Thread replies: 314
Thread images: 25
Thread images: 25
File: E1jOQL2t.png (32KB, 512x512px) Image search:
[Google]
32KB, 512x512px
Where were you when intel was BTFO?
>A few months ago, [Trammell Hudson] discovered erasing the first page of the ME region did not shut down his Thinkpad after 30 minutes. This led [Nicola Corna] and [Frederico Amedeo Izzo] to write a script that uses this exploit. Effectively, ME still thinks it’s running, but it doesn’t actually do anything.
https://web.archive.org/web/20161129150603/http://hackaday.com/2016/11/28/neutralizing-intels-management-engine/
Why is nobody talking about this on /g/? Guess discussing traps and /fa/ watches and chinese shit and (((phones))) is totally more technology-related than that in 2016. Who cares about technology on a technology image board.
>>
Working solutions:
https://github.com/corna/me_cleaner
>>
So it's a way to overwrite ME firmware on ThinkPads without anything bad happening?
>>
WTF is ME and does my X220t have it?
>>
>>58064898
Yes. In principle it works on any ivy bridge, sandy bridge, and possibly skylake CPUs, not just on thinkpads.
>>58064932
Intel Management Engine is a device that lives on the northbridge on any modern intel CPU that can operate even when the system is turned off, and has full access to the disk and memory at all time. Features include the ability to brick the CPU on demand, and full TCP/IP stack access. It is able to send and receive network packets even when the computer is turned off (so long, of course, as it's connected to a power source).
AMD has also recently implemented similar technology, called AMD PSP.
>>
>>58064758
Thanks for reposting. I was the first OP for this thread here. I tested the ME cleaner script on a T420 and it works. No reboots, no NSA backdoor.
>>58064898
Only the first little bit of it. The ME basically goes into a different mode where it's in a sort of (non operational) recovery state but thinks it's still working.
>>58064932
Yes, your computer probably has it. IntelME is the Intel Management Engine. It's a micro controller inside of your CPU. It operates independently from the main CPU and it has full TCP/IP stack and memory access. It has complete Ring-0 access, and starts before your BIOS. It also shares flash memory with your BIOS. It can send and receive network packets, even through a firewall. It can turn your PC on or off and there's nothing you can do about it. What OP is talking of is a script that will disable this backdoor. It's a good idea even if you don't care about government spying. If criminal hackers somehow get into it, 95% of computers would be compromised. This means all government computers, the ones at banks, prisons, factories, tech companies, and even all of Intel's own machines could get 100% anally wrecked. The only solution would be to basically buy a new computer.
>>
>>58065101
I've been waiting for this kind of workaround to be discovered. I have a Skylake i7 in my deskop I'd like to clean when it's more proven because i hate the idea of this "feature".
>>
Wait wait, this works on haswell CPUs too?
>>
>>58065101
actually ME has ring -2 (SMM) access
>>
>>58065138
I think only ivy bridge and later have intel ME. Also the earlier incarnation of intel ME can be completely disabled because it doesn't live on the northbridge like the newer version). I don't know the exact details for that, though.
>>58065133
You could try the script and report back, although it hasn't been proven to work on skylake yet.
>>
>>58064758
Can this work on anything other than ThinkPads? For example a desktop mobo?
>>
>>58065173
ME exists at least since the Core2 family
>>
>>58065138
Actually it turns out it does work on haswell [1]
>>58065190
It's not about the mobo, it's about the CPU. See the currently supported devices:
[1]: https://github.com/corna/me_cleaner/wiki/me_cleaner-status
>>
>>58065173
>You could try the script and report back, although it hasn't been proven to work on skylake yet.
I don't really want to be a guinea pig with my 6700K
>>
>>58065201
Some core2 have it and some not as far as I can tell (same with i5 and i7). I think it's 2nd gen i5's and up that have it (and the equivalent core2).
>>
>>58065211
https://github.com/corna/me_cleaner/issues/3
>Working on:
>Intel i5-6500
>Skylake
>MSI Bazooka B150M
>Stock AMI Bios
>61fd606
>>
>>58064758
Oh man this is cool. Does this mean libreboot on some newer hardware? Sounds exciting.
>>
>>58065171
Incorrect.
>>
>>58065273
Pretty certain he's right actually.
>>
>>58065273
I see Intel PR team is already out in full on damage control.
>>
>>58065262
Yeah, the future of freedom looks bright.
>>
>>58065285
>>58065317
Nope. It has Ring-0 access.
>>
>>58065101
>The only solution would be to basically buy a new computer.
Why not just use firewall that blocks everything except traffic to your vpn server?
>>
did the gubmint demand a backdoor or why does intel have these sorts of systems in place?
>>
>>58065333
It won't work. IntelME can get around it. Read up on it a little.
>>
>>58065330
Oh you're just retarded. Carry on then.
>>
>>58065207
Is there any way to undo the mod in case I find out that it doesn't work on my laptop?
>>
>>58065351
Their excuse is that it targets the business sector (e.g. big company man buys 5k laptops and some disgruntled employee keeps the laptop when leaving, they want to lock it up remotely, and maybe get files from it beforehand, or maybe the laptop was stolen and you want to brick it).
Of course it's not like it puts you at a disadvantage to have the entire world by the balls now does it?
>>
>>58065357 I can hack my router? Bullshit.
>>
>>58065385
nice goalpost movement my dude.
>>
This seems risky. I already killed my previous motherboard by flashing some stupid shitty modded BIOS.
>>
>>58065366
The script takes a firmware image and then modifies it to remove the offending segments. You proceed to flash the freedom'd image onto the CPU. All you have to do to undo this is to flash the original image.
>>
>>58065351
It's for large companies to manage shitloads of computers without needing to physically be there. You can use ME to configure the BIOS from a thousand miles away. No OS or anything needs to be present either. However, there's no need for a "feature" like that in a home computer (unless you plan to do some malicious big brother shit with it).
>>58065360
Totally. Neo /g/ is real and also incapable of fact checking.
>>58065385
Technically it can, considering it can observe and record your keystrokes, dumbass.
>>
>>58065433
So if it doesn't reboot after 30 minutes on its own, it worked and I can leave it there?
>>
>>58065459
Exactly.
>>
I wonder if this allows me to upgrade cpu in my cheap laptop. Beause this model is known to restart after 30 minutes when a cpu that isn't whitelisted is present.
Switching from celeron to i5 would be cool.
>>
>>58065081
>Intel Management Engine is a device that lives on the northbridge on any modern intel CPU that can operate even when the system is turned off, and has full access to the disk and memory at all time. Features include the ability to brick the CPU on demand, and full TCP/IP stack access. It is able to send and receive network packets even when the computer is turned off
this sounds like complete bullshit
>>
>>58065485
Believe it or not, it is true.
>>
>>58065479
Nice. I'll give it a try.
>>
>>58065480
>restart after 30 minutes when a cpu that isn't whitelisted is present
this is making me nervous.
what would a "blacklisted" cpu be?
>>
>>58064858
No one has tested on X99/haswell-e yet :c
>>
>>58065533
Knock off processor from China
>>
Man, so tempting...
Any other risks (after flashing it properly, that is) aside from having the PC restart after 30 minutes?
>>
>>58065533
whitelisted as in officially supported by this laptop model and chipset
some other models work, but for 30 minutes, while other don't boot at all, even though they are supported by chipset
same thing happens with wireless cards, but people found a way around that and remove whitelist check from bios/uefi
>>
>>58064758
Will this work on the X200? I bought one recently and I'd like to remove the ME, but now libreboot has been hijacked by a tranny.
>>
>>58065558
But if the processor was made in China, why would it they make it with that "ME" thing if its gonna shut itself down automatically?
>>
>>58065485
Not only is it all over google and wikipedia, but it's not like intel is hiding this. As said earlier in this thread they outright advertise most, if not all, of this because >business.
See https://www-ssl.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html for instance.
>>
>>58065101
>It can send and receive network packets, even through a firewall
No it fucking can't you dumbass. A packet is a packet, if it tries to waddle through my pfsense, it's dropped.
>>58065357
>It won't work. IntelME can get around it. Read up on it a little.
No it fucken wont
>>58065443
>Technically it can, considering it can observe and record your keystrokes, dumbass.
So fucking what, how the hell does that enable it to pass my hardware firewall? Please do tell.
>>
>>58065575
Technically it could brick your PC, but this is just as likely as you are to fry your GPU when carefully OCing it incrementally.
>>
>>58065558
Chinese knock off CPUs don't exist. The most they do is change out the heat spreader from older chips with new heat spreader claiming to be a newer chip.
The Chinese don't have the technical facilities to produce x86 chips at anywhere near intel process nodes.
Most commonly they just take ESs and sell them on ebay or the same with OEM xeons.
>>
>>58065638
Hello intel employee. How are you doing today? Do they not give you breaks on weekends these days?
>>
Reminder that Intel included the JVM in the ME to help rapid development at NSA/CIA
>>
>>58065578
>whitelisted as in officially supported by this laptop model and chipset
>some other models work, but for 30 minutes
Why would they restrict the processor like that.
If it boots and you're using it, its because it works, right?
>>
>>58065683
want better cpu? buy a laptop model version that comes with that cpu, instead of buying the cheapest one and replacing cpu on your own
>>
What kind of hardware do I need to use this? Does this involve specialised tools like librebooting an X200 does?
>>
>>58065638
You must be new here. /g/ is always right, even if you're too dumb to understand it. All three of those (You)s were so delicious.
>>
>>58065659
China manufactured all the CPUs of the world's fastest supercomupter
https://en.wikipedia.org/wiki/Sunway_TaihuLight
https://en.wikipedia.org/wiki/SW26010
>>
>>58065621
Could this be why my pc rabdomly draws current in short bursts when turned off?
>>
>>58065638
I hope you have at least one non-Intel NIC between your Intel CPU and the Internet
>>
>>58065664
Dude. I despise intel me and am contemplating trying this out with my thinkpad.
I'm just a lowly network admin at a mid sized firm.
>>58065714
ya cunt, here's one more for your sod ass
>>
>>58065709
For now, yes. You need an external flasher.
>>58065730
U made, lil bich?
>>
Rapid question:
Intel ME belongs to Intel AMT which is part of Intel vPro.
According to specs, both 6600k and 6700k do not have vPro.
Aren't these two cpus botnet free, then?
>>
>>5806573(7)
No. Not even gonna give you a (you).
But I'm right.
>>
>>58065722
It could be, but it could also be other factors. What do you mean by turned off? Do you mean "I pressed the button labelled shut down in wangblows 10"? Because that doesn't shut the computer down. What do you mean by drawing current in short bursts? Did you use measuring equipment at the PSU output or on the rails? Note that out to PSU in doesn't mean much and can be caused by bad source or electromagnetic effects.
>>
>>58065716
Congrats? How the fuck are RISC super- computers in any way related to x86 architecture?
As I said, China simply doesn't have the facilities to produce x86 silicon at anywhere near the process node intel is at.
>>
It's not in the CPU, it's in the chipset (vPro).
>>
>>58065766
No, Intel ME is on every chip after C2D.
>>
>>58065781
When you said firewall the first time you were BTFO because intel ME objectively bypasses firewalls installed on the host machine. That's when you changed the goalposts and got butthurt when nobody fell for it.
>>
>>58064758
Nice! Is this usable with desktops? ASUS motherboards, theoretically...
>>
>>58065766
No, anything past some point (ivy bridge, inclusive?) has the ME no matter what. Don't know where you're seeing otherwise.
>>
>>58065599
>x200
It doesn't have ME, fampai, it's pre-ME. x201 was the first one with ME.
>>
>>58065802
I guess in theory if the pfsense box is running on a CPU that also has intel ME then there potentially could be traffic between the two intel ME CPUs that simply gets intercepted on both ends before the host OS has a chance to filter it.
