Hacker News new | past | comments | ask | show | jobs | submit login

If CPU backdoors exist how has nobody logged network traffic required to abuse them?

Malware is in fact using IME.[1] And remotely exploitable vulnerabilities have been found it in.[2]

[1] https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum...

[2] https://arstechnica.com/information-technology/2017/05/intel...

I'm surprised I didn't hear about this until now. It looks like the user had to have enabled AMT, so this isn't exactly conspiracy levels.

It is troubling how little priority the computer world gives to proper security models.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact