1. #1

    Hidden OS on Intel Chips

    Source: http://www.zdnet.com/article/minix-i...rating-system/

    ...So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code. We do know that with it there:

    -Neither Linux nor any other operating system have final control of the x86 platform
    -Between the operating system and the hardware are at least 2 ½ OS kernels (MINIX and UEFI)
    -These are proprietary and (perhaps not surprisingly) exploit-friendly
    -And the exploits can persist, i.e. be written to FLASH, and you can't fix that

    In addition, thanks to Minnich and his fellow researchers' work, MINIX is running on three separate x86 cores on modern chips. There, it's running:

    -TCP/IP networking stacks (4 and 6)
    -File systems
    -Drivers (disk, net, USB, mouse)
    -Web servers
    "Minnich" is referring to Ron Minnich of Google.

    How do you guys feel about this? I just found out about this and feel I have a bit of research to do because as of right now I am inclined to rebuild my computer with AMD chips.
    My Collection
    - Bring back my damn zoom distance/MoP Portals - I read OP minimum, 1st page maximum-make wow alt friendly again -Please post constructively(topkek) -Kill myself

  2. #2
    ". It's not every processor, but if you or your hardware vendor has "explicitly enabled AMT", your machine is still vulnerable to attack."

    I've never enabled AMT, I will admit that I have no idea what it is, but the article makes me believe i'm safe unless I've turned it on. It sounds like something that only a business would ever enable.

    Further from the source article "What's the solution? Well, it's not "Switch to AMD chips". Once, AMD chips didn't have this kind of mystery code hidden inside it, but even the latest Ryzen processors are not totally open. They include the AMD platform security process and that's also a mysterious black box."

  3. #3
    Quote Originally Posted by Tommys View Post
    Further from the source article "What's the solution? Well, it's not "Switch to AMD chips". Once, AMD chips didn't have this kind of mystery code hidden inside it, but even the latest Ryzen processors are not totally open. They include the AMD platform security process and that's also a mysterious black box."
    Yeah, that would be included in my "bit of research to do" lol. If I find I have nothing to worry about because it's not enabled anyways or that I can remove/disable it then I'll stick with intel.

    - - - Updated - - -

    Quote Originally Posted by Synthaxx View Post
    It's risky for them to do something like this.
    That was my first thought. I'm no business genius but I couldn't see myself putting something like this in my hardware because all it would take is one exploit for customers to lose faith in the product.
    My Collection
    - Bring back my damn zoom distance/MoP Portals - I read OP minimum, 1st page maximum-make wow alt friendly again -Please post constructively(topkek) -Kill myself

  4. #4
    The Lightbringer Artorius's Avatar
    10+ Year Old Account
    Join Date
    Dec 2012
    Location
    Natal, Brazil
    Posts
    3,781
    You guys can read about it in those links:

    https://en.wikipedia.org/wiki/Intel_...ent_Technology
    https://www.reddit.com/r/programming...rld_thanks_to/
    http://www.tomshardware.com/news/goo...tel,35876.html
    https://www.reddit.com/r/technology/...ds_to_the_use/

    And to be honest, AMD isn't exactly "safer" than Intel when they also have something similar in their CPUs (http://www.amd.com/en-us/innovations...ogies/security) and perhaps can effectively do the same thing.

    You guys can never be sure, you can never fully know what's there in the hardware. Open-source software is cool and all, but it doesn't matter when you can do the same things people are afraid of on pure hardware.

    Even if we used fully open ISAs like RISC-V, there's no way to stop the vendors (or the foundries themselves in the worst case scenario) from including hidden extra things.
    Last edited by Artorius; 2017-11-19 at 08:45 PM.

  5. #5
    Moderator chazus's Avatar
    10+ Year Old Account
    Join Date
    Nov 2011
    Location
    Las Vegas
    Posts
    17,222
    It's not really news. AMT is something that runs on Intel chips as part of the Intel Management Engine, a co-cpu that runs independant of everything else, even if your system is off. It's been in the news a lot recently (and probably why this AMT article was written), because people are starting to dig into it more and more lately, and finding more and more flaws.

