, only systems with the vPro enterprise feature are.

https://www.blackhat.com/docs/eu-17...-Unsigned-Code-In-Intel-Management-Engine.pdf

However, that would tend to include most servers and even desktops deployed in corporate/enterprise environments. So, I stand by my previous assertion.

You've presented no evidence refuting my claims - only weak insults and bravado. Next time, try harder.

BTW, I misspoke - it resides in the chipset - not the CPU. That doesn't seem to limit the amount of damage it can inflict on the host.
Click to expand...

Seems like you enjoy hearing yourself talk. And then the hilarity of admitting you really didn't know much at all about it...several times. I didn't have to 'try harder' after all. You self-pwned yourself nicely.
 
bit_user

bit_user

Polypheme
Ambassador
Jan 20, 2010
14,137
5,718
62,040
cfbcfb said:
Seems like you enjoy hearing yourself talk. And then the hilarity of admitting you really didn't know much at all about it...several times. I didn't have to 'try harder' after all. You self-pwned yourself nicely.
Click to expand...
Sure, I correct myself because that's what you should do, if you actually care about informing yourself and others. On the contrary, when you answer challenges only with insults, it shows that your real priority is your ego or some underlying agenda. And what I got wrong were mostly just details.

Fortunately, I'd like to believe that this is one of those places on the Internet where facts speak louder than bravado. So, I suggest you either put up (i.e. post some real information in response to my questions) or shut up. If you're such an expert on Intel's Management Engine, then you should be able to share something about it that enlightens us without violating your NDA. Also, though you implied some sort of insider status, it would be good form to disclose any vested interest you have in the matter (e.g. being employed by Intel or a shareholder). However, I don't even care too much about that, as long as your info is worthwhile and well-supported.

FWIW, I detect a decidedly anti-AMD theme to nearly all of your posts:

 
C

cfbcfb

Reputable
Jan 17, 2020
96
58
4,610
bit_user said:
Sure, I correct myself because that's what you should do, if you actually care about informing yourself and others. On the contrary, when you answer challenges only with insults, it shows that your real priority is your ego or some underlying agenda. And what I got wrong were mostly just details.

Fortunately, I'd like to believe that this is one of those places on the Internet where facts speak louder than bravado. So, I suggest you either put up (i.e. post some real information in response to my questions) or shut up. If you're such an expert on Intel's Management Engine, then you should be able to share something about it that enlightens us without violating your NDA. Also, though you implied some sort of insider status, it would be good form to disclose any vested interest you have in the matter (e.g. being employed by Intel or a shareholder). However, I don't even care too much about that, as long as your info is worthwhile and well-supported.

FWIW, I detect a decidedly anti-AMD theme to nearly all of your posts:

Click to expand...

If there's a wronger person on the internet, I'd have to look hard. I implied no such vested interest, I'm retired, and typing this from an AMD 3700X/RX 570 system.

Just be wrong and shaddup. I won't respond to your childish rants anymore.
 
bit_user

bit_user

Polypheme
Ambassador
Jan 20, 2010
14,137
5,718
62,040
cfbcfb said:
If there's a wronger person on the internet, I'd have to look hard.
Click to expand...
If there's a more useless post on the internet, I'd have to look hard.

cfbcfb said:
Just be wrong and shaddup. I won't respond to your childish rants anymore.
Click to expand...
My, what an adult thing to say.

All you've done is attack me, but you've provided no real information, yourself. So, whether you're typing on an AMD system or not, please try to offer something of value. You claimed to be a subject matter expert, but have provided absolutely zero evidence to back it up. I've got no more time for trolls.

What I think is that you're simply attacking me to distract from the real issue, which is that this is horrendous for Intel. You can't argue the issue, so you attack the messenger.
 
bit_user

bit_user

Polypheme
Ambassador
Jan 20, 2010
14,137
5,718
62,040
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom