Thread replies: 65
Thread images: 4
Thread images: 4
Anonymous
IMPORTANT NEWS FOR ALL INTEL X86 USERS! 2016-12-13 02:05:46 Post No.
[Report] Image search: [Google]
IMPORTANT NEWS FOR ALL INTEL X86 USERS! 2016-12-13 02:05:46 Post No.
[Report] Image search: [Google]
File: 1476676687792.gif (607KB, 800x792px) Image search:
[Google]
607KB, 800x792px
IntelME, or Intel Management Engine can now be disabled on some CPUs. This means we can potentially Libreboot newer hardware.
https://hackaday.com/2016/11/28/neutralizing-intels-management-engine/
>A few months ago, [Trammell Hudson] discovered erasing the first page of the ME region did not shut down his Thinkpad after 30 minutes. This led [Nicola Corna] and [Frederico Amedeo Izzo] to write a script that uses this exploit. Effectively, ME still thinks it’s running, but it doesn’t actually do anything.
I'm excited. Freetards win again.
>>
that means they got another backdoor
>>
>>57972938
>that means they got another backdoor
Who? Intel? No, this means we can disable the backdoor and defeat the CPU jew.
>>
>>57972992
Nah, they probably have something else in there that isn't ME
>>
>>57972901
Awesome, I hope the jews at intel are scared now. You think they'll summon their lawyers because of this?
>>
File: 1404913117015.png (12KB, 312x295px) Image search:
[Google]
12KB, 312x295px
>>57972901
>>
File: 1477518570976.png (93KB, 630x630px) Image search:
[Google]
93KB, 630x630px
Ok guys, I just sent an email to Richard Stallman.
>>
>>57973590
>Joesterizer
"no balls"
>>
>>57973615
wuss
>>
File: 1476679311616.jpg (346KB, 1612x1055px) Image search:
[Google]
346KB, 1612x1055px
>>57973615
>>57973634
You guys might like these:
https://www.youtube.com/watch?v=V3CyyaQwJS8
https://www.youtube.com/watch?v=9xnERaWfl-I
>>
>>57972901
How long will it take for new hardware to appear ?
>>
>>57973706
Who cares? We'll have newly supported Libreboot hardware. We're set for another 10 years.
>>
>>57973717
Yes, i was asking how long to wait for the patch.
>>
>>57973743
I don't know. I don't have any connection to the FSF or Libreboot/Coreboot projects. I'm simply an end user who wants a free computer. I did email RMS a few minutes ago to get the word out though.
>>
>>57973892
Already discussed this with the libreboot folks. It's not going to happen because they can't distribute the source code. We just have to do it ourselves. It's easy though. Just coreboot a computer and follow their guide to disable ME.
>>
>>57972901
Dope.
>Intel’s Management Engine (ME) is a completely separate computing environment running on Intel chipsets that has access to everything. The ME has network access, access to the host operating system, memory, and cryptography engine. The ME can be used remotely even if the PC is powered off. If that sounds scary, it gets even worse: no one knows what the ME is doing, and we can’t even look at the code. When — not ‘if’ — the ME is finally cracked open, every computer running on a recent Intel chip will have a huge security and privacy issue. Intel’s Management Engine is the single most dangerous piece of computer hardware ever created.
What the actual fuck. Does AMD have this shit? Jesus fuck that's clearly some NSA shit.
>>
>>57973019
Like rowhammer?
Lel
>>
>>57973968
AMD is actually worse.
>>
>>57973958
This sounds great. We should do further research to see if we can do this without flashing the hardware. I wonder if it's possible from OS level.
>>
>>57974023
what's the AMD equivalent of intel ME? I didn't know they actually had CPUs botnetted at this point.
>>
>>57974049
>We
>really means someone but not me
>>
What was the previous best CPU that didn't have IntelME?
>>
>>57974064
The psp
>>
>>57974064
Platform security processor
>>
>>57974122
You can probably libreboot a core2quad or LGA771 xeon quad
>>
>>57974122
Latest intel cpu where you could remove the ME was core 2 (~2008).
It was getting old so this is pretty good news.
I'm eagerly waiting for something like lowRISC, so I can be free from the intel fuckers for good.
>>
>>57974049
It's impossible without an external flashing system.
>>
>>57974087
I'd be willing to help, actually.
>>57974309
Never say never, it shares flash with the BIOS. Doing it from OS level would get more normies to make their PC free.
>>
>>57972901
>Wanting Trannyboot on your motherboard
I'd rather have proprietary Israeli code than marxist tranny code.
>>
>>57974386
Looks like your wish has been granted, goy.
>>
>>57974337
And bios is impossible to flash from the OS. Every bios since the t60 era has been write-protected.
>>
>>57974243
can you coreboot an hp 8510p?
>>
>>57974437
It's not ROM, so there's a way theoretically.
>>
>>57974449
Sure, theoretically. Nobody has found a way to crack it in the last decade. I'm not holding my breath.
>>
>bios is impossible to flash from the OS.
>What is FPTW64
>>
>>57974468
Everyone said the IntelME botnet couldn't be disabled. Look how wrong they were.
>>
>>57972901
How exactly is IME accessible from the internet again?
>>
>>57975010
>How exactly does IME access the internet again?
Fixed.
It has access to all of your hardware. That's how it accesses the internet.
>>
>>57974437
>And bios is impossible to flash from the OS.
uwotm8? Motherboard manufacturers have specific programmes for this. Also, when said programmes warn you that you should close all other programmes before flashing your BIOS, YOU SHOULD CLOSE ALL OTHER PROGRAMMES BEFORE FLASHING YOUR BIOS.
>>
>>57975160
Got any traffic captures showing outbound connections? or any proof to back any of this bullshit up?
>>
>>57975455
https://en.wikipedia.org/wiki/Intel_Active_Management_Technology
>Hardware-based management works at a different level from software applications, uses a communication channel (through the TCP/IP stack) that is different from software-based communication (which is through the software stack in the operating system). Hardware-based management does not depend on the presence of an OS or locally installed management agent.
>>
>>57975455
You could fucking Google it. I'm not just pulling this out of my ass for fun. It's well known and well documented.
Sources:
>Intel
http://download.intel.com/support/motherboards/desktop/db75en/sb/intel_mebx_user_guide_for_db75en.pdf
>Libreboot project
https://libreboot.org/faq/#intelme
>google "why is intelme bad"
>first result
http://hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/
>>
The patched ME still has proprietary RTOS running, so it's unacceptable for Libreboot. Coreboot is okay with that though.
>>
>>57975551
Yes it is capable of TCP/IP. That doesn't mean it actively phones home to Intel. It's there for anyone that wants to manage a big fleet of computers after they configure it.
>>57975566
Oh noes not a management tool that's off be default!
Neither of you know what the fuck you're talking about. Go back to whatever freetard circle jerk you came from.
>>
>>57975817
Nice try NSA. It's on by default and there's no way to turn it off without the hack that OP mentioned.
>>
>>57975852
Even if it technically enabled there's no way it talks on the network without being configured first.
>>
>>57975898
Oh really? Would you like to show us the source code to prove me wrong? Oh wait...
There's no good reason for it to be in home computers. Unless of course you're the NSA and you like universal backdoors.
>>
>>57972901
intel management engine is built into the cpu.. is it not?
How the fuck do you write something to the cpu?
>>
>>57978809
>inb4 sudo mount /dev/cpu /mnt
>>
did they dosable the killswitch GSM module?
>>
>>57978862
Use the faraday cage, m8.
>>
>>57975817
Its not about Intel spying on you, its about a 3rd party that can find an exploit to target that many fucking systems with embedded root that the end user has no access to.
This totally nullifies securing the software stack on your system since ME can have access to the entire system even in standby or an off state. Hacks like DAGGER are already scary enough but if anyone could come up with an remote attack then you have a majority of the worlds PCs in danger. Considering early ME implementations were riddled with bugs, bolting it to the PC doesn't make those problems go away.
>>
>>57979036
>bolting it to the PC
~Bolting it to the CPU~
>>
>>57979036
ME is like 10 years old.
And no one hacked it yet.
>>
Just buy a router where you can enable mandatory authentication through a radius server.
The only way to access the internet is by typing a login and password.
Intel ME BTFO.
>>
>>57979070
Lol, or someone found a way to exploit and sold it to the Russians. Also told nobody or got killed
>>
>>57979101
ME has full access to Ring0 and your system memory. It just sniffs al your typed passwords and log in itself when you are not present.
>>
>>57979070
http://www.stewin.org/papers/dimvap15-stewin.pdf
https://www.youtube.com/watch?v=Ck8bIjAUJgE
>>
>>57975320
Those programs only work because the bios upgrade is signed by the manufacturer. It's not possible to install coreboot or libreboot onto a unit without an external flashing system.
>>
>>57972901
Expect a microcode update that bricks the users who run the script.
>>
>>57972901
I already bought 2 X220 since this news came out. Wish it didn't have this ugly pleb-tier 1366x768 screen though.
>>
>>57972901
>IntelME
WTF?!?
Is it possible that this software is monitoring all network traffic and watching for a specific sequence of timed codes before it begins providing access to the hardware?
>>
>>57979478
You actually run microcode updates just because they're available?
>>
>>57979557
Typical Arch user desu.
>>
>>57974173
>>57974207
At first glance this (psp) sounds more like Intel SGX in a more formalised sense than it sounds like Intel ME.
Thread posts: 65
Thread images: 4
Thread images: 4