Seems fairly unlikely though
>>
>>58065796
Earlier incarnation put the chipset off the CPU but this is no longer the case.
>>58065815
Yes, there's been at least one reported success. In principle, it can work on any ivy bridge, sandy bridge or skylake CPU. See >>58065248
>>
>>58065802
That wasn't me. I simply came in and corrected wrong statements.
We need poster id's.
>>
>>58065829
Yes to both. There's also the option to use other networks than your own (satellite not excluded). But the point was that having a firewall on a non-dedi box would be completely useless.
>>
>>58065783
Wankblows 7, wake on lan is turned off. My powerstrip has switchable outlets controlled by a master outlet(pc), when that draws current the outlets become live...you get the idea
>>
>>58065826
so what's the point of flashing libreboot on it?
>>
>>58065853
>>>/reddit/
>>
>>58065861
Having a dedicated hardware firewall running ARM or similar is probably your best bet then.
>>
>>58065841
What about Haswell?
>>
>>58065886
Yes, assuming there's no intel satellite to which the device does connections to (chances are, there is one, in my opinion - it's not very hard or costly to setup for someone like intel). It depends on your microthreat model, in other words.
>>
>>58065853
https://www.reddit.com/login
>>
>>58065896
Nevermind, looks like it was since 2006, and more full-blown starting in 2009 with nehalem.
https://libreboot.org/faq/#intelme
>>
>>58065877
Proprietary BIOS is proprietary, Libreboot doesn't get around ME, it gets around proprietary BIOS.
>>
File: risc-v.png (50KB, 800x600px) Image search:
[Google]
50KB, 800x600px
how much longer until we have real botnet-free cpus? lowRISC is promising a RaspberryPi type board with an open RISC-V chip in 2017. i hope RISC-V does for hardware what Linux did for operating systems.
https://en.wikipedia.org/wiki/RISC-V
>>
>>58065904
connecting to a sattelite from under your desk, without an external antenna? very unlikely
>>
>>58065841
>Earlier incarnation put the chipset off the CPU but this is no longer the case.
The chipset is still a discrete part. What the hell are you even talking about? Intel ME only works on enabled chipsets. Again, it's not on the CPU.
see https://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html
>The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset.
>>
>>58065904
Ehhh, it would have to be a massive satellite, I just can't see getting any sort of signal penetration through houses and apartment buildings using an internal antenna. Any large antenna would be easily noticed and anything small enough to be baked into the Silicon simply wouldn't be able to receive data. It MIGHT be able to transmit if the receving satellite is large enough, but the only way you'd send a signal back to such a small transmitter would be with a massive directed signal to attempt to break through buildings or other obstructions.
Not to mention world wide coverage would take a network of satellites.
So it's not impossible but I find it highly unlikely. My dad works with GPS satellites and he's taught me some basics.
>>
>>58065972
My phone has no problem doing just that.
>>
>>58065981
It was on the PCH before but it was moved to the northbridge. It's not rocket science.
>>
>>58065992
Really? Does it actually SEND data to a satellite, or merely receive strong gps signal? Beause there's a difference.
>>
>>58065992
Your phone connects to a local cell tower at most a couple miles away which has a fiber optic data connection to a local ISP.
Unless you have a satellite phone, in which case you'd know how difficult it can be to aquire signal and you'd know how shit the latency on satellite communications are and why most people don't bother with it.
>>
>>58065992
It connects to a mobile tower which is an ANTENA connected to a satelite
>>
>>58065965
Soon. See https://www.crowdsupply.com/sifive/hifive1 First 100% open source uC.
>>
File: GPij4vf.jpg (28KB, 673x604px) Image search:
[Google]
28KB, 673x604px
>this thread
>>58065950
The ME has been there for quite awhile now, but after the Core2 era there stopped being an option to disable it in the BIOS. Hopefully we'll all be able to flash our boards with a cleaned up BIOS sometime soon.
>>
>>58066041
I do have a satellite phone and yes, latency is retarded, but even if the ME engine was trying to communicate with fucking mars, so long as the communication bypasses your infrastructure, it's out of your hands. It's not like intel needs to constantly send out everything about every part of your hardware.
>>
>>58066103
I just don't think it's happening Anon. I'm sure they do shady shit but operating an array of secret satellites isn't it.
>>
>>58066012
Even if that's the case (where's the evidence) it's in the chipset of most vPro enabled PCs and not in the CPU or northbridge. The article is 6 months old and in that time only kaby lake was "released". So it's not in the CPU for most at all.
>>
>>58065992
Are you legally retarded or just an idiot? Dont matter though, you fit right in here.
>>
>>58065480
This is very interesting because I have never come across something like this before. What laptop is it?
>>
>>58066142
You can't be serious. I refuse to believe it's possible for someone as retarded as you're pretending to be to find 4chan.
>>
>>58066159
http://www.bluecosmo.com/satellite-phones/inmarsat-isatphone-2-satellite-phone
Why haven't you killed yourself yet?
>>
>>58066209
No, Sir, you are the retard. You're saying that intel ME fucks everyone in the ass because it's in the CPU since a decade while it's definitely not for 95% of all released CPUs. Good day, faggot.
>>
>>58066049
a microcontroller is a good start. in a year we'll have a full blown RISC-V cpu that can run linux/bsd!!
>>
>>58065101
>He does not harvest his own silicon to create open source processors
unacceptable
>>
>>58066241
>it was a redditard all along
How predictable.
>>
>>58066274
not really, but thanks for playing.
>>
>>58066049
>uC
>still no application tier SoC with RISC-V
JUST
>>
>>58065799
>>58065816
I don't know if you're still around but i found something interesting.
https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/280690
ok, the ME is on the chipset but judy hartley from intel says that ME can fail to initialize if vPro is not supported by the CPU and that's the case for 6600k and 6700k, too, so those cpus should not be able to use the ME interface on the mobo, right?
>>
>>58066316
you gotta learn how to walk before you run
>>
>>58066320
Possibly. Interesting if so. Needs more confirmation, though.
