Originally posted by SystemCrasher
View Post
Its just technically challenging thing to do. However, there was "ring -3" rootkit PoC from infamous Joanna Rutkowska. Which did exactly that: it broken into ME, ran native ME code and it could do whatever it wants to the rest of system, being completely invisible to x86-side software.
Granted Mirai (IoT enabled botnet) source has leaked and even made it to github, fighting botnets going to look pretty much like fighting windmills I guess. I could bet l33t script kiddies are setting up new botnets much faster than these botnets are shut down and their owners jailed.
Would it happen to ME backdoors?
If botnets were using ME, it would be found out pretty quickly that ME is involved, and shit would start flying for Intel.
Which tells nothing on what powers they technically have.
MS can push updates you can't avoid anymore on win10, that means they can insta-pwn all win10 devices if they so choose. With other OS they could just push updates, so they could still pwn your PC as long as you had your updates enabled.
Besides, any software company can do the same, they can push updates on your PC, and if you agree you give the updater root access anyway.
Note that I'm not saying they are necessarily using it for evil.
I can't imagine good reasons to put so much proprietary blobs "for your convenience".
Usually closed-source and proprietary blobs are used to hide half-assed features and copyright infringement from the eyes of experts that would call them out.
There is fancy thing: this is most widespread HW around the globe. Being smarter? Possible, BUT not everyone could afford it. After all, it takes higher level of expertise, so you can't just go nearby shop and buy arbitrary PC/laptop/MB. Things are getting slightly more complicated.
Very valid point. Though I could imagine backdoors using side-channel signalling
Comment