
“Platinum” malware continues to evolve, find ways to maintain invisibility - r721
https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/
======
zkms
Aaaand I think this is the first public disclosure of malware using the Intel
Management Engine / AMT's network connection (that uses SMBus, i talked about
it here
[https://news.ycombinator.com/item?id=14309557](https://news.ycombinator.com/item?id=14309557)
and gave links to appropriate datasheets). Nice.

AMT/ME being used by malware created by well-resourced adversaries is no
surprise, and is why Intel needed to give an irreversible way of completely
disabling it.

~~~
devrandomguy
I was about to make a note to go back to AMD CPUs for future builds, but then
I found this:
[https://libreboot.org/faq.html#amd](https://libreboot.org/faq.html#amd).
Looks like we're basically screwed for CPUs this year, and the next, until one
of these open source IP stacks finally gets a production run.

> It is extremely unlikely that any post-2013 AMD hardware will ever be
> supported in libreboot, due to severe security and freedom issues; so
> severe, that the libreboot project recommends avoiding all modern AMD
> hardware.

So, what to do... Acquire obscure military surplus gear, and attempt to port
Linux?

I see the only modern recommendation from Libreboot is something called
Rockchip, an ARM SoC.
[https://en.wikipedia.org/wiki/Rockchip_RK3288](https://en.wikipedia.org/wiki/Rockchip_RK3288)

~~~
SomeStupidPoint
Are there not reasonable ARM options?

There seem to be ARM tablets that run Android decently. I mean, they're not a
replacement for a monster desktop PC, but I'd think that they could take over
a lot of your day-to-day (non-gaming/engineering/etc) needs. If there was an
iPad with a Surface style physically connected keyboard, that would be my bet
for most secure computer. (Wirelessly connected keyboards have issues,
though.)

I'm hoping to see more out of the Zynq SoCs, but who knows if Xilinx has a
backdoor. (Though, it's partially mitigated if you have an appropriate circuit
around it -- and they definitely _do_ make some secure components.)

~~~
pjmlp
Not if one wants something comparable with an i7 or the newly baked Kaby Lake.

~~~
kakarot
My i7 6700K lacks AMT / vPro. You can verify this on ARK.

------
campuscodi
There's no "Platinum" malware. PLATINUM is the name of the cyber-espionage
APT.

~~~
majewsky
So "Platinum-based" would be correct?