>>
>>58066242
J-cores are also close to getting SH4 instructions so they'll be able to run a proper OS.
>>
Oh my God. Are you telling us that we have a killswitch in our PC?So any goverment could send the whole humanity back to medieval age if they want to? Thats crazy man
>>
>>58066443
I don't know how anyone on /g/ wasn't already aware of this, but yes.
>>
>>58066320
>ok, the ME is on the chipset but judy hartley from intel says that ME can fail to initialize if vPro is not supported by the CPU and that's the case for 6600k and 6700k, too, so those cpus should not be able to use the ME interface on the mobo, right?
Can somebody explain this?
Does paying a premium for a k processor free us from the backdoor?
>>
>>58066320
It's not on all CPUs, if you want to know if your CPU has it go to intel and use the feature filter and search for vPro. As far as I can tell most i7 K processors don't have it.
>>
>>58066539
lol no
>>
>>58066564
I do know that k processors don't have vPro, my question is what happens to ME if the cpu doesn't support vPro. According to that intel engy it should not work, is it for real?
>>
>>58066565
so edgy x°D
>>
File: 1481009512018.jpg (17KB, 480x606px) Image search:
[Google]
17KB, 480x606px
>trusting your cpu with some literally who italian code
enjoy your brick
>>
>>58066610
If it doesn't have it, it doesn't have it. Only intel know if they still have a running ME on there anyway.
>>
File: 2424242i30948092380498.jpg (104KB, 1280x720px) Image search:
[Google]
104KB, 1280x720px
>>58064758
>tfw your ME randomly broke itself during a bios update and you need to download some shit from intel to re-enable it.
>>
>>58064858
How does this work? Do I just run the script on boot in Windows 10?
>>
File: 1481138466755.png (31KB, 351x395px) Image search:
[Google]
31KB, 351x395px
>>58065485
>>58065714
>>58066626
Reminder that Intel IDF patrols this board.
>>
>>58066731
You have to obtain a firmware image for your CPU, then run the script withpython clean_me.py <image>.bin
which should give you a patched .bin. Then, you use a flasher of your choice to flash your firmware. Reboot and you're good to go.
>>
>>58066799
Will this improve performance, or is it purely for security?
>>
>>58066856
Purely for security.
>>
>>58066870
Meh, I have pfsense.
>>
Doesn't Intel now support coreboot?
They even have a manual on how to replace their firmware with coreboot.
http://www.intel.com/content/www/us/en/embedded/software/fsp/5th-gen-core-i5-5350u-eval-kit-fsp-user-guide.html
>>
>>58066874
Love this meme.
>>
>>58066904
This seems to be targeted purely at embedded devices. Moreover, the management engine is a wholly separate thing not affected by core/libredboot.
>>
>>58066920
I thought i5-5350U is a notebook cpu..
>>
>>58066049
Holy shit early access boards will start shipping tomorrow! I am actually thinking of getting one as a christmas present for myself :^)
>>
>>58066049
Noice. 2017 year of the open source computer?
>>
>>58066731
>windows 10
>worried about Intel ME
You have bigger problems to solve m8.
>>
>>58065081
>>58064758
>shut computer down all the way
>wake up in the middle of the night
>see ethernet light on computer is lit up
>its blinking like a motherfucker
This happens all the time
>>
>>58068197
welcome to the botnet goy.
>>
>>58065380
I don't believe this though.
If you get anything stolen and contact the manufacturer then tell you to go fuck yourself and offer to contact you with the sales department so that you can order new ones.
>>
>>58068262
still not as bad as when my wolfdale computer would actually wake itself up in the middle of the night.
>>
>>58068266
The manufacturers do not retain any control over the devices. See intel's own advertisement on the topic.
>>
>>58065081
>Features include the ability to brick the CPU on demand, and full TCP/IP stack access. It is able to send and receive network packets even when the computer is turned off (so long, of course, as it's connected to a power source).
And how would it know how to operate my eth controller?
>>
>>58068296
Ill look it up, a quick google search didnt turn up anything Id call an advertisement though
>>
>>58068584
Most NICs are made by Intel
>>
>>58068608
Try starting here: https://www-ssl.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html
>>
>>58068197
I just disabled Wake-on-Lan and it stopped happening. Simple.
>>
File: 1457701714863.jpg (18KB, 500x500px) Image search:
[Google]
18KB, 500x500px
>>58066874
>>
Well this was a feature that companies used to pay mad cash to have it many years ago, because it made PC fleet administration easier.
Now that Intel has included it as a staple feature on cheaper CPUs, everyone's freaking out.
It does make no sense to have it enabled on home computers. They should provide a jumper or some firmware option to disable it.
You know what's the surest method of forcing Intel to make it optional? Raise this issue with EU members of parliament and they'll be more than happy to accuse the EU Commission it's not doing anything to protect EU consumers.
Kek, this always works and big companies get fined.
>>
>>58066443
Not any government, only the US government really, and only for Intel (IME) and AMD (PSP) CPUs
>>
>>58066799
How would I obtain a firmware image for my CPU? And can I flash it with JTAG?
>>
>>58068584
Ever heard of that magical thing called UEFI? It can access your entire network stack as well.
>>
What's the best firewall for privacy then?
>>
>>58069137
1- e.g. from the same source as ubuntu gets the cpu firmware when you use its driver-jockey. I don't know where it's pulled from though.
2- I don't think so. Your bios's flasher might work. I don't know the details, the dude who said he got it to work itt might help.
>>
>>58064758
I have a 6700k, on its ark page I dont see any mention of management engine, is it going by another name?
>>
>>58065443
maybe that's why you can't actually use intel me unless you pay a shitload of money.
>>
>>58065485
>what is out of band management
>>
>>58070583
AMT, vPro, EM, some other names. All the same thing.
>>
>>58064758
>defeated
it's defeated when you're allowed to go into the bios and turn it off yourself.
anything else will just be fixed in newer revisions
I remember the outrage of serial numbers embedded in PIIIs. the response have been very weak this time around; I guess young folks don't really mind being spied on.
atleast some future generation will get the chance to hang gestapo from lamp posts again after the next cleanup war.
