Intel hardware botnet

This probably why intel stutter in game

>>60158478
>implying AMD's shit pre-Ryzen CPUs don't stutter.

File: 1488347562680.jpg (31KB, 364x573px) Image search: [Google]

31KB, 364x573px

>>60158282
Nothing to hide! The government needs these backdoors! Think of the children!
Not surprising though, I've seen proof-of-concept ME exploitation back in 2012 (somewhat limited remote exploitation too).
This is why anything and everything that can't be audited - that is everything closed-source can't be part of the root of trust, it is insecure/unsecured/compromised by design.

>>60158282
DELETE THIS RIGHT NOW YOU ANTI-SEMITE

>>60158513
No they dont, but the gap on avg fps so big people don't bother to mention it

>>60158282
Fake news

>>60158282
>First a little bit of background. SemiAccurate has known about this vulnerability for literally years now, it came up in research we were doing on hardware backdoors over five years ago. What we found was scary on a level that literally kept us up at night

>literally
>literally
sageru
nice "source" though

>>60158578
It is.
"Waaaaah, I didn't like this thing. I told Intel I didn't like this thing over and over. I said it was wide open but because I could no way prove that there was any opening whatsoever no one would listen to my whining! Now Intel has released some patch, so that means I was 150% right all along!"

File: 1493471142759.jpg (8KB, 179x200px) Image search: [Google]

8KB, 179x200px

>>60158578
>>60158598
>>60158697

>>60158712
Grow up.

File: shekelmark.jpg (20KB, 1200x400px) Image search: [Google]

20KB, 1200x400px

who cares anyway its not like ryzen get you any performance intel is better than anything we have by light years unless you are grandma or a 90's poorfag intel is the best option ryzen is like 50% slower and stutters

>>60158733
Patch it.

>>60158749
kek

>>60158282
>Intel Muhdick Engine

Everyone with half a brain knew this would be a problem eventually.

>>60158282
DELID THIS RIGHT NOW

>we implemented a non accessible circuit which runs forever, has below OS level access to everything you do + it can access the networking interface
>But it's not a backdoor. We do this because you want it trust us

>Wow there was a backdoor all this time? We didn't know, crazy how it got there!
>Btw it's not removable
>Oh right here is an OS patch that fixes the exploit
"But wasn't it below OS level?"
>Shhhhhh

File: Nothing to hide .png (90KB, 1868x496px) Image search: [Google]

90KB, 1868x496px

>>60158542
Mandatory

>>60158875
This. ME was never a good thing and it was only a matter of time before something like this came up

File: jew.jpg (79KB, 501x585px) Image search: [Google]

79KB, 501x585px

>>60158749

>>60158956
How does he know his daughter would do anything for Jolly Ranchers if he didn't try it?
Seems like someone should've been under surveillance from the start.

>>60159402
>Not knowing your daughter's favorite stuff
I feel sorry for your future kids anon.

File: 1414960757530.jpg (27KB, 594x602px) Image search: [Google]

27KB, 594x602px

>>60159402
You're a fucking idiot.

File: intel-fan.png (944KB, 1228x1502px) Image search: [Google]

944KB, 1228x1502px

>>60158282
DELID THIS YOU STUPID GOY

>>60159459
Weren't you told to grow up?

>>60158282
So what's the upshot of this? I never installed the Management Engine software for my X58 machine but I don't remember stuff like that being selectable in the BIOS.

>What we found was scary on a level that literally kept us up at night. For obvious reasons we couldn’t publish what we found out

>P-P-Please believe us

File: heh.jpg (49KB, 480x360px) Image search: [Google]

49KB, 480x360px

>>60158282

File: Twitter_icon.jpg (42KB, 500x418px) Image search: [Google]

42KB, 500x418px

>Charlie Demerjian
I'm not a huge fan of Intel but semiaccurate is a very appropriate name.

>>60159687
Are you mentally handicapped by chance?

>>60159687
Publishing it would force intel to release a fix. Can't have that!

>>60159722
They're already releasing a fix

>>60159722
They only announced this because Intel pushed out a fix to OEMs a week ago. Read the whole article.

