Originally posted by starshipeleven
View Post
Announcement
Collapse
No announcement yet.
Intel Confirms Vulnerability In Intel AMT/ME
Collapse
X
-
Originally posted by starshipeleven View PostIt will come a time when we need to attach a mini-firewall to the PC's ethernet port to filter out any unwanted bullshit trying to communicate with the hardware backdoor....
Not trying to defend Intel here by the way. In a way I can understand why corporates might actually want something like AMT. The problem is Intel attitude, the really need to be more forthcoming as to how all of this works and allow people access to the hardware for alternative implementations. In the end the only thing you can do I is to push the manufactures for hardware free of these sorts of features.
I say features because this fault was likely planted by the NSA. Seriously throw somebody on Intels development team a little money and you have your own surveillance channel into the hardware. I don't want to sound like "one of those guys" but I see a high probability that the security issue is a manufactured one.
- Likes 8
Comment
-
Originally posted by ThrowAway3000 View Post
There is, I've just built a Bulldozer-based PC, and I bought a spare motherboard in case this one breaks 5 years later. Sucks to get a CPU from 2012 in 2017, but that was the only option to avoid PSP. Basically, stockpiling old hardware (just a motherboard, really) as per someone's advice on Phoronix.
Oh well, at least the performance is 4 times better than my current dual-core Intel E7200 from 2008, and the CPU itself was only $110.Last edited by torsionbar28; 01 May 2017, 08:05 PM.
- Likes 1
Comment
-
Originally posted by wizard69 View PostWhy wouldn't you have a separate firewall anyways?
Originally posted by wizard69 View PostI say features because this fault was likely planted by the NSA. Seriously throw somebody on Intels development team a little money and you have your own surveillance channel into the hardware. I don't want to sound like "one of those guys" but I see a high probability that the security issue is a manufactured one.Last edited by torsionbar28; 01 May 2017, 09:03 PM.
Comment
-
ME...backdoor/botnet by design, nothing new... https://stallman.org/intel.html. Just another tool at NSA's disposal.
- Likes 3
Comment
-
Given the fact that the guy who reported the vulnerability could only find a pretty paltry 7,000 servers that could be remotely exploited, it's not really a widespread issue. People who actually rely on AMT (and it is a very useful feature if you need it, believe me) can patch as needed.
When I think back to Heartbleed and some other remote-execution vulnerabilities that actually caused real havoc, this is a small blip on the radar.
Comment
-
Originally posted by chuckula View PostGiven the fact that the guy who reported the vulnerability could only find a pretty paltry 7,000 servers that could be remotely exploited, it's not really a widespread issue. People who actually rely on AMT (and it is a very useful feature if you need it, believe me) can patch as needed.
When I think back to Heartbleed and some other remote-execution vulnerabilities that actually caused real havoc, this is a small blip on the radar.
- Likes 4
Comment
-
Considering IntelME and AMD PSP have their own access to the network, how would you filter it out using a firewall or a firewalled router even?
Assuming you even block all ports and protocols you don't need. It can still communicate over http/80. From the router's perspective, you'd be surfing the web and nothing more. So?
- Likes 1
Comment
-
Originally posted by MiUNX View PostConsidering IntelME and AMD PSP have their own access to the network, how would you filter it out using a firewall or a firewalled router even?
Assuming you even block all ports and protocols you don't need. It can still communicate over http/80. From the router's perspective, you'd be surfing the web and nothing more. So?
Comment
Comment