>>
>>58071560
>it's defeated when you're allowed to go into the bios and turn it off yourself.
Honestly it'll be defeated when you can do ./dump out.bin ./patch out.bin ./flash out.bin
Right now we only have the middle step. Honestly in its current state it's too much effort for most of /g/ to go to, which is truly unfortunate. I look forward to this process becoming a lot easier
>>
>>58065262
>libreboot
trannieboot
>>
>>58068584
Besides the fact your NIC is probably intel silicon, the ones that aren't usually still work with generic network drivers because they want them to be as plug & play as possible.
Even if they have more advanced drivers available, they'll still do basic network operations with generic drivers.
>>
>>58072266
Yeah i read about that. Seems silly. Isn't the FSF just going to appt. a new maintainer though?
>>
>>58064758
can I use this on my gpu mb thinkpad 420?
>>
>>58068667
True. But still skeptical...
>>58069648
But UEFI is on the motherboard so it makes sense. Here we are talking about CPU.
>>58072292
Makes the more sense to me.
>>
>>58065385
no it can open up the wifi though without you knowing
>>
>>58065682
>pajeets at the NSA running spyware in a limited environment
wow
>>
>>58069120
And ARM
>>
ITT: delusional script kiddies
>>
File: Screen Shot 2016-12-18 at 11.22.36 PM.jpg (468KB, 1581x1008px) Image search:
[Google]
468KB, 1581x1008px
>>58072877
it's real though
>>
>>58068760
I did too, kept happening.
also noone else on my lan even knows what that is.
>>
>>58070889
non of the is there.
This is the skylake i7 6700k and it says it doesnt have vpro. Does that mean its botnet free?
>>
This is fucking disturbing as hell
>>
>>58073163
nope
>>58073313
yeah they've had your cpu for 10 years anon
>>
>>58073163
>Does that mean its botnet free?
no, it means intel's marketing team pulled the wool over your eyes
*every* intel cpu since 2006 (read: first i series cpus) has had the intel management engine built into the cpu (prior to this it was on the north/south bridge), however the intel management engine should not be confused with amt which is part of vpro, which is basically the consumer/business front end to the management engine which select cpu models support
as it turns out vpro/amt is relatively harmless while providing some really, really nice features, ranging from kvm to the lowest level firewall/packet filter on that machine (operating outside of the os) to things like remote provisioning, however it can only achieve this by using the intel management engine which is built into every cpu, if you don't have vpro you don't have a software front end to amt that you can control (or configure) through the operating system however the underlying functionality is still there built right into the cpu and still functioning (just not actively managed... Active Management Technology (AMT))
the fear isn't that the front end vpro/amt tools can be compromised (they of course can be), the fear is that the botnet is built into the intel management engine itself (which is on *every* intel cpu since 2006 barring a few extremely niche cases most likely) and if you're not quite that tinfoil level hat paranoid the very *REAL* fear is that the intel management engine can be compromised, of course, it has already been compromised
however with the news in OP it means the intel management engine should be able to be disabled (you could previously overwrite the flash region on bios that the cpu loads effectively disabling intel me but the pc would crash after around 30 minutes) effectively making post-2006 cpus work like pre-2006 cpus in that the management engine can now be disabled, at least until intel create a work around for the next generation of cpus
>>
And so shares in intel skyrocket as everyone is forced to replace their processors.
>>
>>58073773
fairly big correction actually, most intel machines from 2006-2009 had intel me on the northbridge barring a few niche cpus (some atoms didn't have them up until very late iirc), however the difference is between 2006-2009 you could toggle some regions and then overwrite the flash effectively disabling the me (which is what libreboot does on the core2duo era thinkpads which have the management engine)
post 2009 (with the release of amt version 6.0 and the first i series cpus) the difference goes over my head a little but effectively the change in architecture introduced a more tightly knit intel management engine that ties in with power functions (this change coincidentally brought kvm access) which resulted in the pc shutting down after around 30 minutes should you attempt to disable the management engine, until now that is
>>
>>58073773
Thanks for the description. I saw a youtube video of someone managing it.. so is there any way I can remotly control my computer with this or what can I do with it?
>>
>>58073929
not quite easy but have at it
https://software.intel.com/sites/default/files/m/d/4/1/d/8/Intel_AMT8_Start_Here_Guide.pdf
intel provide plenty of documentation, be resourceful and google it
>>
>>58073982
of course if you don't have vpro/amt on the machine you want to remote control you'll have to hack the management engine and people still haven't quite figured out how to slap firmware on it yet but they're getting there
>>
>>58073982
>>58074000
ok, so basically since I dong have vPro, I cant.
>includes a "feature"
>doesnt let anyone make use of it
thanks oba.. I mean intel
>>
>>58065485
How else would you do VNC for the BIOS/UEFI settings?
>>
>>58065414
The firewall is on the router mein neger.
>>
>>58065533
There is only a whitelist.
>>
>>58065726
That is his fucking entire point.
>>
>>58066731
>Windows 10
>Worried about Me
kekd
>>
>>58065443
>Technically it can, considering it can observe and record your keystrokes, dumbass.
>setup firewall on my router to only allow the VPN connection
>IME grabs my router password
>IME has all possible routers and how to configure them burned inside the sillicon (impossible)
>IME tries to download how to configure my specific router from intel mothership (more realistic)
>IME gets blocked by firewall
>IME doesn't know how to hack my router
>>
>>58069120
Except AMD PSP was primarily added for HDMI DRM and doesn't have network access.
>>
>>58069648
Next you're going to tell me windows can access my network.
>>
Are there any actual facts of ME doing something "unwanted"?
>>
>>58075427
it can potentially do unwanted things, and it can't do any wanted things, so why wouldn't you want to disable it?
>>
IMPORTANT QUESTION
how long until jewtel disables the installed patch on your CPU with a microcode update or something like that? Is that even possible?
