GeForce RTX 2080 and 2080 Ti - An Overview Thus far
Lian Li Strimer Review - RGB 24 Pin Extension Cable
Raijintek Orcus 240 AIO cooler review
AMD Ryzen Threadripper 2950X review
AMD Ryzen Threadripper 2990WX review
ASUS ROG SWIFT PG27UQ Monitor review
MSI B450i Gaming PLUS AC review
MSI Radeon RX 570 and 580 MECH 2 8G OC review
Preview: Unboxing Threadripper 2950X & 2990WX
Corsair SPEC Omega RGB review
New Security Flaw Hits Intel, Laptops this time
F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure.
Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.
"The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."
F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
"No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.
A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
kruno
Senior Member
Posts: 246
Joined: 2017-09-25
Senior Member
Posts: 246
Joined: 2017-09-25
#5510165 Posted on: 01/12/2018 06:58 PM
Cr*p, did they even patched last hole in AMT
Cr*p, did they even patched last hole in AMT
kruno
Senior Member
Posts: 246
Joined: 2017-09-25
Senior Member
Posts: 246
Joined: 2017-09-25
#5510166 Posted on: 01/12/2018 06:59 PM
Hardly,lawsuits in USA has already begun, in any way this "blunders" is going to cost them dearly
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?
Hardly,lawsuits in USA has already begun, in any way this "blunders" is going to cost them dearly
Amaze
Senior Member
Posts: 2325
Joined: 2003-11-15
Senior Member
Posts: 2325
Joined: 2003-11-15
#5510167 Posted on: 01/12/2018 07:00 PM
This isn't a ploy
Ploys usually don't involve ruining your reputation for years to come.
This isn't a ploy
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?
Ploys usually don't involve ruining your reputation for years to come.
Denial
Senior Member
Posts: 11440
Joined: 2004-05-16
Senior Member
Posts: 11440
Joined: 2004-05-16
#5510168 Posted on: 01/12/2018 07:06 PM
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:
https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/
But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues? Or the various security companies that audit this hardware rather frequently?
It was clearly overlooked.
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Is this a vulnerability?
Technically this is not a vulnerability, but a combination of a default password, insecure default configuration, and unexpected behaviour.
This issue has no CVE number, security update or new version available, yet it affects major vendors and large numbers of laptops. AMT has gained popularity over the past few years, and only the latest security guides from Intel highlight the importance of requiring a BIOS password for local provisioning. We have encountered this issue time and time again, and it is locally exploitable in practical situations even when laptops have otherwise been completely hardened. In other words, while Intel has written extensive guides on AMT, they have not had the desired impact on the real world security of corporate laptops. With this announcement our goal is to raise awareness so organizations can have the opportunity to mitigate the issue and improve security in the real world.
Technically this is not a vulnerability, but a combination of a default password, insecure default configuration, and unexpected behaviour.
This issue has no CVE number, security update or new version available, yet it affects major vendors and large numbers of laptops. AMT has gained popularity over the past few years, and only the latest security guides from Intel highlight the importance of requiring a BIOS password for local provisioning. We have encountered this issue time and time again, and it is locally exploitable in practical situations even when laptops have otherwise been completely hardened. In other words, while Intel has written extensive guides on AMT, they have not had the desired impact on the real world security of corporate laptops. With this announcement our goal is to raise awareness so organizations can have the opportunity to mitigate the issue and improve security in the real world.
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?
Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:
https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/
But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues? Or the various security companies that audit this hardware rather frequently?
It was clearly overlooked.
kruno
Senior Member
Posts: 246
Joined: 2017-09-25
Senior Member
Posts: 246
Joined: 2017-09-25
#5510169 Posted on: 01/12/2018 07:09 PM
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:
https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/
But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues?
It was clearly overlooked.
Actually it is just Intel's meltdown (with 2 ARM), software side (MS,Linux,BSD..) is just trying to soft patch hardware flaw
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:
https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/
But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues?
It was clearly overlooked.
Actually it is just Intel's meltdown (with 2 ARM), software side (MS,Linux,BSD..) is just trying to soft patch hardware flaw
RavenMaster
Senior Member
Posts: 885
Joined: 2009-08-19
Senior Member
Posts: 885
Joined: 2009-08-19
#5510173 Posted on: 01/12/2018 07:25 PM
Whatever happens, fear sells and somebody is set to profit from these vulnerabilities massively
https://imgur.com/CRNqn8K
Whatever happens, fear sells and somebody is set to profit from these vulnerabilities massively
https://imgur.com/CRNqn8K
Aura89
Senior Member
Posts: 6730
Joined: 2008-07-31
Senior Member
Posts: 6730
Joined: 2008-07-31
#5510185 Posted on: 01/12/2018 08:04 PM
Too much tinfoil going on here.
This. For this entire forum, so much this.
Too much tinfoil going on here.
