One of the most common questions regards
the possibility of remote exploitation.
We think that remote exploitation is possible
if the following conditions are true:
1. The target platform has AMT activated.
2. The attacker knows the AMT administrator
password or can use a vulnerability to
3. The BIOS is not password-protected (or
the attacker knows the password).
4. The BIOS can be configured to open up
write access to the ME region.
If all these conditions are met, there is no
reason why an attacker would not be able to
obtain access to the ME region remotely.
Also note that during startup, the ROM does
not check the version of firmware, leaving the
possibility that an attacker targeting an
up-to-date system could maliciously downgrade
ME to a vulnerable version.
At my work we use AMT for legitimate purposes: remote administration and support (we have offices in different cities). A big problem for us is that the AMT crashes by itself and the computer needs to be power-cycled for the AMT to work again. Sometimes the web-interface don't answer, sometimes the passwords doesn't match anymore. I think there is a process that is writing where it shouldn't, because it works again after the computer is power-cycled by removing the power-cord.
I now have a script that checks every registered computer twice a day , to see if it is still possible to login to the AMT, and if not, it sends an email to a person at the local office requesting them to restart the computers that fails.
When it works it is a great tool, allowing us to fix computers and give support without the need to travel to each city.
IBM, Dell, HP, etc. all had problems like you described where the management processor would hang after receiving unexpected traffic (e.g. nmap scans), too many simultaneous logins, etc. and, naturally, nobody had thought to implement a watchdog timer to reboot if it became unresponsive even if they had the same functionality available for the actual server.
Or this was a deliberately inserted but deniable backdoor.
AMT is a large module with a huge number of
different network protocols of various levels
integrated into it. This module contains a great
deal of legacy code but can only be found in
Plus there's the fact that the original vulnerability was literally "you can get in by sending an empty password". A culture that lets a bug like that through cannot be conducive to good code.
But that is not the case. Linux has had 400+ security bugs this year (as you point out, in part due to its greater attack surface) versus the 2 from AMT. I'm trying to reconcile this idea that "ME = BAD" in a practical way by comparing it to software that's in mass use and already being exploited. The tech press over time has needlessly over-hyped such security issues making it harder to put things in perspective. So far, I'm not seeing anything special about ME that would also not apply to many many other products.
>Plus there's the fact that the original vulnerability was literally "you can get in by sending an empty password". A culture that lets a bug like that through cannot be conducive to good code.
I don't see the tech press not recommended OSX anymore !
> I don't see the tech press not recommended OSX anymore !
I certainly don't rec apple. Never have, though previously for non-security reasons, and unless they do a lot of changing, never will.
Get pwned in linux? Nuke and pave can usually solve it. The exceptions being BIOSes and hdds/usbs with vulnerable firmwares which can be exploited to restore the malware. However in that case an actor has to target your hardware combination specifically, and there are a plethora of different hdd/usb manufacturers.
Get pwned in ME? No longer your hardware. On top of that it applies to all Intel CPUs, and potentially remotely to Intel AMT CPUs.
Anyway, we're really geting far off topic. I guess I'm replying too :)
Why is reinstalling an OS a solution to a rooted OS
but re-flashing ME/AMT isn't?
Also, really, reinstalling the OS is a solution to a rooted OS only almost all of the time - a truly determined infection can lodge endospores in places like GPUs and hard drive controllers. They just don't do that kind of thing because the spectacular range of PC hardware makes that capability cost-ineffective. If they can find something like that for the ME, or if they don't even have to because they control the only way to update firmware and it's the same on every intel system, that's a much higher-value target.
Yeah, or it could just fake the flash operation. Much easier than re-infecting a potentially unknown firmware. Lots of oppurtinities here.
>And that means that even direct flash via SPI won't work unless you can take the ME offline, flash the firmware, and then restart the motherboard without ever giving the compromised firmware a chance to do anything. Which I'm not sure is... entirely possible
It looks like the ME processor can execute instructions from the firmware/spi region, its own memory, or from a reserved region in RAM. During the SPI flash, if the ME CPU is not offline, then it has the potential to accidentaly execute instructions out of the firmware region being flashed to and cause havoc. This may necessiciate that the ME MCU enter some kind of idle state during flashing, and then be rebooted. Although, as an aside, maybe the flashing works by copying to an unused region and then fliping a 'new firmware at location X' bit and rebooting the ME CPU which will then do the actual flashing. I haven't found any details yet, but I haven't looked that hard either.