If so, how would one prevent this?
Or will I never have the botnet on my CPU provided I install it now, before they take that repo down?
>>
Is my Thinkpad X200T (Core 2 Duo SL9400) affected by this? It has vPro. Also, are consumer devices (asus x550ln) affected? It has an i5-4210U but no vPro.
>>
ivybridge reporting in, i dont fuckin care like it's some big shock the NSA could hack me, wow i'm so surprised what big news
>>
why are there so many butthurt intel peeps, i mean i run intel too but I don't have the desire to twist someone's neck because they mentioned that my cpu has a backdoor
>>
File: 1481495974554.gif (2MB, 343x200px)
2MB, 343x200px
>>58064758
So there is hope?
Oh god yes I though I'd be stuck using pre 2009 CPUs forever
>>
File: freddomaintfree.jpg (66KB, 600x600px)
66KB, 600x600px
>>58064858
>botnet was defeated with less than 200 lines of python code
Dog bless
>>
>>58075427
Yeah. It exists and runs all the time without the explicit wish of the owner/user.
>>
>>58075449
>>58075945
I don't doubt it's existence or what can it do, i'm asking if it was ever used for malice on consumer end of things
probably was used for some corporate espionage for sure, but what about some "lesser" crimes?
>>
>>58076144
not sure, how would you even find out? that's the problem, you're trusting that it won't be used for anything you wouldn't want it to be used for
>>
File: 1471959802592.jpg (38KB, 449x500px) Image search:
[Google]
38KB, 449x500px
>>58076182
I already see it:
>disgruntled intel employee goes on rampage with his secret knowledge to wreck chaos and despair around the world
>>
>>58076144
There are several malware that take advantage of it for starters. Beyond what the government does in secret, the reason why these things mater have always been that an "unauthorized" third-party can always gain access to everything.
>>
>>58065871
Your PC is not turned off completely (S5 power state) unless the battery and power plug are ejected on laptop or power switch on PSU is in "off" position on desktop one.
>>
>>58074977
>IME injects packets in your SSL traffic
>>
File: pepeSweat.jpg (38KB, 600x568px) Image search:
[Google]
38KB, 600x568px
>>58065081
Good god
what the fuck
how is it even allowed?
Intel ceos should be sitting in the International Criminal Court right now or some other fucking silicon nuremburg trials.
WHAT THE FUCK
HOW IS IT ALLOWED?
>>
>>58076773
Welcome to CURRENT YEAR.
>>
>>58068197
Set data loggin on router and then check dat afraffic, protocols and ip adresses
senpai
>>
>>58075699
This
Is it even possible?
>>
>>58075699
You'd have to manually install the update for that to happen.
>>
>>58064758
Coming next year Intel rolls out new mircocode that will brick all patched CPUs and forcing them buying new ones ULTRA jew saw it coming
>>
>>58076773
>Silicon Nuremberg trials
top kek
>>
>>58076841
you mean reflash the firmware?
So no updates for the ME via microcode?
>>
Good news.
And yet it is almost 2017, and we still don't have an open hardware 2d laser printer.
>>
>>58075775
You can flash Libreboot BIOS on your X200T with raspberry pi or other sbc and some wires (requires soldering to chip pins).
https://libreboot.org/docs/install/x200_external.html
>>
>>58076906
>open hardware 2d laser printer
What did he mean by this?
>>
>>58064758
https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation
maybe we should all buy this motherboards? looks like free
>>
Does this mean libreboot will work with more recent hardware?
>>
>>58076144
but even if they have access to your pc they need network to still shit
in modern corporation with people that know their shit this weird traffic with data would be spotted by network admin
amIrite?
>>
File: silicon valley holocaust.png (81KB, 774x441px) Image search:
[Google]
81KB, 774x441px
>>58076773
>>58076896
>silicon nuremburg trials
>>
>>58076773
and you thought windows 10 was bad
>>
File: helperSpecialOps.png (171KB, 657x527px) Image search:
[Google]
171KB, 657x527px
>intel core duo t7200 masterrrace
>>
>>58065972
>implying it doesn't have a $0.5 built in GSM modem
>>
Intelfaggots on suicide watch
>>
My fuck, this thread is pure autism and conspiration.
>>
>>58077451
Hello Intel
>>
>2016
>buying a backdoored CPU
wew
>>
>>58077464
Hello, freetard. :^)
>>
>>58068584
Most of them have a generic fallback mode.
>>
File: IMG_3227.jpg (27KB, 308x230px) Image search:
[Google]
27KB, 308x230px
>>58077152
>5$ donation recommended
cant make this shit up
>>
>>58077489
>2016
>using a CPU from 2006
wew
>>
>>58068197
The computer I built for my dad (fm2+ system) does this shit all the time. Turn on all on its own and do seemingly nothing. Then just idle or turn off shortly after. I'll have to look in the uefi again, but I didn't see any wake on Lan options for the shitty msi mobo I put in it.
>>
>>58077407
You mean AMDfags?
>>
>Not waiting for Ryzen
You deserve it desu
>>
>>58076210
[[ to any intel inner circle employee reading this thread ]
[ consider whether keeping your high paying job ]
[ requires you to let absolute power be used indiscriminately ]]
someone should go to a EU parliament meeting and brick everyones intel PC, and leak whatever possible to make the world leader buttmad with intel shenanigans and possibly pass a ridiculous fine, or completely prohibit futuure imports, fostering the emmergancy of a non-us non -uk x86 cpu manufacturer some time soom
>>
>>58076906
>open hardware 2d laser printer
>>58077048
he means a laser printer for which you can disable the invisible microscopic dots of unique fingerprinting that goes in everything you print through your printer
therefore making it impossible to spread information in an scalable manner outside of electronic communications... that is information that you wouldn't anyone to track its origin
>>
>>58077993
monochome laser printers don't have this problem.
also, custom cartridge firmware can help
>>
>>58077919
t. ivan cheng
>>
>>58064858
>https://github.com/corna/me_cleaner
how does one run .py?
