A computer components & hardware forum. HardwareBanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » HardwareBanter forum » Processors » Intel
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

PC vendors scramble as Intel announces vulnerability in firmware[Updated]



 
 
Thread Tools Display Modes
  #1  
Old November 22nd 17, 10:42 PM posted to alt.privacy.anon-server, comp.os.linux.advocacy, comp.os.linux.misc,comp.sys.intel
Anonymous Remailer (austria)
external usenet poster
 
Posts: 71
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.

  #2  
Old November 22nd 17, 10:45 PM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
T[_6_]
external usenet poster
 
Posts: 13
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

On 11/22/2017 01:42 PM, Anonymous Remailer (austria) wrote:
https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


This post is about hiring at Intel, not about security.
  #3  
Old November 22nd 17, 11:29 PM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
Doomsdrzej[_2_]
external usenet poster
 
Posts: 7
Default PC vendors scramble as Intel announces vulnerability in firmware [Updated]

On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.
  #4  
Old November 23rd 17, 12:04 AM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
Bobbie Sellers[_2_]
external usenet poster
 
Posts: 2
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.

This is not as bad as painted by alarmists.
Most private systems are not at risk.
MS has a tool to check your Intel processors.
Below here are the URLs for the real story and
for the tools to check your system.


https://www.wired.com/story/intel-ma...s-servers-iot/
And they have a tool, both for Windows and Linux, to check out your
systems:

https://downloadcenter.intel.com/download/27150


Note that the tool has to be run with root privileges.
and here is my report from the use of the tool.

[[email protected] SA00086_Linux]# ./intel_sa00086.py
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-21 06:02:31 GMT

*** Host Computer Information ***
Name: localhost.localdomain
Manufacturer: Dell Inc.
Model: Latitude E6420
Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.13.1088
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the
Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

==================================
bliss

--
bliss dash SF 4 ever at dslextreme dot com
  #5  
Old November 23rd 17, 12:52 AM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
William Unruh
external usenet poster
 
Posts: 14
Default PC vendors scramble as Intel announces vulnerability infirmware [Updated]

On 2017-11-22, Bobbie Sellers wrote:
On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.

This is not as bad as painted by alarmists.
Most private systems are not at risk.
MS has a tool to check your Intel processors.
Below here are the URLs for the real story and
for the tools to check your system.


And if it says your system is vulnerable, what do you do?
Some of the systems may be from manufacturers who are out of business.





https://www.wired.com/story/intel-ma...s-servers-iot/
And they have a tool, both for Windows and Linux, to check out your
systems:

https://downloadcenter.intel.com/download/27150


Note that the tool has to be run with root privileges.
and here is my report from the use of the tool.

[[email protected] SA00086_Linux]# ./intel_sa00086.py
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-21 06:02:31 GMT

*** Host Computer Information ***
Name: localhost.localdomain
Manufacturer: Dell Inc.
Model: Latitude E6420
Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.13.1088
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the
Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

==================================
bliss

  #6  
Old November 23rd 17, 01:03 AM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
Bobbie Sellers[_2_]
external usenet poster
 
Posts: 2
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

On 11/22/2017 03:52 PM, William Unruh wrote:
On 2017-11-22, Bobbie Sellers wrote:
On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.

When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.

This is not as bad as painted by alarmists.
Most private systems are not at risk.
MS has a tool to check your Intel processors.
Below here are the URLs for the real story and
for the tools to check your system.


And if it says your system is vulnerable, what do you do?
Some of the systems may be from manufacturers who are out of business.




https://www.wired.com/story/intel-ma...s-servers-iot/
And they have a tool, both for Windows and Linux, to check out your
systems:

https://downloadcenter.intel.com/download/27150


Note that the tool has to be run with root privileges.
and here is my report from the use of the tool.

[[email protected] SA00086_Linux]# ./intel_sa00086.py
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-21 06:02:31 GMT

*** Host Computer Information ***
Name: localhost.localdomain
Manufacturer: Dell Inc.
Model: Latitude E6420
Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.13.1088
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the
Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

==================================
bliss



Here is some material from a very well informed member of
my LUG, Rick Moen with great knowledge of Linux and connected to
enough sources to come up with this in less than 24 hours.


