Overclock.net › Forums › Industry News › Hardware News › [HNN/Softpedia] New Intel CPUs Have NSA Exploitable Secret Hidden Backdoor
New Posts  All Forums:Forum Nav:

[HNN/Softpedia] New Intel CPUs Have NSA Exploitable Secret Hidden Backdoor - Page 10

post #91 of 139
Quote:
Originally Posted by umeng2002 View Post

People assuming the NSA doesn't have the source code for this? People thinking Intel didn't give them the source code for this? People thinking Intel wasn't served with a NSL for the source code for this? People thinking Intel employees don't have friends in the NSA who slipped a thumb drive into their hamburger at Saturday's BBQ lunch with the source code on it?

rolleyes.gifbiggrin.gif


Apart the RSA connection (that made the encryption for Intel and also took contract from NSA for some other encryption with backdoor), there is also this:

Quote:
"Both WD and Seagate denied sharing the source-code of their HDD firmware with any government agency, and maintained that their HDD firmware is designed to prevent tampering or reverse-engineering. Former NSA operatives stated that it's fairly easy for the agency to obtain source-code of critical software. This includes asking directly and posing as a software developer. The government can seek source-code of hard drive firmware by simply telling a manufacturer that it needs to inspect the code to make sure it's clean, before it can buy PCs running their hard-drives."

http://www.techpowerup.com/209925/nsa-hides-spying-backdoors-into-hard-drive-firmware

I don't know, but if the US goverment, has the authority to "blackmail" Intel in a similar manner, under the excuse of "we can't accept a black box chip for national security reasons, we need the source code to make sure that the chip is clean", then...
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #92 of 139
Quote:
Originally Posted by Undervolter View Post

I haven't really watched that 55 mins video of that guy, so i don't know anything about which ports and how exactly it works. My understanding is that there is a part of operation which is made at motherboard level, way before the router can do anything about it and the chip can then use the NIC to "phone home". The router, AFAIK doesn't stop anything outbound. This is why so many people get infected, despite being behind routers. The Damien guy in the article i posted in previous page also says that it bypasses firewalls, which i can believe, because it's at such low level that it runs below the level of the firewall filter. So yes, your router will show the connection. And this is it... It will show a connection to some remote proxy server. It's not like you will see in router log: Home IP (192.168.1.0) port 80 TCP ACK remote IP 212.134.134.214 (random IP, i don't know what it is), port 1244 NSA.NET! biggrin.gif

OS or software based firewall yes, because ME is not at OS level. The traffic cannot possibly simply go undetected through the router and firewall within the router though. The router is an entirely separate thing and has nothing at all to do with the PC level of stuff. ALL traffic that leaves the PC will run through the router, period. There is no possible way to not run through the router unless there is no router an the site, which is basically an impossibility these days. I know of not a single person who hard wires their PC directly into a modem from the ISP anymore, because that is not how it is done. Even back when the internet stuff was new hardly anyone did that, because that just isn't how it is done.
The IME does not seem to communicate directly over port 80, it uses the other ports I listed before according to Intel.
Routers can and do block outbound traffic. By default, most do not. The default setting for consumer grade routers is to block all inbound traffic and allow all outbound traffic. This can be changed on most routers with 1 little setting, and even if the router is not set to block outbound communication you can still block specific ports when outbound communication is allowed, and then only those ports you specifically list will get blocked.
I can only assume when you said "This is why so many people get infected, despite being behind routers" that you are referring to malware in general, as there is no proof of anyone getting infected through the ME interface. I also assume you meant to say firewall, as saying router in that case, well I wont even go there. Lets assume you just typed the wrong word. ok so, people get infected when behind a firewall because they click on something to allow the malware through. Firewalls block incoming traffic, but allow incoming traffic on any ports if it is related to outbound traffic the user initiated. That is why you do not have to specifically open every port manually to ever get anything done. The user initiates a request that allows the malware through. Unless in the specific cases there is a hardware or software vulnerability that allows a virus or other malware or hacker or whatever to exploit a vulnerability to allow their traffic through the firewall and other security. That is why patching vulnerabilities is important, but the user can still always click on something to initiate traffic that allows a virus through. That is why anti-virus is useful, it saves the user (sometimes, though we would hope always) when they click on something they shouldnt have.
Edited by EniGma1987 - 6/20/16 at 2:13pm
Gaming
(17 items)
 
