Thursday, June 16, 2016

So you think your firewall protects your OS from hacking......what about the other OS in your CPU?

The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside all Intel chipsets since 2013.


http://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html?
http://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html?


Seriously WTF??

To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.
The fact that it can still run while in S3 suspend mode is what kills me.


Keep in mind there is absolutely no way for the main CPU to tell if the ME on a system has been compromised, and no way to "heal" a compromised ME. There is also no way to know if malicious entities have been able to compromise ME and infect systems.

No comments:

Post a Comment