As one of the security leads for probably one of the largest desktop Linux fleets in the world - for most users disabling the ME is going to be a small improvement in security with no reduction in security. Meanwhile, the reason for disabling access to dmesg is to reduce the probability of finding debug output that includes kernel addresses that can be used to bypass kASLR. Again, not something most people have to worry about, but something that can be justified. And as far as CPU vulnerabilities go, if you're seriously going to argue that most environments don't include people running a web browser, well…

But it's not really disabled, is it? It still runs during boot, so if anyone manages to write an ME exploit to the platform Flash it's pretty much game over -- ironic, given one of the ostensible purposes of having the ME in the early boot flow was to stop this type of exploit.

When talking security, let's be precise where we can. Call it a reduced ME, a neutered ME, a HAP ME, whatever, but disabled is most certainly the wrong word here considering it must still run on every single platform boot.

If someone's in a position to modify the contents of the ME flash region then you're already going to have a bad time - that requires physical access, at which point you're also having to worry about hardware implants.

Yeah, that's fair. Apologies for the loose terminology.

For the most part, yes, though considering how easy it would be to update the ME (leaving no physical trace) versus adding a hardware implant, the former would be vastly preferred by an attacker I would think, if for no other reason that plausible deniability (see the Supermicro flap for a good example of how effective such deniability could be). Practically, no one is going to externally dump the ME Flash contents and verify against another source of the ME image -- the ME likes to update its own data partition anyway, so a basic hash comparison of the whole region is not going to work, you'd have to parse the modules and compare each one, hoping that the unallocated space in the Flash isn't where some (possibly encrypted) nasty is hiding.

More practically, the only thing stopping anyone writing to the ME partition remotely (as root) is the correct setting of some configuration registers in the southbridge IIRC. I don't think anyone has really dug into how those work, or if there might be another way to write data to Flash and bypass the filtering?

I do concede that the practical known attack vectors are root access or physical access. However, it's not quite as simple as it seems re. the former -- standard IT practice isn't to shred the mainboard if the OS or hypervisor root account is compromised once, standard practice is wipe and reinstall. The problem is that a single root compromise might allow installation of a long lived nasty that survives subsequent wipe and reinstall actions -- Lenovo did this on purpose without even having to go as deep as the ME.

This is fundamentally why we don't use x86 any more. Yes, we could dump / reflash / verify the opaque, closed binaries back onto each mainboard's Flash every time an OS is reinstalled. The costs of doing so though across an entire cluster, let alone desktops where recall is more involved / expensive, were such that switching architectures was actually cheaper. YMMV of course.

Doesn't concern me in the slightest. I migrated my two HEDTs and one server to AMD Threadrippers when Intel failed to deliver anything that was remotely competitive with the Zen architecture for almost three consecutive years.

Besides, Intel ME or AMD PSP is something that I hardly concern myself with. I got more important things to work on my computers than worry about backdoors. Especially when I turn off my machines and disconnect them from the network after I'm done with them. As for the backdoors listening in while the systems are running...do you seriously believe that the Americans have not already had a way to do so for years without the need for ME or PSP?

A motherboard with a CPU for $1300? For this money you can buy a complete x86 system with a monitor. Obviously only rabid open source/open HW fans will be buying it. I'm sure as hell less than 1% of Phoronix readers own it which kinda makes your point moot.

Also, what about its support? Which modern popular Linux distros even run on Power? None? Or should I be running IBM AIX which barely have any software for the average Joe?

None has been implicated in publicly known breaches for the past 20+ years. Phoronix security experts just cannot sleep well unless they disable everything to make life harder or possibly destroy their HW.

Also using sudo for every tiny utility doesn't really improve security: you see, in Windows applications can't grab another application keyboard/mouse input. However under Linux every time you enter your root/user password in a terminal any X application can get this data.


Advocating for using sudo for everything severely decreases overall security.