>>
>>58077889
yeah, AMD doesn't have the same thing : ^)
>>
>>58064758
http://ark.intel.com/products/52210/Intel-Core-i5-2500K-Processor-6M-Cache-up-to-3_70-GHz
>Intel® vPro Technology
>No
Am I missing something?
>>
>>58078212
AMD is actually against botnet practices you silly anon
>>
>>58077689
Your computer is allowing ALL ethernet signals to wake it up, not just magic packets.
So when anything shoots it a ping or whatever it wakes up
>>
>>58078322
AMD Secure Execution Environment
>>
>>58078322
>AMD PSP doesn't exist
Okay
>>
>>58078367
Wew, it's actually AMD Platform Security Processor
>>
>>58078326
That was my guess is that the laptop is trying to hit it up for updates. But like I said. I couldn't find any wake on Lan options in the uefi. I haven't fucked with it since I decided to run the cpu-z benchmark on the little 860k it has. Hell of a system for the ~400$ I paid, to be honest. Way the hell more than he'll ever need, but he was using a 32 bit celeron that was slow as piss, so I finally forced him to upgrade as a Christmas present.
>>
File: whatTheFuck.webm (3MB, 222x396px) Image search:
[Google]
3MB, 222x396px
>>58076773
>>58076896
>>58077152
why is it not a thing?
Silicon Nuremberg Trial should be a thing.
People behind this have such amount of money that they do not fear any corpo cash penalty.
They are running multibillionary companies, sponsoring govs campaing with their money and they feel totaly impunity.
Only thing they fear are mad shareholders.
You can easily tell that this backdoor is a crime against humanity.
This world is truly doomed.
>>
>>58074926
das racist
>>
I'm using a G4400, do I need ot use this shite or not
>>
>>58078519
>niggers
>>
>>58076902
You can download the update, then patch it before flashing I think
>>
>>
>>58064758
Because it's not news.
It's just tinfoil hat shit.
IF ME got hacked/cracked, then that would be huge news. This? It's like saying a new systemd got released, wow.
>>
>>58072453
>>58072266
https://libreboot.org/gnu/
What the fuck am i reading
>>
File: 1455120021093.jpg (210KB, 1024x1229px) Image search:
[Google]
210KB, 1024x1229px
>>58064758
Tinfoil hat guys, question: Why don't you buy AMD processor based laptops/desktop then?
Just you know, was wondering....
>>
>>58065081
> /g/
> where microcontrollers become a fully-functional "super malware 2000" chips that can steal your data, hack your life, rape your wife, kill your dog.
No one else could make this shit up I swear.. lol
>>
>>58080366
The firmware is proprietary and near impossible to audit. If someone cracked it you won't be hearing it in the news, until they get what they want.
>>
>>58080976
It is man made, and therefore it contains bugs, agreed.
But I am sure these exploits would require physical access.
Now.... if someone has access, you are fucked anyway.
And let's think about it for a moment.
If any of these skeleton or neckbeard fucks would EVER get their hands on something valuable data/program/whatever.... the owner (whatever country, agency, company) would just beat the hell out of them. One big slap and they would just cry and give you all their passwords.
>>
>>58064758
Is this a way to do this with software? I don't exactly have “a BeagleBone, an SOIC-8 chip clip, and a few breakout wires”
>>
>>58065351
It's used for company/corporation machine management. We use it at work
>>
>>58065659
>The Chinese don't have the technical facilities to produce x86 chips at anywhere near intel process nodes.
Funny considering the chinese produce their own CPUs for the world's most powerful supercomputer
>>
>>58081092
read the bottom, there is some python script that fucks up your shit.
I would not run it even if they paid me.
>>
>>58065726
>what is router
>>
>>58065802
>When you said firewall the first time you were BTFO because intel ME objectively bypasses firewalls installed on the host machine.
>firewalls installed on the host machine
>installed on the host machine
>host machine
>hardware firewall
>host machine
neo-/g/
>>
>>58080599
Have you ever interfaced with intel AMT or a BMC? They basically let you completely own the device and install arbitrary rootkits into the kernel. It's essentially like having root ssh login.
>>
how this whole ME connects to the internet?
it has on cpu tcp/ip stack?
>>
>>58081346
Yes.
>>
>>58081346
It piggybacks on top of your NIC
>>
>>58065357
How does a chip inside my computer have magical powers in order to circumvent my firewall, which is a completely different device in a completely DIFFERENT FUCKING ROOM?
I swear fucking normies on /g/ are disgusting.
GO BACK TO YOUR FACEBOOK MEMES CHILDREN
>>
I would like to see if I can get this to work on my i5-4690k, I'm not sure on what to do, I have downloaded the script from github but that's about it. Anyone want to help me out?
>>
>>58082389
if you're serious about pricacy, you should wipe windows first.
Basically if you don't know what this is, you don't need it. Otherwise just open a command prompt and type "python scriptname.py" as root
>>
>>58078519
preach
this democray is a joke, its just a marketing war every few years
is there a country is the world were no corporate money finances polical campaign? or i mean, whgere there is no campaign whatsoever, at most, people on the streets on weekend campaigning for their prefered candidates.
televised, printed.. or any sort of non-personal verbal political electioneering should be illegal, candidates for a higher position should be drawn from those who held a lower office, and voters who want information about the candidates can seek it in freely avaiable booklets in print and electronic, found in public spaces such as schools and electronically on the governments website or on election-info-only wifi broadcast from public spaces
>>
>>5808228 8
do you have to whitelist every lil new site you open?
if no, then its doing nothing except block the things you know you want to block, its just a redirect thru vpn when intel ME calls home.
you cant even read a technical description from a couple wikipedia entries and intel website links that were posted on the thread, who are you calling a normie...
>>
Does this mean I can install coreboot on my x201?
