|
|
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
On 11/22/2017 01:42 PM, Anonymous Remailer (austria) wrote:
https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. This post is about hiring at Intel, not about security. |
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. https://www.wired.com/story/intel-ma...s-servers-iot/ And they have a tool, both for Windows and Linux, to check out your systems: https://downloadcenter.intel.com/download/27150 Note that the tool has to be run with root privileges. and here is my report from the use of the tool. [root@localhost SA00086_Linux]# ./intel_sa00086.py INTEL-SA-00086 Detection Tool Copyright(C) 2017, Intel Corporation, All rights reserved Application Version: 1.0.0.128 Scan date: 2017-11-21 06:02:31 GMT *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss -- bliss dash SF 4 ever at dslextreme dot com |
PC vendors scramble as Intel announces vulnerability infirmware [Updated]
On 2017-11-22, Bobbie Sellers wrote:
On 11/22/2017 02:29 PM, Doomsdrzej wrote: On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. And if it says your system is vulnerable, what do you do? Some of the systems may be from manufacturers who are out of business. https://www.wired.com/story/intel-ma...s-servers-iot/ And they have a tool, both for Windows and Linux, to check out your systems: https://downloadcenter.intel.com/download/27150 Note that the tool has to be run with root privileges. and here is my report from the use of the tool. [root@localhost SA00086_Linux]# ./intel_sa00086.py INTEL-SA-00086 Detection Tool Copyright(C) 2017, Intel Corporation, All rights reserved Application Version: 1.0.0.128 Scan date: 2017-11-21 06:02:31 GMT *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
On 11/22/2017 03:52 PM, William Unruh wrote:
On 2017-11-22, Bobbie Sellers wrote: On 11/22/2017 02:29 PM, Doomsdrzej wrote: On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. And if it says your system is vulnerable, what do you do? Some of the systems may be from manufacturers who are out of business. https://www.wired.com/story/intel-ma...s-servers-iot/ And they have a tool, both for Windows and Linux, to check out your systems: https://downloadcenter.intel.com/download/27150 Note that the tool has to be run with root privileges. and here is my report from the use of the tool. [root@localhost SA00086_Linux]# ./intel_sa00086.py INTEL-SA-00086 Detection Tool Copyright(C) 2017, Intel Corporation, All rights reserved Application Version: 1.0.0.128 Scan date: 2017-11-21 06:02:31 GMT *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss Here is some material from a very well informed member of my LUG, Rick Moen with great knowledge of Linux and connected to enough sources to come up with this in less than 24 hours. There's a lot of bad information on this matter. My understanding from fairly wide reading is that the referenced Intel Management Engine (ME) firmware is a big problem _if_ it is running AMT = Active Management Technology code. But by _no_ means do all Intel chipsets possessing ME firmware also have AMT code that runs on it -- and how to query your machine to find out if it does. Most Intel systems don't have AMT. Most Intel systems with AMT don't have it turned on. It's just a minority of the 'vPRO'-type Intel CPUs that do. Matthew Garrett's AMT FAQ makes good reading for people wanting to know more. https://mjg59.dreamwidth.org/48429.html?thread=1840429 Recently, a firm called Positive Technologies stumbled upon http://blog.ptsecurity.com/2017/08/disabling-intel-me.html a way of disabling ME version 11 immediately after boot, by poking it and setting a bit that in the RAM copy of ME called reserve_hap, with the effect of making ME-mediated processes shut down. Intel have confirmed that this truly _does_ disable ME completely during subsequent run time. Note that totally disabling ME so it never functions at all is not an option, because CPUs that include it rely on ME functionality to initialize power management, the CPU proper, and other hardware. Unlike some paranoiacs, I believe Intel when they say this (that the Positive Technologies hack fully disables ME firmware code, post-boot.) The story of why ME firmware is present in all new Intel x86_64 CPUs, as is the story of why parallel effort AMD Platform Security Processor (PSP) is present in all that company's new x86_64 CPUs, is credible. They're not out to 'get' anyone. It's a (regrettable) technology intended to facilitate OOB (out of band) system management by firms running large numbers of computers. The rationale makes perfect sense, even if the unintended side-effects are woeful. (Technically, the real issue is a software build called Active Management Technology = that runs atop the ME. Without AMT, the ME firmware code would be doing nothing.) The researchers speculate, by the way, that 'reserve_hap' is