CPU as a service // MINIX in Intel ME

• Previous message (by thread): MINIX on ring -3: CPU as a service has come!
• Next message (by thread): CPU as a service // MINIX in Intel ME
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24 November 2017 18:19:23 EET, Giovanni Biscuolo <g at xelera.eu> wrote:
>[...]
>
>2. between the "user facing OS" and the hardware there are at least 2 ½
>OS kernels (MINIX and UEFI)
>3. these are proprietary and very likely exploit-friendly

Update: Have been exploited... 
(And you wouldn't even realize it!)
https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668

>4. the exploits can persist, i.e. be written to FLASH, and you can't
>fix that 
> [...]
In short:
We are essentially being forced, without even being told, to run buggy proprietary code in a very powerful and very capable hyper-hyper-visor of our OS, which can (benign or maliciously) control both the (free) software we run and the hardware we "own", without our knowledge.
(See also in-line comment below..)

Greetings,
Jann
PGP 0xE7A47A578A30148A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20171128/ad5aaf02/attachment.html>

• Previous message (by thread): MINIX on ring -3: CPU as a service has come!
• Next message (by thread): CPU as a service // MINIX in Intel ME
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]