There's a lot of bad information on this matter.

My understanding from fairly wide reading is that the referenced Intel
Management Engine (ME) firmware is a big problem _if_ it is running
AMT = Active Management Technology code. But by _no_ means do all Intel
chipsets possessing ME firmware also have AMT code that runs on it --
and how to query your machine to find out if it does. Most Intel
systems don't have AMT. Most Intel systems with AMT don't have it
turned on. It's just a minority of the 'vPRO'-type Intel CPUs that do.

Matthew Garrett's AMT FAQ makes good reading for people wanting to know
more. https://mjg59.dreamwidth.org/48429.html?thread=1840429

Recently, a firm called Positive Technologies stumbled upon
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html a way of
disabling ME version 11 immediately after boot, by poking it and setting
a bit that in the RAM copy of ME called reserve_hap, with
the effect of making ME-mediated processes shut down. Intel have
confirmed that this truly _does_ disable ME completely during subsequent
run time. Note that totally disabling ME so it never functions at all is
not an option, because CPUs that include it rely on ME functionality to
initialize power management, the CPU proper, and other hardware.

Unlike some paranoiacs, I believe Intel when they say this (that the
Positive Technologies hack fully disables ME firmware code, post-boot.)
The story of why ME firmware is present in all new Intel x86_64 CPUs, as
is the story of why parallel effort AMD Platform Security Processor
(PSP) is present in all that company's new x86_64 CPUs, is credible.
They're not out to 'get' anyone. It's a (regrettable) technology
intended to facilitate OOB (out of band) system management by firms
running large numbers of computers. The rationale makes perfect sense,
even if the unintended side-effects are woeful. (Technically, the real
issue is a software build called Active Management Technology = that
runs atop the ME. Without AMT, the ME firmware code would be doing
nothing.)

The researchers speculate, by the way, that 'reserve_hap' is a hidden
switch included at the behest of equipment manufacturers intending to
sell equipment through the US government's NSA-administered High
Assurance Platform program, so the manufacturers could answer any
objection of 'What if the ME gets compromised or produces a side-channel
data leak?' by saying 'Don't worry about that. The ME can be instructed
to shut down immediately after boot.'


So you maybe worried about where you sourced your machine
if it was from a company that used the AMD PSP but that is where
I got mine, a big company that tossed the usable Dell E6420s into
a bin. I have no problems you may not either especially running
Linux.

And with the Newsgroups covered it may well be Trolling.

bliss

--
bliss dash SF 4 ever at dslextreme dot com
  #7  
Old November 23rd 17, 01:38 AM posted to alt.privacy.anon-server,comp.os.linux.advocacy,comp.os.linux.misc,comp.sys.intel
Caver1
external usenet poster
 
Posts: 3
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

On 11/22/17 6:04 PM, Bobbie Sellers wrote:
On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.

This is not as bad as painted by alarmists.
Most private systems are not at risk.
MS has a tool to check your Intel processors.
Below here are the URLs for the real story and
for the tools to check your system.


https://www.wired.com/story/intel-ma...s-servers-iot/
And they have a tool, both for Windows and Linux, to check out your
systems:

https://downloadcenter.intel.com/download/27150


Note that the tool has to be run with root privileges.
and here is my report from the use of the tool.

[[email protected] SA00086_Linux]# ./intel_sa00086.py
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-21 06:02:31 GMT

*** Host Computer Information ***
Name: localhost.localdomain
Manufacturer: Dell Inc.
Model: Latitude E6420
Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.13.1088
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the
Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

==================================
bliss


Dell has a list of it's computers that are at risk an it is quite long.

http://www.dell.com/support/article/...00086-?lang=en

I guess Lenovo also has one online.
--
Caver1
  #8  
Old November 23rd 17, 02:13 AM posted to alt.privacy.anon-server, comp.os.linux.advocacy, comp.os.linux.misc,comp.sys.intel
Nomen Nescio
external usenet poster
 
Posts: 123
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

In article
Doomsdrzej wrote:

On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.