Gaming PC
(20 items)
 
 
CPUMotherboardGraphicsRAM
7700K AS Rock Z170 OC Formula Titan X Pascal 2050MHz 64GB DDR4-3200 14-14-14-34-1T 
Hard DriveHard DriveHard DriveCooling
950 EVO m.2 OS drive 850 EVO 1TB games drive Intel 730 series 500GB games drive Custom water cooling 
OSMonitorKeyboardPower
Win 10 Pro x64 AMH A399U E-Element mechanical, black switches, Vortex b... EVGA G3 1kw 
CaseMouseAudioAudio
Lian-Li PC-V1000L Redragon M901 LH Labs Pulse X Infinity DAC Custom built balanced tube amp with SS diamond ... 
Audio
MrSpeakers Alpha Prime 
  hide details  
Reply
Gaming
(17 items)
 
Gaming PC
(20 items)
 
 
CPUMotherboardGraphicsRAM
7700K AS Rock Z170 OC Formula Titan X Pascal 2050MHz 64GB DDR4-3200 14-14-14-34-1T 
Hard DriveHard DriveHard DriveCooling
950 EVO m.2 OS drive 850 EVO 1TB games drive Intel 730 series 500GB games drive Custom water cooling 
OSMonitorKeyboardPower
Win 10 Pro x64 AMH A399U E-Element mechanical, black switches, Vortex b... EVGA G3 1kw 
CaseMouseAudioAudio
Lian-Li PC-V1000L Redragon M901 LH Labs Pulse X Infinity DAC Custom built balanced tube amp with SS diamond ... 
Audio
MrSpeakers Alpha Prime 
  hide details  
Reply
post #93 of 139
Another thing, again, this goes way beyond my knowledge, because we are talking about the possibility of malware running at hardware level, which isn't your everyday malware and i am just a former security enthusiast, so i don't know how much the code on the chip can affect for example Windows processes. But just saying. Any normal malware, that is programmed to do so, once successfully inside Windows, can use various techniques to use legitimate processes to escape detection even of a normal software firewall. It was in the matousec link i posted before, but was password protected, this is another option, from Comodo:

https://personalfirewall.comodo.com/testyourfirewall.html

The older and trusted method is dll injection. Basically, the malware, injects code into a legitimate process (a windows service that normally goes out under svchost.exe, Chrome.exe), that you normally alllow in the firewall. This way, the malware will be phoning home and the firewall won't even know what hit it. For the firewall, it will be "Chrome.exe" connecting out (perfectly normal). Or svchost.exe. Just to say, what someone can do, once he is already IN. Comodo's leak test, emulates these methods and it's why Comodo has the D+ HIPS, which alerts in such instances.

If for example, an exploited chip can also interact with windows processes in a similar way, even if you have some uber firewall that can filter at the same level, the "malware" will still go out disguised as svchost.exe, "perfectly normal".

Anyway, this is all hypothetical discussion. Poor NSA may be completely innocent and only now they 're reading about this. And probably thinking "hmmm, what a brilliant idea! Why didn't we think about backdooring the chip by ourselves! Yeah, we should pursue this!". rolleyes.gif
Edited by Undervolter - 6/20/16 at 2:26pm
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #94 of 139
I haven't seen anything that screams "the NSA is using this as a back door" but they have malware that hides in hard drive firmware, why wouldn't they have BIOS and NIC firmware attacks too?
1
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 930 @ 3.6 Gigabyte x58a ud3r Gigabyte GV-R6870C-1GD Mushkin Redline 
Hard DriveOptical DriveMonitorKeyboard
2x 1TB Spinpoint samsung dvd burner Samsung p2370 + Mitsubishi Diamond Pro 930SB WASD keyboards v1 semi custom w/ cherry browns 
PowerCaseMouse
Antec CP-850 Antec P183 CM Storm Spawn 
  hide details  
Reply
1
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 930 @ 3.6 Gigabyte x58a ud3r Gigabyte GV-R6870C-1GD Mushkin Redline 
Hard DriveOptical DriveMonitorKeyboard
2x 1TB Spinpoint samsung dvd burner Samsung p2370 + Mitsubishi Diamond Pro 930SB WASD keyboards v1 semi custom w/ cherry browns 
PowerCaseMouse
Antec CP-850 Antec P183 CM Storm Spawn 
  hide details  
Reply
post #95 of 139
Quote:
Originally Posted by EniGma1987 View Post

