>Security vendor Positive Technologies discovered a bug in some Intel Skylake CPUs that allows an attack to take full control over the system through USB. The problem is the debugging interface of the CPU that can be accessed through USB.
>The Intel chip debugger leaves the chip open to hacking and because it sits below the software layer isn't easily detected. Researchers from Positive Technologies have revealed that some new Intel CPUs contain a debugging interface, accessible via USB 3.0 ports, that can be used to obtain full control over a system and perform attacks that are undetectable by current security tools reports scmagazine.com
>The bug is easy to exploit as no special equipment is required, state the researchers. However, attackers do need physical access to the system and the bug only appears to be only present on Skylake U CPUs that are only used in NUCs and Ultrabooks.
>An attacker could use this to bypass all security systems for the embedding of code over a certain period of time, reading all possible data and even making the machine inoperative, for instance by re-writing its BIOS. A talk on the mechanisms needed for such attacks, and ways to protect against them, was given by Maxim Goryachy and Mark Ermolov at the 33rd Chaos Communication Congress in Hamburg, Germany.
http://www.guru3d.com/news-story/bug-in-skylake-cpus-allows-attackers-to-take-control-over-pc-using-usb.html
@
WTF, I HATE INTEL NOW!
>>58468663
Laptop manlets btfo
>>58468663
What are they going to do with 800GB of hentai?
>>58468663
>jewtel
>>58468663
I wonder how many of those people in Chink shit general have been infected by the Red Menace.
(((bug)))
If they already have physical access to your device you're fucked regardless. This is of no concern
>>58468663
>Bug
So that's how millenials call backdoors now, huh?
""""""""""bug""""""""""
>>58469180
Depends, this thing allow a remote, telemetry-like control (i guess it should as you can even rewrite the fucking BIOS)?
Because you could infect a phone (like with a shady apk, infected ads/pop-ups or infected files) and when said smartphone connect to the port, it execute the exploit on the machine (maybe with some preloaded protocols like freezing the GUI and execute certain tasks, or just set the cpu vcore to 2v and burn the shit up).
>>58470808
This post gave me potassium
>the bug only appears to be only present on Skylake U CPUs that are only used in NUCs and Ultrabooks.
fuck, you scared me. I have a G4400.
>>58469180
>Drop a few infected usb sticks around a company HQ
>One idiot finds one and plugs it into his pc
His presentation was a bit of a mess. Did anyone pick out whether this affects running systems where the enable bit is set to 0 and the lock bit is set to 1? My only concern is direct memory access, since it obviates whole disc encryption.