>>
>>58082811
Windows will run python script nativly? Or should I not into a Linux environment first
>>
>>58080556
Platform
Security
Processor
>>
File: snapshot_23.59_[2016.09.27_06.52.49].png (2MB, 1920x1080px) Image search:
[Google]
![snapshot_23.59_[2016.09.27_06.52.49].png](https://cdn.4archive.org/g/image/1482/197/1482197218350.png "snapshot 23.59 [2016.09.27 06.52.49]")
2MB, 1920x1080px
>>58068291
my wolfdale computer never did this
>>
/g/ needs to make a guide or tool to make this easy to use to get more people to get rid of the intel botnet
>>
>>58080542
Uh...yeah. That screed is really going to help with the perception that they're mentally ill basket cases...
>>
File: Intelme.png (22KB, 800x800px) Image search:
[Google]
22KB, 800x800px
>>58081346
Modern Intel CPUs are SoCs. ME is its own sub system on the processor package. It consists of a ARC CPU, memory and its own proprietary OS + software. It runs at all times, even if you PC is in standby or in shutdown mode since your PSU still supplies a small amount of power to the MB even if you shut your computer down.
This sub system has access to everything and can read all inputs, memory, etc. It is the "all seeing eye" since nothing you do to the software stack can stop it from monitoring.
>>
>>58084596
A tool which can flash from the OS would be nice. I'm thinking a simple GUI tool.
>>
>>58084596
>>58085328
Use GTK Glade and make one yourself.
>>
>>58064758
>Intel ME
>thinkpads
Who fucking cares.
>>
>>58085918
Nice try shill.
>>
>>58085932
Nice shitpost, retard.
>>
>>58078148
Download and install Python3
>>
File: Puella Magi Madoka Magica - Miki Sayaka - Cash Money.jpg (39KB, 500x364px) Image search:
[Google]
39KB, 500x364px
>>58064758
>Intel and AMD pushing these insecure proprietary binary blobs on their CPU's.
I think I'll get a POWER8 CPU instead. Speaking of which, they're doing a crowdfunding thing on crowd supply:
https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation
>>
>>58086043
Problem is you're going to get fucked for support. Even open-source programs will mostly be non-trivial to port, and that's all assuming you get your hands on a power8 that doesn't perform like crap in practice.
>>
Would try this but
>X260
>Boot guard
>Flash region locked requiring hardware flasher
>>
>>58085947
Nice reply shill
>>
>>58081177
Did you even read the article? You give the python script a file and it patches the ME out of it. The thing the person you responded to was asking about is physically flashing the now-patched file onto the CPU
>>
oh fuck how did i not know about this before im never buying another intel CPU ever again
bless based AMD protecting our freedom and privacy
>>
>>58087010
AMD has their own version of this as well. You're not safe.
>>
Help me out, /g/entlemen.
I have a pentium G4400, do I need to use this on it?
https://ark.intel.com/products/88179/Intel-Pentium-Processor-G4400-3M-Cache-3_30-GHz
>>
>>58086891
Nice strawman, retard.
>>
>>58077616
$5? What could they possibly need that requires 50 cents? Let me check my wallet, I'm pretty sure I have 5 cents in here somewhere.
>>
how do you tell if you have me or no? i have an i7-4710MQ
>>
FX-8350 is the last botnet free CPU
Feels good man
>>
fuck. i really wish i could disable this shit on my w530. i'm screwed.
>>
>>58087653
Does it really matter which one?
>>
So what do we know about the AMD implementation?
Right now, if this works, it makes intel less botnet than AMD
>>
>>58076773
>how is it even allowed?
Big corporate CEOs who are complete idiots (even more than the average normie) push this shit on their IT staff because it's a quick and dirty way to check their computers for anything that would embarrass the company on the cheap.
>>
>>58088020
I don't think anyone actually owns an AMD processor. So there is no way to check.
>>
is there a list of processors with ME?
>>
>>58088141
>because it's a quick and dirty way to check their computers for anything that would embarrass the company on the cheap.
You don't need a ME for that. If you're using a corporate computer, It can alreadyj ust remotely log into it, using software, because they'll have configured it that way. No hardware backdoor required.
We use the ME/BMCs pretty much just for stuff like remotely powering on the machine (in the case of a machine being unresponsive to wake-on-LAN, which *does* happen), remotely forcing a machine to PXE boot, remotely updating BIOS options, or whatever.
Basically it's a tool designed to prevent system administrators from ever having to leave their chairs, and such tools are very commonplace in the IT world.
P.s. I don't think it can possibly do anything if you don't have a CPU/mainboard that officially supports it *and* have it turned on and assigned an IPv4 address to it.
But of course, who knows what malicious backdoors could be hiding in the code?
>>
>>58088230
basically all of them
>>
>>58065081
Even accepting that they would do this, what I don't see is why. Try to remove your tinfoil hat before answering, because I can't see any reason to implement something like this unless you're literally an evil corporation aiming for world conquest or something.
AMD has done it as well, so there must be some benefit to doing it.
>>
File: 1429468569898.jpg (15KB, 250x250px) Image search:
[Google]
15KB, 250x250px
>>58088313
>unless you're literally an evil corporation aiming for world conquest or something.
>>
>>58065726
>I hope you have at least one non-Intel NIC between your Intel CPU and the Internet
>what is a router?
>>
>>58081203
>>hardware firewall
>>host machine
>neo-/g/
This
>>
>>58088272
yep even the 8086 right
>>
File: Selection_009.png (67KB, 989x474px)
67KB, 989x474px
Looks like you'll be fine if you just block ports 9971, 16992 and 16993 on your router.
>>
>>58088854
So does someone want to test this or are we just going to let the thread die now?
>>
File: How AMT works.png (80KB, 754x490px) Image search:
[Google]
80KB, 754x490px
>>58088854
Oooooh, as I suspected.
If connected via wireless traffic goes through the OS before the AMT, which is handy
Also apparently it's ports 16992-16995 that should be blocked.
>>
is there any proof like wireshark or rooter network packet capturing?
>>
>>58089563
No, it's all tinfoil conspiracy crap
Thread posts: 314
Thread images: 25
Thread images: 25