OS or software based firewall yes, because ME is not at OS level. The traffic cannot possibly simply go undetected through the router and firewall within the router though. The router is an entirely separate thing and has nothing at all to do with the PC level of stuff. ALL traffic that leaves the PC will run through the router, period. There is no possible way to not run through the router unless there is no router an the site, which is basically an impossibility these days. I know of not a single person who hard wires their PC directly into a modem from the ISP anymore, because that is not how it is done. Even back when the internet stuff was new hardly anyone did that, because that just isn't how it is done.
The IME does not seem to communicate directly over port 80, it uses the other ports I listed before according to Intel.
Routers can and do block outbound traffic. By default, most do not. The default setting for consumer grade routers is to block all inbound traffic and allow all outbound traffic. This can be changed on most routers with 1 little setting, and even if the router is not set to block outbound communication you can still block specific ports when outbound communication is allowed, and then only those ports you specifically list will get blocked.
I can only assume when you said "This is why so many people get infected, despite being behind routers" that you are referring to malware in general, as there is no proof of anyone getting infected through the ME interface. I also assume you meant to say firewall, as saying router in that case, well I wont even go there. Lets assume you just typed the wrong word. ok so, people get infected when behind a firewall because they click on something to allow the malware through. Firewalls block incoming traffic, but allow incoming traffic on any ports if it is related to outbound traffic the user initiated. That is why you do not have to specifically open every port manually to ever get anything done. The user initiates a request that allows the malware through. Unless in the specific cases there is a hardware or software vulnerability that allows a virus or other malware or hacker or whatever to exploit a vulnerability to allow their traffic through the firewall and other security. That is why patching vulnerabilities is important, but the user can still always click on something to initiate traffic that allows a virus through. That is why anti-virus is useful, it saves the user (sometimes, though we would hope always) when they click on something they shouldnt have.

I think i have covered anything, but just as last thing, i will repost this, as it may answer something you 've missed about the general router ability.

http://www.overclock.net/t/1603524/hnn-softpedia-new-intel-cpus-have-nsa-exploitable-secret-hidden-backdoor/70#post_25274091

If we assume that the chip only uses those 2 ports you say, then yes, if you can block those 2 ports on the router, it's safe. But if i were NSA and had access to the chip to allow reprogramming, i 'd simply reprogram the ports to 80 and 443. Block them and you block your internert. Heck, i 'd do it even more cunningly. Maintain the "normal ports" for "normal chip activity" (for the legit reasons, as to not raise suspicion) and add 80,443 for "my" purposes (for the chip's "extracurriculum activities"). I know, i am devious.
Edited by Undervolter - 6/20/16 at 2:25pm
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #96 of 139
Oh, i forgot! If your router/firewall has also an NSA backdoor, like these:

https://gigaom.com/2013/12/29/nsas-backdoor-catalog-exposed-targets-include-juniper-cisco-samsung-and-huawei/