So, I must have a tunnel microscope (>$10K) and tons of money and time to verify the die? Also, wait, even with such a microscope, what are the chances you see all the layers? Modern chips have up to seven layers of masks and there's no way you can even inspect them.

I'm running Linux, Fedora 30 to be precise. Not sure about "gigabytes of closed source software on the system".

What game engines have to do with our discussion?

Exactly.

I'm really glad you're running such a machine. ;-)

Perchance do you also run without antivirus, without any firewall, and as an administrative user, all for productivity reasons? Security is all theoretical until suddenly, one day, the lack of it is very very real and you realize there's no way out of the mess that seemingly came out of nowhere to hit you. Kind of like real world vaccines and theoretical pandemics, come to think of it.

Why are you giving Intel and AMD a hall pass here? If you want to absolutely know for certain the silicon you have in hand is operating the way you think it is, this is the minimum requirement, regardless of vendor. AMD and Intel won't even let you look at the firmware and documentation, what makes you think you have any chance at all of verifying the silicon? It's nice you have such faith in Intel and AMD to work in your best interests at all times, but I would use a different word -- foolishness. They have zero legal requirement to work in your interest at all, you have no signed SLA forcing them to do so, no indemnification from consequences of data breach or alteration, all you did in the end was buy some hardware that comes with mandatory licensed software. You haven't been bitten yet by this choice, and you may in fact never end up being bitten depending on use case and a ton of other factors, but bear in mind that the plural of anecdote is not data. Your comments on an x86 system working for your use case do not wipe away the actual threat posed by these embedded processors and their DRM-infested firmware to other use cases or, in point of fact, to other organizations with the same use case but different (higher value?) data.

Debian, Ubuntu, Gentoo, CentOS, RHEL, Arch, Fedora. And a ton of smaller ones too. Plus FreeBSD and (soon) some of the other BSDs. Archive coverage is excellent too.

Sigh. Willful blindness gets tiresome after a while. Try any major search engine with a basic query like "Talos II Linux" before posting next time -- I guarantee helpful results on the first page for this particular query.

I think the rest of your rant speaks for itself; you basically use Linux because it's free as in beer (i.e don't really care much about the free as in speech part), and on x86 because that's the cheapest hardware around. That's fine, but many of us need a bit more than that for a variety of reasons.

The point of disabling ME is not to stop nation-state hackers from breaching your environment; they will manage through other means (given the complexity of a modern IT environment, there are plenty of hardware, firmware and software bugs to exploit that can be identified given enough resources).
The point of disabling ME is to prevent non-nation-state hackers from exploiting publicly known security issues in ME, in order to try and stop lateral movement once they already have breached your network perimeter (or at least make their lives less easy).

The point of sudo with password re-authentication is not to prevent user-space apps from accessing sudo rights (indeed, it increases the attack surface if password re-auth is enabled as you point out). The point of sudo is having traceability and accountability of admin right usage, and to prevent application admins from needing full admin permission on a server. Note that the password re-authentication issue is easily dealt with by requiring only out-of-band MFA for sudo.

It's not recommended to extrapolate the future from past experiences ('no past attack in X years has used method Y'). Method Y will be used if it's easy enough to exploit to get into systems.

If your security auditors don't require you to implement privilege escalation and MFA (e.g. for PCI DSS or SOX compliance, among others), then your 50-server infrastructure probably doesn't run anything of great important (or at least, I hope it doesn't).

I'm giving them a pass because, surprise, the whole freaking world runs on top of their CPUs/motherboards/chips. Even banks, military and three letter agencies use run-of-the-mill Intel/AMD hardware. Also, if you have a properly isolated infrastructure any backdoors will be near impossible to exploit, so spending money on esoteric hardware just to feel smug is not really for me. I don't pretend that I'm safe running this HW but I don't lose my sleep over it.

Also, I'm cheap/broke enough not to spend my money on IBM HW which I cannot even verify and which I can't use to run Windows (I game occasionally).