>If you have provisioned AMT or ISM on your systems, you should disable it in the Intel MEBx. If you haven’t provisioned these, or have and want to mitigate the local vulnerability too, there are more steps to take. If you have a box with AMT, ISM, or SBT, you need to disable or uninstall Local Manageability Service (LMS) on your boxes.
...So basically, the only ones affected are corporations actually using ME and anyone who has completely not touched it is fine?

>>60158282
does this mean some ching-chong can access all my intel machines over the internet and steal my passwords and credit card info?

File: ZesE8yv.png (56KB, 636x449px) Image search: [Google]

56KB, 636x449px

>>60159718
Do you believe every hyperbole you read on the internet ?


I am a bit skeptical here, they claim to know of a vulnerability, claim to have talked to the "right people" and have gotten nowhere.

Could it be that their vuln is nothing ? That they do no have the right information and cannot even make a proof of concept exploit because their vuln is literally nothing?


Its all doom and gloom in this article, listing what the ME can do then making it seem like their vuln will give you $100% control over the system.
I am not saying this vuln cannot be real, but the way they are going on about this sure seems to ruin their own credibility.

pic related

>>60159852
If you don't use AMT, no.

>>60159917
If it wasn't a real issue, why is Intel releasing a patch to OEMs?

>>60160252
Please link to technical description of patch so that it can be matched against the article.

>>60159929
Is it turned off by default, though?

>>60159929
We don't know if the management engine is listening to some secret port knocking pass even if it is disabled.

>>60160421
I hope AMD will open source theirs, then it may put pressure on Intel to open it up too or something. Or at least find a way to remove the IME

>>60160292
They'll release that after the patch is out, it's written in the article

>>60160449
so once again, we got to take their word for it.

>patch is coming out
>lets raise fear and tell everyone is *must* be patching this super secret exploit that no one knows about except us, and that is a very dangerous

Disable ME and leave the botnet.
https://github.com/corna/me_cleaner

>>60160449
So you don't even know that it's related to the issue mentioned in the article?

There's probably a trace you can cut.

>>60160485
how to fucking use that shit

>>60160547
you flash it using a raspberry pi and a SOIC clip

>>60160547
You need a hardware spi flasher.

>>60160547
https://github.com/corna/me_cleaner/wiki/How-to-apply-me_cleaner

>>60160485
>>60160547
>>60160602
but is it safe?

>>60160620
Yes

>>60160472
>e-everything is fine just belive intel
Yeah remember how intel tried to cover up their dying Atoms chips? Sure I'm going to take the word of Charlie

>>60158282
WHAT THE ACTUAL FUCK

>>60159856
https://libreboot.org/faq.html#amd

>>60160704
AMD's PSP isn't accessible over network like Intel's ME.
That's why it doesn't have a remote exploit.

>>60160761
>To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM “features” to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.

>>60160791
>"theoretically"
>quoting from trannyboot website

>control+f literally
>1 of 6 matches

>>60158756
Why? It's intended to be there.

>>60160836
it literally is the end of the world for computer, we talked to literally dozens of people and were ignored literally

>>60160828
>trannyboot
Yes, don't accept any alternative to Intel® SafeBoot® TrustSecurity®!

>>60160851
>"alternative"
Trannyboot is a ripoff of coreboot though.

>>60160873
So what? Doesn't make their description of the PSP any less accurate. If anything, it's part of their mandate to examine it.

>>60160873

they do their own dev work and have spent thousands funding boards to be ported to coreboot/libreboot

>>60160828
We can't really audit it now, can we?

>>60160791
The point is it's not remotely accesible from the *outside* because it doesn't have the zeroconf madness built in.

>>60158282
WHY DID I BUY JEWTEL
FUCK

FUCKING NIGGER CATTLE GOT ME

File: good goy.png (604KB, 800x523px) Image search: [Google]

604KB, 800x523px

>>60160472
Yes goy, just trust us! Intel would never lie to you!

File: 1408819542770.png (19KB, 130x130px) Image search: [Google]

19KB, 130x130px

how do I know if I have AMT turned on?

>>60160898
So its pure speculation. Intel ME network access and previous vulnerabilities have been documented.

>>60160921
Somebody skillful can. Intel ME has been reverse engineered and exploited even though its a black box

https://hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/

>>60160948
fake, that url at the bottom does not exist.