Then you 're out of luck even if you attempt to close the 2 ports (assuming that NSA won't reprogram the ports). This is the beauty of backdooring multiple pieces of hardware. You have more options. Oh and even if your chip is using those 2 ports that you blocked successfully outbound, are you sure your HDD's firmware hasn't been backdoored too and phoning home using other ports? lachen.gif This is hilarious, but hardware backdoors, open so many more horizons. A software backdoor can be detected or prevented by other security software much easier. But a hardware one, even worse when multiple devices might be invovled, is the worst case scenario to defend against. Not to mention that an antivirus, even by accident, sometime, somehow, with a technology update, might detect a surveillance soffware. But it will never detect something that lies on your motherboard, well below OS level. That's the beauty.
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #97 of 139
Murican made chips for an Murican controlled planet. Buy your freedom today. You have nothing to worry about as long as the NSA is watching.
Boomstick
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 4770K Asus Maximus Hero VI EVGA GTX760 SuperClocked  G.Skill Ripjaws X 1866 9-10-9-28 
Hard DriveHard DriveCoolingOS
Intel SSD 530 Samsung 840 Silverstone Argon AR01 Windows 7 Pro 
MonitorKeyboardPowerCase
HP w2207h Microsoft Comfort Curve 2000 Antec High Current Pro 750W Fractal Design Arc Midi R2 
MouseMouse PadAudio
Mionix 8200 Puretrak Talent Creative Sound Blaster Z 
  hide details  
Reply
Boomstick
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7 4770K Asus Maximus Hero VI EVGA GTX760 SuperClocked  G.Skill Ripjaws X 1866 9-10-9-28 
Hard DriveHard DriveCoolingOS
Intel SSD 530 Samsung 840 Silverstone Argon AR01 Windows 7 Pro 
MonitorKeyboardPowerCase
HP w2207h Microsoft Comfort Curve 2000 Antec High Current Pro 750W Fractal Design Arc Midi R2 
MouseMouse PadAudio
Mionix 8200 Puretrak Talent Creative Sound Blaster Z 
  hide details  
Reply
post #98 of 139
Quote:
Originally Posted by Peanuts4 View Post

Murican made chips for an Murican controlled planet. Buy your freedom today. You have nothing to worry about as long as the NSA is watching.

There is yet another hardware based vector of attack that isn't even encrypted. USB firmware.

https://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

https://heimdalsecurity.com/blog/badusb-exploit-vulnerability-fix/

You can bet, that if an average malware writer took advantage of it, someone with more resources can also take advantage of it. After all, if they bother to basically infiltrate factories to manipulate the HDD firmwares, why not do the same for USB, when it's unpatchable too (open invitation).
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
Main
(16 items)
 
Dedicated Encoder
(15 items)
 
 
CPUMotherboardGraphicsRAM
FX-8320@4Ghz Gigabyte 970 UD3P rev2.1 Gainward GTX 750Ti Corsair XMS3 1600Mhz 16GB (4x4GB) 
Hard DriveHard DriveOptical DriveOptical Drive
Crucial BX100 250GB Western Digital Green 2TB LiteOn Blu-Ray Burner IHBS 112-2 LG BH16NS55 Blu-Ray Burner 
CoolingOSMonitorKeyboard
Scythe Katana 3 Windows 7 Pro 64bit ASUS 22" VS228HR Microsoft Wired Keyboard 600 
PowerCaseMouseAudio
EVGA 430W Sharkoon VG4-V Logitech M90 Onboard 
CPUMotherboardGraphicsRAM
FX-8300 Asrock 970 Extreme3 HIS 6570 Silence Corsair XMS3 1600Mhz 8GB (2x4GB) CAS9 
Hard DriveHard DriveOptical DriveCooling
Plextor M6S 128GB Toshiba 2TB SATAIII LiteOn Blu Ray burner IHBS 112-2 Xigmatek Balder 
OSMonitorKeyboardPower
Windows 7 Pro 64bit Samsung S22B350H Microsoft Wired 600 Corsair VS350 
CaseMouseAudio
Lepa LPC 306 Logitech M90 Onboard 
  hide details  
Reply
post #99 of 139
Some people are so utterly oblivious that they don't understand the implications of this. More fool them.