a hidden switch included at the behest of equipment manufacturers intending to sell equipment through the US government's NSA-administered High Assurance Platform program, so the manufacturers could answer any objection of 'What if the ME gets compromised or produces a side-channel data leak?' by saying 'Don't worry about that. The ME can be instructed to shut down immediately after boot.' So you maybe worried about where you sourced your machine if it was from a company that used the AMD PSP but that is where I got mine, a big company that tossed the usable Dell E6420s into a bin. I have no problems you may not either especially running Linux. And with the Newsgroups covered it may well be Trolling. bliss -- bliss dash SF 4 ever at dslextreme dot com |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
On 11/22/17 6:04 PM, Bobbie Sellers wrote:
On 11/22/2017 02:29 PM, Doomsdrzej wrote: On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. https://www.wired.com/story/intel-ma...s-servers-iot/ And they have a tool, both for Windows and Linux, to check out your systems: https://downloadcenter.intel.com/download/27150 Note that the tool has to be run with root privileges. and here is my report from the use of the tool. [root@localhost SA00086_Linux]# ./intel_sa00086.py INTEL-SA-00086 Detection Tool Copyright(C) 2017, Intel Corporation, All rights reserved Application Version: 1.0.0.128 Scan date: 2017-11-21 06:02:31 GMT *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss Dell has a list of it's computers that are at risk an it is quite long. http://www.dell.com/support/article/...00086-?lang=en I guess Lenovo also has one online. -- Caver1 |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
In article
Doomsdrzej wrote: On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. Yeah, pretty useless if the core hardware has bigger holes than the OS :/ . |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
In article T wrote: On 11/22/2017 01:42 PM, Anonymous Remailer (austria) wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. This post is about hiring at Intel, not about security. Good idea since the current bunch is responsible for these crappy products. Fire them all! |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
In article
Bobbie Sellers wrote: On 11/22/2017 02:29 PM, Doomsdrzej wrote: On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer (austria)" wrote: https://arstechnica.com/information-...2017/11/intel- warns-of-widespread-vulnerability-in-pc-server-device-firmware/ All the latest products by Intel are at risk. When you realize that there are weaknesses in computing at the processor level, you have to wonder what the point of using a secure operating system even is anymore. This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. https://www.wired.com/story/intel-ma...s-servers-iot/ And they have a tool, both for Windows and Linux, to check out your systems: https://downloadcenter.intel.com/download/27150 Note that the tool has to be run with root privileges. and here is my report from the use of the tool. [root@localhost SA00086_Linux]# ./intel_sa00086.py INTEL-SA-00086 Detection Tool Copyright(C) 2017, Intel Corporation, All rights reserved Application Version: 1.0.0.128 Scan date: 2017-11-21 06:02:31 GMT *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr Risk Assessment Based on the analysis performed by this tool: Detection Error: This system may be vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security- center.intel.com/advisory.aspx?intelid=INTEL-SA- 00086&languageid=en-fr INTEL-SA-00086 Detection Tool Application Version: 1.0.0.128 Scan date: 11/22/2017 3:42:57 PM Host Computer Information Name: CLINTON Manufacturer: LENOVO Model: 7484WXH Processor Name: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz OS Version: Microsoft Windows Server 2008 R2 Standard Intel(R) ME Information Engine: Intel(R) Management Engine Version: Unknown SVN: 0 Copyright(C) 2017, Intel Corporation, All rights reserved. |
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
In comp.os.linux.advocacy Caver1 wrote:
On 11/22/17 6:04 PM, Bobbie Sellers wrote: *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss Dell has a list of it's computers that are at risk an it is quite long. http://www.dell.com/support/article/...00086-?lang=en I guess Lenovo also has one online. According to the Intel advisory, among the Core line, only gen 6,7,8 are affected. So no need to run the detection tool on the 2620M above, as it's a gen 2. Likewise, mine's a 2760QM, so I'm not going to bother. |
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
At Thu, 23 Nov 2017 02:55:10 +0000 (UTC) owl wrote:
In comp.os.linux.advocacy Caver1 wrote: On 11/22/17 6:04 PM, Bobbie Sellers wrote: *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss Dell has a list of it's computers that are at risk an it is quite long. http://www.dell.com/support/article/...00086-?lang=en I guess Lenovo also has one online. According to the Intel advisory, among the Core line, only gen 6,7,8 are affected. So no need to run the detection tool on the 2620M above, as it's a gen 2. Likewise, mine's a 2760QM, so I'm not going to bother. I have a "Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz" in my Thinkpad R500 -- I am guessing this is too old to have the ME feature. My desktop has an AMD processor (AMD Phenom(tm) II X4 945 Processor). I also have an *old* Mac Mini with some sort of (old) Intel processor, roughly of the same vintage as my Thinkpad R500, possibly older. that I use as a build box. -- Robert Heller -- 978-544-6933 Deepwoods Software -- Custom Software Services http://www.deepsoft.com/ -- Linux Administration Services -- Webhosting Services |
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
On Thu, 23 Nov 2017 02:55:10 +0000 (UTC), owl
wrote: In comp.os.linux.advocacy Caver1 wrote: On 11/22/17 6:04 PM, Bobbie Sellers wrote: *** Host Computer Information *** Name: localhost.localdomain Manufacturer: Dell Inc. Model: Latitude E6420 Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1) *** Intel(R) ME Information *** Engine: Intel(R) Management Engine Version: 7.1.13.1088 SVN: 0 *** Risk Assessment *** Based on the analysis performed by this tool: This system is not vulnerable. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss Dell has a list of it's computers that are at risk an it is quite long. http://www.dell.com/support/article/...00086-?lang=en I guess Lenovo also has one online. According to the Intel advisory, among the Core line, only gen 6,7,8 are affected. So no need to run the detection tool on the 2620M above, as it's a gen 2. Likewise, mine's a 2760QM, so I'm not going to bother. 4710HQ on my side. I guess I'm not affected. |
PC vendors scramble as Intel announces vulnerability infirmware [Updated]
Bobbie Sellers wrote:
This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. Two of my systems report vulnerabilty but I can't find clear instructions from the URL below. One of the systems was built up from an MSI motherboard and the MSI website has no mention of SA-00086. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr ================================== bliss |
PC vendors scramble as Intel announces vulnerability infirmware [Updated]
On 2017-11-23, root wrote:
Bobbie Sellers wrote: This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. Two of my systems report vulnerabilty but I can't find clear instructions from the URL below. One of the systems was built up from an MSI motherboard and the MSI website has no mention of SA-00086. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr If it is just the firmware, then I would assume that the kernel firmware in linux could handle it. Or is that not true? And what can the manufacturers (who intel points you to to fix this) do abuot it? And with many many computers not made by big long lived manufacturers does this mean that Intel is just leaving most machines out to dry? ================================== bliss |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
In article
William Unruh wrote: On 2017-11-23, root wrote: Bobbie Sellers wrote: This is not as bad as painted by alarmists. Most private systems are not at risk. MS has a tool to check your Intel processors. Below here are the URLs for the real story and for the tools to check your system. Two of my systems report vulnerabilty but I can't find clear instructions from the URL below. One of the systems was built up from an MSI motherboard and the MSI website has no mention of SA-00086. For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr If it is just the firmware, then I would assume that the kernel firmware in linux could handle it. Or is that not true? And what can the manufacturers (who intel points you to to fix this) do abuot it? And with many many computers not made by big long lived manufacturers does this mean that Intel is just leaving most machines out to dry? Pentium FDIV bug. Intel is historically sloppy. |
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
Anonymous writes:
Pentium FDIV bug. Intel is historically sloppy. Sloppy compared to what? Most (all?) CPUs have/had bugs. -- https://www.greenend.org.uk/rjk/ |
PC vendors scramble as Intel announces vulnerability in firmware[Updated]
In article Richard Kettlewell wrote: Anonymous writes: Pentium FDIV bug. Intel is historically sloppy. Sloppy compared to what? Most (all?) CPUs have/had bugs. not to the degree intel cpus do. modern intel is like cyrix. |
Is it that bad? I had no idea about this controversy so I'm thinking it's overblown. But maybe I'm wrong.
|
| All times are GMT +1. The time now is 08:55 PM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
HardwareBanter.com