>>60161030
Not that anon, but you're an idiot. https://en.wikipedia.org/wiki/Intel_Upgrade_Service

>>60161030
You're fake news!

>>60160993
>Somebody skillful can. Intel ME has been reverse engineered and exploited even though its a black box
So the AMD PSP has received less attention since it's many years younger and fewer people use AMD. That's not exactly a reason to feel secure about it.

>>60160989
It's always turned on. You can (supposedly) turn off the network parts of it via the BIOS, however.

>>60158282
I'm a pedo, how fucked am I?

>>60160570
but rpi is botnet too

>>60161092
I did not see anything about it in my uefi setup

>>60161088
Lack of evidence is not evidence.

>>60161099
The SWAT is coming to your door right now

>>60161189
oh shit oh shit

>>60161178
I believe that means that your hardware is not equipped with the network portions of it. It's still locally exploitable, however.

>>60161187
Of course it's not "evidence", but having a secondary processor with full hardware access executing non-audited software is certainly in no way better than not having that.

If you don't make your own motherboard, cpu, graphics card, serial controller and OS: you're fucked

>>60161200
I suppose the network portions requires vPro? I do not think I have that.

>>60161099
AHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAHAHAHAAHAAAAHAHAHAHAAHAAHHHHHAHAHAHAHAHAHAHAHHHAAHAHAAH

>>60161290
r u 0k?

>>60161210
At least Su promised PSP transparency, haven't head anything similar from Intel. They actually do neat things with PSP like transparent memory encryption

>>60161323
>At least Su promised PSP transparency
She did? Please link, sounds amazing.

File: 1380697092809.jpg (42KB, 479x720px) Image search: [Google]

42KB, 479x720px

>I use an AMD CPU

>>60161380
AMD has an equivalent thing you nigger

>>60158282
How will we ever recover?

File: 1414791785602.jpg (15KB, 243x250px) Image search: [Google]

15KB, 243x250px

>from nehalem to cucklake

So my core2quad full of rare pepes is safe from the jew botnet?

>>60161367
Well not exactly promised herself but AMD James did respond like this in reddit

>Thanks for the feedback. Please believe me that this has CEO level attention and AMD is investigating the steps and resources necessary to support this. It is not the work of a minute, so please bear with us as we define what we can do.

If they don't follow this up they would lose face like intel

>>60161495
>If they don't follow this up they would lose face like intel
for Chinese and Indians the idea of losing face is bad, so this is bound to happen

File: 27_125x[1].png (687B, 44x26px) Image search: [Google]

687B, 44x26px

>>60161456
By being very very nice to Intel, forever.

>>60159744
Almost nobody affected will get it.

So, are those exploits different from those that have been already known for years or is it really something new?
We'll probably never know.

It gets better

https://www.theregister.co.uk/2017/04/27/intel_puma6_chipset_trivial_to_dos/

This week, inquisitive netizens discovered that, when presented with even modest amounts of network traffic – as little as a few thousand packets per second spread across various TCP or UDP ports – modems equipped with a Puma 6 slow to an unusable crawl.

I'm not buying a new computer until RISC-V chips are available.

>>60158575
I got a Ryzen 1600 and I feel literally no difference to my older 3770k, stop spewing shit.

File: 1493400743726.jpg (2MB, 3840x1032px) Image search: [Google]

2MB, 3840x1032px

>>60161645
Frametimes are always wrong unless it shows AMD in a bad light

Not every Intel chipset made in the past 9 years supports AMT apparently.

>>60161528
>>60158282
NOOOOOOOOOOOOOOOO

Looks like wikileaks is going to release Odin's eye.

File: smug.jpg (32KB, 480x531px) Image search: [Google]

32KB, 480x531px

>>60158282
>mfw linked text is unironically using the word "literally" 6 times
But yes everyone knew ME is a backdoor that other people can use. Even Stallman told this to people but nobody cared.