This is not good. Doesn't matter how inconsequential some here are trying to make it seem.
post #100 of 139
Quote:
Originally Posted by Undervolter View Post

Oh and even if your chip is using those 2 ports that you blocked successfully outbound, are you sure your HDD's firmware hasn't been backdoored too and phoning home using other ports? lachen.gif

Yes, well aware other devices can have security issues. We arent talking about other devices, the topic of discussion is the IME. If you are going to throw out as many distractions as possible to try to win a discussion then you might as well throw the modem itself in there since it has known vulnerabilities and all your internet traffic runs through it.

Quote:
Originally Posted by Shatun-Bear View Post

Some people are so utterly oblivious that they don't understand the implications of this. More fool them.

This is not good. Doesn't matter how inconsequential some here are trying to make it seem.
This has been around for a long time though and tons of people know about the feature, how it is used, and how to use it. No one really cared until all of a sudden some guy says "it can be used for scary things" and now everyone is all of a sudden up in arms saying ti has been exploited forever and all this doom and gloom. The simple facts of the matter are that it has been around for years to be used for PC management in business environments, the features can be disabled in the bios, the data can be blocked from going in or out. Yes, the hardware device *could* be used to a great extent as an attack vector IF someone were to find an exploit in the hardware security of the chip. But only if someone found a vulnerability in the hardware, and only if it is enabled and/or not blocked already. The exact same thing can be said of ALL NICs out there. They are still there and on listening to things too. How did you all think boot on LAN works? If someone found a security vulnerability in a NIC chipset it would become an attack vector exactly the same as this ME interface. if you are afraid of such things happening then you should unplug your computer from the network every time you shut it down.

And just so people here know and are aware, there already are some sorts of malware or other things that can and do boot computers over lan and can access your data. It has happened to me over a dozen times, I even took a video recording of it at the time (dont know if I still have the video saved or not). This happened to me right around the time my best friend was having background done on him for some high level IT stuff. It also happened to my best friend himself during that time period, and another 3rd friend of both of us around that same time. It was interesting because we could literally watch as the background checking spread between people. lol tongue.gif It was fun playing XBox in the room and having my computer turn on on its own a few feet away from me.

So ya, anyway back to the topic. This is no different an attack vector that what any NIC out there could be used for. So you all have fun running with those crazy thoughts now. Im out since I said my piece, made my points, and dont see anyone able to contradict what data I know to be true so far.
Edited by EniGma1987 - 6/20/16 at 4:12pm
Gaming
(17 items)
 
Gaming PC
(20 items)
 
 
CPUMotherboardGraphicsRAM
7700K AS Rock Z170 OC Formula Titan X Pascal 2050MHz 64GB DDR4-3200 14-14-14-34-1T 
Hard DriveHard DriveHard DriveCooling
950 EVO m.2 OS drive 850 EVO 1TB games drive Intel 730 series 500GB games drive Custom water cooling 
OSMonitorKeyboardPower
Win 10 Pro x64 AMH A399U E-Element mechanical, black switches, Vortex b... EVGA G3 1kw 
CaseMouseAudioAudio
Lian-Li PC-V1000L Redragon M901 LH Labs Pulse X Infinity DAC Custom built balanced tube amp with SS diamond ... 
Audio
MrSpeakers Alpha Prime 
  hide details  
Reply
Gaming
(17 items)
 
Gaming PC
(20 items)
 
 
CPUMotherboardGraphicsRAM
7700K AS Rock Z170 OC Formula Titan X Pascal 2050MHz 64GB DDR4-3200 14-14-14-34-1T 
Hard DriveHard DriveHard DriveCooling
950 EVO m.2 OS drive 850 EVO 1TB games drive Intel 730 series 500GB games drive Custom water cooling 
OSMonitorKeyboardPower
Win 10 Pro x64 AMH A399U E-Element mechanical, black switches, Vortex b... EVGA G3 1kw 
CaseMouseAudioAudio
Lian-Li PC-V1000L Redragon M901 LH Labs Pulse X Infinity DAC Custom built balanced tube amp with SS diamond ... 
Audio
MrSpeakers Alpha Prime 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Hardware News
Overclock.net › Forums › Industry News › Hardware News › [HNN/Softpedia] New Intel CPUs Have NSA Exploitable Secret Hidden Backdoor