Posted on 05/04/2017 7:16:27 PM PDT by Ernest_at_the_Beach
TLDR; There is a remote control mechanism in hardware that cannot be fully disabled and you cannot get Intel hardware without it. So while this patch may fix the current vulnerability this situation points to the urgent need for hardware diversity.
Monday SemiAccurate brought you news of a critical remote exploit in all 2008+ Intel CPUs. Today we will walk you through a chain of thought based on further investigation on how it could be exploited.
Confidence Levels:
While this is only analysis we will note that we believe this is in the wild right now. We would like to make very clear that none of the information here has been publicly proven. However, follow us on an excursion and let us know if you come to a different conclusion. Or if you have other enlightening information, please send it our way.
Hardware and Fuses:
First off all non-server, including workstation but possibly not Atom based, systems contain the hardware needed for this exploit. Over the past several years during conversations with Intel personnel, the hardware is said to be not there on machines that dont have the correct chipset, usually -Q coded variants. Unofficial conversations have led SemiAccurate to believe that the hardware necessary for the AMT exploit is both there and functional. For the short and mid-term past, there is only one chipset die across all small (non-E/EP/EX) CPU platforms.
Intel claims the ME is fused off completely. SemiAccurate does not believe this to be totally accurate. Our research indicates that there were fuses blown but they dont actually disable the hardware. If Intels claims are accurate then why are bits of functionality that should be hard disabled present in other consumer grade features?
(Excerpt) Read more at semiaccurate.com ...
Lucky for me I use AMDs.
But you would like need it to make sales to corps supporting a large number of PCs in the hands of remote staff.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.