
After CIA leak, Intel Security releases detection tool for EFI rootkits - pttrsmrt
http://www.pcworld.com/article/3179348/security/after-cia-leak-intel-security-releases-detection-tool-for-efi-rootkits.html?sf61342414=1
======
trendia
No amount of EFI rootkit detection will ever remove the possibility that
malicious code is running inside the Intel Management Engine (ME), because
code inside the ME would run side-by-side with the bootloader and with
unlimited permissions.

Unless Intel provides source code for the ME, it is impossible to 100% know
whether unauthorized code is running.

~~~
Kwastie
Someone at [https://puri.sm](https://puri.sm) almost completely removed the
ME. [https://puri.sm/posts/neutralizing-intel-management-
engine-o...](https://puri.sm/posts/neutralizing-intel-management-engine-on-
librem-laptops/)

~~~
bobcallme
What's with the free advertising? They were not the ones to do the original
work with coreboot or removing the non important parts of the ME. If anything,
Purism has lied, taken credit for other peoples work and given people a false
sense of "privacy" and "security". "Almost completely removed the ME" is not
good enough and there is way too much room to do malicious things.

------
sounds
This is a better link (it is Intel's original blog post):

[https://securingtomorrow.mcafee.com/business/chipsec-
support...](https://securingtomorrow.mcafee.com/business/chipsec-support-
vault-7-disclosure-scanning/)

It includes a few more details about what was released:

    
    
      It extracts EFI firmware from flash ROM memory
      automatically if the firmware file is not
      specified.
    
      We recommend generating an EFI whitelist after
      purchasing a system or when you are sure it has
      not been infected:
    
      # chipsec_main -m tools.uefi.whitelist -a generate
    
      Then check the EFI firmware on your system
      periodically or whenever you are concerned, such
      as when a laptop was left unattended:
    

...

An analysis of the approach they are taking would lead to some pretty easy
improvements.

------
etiam
Finally some tools for this. Very good. Would this be the first reasonably
doable method for extracting all the blobs? Seem like it must be a well-needed
foundation to build on for security companies.

But...

    
    
      We recommend generating an EFI whitelist after
      purchasing a system or when you are sure it has
      not been infected
    

Not that I have a better suggestion, but with interdicted shipments and other
vulnerable points along the supply chain before a system is in the care of its
owner, it doesn't exactly seem like a sure bet that it's clean on arrival. How
would one otherwise be "sure it has not been infected"? Any feasible ways?

Next step would be to provide lists of known good signatures from some
controlled environment, or at least a consensus system to know whether the
version one finds matches the version others have?

~~~
Canada
If you have access to more than one identical system they can be compared. Or
there could be a public list of known good hashes as you suggest.

In any case having a tool to even perform the check is great.

~~~
throwaway91111
This doesn't preclude the infect-at-the-factory issue: you'd end up verifying
you HAVE the rootkit (and reverting to that if it changes).

~~~
Canada
I'm assuming not all of the machines from the factory will be infected.
Because if that were so, then the chances of being found out is high and
consequences would be dire for the manufacturer.

If my assumption is correct then buying a retail machine and comparing its
firmware to the one you order with your credit card should be fine.

------
partycoder
I hope they also release System Management Mode (aka ring -2) rootkit
detection tools.

[https://en.wikipedia.org/wiki/System_Management_Mode#Problem...](https://en.wikipedia.org/wiki/System_Management_Mode#Problems)

That in combination with the Management Engine are ways in which people have
been disowned of their own machines.

------
mempko
And what if intel is compromised? Mass rootkit installation!

~~~
grandalf
Of all the attacks a nation state could do, surely finding a few talented
people to get PhDs in the appropriate fields and go to work at Intel and
collect a paycheck along with a nice stipend from the nation state is likely
among the easiest.

~~~
hguant
Why bother with employees - just go give money to intel to do this. Intel as a
system is designed to produce chips that work a certain way, and my
understanding is that said system is rather good at what it does, dedicating
the time and energy of many rather smart people to making sure things work the
way they're supposed to. Why risk throwing a monkey wrench into such a system
when you can just point it in a different direction?

AT&T and Verizon don't have 'plant' employees. Much simpler - and legally,
safer - to just give the bag of money straight to the corporation.

~~~
cityhall
There's more than one country interested in pulling off these attacks. The US
can say, "Do us this favor and we won't look too hard at your tax avoidance
schemes," but China or Russia might have an easier time planting a few
employees.

------
xvilka
This can be done manually using flashrom [1] tool to read (and write) the SPI
(and not only SPI) flash and UEFITool [2] to unpack the corresponding image.
I've even done some patching for better support of Intel platforms here [3].
Now doesn't have much time to rebase/cleanup/improve it, but hopefully someone
will start from where I've finished. Both tools clearly need more love, and I
hope current revelations will help to do that.

[1] [http://flashrom.org/](http://flashrom.org/)

[2]
[https://github.com/LongSoft/UEFITool/tree/new_engine](https://github.com/LongSoft/UEFITool/tree/new_engine)
(use 'new_engine' branch)

[3]
[https://github.com/XVilka/flashrom/tree/layout_descriptor](https://github.com/XVilka/flashrom/tree/layout_descriptor)
(use 'layout_descriptor' branch)

~~~
tomxor
I also used flashrom instead because it's very simple to install and use... My
problem is trying to verify this against the original (I'm running linux on an
old macbookpro), i've got the raw flash dump and extracted the .scap from
Apple... but after much searching cannot find a way to extract the raw EFI
volume to compare. Any ideas?

------
ardaozkal
What does it mean to get this?
[https://s.ave.zone/066.png](https://s.ave.zone/066.png)

[CHIPSEC] Modules failed 1: [-] FAILED:
chipsec.modules.common.uefi.s3bootscript

~~~
vorpalhex
:(

\-- clarification

Technically all it means, if the error is as advertised, is that the uefi
bootscript failed to match. Now, it could be as simple as that UEFI was
customized by a vendor. Or it could be something less innocent.

~~~
ardaozkal
I just reflashed my bios and then rechecked stuff, same thing... I did more
research and s3bootscript seems to be associated with secure boot. Which I
have disabled.

------
bitmapbrother
Nice try CIA and Intel, but I'm not falling for this.

~~~
rrggrr
and.... what alternative could you possibly have? There's a reason the
Russians reportedly moved to typewriters.

[https://www.theguardian.com/world/2013/jul/11/russia-
reverts...](https://www.theguardian.com/world/2013/jul/11/russia-reverts-
paper-nsa-leaks)

The entire computing ecosystem appears to be P0wned by various intelligence
services. And, its not unique to the CIA or NSA. The Chinese are assumed to
have backdoors into most of what ships from their country.

~~~
PhantomGremlin
_There 's a reason the Russians reportedly moved to typewriters._

Hopefully the Russians still remember how they bugged US typewriters in the US
Embassy in Moscow. Then they'll be able to check that their own typewriters
aren't bugged in a similar fashion:
[http://www.cryptomuseum.com/covert/bugs/selectric/](http://www.cryptomuseum.com/covert/bugs/selectric/)

------
throwaway2048
does this code rely on UEFI interfaces to fetch this data? If so, cant the
rootkit code just lie to it?

------
cmurf
Macs lack Secure Boot. This tools seems to be for non-Secure Boot computers.
IF it's a Secure Boot system, rootkits aren't supposed to happen, and if they
do then there's a hole somewhere that needs fixing.

~~~
ams6110
I thought secure boot was about verifying the OS at boot time. Does it also
self-verify the EFI code?

~~~
cmurf
I'd like to think the existing firmware verifies the signature of a
replacement firmware before permitting the replacement. Otherwise we have
problems. But at runtime, I'm not aware if there's any such thing as firmware
doing a self verification.

EFI binaries though are expected to be signed or they won't execute, that's
the point of Secure Boot, and it includes bootloaders and the kernel all being
signed. Most Linux distros I'm aware of also sign their modules because
permitting unsigned modules could allow you to inject malware right into the
kernel just by loading a compromised kernel module.

------
psyburr
Why has Intel not released this tool before? EFI rootkits have always been a
threat...

------
bogomipz
Does anyone know the attack vector for this root kit?

------
multinglets
Because Intel is totally on our side.

