Processors

Intel puts a subsystem in their cpus that compromises your security

Table of contents:

Anonim

Damien Zammit has published an article in which he assures that the Intel processors hide inside a secret autonomous control mechanism, Intel Management Engine, that works even if we have the computer turned off.

Intel processors can compromise your security without you being able to do anything about it

The Intel Management Engine (ME) is nothing more than a 32-bit ARC subsystem physically attached to the motherboard chipset and including its own firmware for stand-alone operation to work even with the computer turned off or in S3 sleep state, this subsystem controls the CPU and works with the "Intel Active Management Technology" (AMT) that makes it completely transparent to the operating system used in the computer so it works with Windows, Linux, FreeDOS or any other.

ME and AMT were born in order to provide system administrators with a way to remotely access the various computers that comprise them, the ME is capable of accessing any region of the system independently of the CPU and is capable of skipping any port or firewall restriction thanks to the fact that it has a small TCP / IP server.

This subsystem is included in all Intel processors from the Core 2 Duo leaving an open door that can compromise the security of users, such is the security hole that is classified as Ring-3 level which means that it can affect the user, the kernel, the hypervisor and the processor itself. To add fuel to the fire, this system cannot be deactivated from the Nehalem processors since doing so stops working.

Fortunately, it includes a 2048-bit RSA algorithm encryption system, but any vulnerability can be exploited and some researchers have already managed to control systems with these Intel technologies, proving that it is a real and very serious security hole. There is no sure way to know if the security of the ME in our system has been compromised or if there have been unauthorized access (hello sir of the NSA), nor do we know if our system has been accessed through the TCP / IP.

Source: boingboing

Processors

Editor's choice

Back to top button