This. For this entire forum, so much this.
alanm
Senior Member
Posts: 7914
Joined: 2004-05-10
Senior Member
Posts: 7914
Joined: 2004-05-10
#5510186 Posted on: 01/12/2018 08:06 PM
So to favor the 9 series, they give up a years sales of the vulnerable 8 series? Hmm.. And so many people in the company would have to be in on it, any righteous (or disgruntled) employee would spill the beans faster than you can say busted, disgraced, sued for billions, and mass resignations of Intels senior management. Not to mention just the extreme incompetence to think up such a silly plan would see their asses booted out by shareholders pretty quick.
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year?
So to favor the 9 series, they give up a years sales of the vulnerable 8 series? Hmm.. And so many people in the company would have to be in on it, any righteous (or disgruntled) employee would spill the beans faster than you can say busted, disgraced, sued for billions, and mass resignations of Intels senior management. Not to mention just the extreme incompetence to think up such a silly plan would see their asses booted out by shareholders pretty quick.
tsunami231
Senior Member
Posts: 8492
Joined: 2003-05-24
Senior Member
Posts: 8492
Joined: 2003-05-24
#5510194 Posted on: 01/12/2018 08:16 PM
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
This, it not intel fault default password are left as, that is just pain stupid in corporate environment
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.
The F-Secure article specifically states this:
Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.
This, it not intel fault default password are left as, that is just pain stupid in corporate environment
SerotoNiN
Senior Member
Posts: 2586
Joined: 2011-11-10
Senior Member
Posts: 2586
Joined: 2011-11-10
#5510197 Posted on: 01/12/2018 08:18 PM
Obvious backdoor to "fight against terrorism" or whatever BS the flock buy into this week. This was an obviously known exploit and it doesn't take 10 years to find such a critical issue. Think.
Obvious backdoor to "fight against terrorism" or whatever BS the flock buy into this week. This was an obviously known exploit and it doesn't take 10 years to find such a critical issue. Think.
WareTernal
Senior Member
Posts: 193
Joined: 2013-09-27
Senior Member
Posts: 193
Joined: 2013-09-27
#5510205 Posted on: 01/12/2018 08:37 PM
My thoughts exactly. Sounds like the problem is a combination of two factors: the feature works as intended, and people are lazy.
Couldn't we say a similar thing about a lot of routers? If you haven't changed the password AND a bad actor has physical access to the device, they could gain control of the device, and configure it for remote access.
This, it not intel fault default password are left as, that is just pain stupid
My thoughts exactly. Sounds like the problem is a combination of two factors: the feature works as intended, and people are lazy.
Couldn't we say a similar thing about a lot of routers? If you haven't changed the password AND a bad actor has physical access to the device, they could gain control of the device, and configure it for remote access.
RzrTrek
Senior Member
Posts: 1557
Joined: 2012-04-16
Senior Member
Posts: 1557
Joined: 2012-04-16
#5510208 Posted on: 01/12/2018 08:42 PM
What the heck has Intel been doing for the past 15 years?
What the heck has Intel been doing for the past 15 years?
tsunami231
Senior Member
Posts: 8492
Joined: 2003-05-24
Senior Member
Posts: 8492
Joined: 2003-05-24
#5510214 Posted on: 01/12/2018 08:50 PM
well on the other side of things alot routers when you first go in to them ask to have passwords/user changed, smart people will do this, others will ignore it, others never go in to the routers., intel could do something like this again it assume people have brains to know it should be changed.
Other side of this they could do what is what verizon does with there routers they all have random pw made fore each router sent out.
lazyness and bad security habits like not chaning default passwords is no intels fault
well on the other side of things alot routers when you first go in to them ask to have passwords/user changed, smart people will do this, others will ignore it, others never go in to the routers., intel could do something like this again it assume people have brains to know it should be changed.
Other side of this they could do what is what verizon does with there routers they all have random pw made fore each router sent out.
lazyness and bad security habits like not chaning default passwords is no intels fault
Turanis
Senior Member
Posts: 1294
Joined: 2014-08-15
Senior Member
Posts: 1294
Joined: 2014-08-15
#5510217 Posted on: 01/12/2018 08:53 PM
Ermm...backdooors and milk the end-user/corporate?
Meanwhile at Intel:
"
Further, the CEO said the open sharing of performance data by hardware and software developers would be essential to "rapid progress" moving forward."
What the heck has Intel been doing for the past 15 years?
Ermm...backdooors and milk the end-user/corporate?
Meanwhile at Intel:
"
Intel CEO promises Customer-First Urgency,Transparent and Timely Communications,Ongoing Security Assurance in open letter to tech industry leaders
.Further, the CEO said the open sharing of performance data by hardware and software developers would be essential to "rapid progress" moving forward."
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 885
Joined: 2009-08-19
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, how many times has your PC been hacked at hardware level?