Announcement

Collapse
No announcement yet.

Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #41
    You're talking about how a hypothetical attack might be able to be triggered (assume you're talking about "backdoor data packet" as the trigger ?).

    I'm talking about how it gets data back to the hypothetical bad guys - maybe print a message on the console asking you to "mail the flash stick to the following address in Maryland" ?
    Test signature

    Comment

    • #42
      Originally posted by bridgman View Post
      I'm talking about how it gets data back to the hypothetical bad guys - maybe print a message on the console asking you to "mail the flash stick to the following address in Maryland" ?
      UEFI Network Stack?

      Comment

      • #43
        Originally posted by numacross View Post

        UEFI Network Stack?
        Disabled as default, at least on my motherboard.

        Comment

        • #44
          Originally posted by Brisse View Post
          Disabled as default, at least on my motherboard.
          The code is still there, just "disabled".

          • Likes 1

          Comment

          • #45
            I didn't think the UEFI network stack was available at runtime, just boot time (for PXE).
            Test signature

            Comment

            • #46
              Originally posted by bridgman View Post
              I didn't think the UEFI network stack was available at runtime, just boot time (for PXE).
              Even if, then let's just crash the kernel (or NMI, or ACPI or simulate Ctrl+Alt+Del with the USB-to-PS/2 SMM), force a reboot, get to UEFI-level and use the network stack. As long as the code exist to access the built-in NIC from UEFI it can be used.
              • Likes 1

              Comment

              • #47
                Originally posted by bridgman View Post

                You're thinking the PSP has driver code in it for all the NICs it is likely to encounter ? Still scratching my head.
                It only needs a few drivers for the built-in NICs in majority of motherboards. You don't need to have 100% coverage. The rest is easy, just install a kernel-memory level rootkit/malware, you only need 5-10 versions for OS/version matches needed if you have full RAM access. Then the malware takes care of the networking,. It's more visible but if you REALLY need it you can do it that way.
                • Likes 1

                Comment

                Previous 1 2 3 4 5 template Next
                Working...
                X