Until very recently, independent researchers had no access at all to the instructions that the ME processor runs; maybe normalise against that? http://blog.ptsecurity.com/2017/12/huffman-tables-intel-me.h...
This is not the correct comparison. AMT has terrible code quality compared to the gateware/microcode of your average x86_64 CPU.
That ME/AMT is as insecure as some consumer OSes is no excuse, especially given it's certainly quite possible to install an OS on your x86 machine that is far more secure than your average consumer OS (or than the code AMT runs, which apparently falls to 1990s-vintage buffer overflows).
I think comparing the code quality of the AMT to that of another OS is a fair comparison, given that the current-gen AMT is running a modified version of MINIX.
* Assume personal computing environment is hostile
* Use an external firewall and have a whitelist-only policy
* Use an external NIDS
* Physically disable all hard-connected non-wired interconnectivity
Monitors and keyboards ("I leave message here on service but you do not call") still leak, of course, but this is a good start, and most people need to be concerned with practical attacks that could be carried out over the internet.
New Year's 2018 resolutions: 1) Review backup policy including backup testing procedures 2) Implement personal digital security measures
I've often thought that the current mentality of a "convenient" monolithic personal computing environment (whether an iPhone, laptop, or PC) doesn't properly assess threats.
When broadband internet first became popular in my area growing up, it was acceptable practice (and recommended by ISP's) to simply plug your non-firewall'ed DSL modem ethernet directly into your computer. It truly was unprotected sex in the worst possible way. Perhaps the next evolution will fundamentally reconsider personal computing design from a security-first perspective.
How much do you trust that firewall?
> ...it was acceptable practice (and recommended by ISP's) to simply plug your non-firewall'ed DSL modem ethernet directly into your computer
You have to plug that modem into some non-firewalled computer. Honestly I trust a well kept PC much more than a firewall appliance.
Perhaps the movement for open source hardware should focus on minimal security appliances.
Not very much after seeing some of the Shadow Brokers revelations.
According to page 12, one of the conditions for remotely exploiting this is that AMT has to be activated, something which probably isn't going to be true for PCs used at home and not part of a corporate network.
Such a vulnerability has the potential to jeopardize a
number of technologies, including Intel Protected Audio Video Path (PAVP),
Good. Fuck DRM.
Possible answers, in ascending order of paranoia, are:
* A lot of people just don't care. "It's not gonna happen to me"
* Some customers like the remote management capabilities without having to spend money on licenses for vendor-specific remote management systems such as HP iLO. If you have to manage hundreds or thousands of machines, it can make your life a lot easier.
* The NSA tells Intel (and AMD) to put it in there or else.
FWIW, a while ago someone posted a video of a talk on HN given by a Google employee who talked about replacing stuff like UEFI firmware in their servers with their own code. If that person keeps going down that road, it's just a matter of time before he runs into the Management Engine.
I really hope that this issue generates enough pressure on Intel/AMD to provide a way to disable or replace their proprietary ultra-privileged code. But it is not easy to explain this to people without sounding like a paranoiac.
Exactly. And this is where mass surveillance comes in to play: having dirt on anyone and being able to use it as leverage.
ie. Intel is forced to put it in there or the NSA will 'leak' how they <insert illegal business practice Intel engaged in that will put them out of business if published.>
- Dell sell machines with it disabled
- System76 sell machine with it disbaled
- Google have been working to try and neuter it
This is quite possibly the worst and most widespread computing vulnerability that has ever existed, and it's likely that Intel will just maintain the status quo until there's some sort of black swan event.
"Worst" implies harm, not just potential. It doesn't get to be The Worst until something happens, no matter how much it offends your personal design sensibilities or confirms your conspiracy priors.
If you are saying that when assessing the vulnerabilities, potential harm is not important, only actual is, would you feel that putting remotely activated bombs on all planes is not a major vulnerability as long as no one has a password?
It's not remotely The Worst Vulnerability Ever and any attempt to hyperbolize in that direction is hurting the efforts of the people actually trying to protect you.
I usually like to include a metaphor to explain the equivalence as I see it, but I'm struggling to come up with any other thing where we've built in a problem like this that's waiting for a single event that could effect nearly everyone. The closest I can come up with is Snow Crash, and having to reach that far into science fiction leads me to think we likely have a poor grasp on how to assess this risk (since we as a species are fairly bad at assessing and mitigating risk for events we haven't encountered before). Hopefully it's just an extreme failure of imagination on my part.
Thus advocacy, including overstating its impact, is likely the only option for those who want it changed.