File: ur.png (438KB, 1000x721px) Image search: [Google]

438KB, 1000x721px

>>60161528
oh jeeze

https://www.youtube.com/watch?v=0lmEnA8pzHA
https://www.youtube.com/watch?v=0lmEnA8pzHA
https://www.youtube.com/watch?v=0lmEnA8pzHA
https://www.youtube.com/watch?v=0lmEnA8pzHA

File: zeldalols.jpg (54KB, 256x353px) Image search: [Google]

54KB, 256x353px

>>60161571
haha lol

>>60162324
stallman is an old stupid cuck who doesn't know shit.
Also OP linked to fake news. All ME issues were documented a long time ago and all of these are being fixed all the time via firmware updates.

>>60162354
>incompetend nigger talking about technology
>with rap in the background
Top kek. Off yourself if you watch this shit.

>>60158542
>This is why anything and everything that can't be audited - that is everything closed-source
It can be audited, you just have to pay for the privilege. This is hardware, anyway, the "open-source" hardware is a misnomer if there ever was one.

You retards realize that AMD's PSP is even more intrusive, right?

https://libreboot.org/faq.html#amd

Infact it's worse, since AMD is incompetent and exploits pop up in their hardware more often.

>have nothing to hide
>don't care

if you're selling drugs or CP or taking hit contracts on the dankweb you should be using an old PC from at least 15 years ago anyway.

>>60162726
Sssh, this is a fanboy jerk-off thread, reason isn't allowed here.

>>60162726
>b-b-b-but mmuh coraz!!!
Assblasted Mad Degenerates don't surprise me at all.

File: 227711-HAWPSlutz-Header.jpg (20KB, 620x349px) Image search: [Google]

20KB, 620x349px

>I use an Intel CPU

>>60162726
>https://libreboot.org/faq.html#amd
no technical details

>even more intrusive
doesn't even say that...

What did you expect from closed-source hardware?

File: cucks_btfo.jpg (8KB, 300x168px) Image search: [Google]

8KB, 300x168px

HAHAHAHAHA
/pcbg/ BTFO. Every new uP is hw-cucked!
tfw comfy core2

>>60163146
core2 is even more compromised, faggot.
http://techreport.com/news/28784/vulnerability-in-older-intel-cpus-gives-away-the-keys-to-the-kingdom

>>60158929
I mean, it may be just replacing one backdoor with another, but it is still a firmware update, not an OS patch.

>>60163211
Except this one is not remote, and only works from ring-0. So you'd have to have installed a malicious driver/OS/other kind of OS module for that to be exploited.

>>60158282
https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Why does "literally" trigger you guys so hard?
Did the cool chick in high school use it a lot to make fun of you?

>>60165257
>Did the cool chick in high school use it a lot to make fun of you?
Yes. KYS for reminding me

>>60160440
Some marketing dude from AMD said they'd look into it, but he didn't know what he was fucking talking about. AMD's PSP is made by ARM, who just lets AMD use it for a pretty penny. ARM would have to release it

>>60165712
The guy from marketing said he talked about it with the engineering team/The CEO. I assume they'll figure out if they can or not, but I won't spit on him for trying, maybe ARM will do something, who knows.

I don't want to be pessimistic just yet.

>>60160421
>port knocking
Heh, port knocker.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr


Reminder it took Charlie ranting for Intel to confess

>>60158282
There are countless issues with Intel's "trustworthiness". That said, this exploit does require a vPro-capable processor.

>>60159825
Just because you didn't set anything up explicitly doesn't mean you're not exposed. I didn't think I was vulnerable, but I ran the netstat thing and my system was listening on two of the six vulnerable ports. Thank fuck I'm behind a router.

Read this and follow instructions.

https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide%20-%20Rev%201.1.pdf

>>60168488
Most of this won't apply to you unless you've got a business class processor. And all you're doing is just disabling and possibly deleting the LMS service, anybody with root access could just add it back again.

>>60168634
The security advisory says that "consumer PCs" are not affected, but it looks like any chip with vPro is vulnerable. There are quite a few consumer-grade chips with vPro.

See: https://ark.intel.com/Search/FeatureFilter?productType=processors&VProTechnology=true

>>60161213
How do we start an open-source, libre hardware development community?

It's a necessity in the coming years.

>>60165257
It's a word that has lost it's meaning

Ironically, just like "triggered". That's used so much it genuinely has little weight now. Any response to anything is now "triggered".

>>60168838
Seize the memes of production.