Yeah, pretty useless if the core hardware has bigger holes than
the OS :/ .

  #9  
Old November 23rd 17, 03:11 AM posted to alt.privacy.anon-server, comp.os.linux.advocacy, comp.os.linux.misc,comp.sys.intel
Anonymous Remailer (austria)
external usenet poster
 
Posts: 71
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]


In article
T wrote:

On 11/22/2017 01:42 PM, Anonymous Remailer (austria) wrote:
https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


This post is about hiring at Intel, not about security.


Good idea since the current bunch is responsible for these
crappy products.

Fire them all!

  #10  
Old November 23rd 17, 03:48 AM posted to alt.privacy.anon-server, comp.os.linux.advocacy, comp.os.linux.misc,comp.sys.intel
Cornelis Tromp
external usenet poster
 
Posts: 26
Default PC vendors scramble as Intel announces vulnerability in firmware[Updated]

In article
Bobbie Sellers wrote:

On 11/22/2017 02:29 PM, Doomsdrzej wrote:
On Wed, 22 Nov 2017 22:42:13 +0100 (CET), "Anonymous Remailer
(austria)" wrote:


https://arstechnica.com/information-...2017/11/intel-
warns-of-widespread-vulnerability-in-pc-server-device-firmware/

All the latest products by Intel are at risk.


When you realize that there are weaknesses in computing at the
processor level, you have to wonder what the point of using a secure
operating system even is anymore.

This is not as bad as painted by alarmists.
Most private systems are not at risk.
MS has a tool to check your Intel processors.
Below here are the URLs for the real story and
for the tools to check your system.


https://www.wired.com/story/intel-ma...s-servers-iot/
And they have a tool, both for Windows and Linux, to check out your
systems:

https://downloadcenter.intel.com/download/27150


Note that the tool has to be run with root privileges.
and here is my report from the use of the tool.

[[email protected] SA00086_Linux]# ./intel_sa00086.py
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.128
Scan date: 2017-11-21 06:02:31 GMT

*** Host Computer Information ***
Name: localhost.localdomain
Manufacturer: Dell Inc.
Model: Latitude E6420
Processor Name: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
OS Version: PCLinuxOS 2017 PCLinuxOS (4.13.14-pclos1)

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.13.1088
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the
Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr


Risk Assessment
Based on the analysis performed by this tool: Detection Error:
This system may be vulnerable.

For more information refer to the SA-00086 Detection Tool Guide
or the Intel security advisory Intel-SA-00086 at the following
link: https://security-
center.intel.com/advisory.aspx?intelid=INTEL-SA-
00086&languageid=en-fr

INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 11/22/2017 3:42:57 PM

Host Computer Information
Name: CLINTON
Manufacturer: LENOVO
Model: 7484WXH
Processor Name: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
OS Version: Microsoft Windows Server 2008 R2 Standard

Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: Unknown
SVN: 0

Copyright(C) 2017, Intel Corporation, All rights reserved.

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PowerVR ~ Imagination Technologies Announces Expanded Multimedia Collaboration with Intel and Investment from Intel Capital AirRaid Intel 0 October 3rd 06 11:33 PM
PowerVR ~ Imagination Technologies Announces Expanded Multimedia Collaboration with Intel and Investment from Intel Capital AirRaid Nvidia Videocards 0 October 3rd 06 11:33 PM
PowerVR ~ Imagination Technologies Announces Expanded Multimedia Collaboration with Intel and Investment from Intel Capital AirRaid Ati Videocards 0 October 3rd 06 11:33 PM
Intel Announces Management Changes [email protected] Intel 0 July 23rd 06 08:02 AM
HELP - DVD drive updated with incorrect Firmware bas alberink General Hardware 6 October 30th 03 08:22 AM


All times are GMT +1. The time now is 07:48 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 2004-2018 HardwareBanter.
The comments are property of their posters.