> any attempt to hyperbolize in that direction is hurting the efforts of the people actually trying to protect you
Can you clarify this -- who are those trying to protect us and why do they want this mis-feature to stay? Are you talking about spooks who use this as a backdoor in their own cyber attacks? If so, this IMO only adds urgency to the need to close this backdoor -- such tools often leak and backfire.
What does that mean practically? What you said applies to every networked device and tech. All routers, all computers, all OSs, all voip phones, etc, etc are 'one vulnerability away'. from total compromise.
It's very hard to avoid running ME even if you believe it's actively harmful.
The only viable solution I see is open hardware.
2. It doesn't have to be "vulnerable" to be used in an attack; it's essentially designed to be an attack. So any government agency or leaked Intel info may be sufficient to abuse.
3. You can't reliably check/audit if it is being exploited or not since it runs at a higher privilege than any diagnostics you might try to run on your own computer.
Disclaimer: I am not an expert in computer security.
The problem is to make that true, you have to carefully phrase the situation as "this has the potential to give rise to the worst, bad .... etc".
And that's the thing. Ignoring this ranks along attitudes like "that cement pool of mining tails right above town is quite sturdy", "we just need a little time to reduce our carbon emissions..." and "we shouldn't kill the IoT with too much regulation..." etc
If X isn't a problem right now!, then it seems like X is going to get about zero attention from a world swimming in things that are a problem right now.
And that too is going to give rise to further problems down the road, to say the least.
I absolutely hate Intel and AMD for sabotaging their customers like that. Please people, get to that black swan event ASAP.
Even if everyone has backups of everything, offline, it'll be years before all the destroyed computers can actually be replaced. This isn't a scenario I want to happen for real.
No official statement yet, but some info can be had here: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-...
That sounds like the equivalent of "HECI Disabled" for Intel BIOSes, which has been around for years.
It doesn't do anything to shut down the hidden CPU (PSP). It just sends a command to disable the bridge over to the main CPU. All the other ways of talking to the PSP remain open.
What I think needs to happen is for other countries to realize this issue is a matter of national security, and to fund development of alternatives.
That's what they want: a backdoor advertised as a feature.
Is it in the interest of this entity to restrict the publication of Intel ME vulnerabilities to the general public?
How does the general public obtain information on a day to day basis?
Who runs the mass media?
Is the mass media affected by this entity?
Is the mass media narrative influenced by this particular entity?
Use non-x86 platforms such as an ARM based Chromebook, or potentially an x86 with the ME partially disabled (coreboot or similar, but it's not a 100% guarantee).
> Plugging out the network cable?
It depends on the vulnerability scope. If it's over HECI (virtual PCI device between host OS and ME) then removing the network cable won't save you from local malware owning the ME via HECI.
> But then again the moment you plug internet back in you're done.
Well considering how few people ever update the firmware of their devices, it's unlikely a majority of computers would ever be patched against an ME vulnerability anyway.
Starting with ME12 Intel is going to start checking the ME firmware version number in the ME's silicon (read-only) boot ROM to prevent firmware downgrade attacks.  This version number is stored in single use eFuses which can only be incremented, and are during an ME update.
But it depends on your threat model. As stated in the PDF, there are only 3 known exploits against the ME, and only one results in unsigned code execution. Until someone weaponizes such an exploit, which at the moment it seems physical access is needed, then Intel x86 owners are safe.
If your adversary is a three letter agency or nation state attacker, then you've got bigger concerns than someone hacking your ME (starting with, say, your OS).
Careful there. Microsoft has been slipping PC bits into their Windows Arm systems because Windows is so hopelessly tied to the PC platform that they had to PCify their Arm with EFI, ACPI and other PC legacy junk. Just be sure your Arm does not have any of this anti-consumer crap and you should be good to go.
Or even x86 before it had ME at all, which means anything before ~Core 2 or so. AFAIK the Thinkpad x60 is one of those.
I used the following guide (very easy to follow): https://steemit.com/tutorial/@joeyd/run-don-t-walk-from-the-...
EDIT: You can also get a laptop with Intel ME disabled. As far as I know you can get a modern laptop without ME from System76, Purism. For a while Dell offered such machines, but that might no longer be the case.
The initialization stuff (in the BUP module) are necessary and AFAIK, nobody is suggesting that be removed.
I have not done any research recently in the success rate of ME cleaner, but it isn't that low, it usually works to the best of my knowledge, and once we have good documented statistics saying "this works most of the time" it becomes more feasible for those not directly involved in its development to start using it more proactively to get rid of this vulnerability.