    From a security standpoint, it's one of those "If you're a security researcher, or software engineer, its bad, but for anyone else it doesn't really matter unless you're into conspiracy theories and paranoia"
    Gaming: Dual Intel Pentium III Coppermine @ 1400mhz + Blue Orb | Asus CUV266-D | GeForce 2 Ti + ZF700-Cu | 1024mb Crucial PC-133 | Whistler Build 2267
    Media: Dual Intel Drake Xeon @ 600mhz | Intel Marlinspike MS440GX | Matrox G440 | 1024mb Crucial PC-133 @ 166mhz | Windows 2000 Pro

    IT'S ALWAYS BEEN WANKERSHIM | Did you mean: Fhqwhgads
    "Three days on a tree. Hardly enough time for a prelude. When it came to visiting agony, the Romans were hobbyists." -Mab

  6. #6
    Deleted
    Quote Originally Posted by chazus View Post
    From a security standpoint, it's one of those "If you're a security researcher, or software engineer, its bad, but for anyone else it doesn't really matter unless you're into conspiracy theories and paranoia"
    I think it's good if you're a researcher because it gives you something to work on.

    Also I'm not sure why it shouldn't matter for anyone else. It is after all a vulnerability that could be exploited. And while it is harder to exploit than your run of the mill windows vulnerability it's also more powerful.

    It's also not just the AMT module that is affected (although it is the biggest offender apparently) but other parts of ME present in consumer devices as well.
    https://security-center.intel.com/ad...nguageid=en-fr

  7. #7
    Moderator chazus's Avatar
    10+ Year Old Account
    Join Date
    Nov 2011
    Location
    Las Vegas
    Posts
    17,222
    Quote Originally Posted by lloewe View Post
    Also I'm not sure why it shouldn't matter for anyone else. It is after all a vulnerability that could be exploited.
    Oh don't get me wrong, it's definitely a vulnerability and bad thing... I just don't think it's something most normal people need to actively worry about. The chances of them being targeted by this in some fashion is... virtually nonexistant. It's just like the KRACK vulnerability last month. Technically, engineering-wise speaking, it's awful. But it didn't actually cause any real problems, outside of the initial panic and misinformation.
    Gaming: Dual Intel Pentium III Coppermine @ 1400mhz + Blue Orb | Asus CUV266-D | GeForce 2 Ti + ZF700-Cu | 1024mb Crucial PC-133 | Whistler Build 2267
    Media: Dual Intel Drake Xeon @ 600mhz | Intel Marlinspike MS440GX | Matrox G440 | 1024mb Crucial PC-133 @ 166mhz | Windows 2000 Pro

    IT'S ALWAYS BEEN WANKERSHIM | Did you mean: Fhqwhgads
    "Three days on a tree. Hardly enough time for a prelude. When it came to visiting agony, the Romans were hobbyists." -Mab

  8. #8
    Deleted
    Quote Originally Posted by chazus View Post
    Oh don't get me wrong, it's definitely a vulnerability and bad thing... I just don't think it's something most normal people need to actively worry about. The chances of them being targeted by this in some fashion is... virtually nonexistant.
    Absolutely.
    The danger I see is that eventually someone could combine this attack with a standard virus/worm/trojan. While you can remove the latter ones either with tools or a reinstall, the malware embedded into your firmware will persist and in some cases the only way to get rid of it, is to buy new hardware.

    So if your manufacturer/Intel offers a fix for your system, I'd patch it quite quickly. That will at least close the published holes.
    Last edited by mmoc1a2258818d; 2017-11-22 at 03:30 PM.

  9. #9
    We are so fu**ed and we don't even know about it.

  10. #10
    Moderator chazus's Avatar
    10+ Year Old Account
    Join Date
    Nov 2011
    Location
    Las Vegas
    Posts
    17,222
    Quote Originally Posted by Alantor View Post
    We are so fu**ed and we don't even know about it.
    Not really. If we were in any real digital danger, it would have come and gone. The ME (which the AMT is part of) has had vulnerabilities before, it's been around for ~13 years, and people knew of it, and its vulnerabilities.

    It's like saying that now that people know that someone's jewelry box is unlocked, they're worried about being robbed, when we all knew the front door was unlocked the entire time.
    Gaming: Dual Intel Pentium III Coppermine @ 1400mhz + Blue Orb | Asus CUV266-D | GeForce 2 Ti + ZF700-Cu | 1024mb Crucial PC-133 | Whistler Build 2267
    Media: Dual Intel Drake Xeon @ 600mhz | Intel Marlinspike MS440GX | Matrox G440 | 1024mb Crucial PC-133 @ 166mhz | Windows 2000 Pro

    IT'S ALWAYS BEEN WANKERSHIM | Did you mean: Fhqwhgads
    "Three days on a tree. Hardly enough time for a prelude. When it came to visiting agony, the Romans were hobbyists." -Mab

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •